Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.

Kategorie

U.S. Imposes Visa Restrictions on those Involved in Illegal Spyware Surveillance

The Hacker News - 6 Únor, 2024 - 06:00
The U.S. State Department said it's implementing a new policy that imposes visa restrictions on individuals who are linked to the illegal use of commercial spyware to surveil civil society members. "The misuse of commercial spyware threatens privacy and freedoms of expression, peaceful assembly, and association," Secretary of State Antony Blinken said. "Such targeting has been
Kategorie: Hacking & Security

U.S. Imposes Visa Restrictions on those Involved in Illegal Spyware Surveillance

The Hacker News - 6 Únor, 2024 - 06:00
The U.S. State Department said it's implementing a new policy that imposes visa restrictions on individuals who are linked to the illegal use of commercial spyware to surveil civil society members. "The misuse of commercial spyware threatens privacy and freedoms of expression, peaceful assembly, and association," Secretary of State Antony Blinken said. "Such targeting has been Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

The Linux Foundation Offers Insights on Secure Software Development

LinuxSecurity.com - 5 Únor, 2024 - 18:25
The Linux Foundation recently published a report titled Maintainer Perspectives on Open Source Software Security , which provides valuable insights into the perspectives, practices, and challenges faced by OSS maintainers and core contributors regarding open-source software security . The report highlights the importance of utilizing software composition analysis (SCA) and static application security testing (SAST) tools in evaluating the security of OSS packages.
Kategorie: Hacking & Security

Improving Interoperability Between Rust and C++

Google Security Blog - 5 Únor, 2024 - 17:59
Posted by Lars Bergstrom – Director, Android Platform Tools & Libraries and Chair of the Rust Foundation Board

Back in 2021, we announced that Google was joining the Rust Foundation. At the time, Rust was already in wide use across Android and other Google products. Our announcement emphasized our commitment to improving the security reviews of Rust code and its interoperability with C++ code. Rust is one of the strongest tools we have to address memory safety security issues. Since that announcement, industry leaders and government agencies have echoed our sentiment.

We are delighted to announce that Google has provided a grant of $1 million to the Rust Foundation to support efforts that will improve the ability of Rust code to interoperate with existing legacy C++ codebases. We’re also furthering our existing commitment to the open-source Rust community by aggregating and publishing audits for Rust crates that we use in open-source Google projects. These contributions, along with our previous interoperability contributions, have us excited about the future of Rust.

“Based on historical vulnerability density statistics, Rust has proactively prevented hundreds of vulnerabilities from impacting the Android ecosystem. This investment aims to expand the adoption of Rust across various components of the platform.” – Dave Kleidermacher, Google Vice President of Engineering, Android Security & Privacy

While Google has seen the most significant growth in the use of Rust in Android, we’re continuing to grow its use across more applications, including clients and server hardware.

“While Rust may not be suitable for all product applications, prioritizing seamless interoperability with C++ will accelerate wider community adoption, thereby aligning with the industry goals of improving memory safety.” – Royal Hansen, Google Vice President of Safety & Security

The Rust tooling and ecosystem already support interoperability with Android and with continued investment in tools like cxx, autocxx, bindgen, cbindgen, diplomat, and crubit, we are seeing regular improvements in the state of Rust interoperability with C++. As these improvements have continued, we’ve seen a reduction in the barriers to adoption and accelerated adoption of Rust. While that progress across the many tools continues, it is often only expanded incrementally to support the particular needs of a given project or company.

In order to accelerate both Rust adoption at Google as well as more broadly across the industry, we are eager to invest in and collaborate on any needed ABI changes, tooling and build system support, wrapper libraries, or other areas identified.

We are excited to support this work through the Rust Foundation’s Interop Initiative and in collaboration with the Rust project to ensure that any additions made are suitable and address the challenges of Rust adoption that projects using C++ face. Improving memory safety across the software industry is one of the key technology challenges of our time, and we invite others across the community and industry to join us in working together to secure the open source ecosystem for everyone.

Learn more about the Rust Foundation’s Interop Initiative by reading their recent announcement.

Kategorie: Hacking & Security

Belarusian National Linked to BTC-e Faces 25 Years for $4 Billion Crypto Money Laundering

The Hacker News - 5 Únor, 2024 - 17:36
A 42-year-old Belarusian and Cypriot national with alleged connections to the now-defunct cryptocurrency exchange BTC-e is facing charges related to money laundering and operating an unlicensed money services business. Aliaksandr Klimenka, who was arrested in Latvia on December 21, 2023, was extradited to the U.S. and is currently being held in custody. If convicted, he faces a maximum penalty
Kategorie: Hacking & Security

Belarusian National Linked to BTC-e Faces 25 Years for $4 Billion Crypto Money Laundering

The Hacker News - 5 Únor, 2024 - 17:36
A 42-year-old Belarusian and Cypriot national with alleged connections to the now-defunct cryptocurrency exchange BTC-e is facing charges related to money laundering and operating an unlicensed money services business. Aliaksandr Klimenka, who was arrested in Latvia on December 21, 2023, was extradited to the U.S. and is currently being held in custody. If convicted, he faces a maximum penalty Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Combined Security Practices Changing the Game for Risk Management

The Hacker News - 5 Únor, 2024 - 14:19
A significant challenge within cyber security at present is that there are a lot of risk management platforms available in the market, but only some deal with cyber risks in a very good way. The majority will shout alerts at the customer as and when they become apparent and cause great stress in the process. The issue being that by using a reactive, rather than proactive approach, many risks
Kategorie: Hacking & Security

