Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.

Kategorie

Hackers now use ZIP file concatenation to evade detection

Bleeping Computer - 10 Listopad, 2024 - 16:13
Hackers are targeting Windows machines using the ZIP file concatenation technique to deliver malicious payloads in compressed archives without security solutions detecting them. [...]
Kategorie: Hacking & Security

Google says “Enhanced protection” feature in Chrome now uses AI

Bleeping Computer - 9 Listopad, 2024 - 22:42
Google has quietly updated the description of one of the Chrome's security features "Enhanced protection" to confirm that it will be powered by AI in a future release. [...]
Kategorie: Hacking & Security

Scammers target UK senior citizens with Winter Fuel Payment texts

Bleeping Computer - 9 Listopad, 2024 - 22:08
As the winter season kicks in, scammers are not missing the chance to target senior British residents with bogus "winter heating allowance" and "cost of living support" scam texts. [...]
Kategorie: Hacking & Security

Hands on with AI features in Windows 11 Paint and Notepad

Bleeping Computer - 9 Listopad, 2024 - 21:09
As part of its efforts to add AI everywhere, Microsoft is now bringing