Combined Security Practices Changing the Game for Risk Management

The Hacker News - 5 Únor, 2024 - 14:19
A significant challenge within cyber security at present is that there are a lot of risk management platforms available in the market, but only some deal with cyber risks in a very good way. The majority will shout alerts at the customer as and when they become apparent and cause great stress in the process. The issue being that by using a reactive, rather than proactive approach, many risks The Hacker Newshttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Patchwork Using Romance Scam Lures to Infect Android Devices with VajraSpy Malware

The Hacker News - 5 Únor, 2024 - 14:18
The threat actor known as Patchwork likely used romance scam lures to trap victims in Pakistan and India, and infect their Android devices with a remote access trojan called VajraSpy. Slovak cybersecurity firm ESET said it uncovered 12 espionage apps, six of which were available for download from the official Google Play Store and were collectively downloaded more than 1,400 times between
Kategorie: Hacking & Security

Patchwork Using Romance Scam Lures to Infect Android Devices with VajraSpy Malware

The Hacker News - 5 Únor, 2024 - 14:18
The threat actor known as Patchwork likely used romance scam lures to trap victims in Pakistan and India, and infect their Android devices with a remote access trojan called VajraSpy. Slovak cybersecurity firm ESET said it uncovered 12 espionage apps, six of which were available for download from the official Google Play Store and were collectively downloaded more than 1,400 times between Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Hands-On Review: SASE-based XDR from Cato Networks

The Hacker News - 5 Únor, 2024 - 12:12
Companies are engaged in a seemingly endless cat-and-mouse game when it comes to cybersecurity and cyber threats. As organizations put up one defensive block after another, malicious actors kick their game up a notch to get around those blocks. Part of the challenge is to coordinate the defensive abilities of disparate security tools, even as organizations have limited resources and a dearth of
Kategorie: Hacking & Security

Hands-On Review: SASE-based XDR from Cato Networks

The Hacker News - 5 Únor, 2024 - 12:12
Companies are engaged in a seemingly endless cat-and-mouse game when it comes to cybersecurity and cyber threats. As organizations put up one defensive block after another, malicious actors kick their game up a notch to get around those blocks. Part of the challenge is to coordinate the defensive abilities of disparate security tools, even as organizations have limited resources and a dearth of The Hacker Newshttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Pegasus Spyware Targeted iPhones of Journalists and Activists in Jordan

The Hacker News - 5 Únor, 2024 - 08:37
The iPhones belonging to nearly three dozen journalists, activists, human rights lawyers, and civil society members in Jordan have been targeted with NSO Group's Pegasus spyware, according to joint findings from Access Now and the Citizen Lab. Nine of the 35 individuals have been publicly confirmed as targeted, out of whom six had their devices compromised with the mercenary
Kategorie: Hacking & Security

Pegasus Spyware Targeted iPhones of Journalists and Activists in Jordan

The Hacker News - 5 Únor, 2024 - 08:37
The iPhones belonging to nearly three dozen journalists, activists, human rights lawyers, and civil society members in Jordan have been targeted with NSO Group's Pegasus spyware, according to joint findings from Access Now and the Citizen Lab. Nine of the 35 individuals have been publicly confirmed as targeted, out of whom six had their devices compromised with the mercenary Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

New Mispadu Banking Trojan Exploiting Windows SmartScreen Flaw

The Hacker News - 5 Únor, 2024 - 04:45
The threat actors behind the Mispadu banking Trojan have become the latest to exploit a now-patched Windows SmartScreen security bypass flaw to compromise users in Mexico. The attacks entail a new variant of the malware that was first observed in 2019, Palo Alto Networks Unit 42 said in a report published last week. Propagated via phishing mails, Mispadu is a Delphi-based information stealer
Kategorie: Hacking & Security

New Mispadu Banking Trojan Exploiting Windows SmartScreen Flaw

The Hacker News - 5 Únor, 2024 - 04:45
The threat actors behind the Mispadu banking Trojan have become the latest to exploit a now-patched Windows SmartScreen security bypass flaw to compromise users in Mexico. The attacks entail a new variant of the malware that was first observed in 2019, Palo Alto Networks Unit 42 said in a report published last week. Propagated via phishing mails, Mispadu is a Delphi-based information stealer Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

XOrg Server and Xwayland Vulnerable to Multiple Exploits - Patch Now!

LinuxSecurity.com - 4 Únor, 2024 - 13:00
Multiple security vulnerabilities have recently been discovered in the XOrg Server prior to 21.1.11, and Xwayland display implementations prior to 23.2.4. These vulnerabilities could potentially result in heap overflows, out-of-bounds writes, and local privilege escalation, potentially enabling attackers to view additional infrastructure to attack, add or delete users, or modify permissions of files or other users.
Kategorie: Hacking & Security

More Cybercrime and Hacking News

Computerworld.com [Hacking News] - 26 Srpen, 2014 - 17:30
View more Cybercrime and Hacking news and analysis from Computerworld.com
Kategorie: Hacking & Security

Attack targets auto industry firms in Europe

Computerworld.com [Hacking News] - 25 Srpen, 2014 - 14:36
Cybercriminals are using a new information-stealing malware program to target companies from the automobile industry in Europe, security researchers warned.
Kategorie: Hacking & Security
Syndikovat obsah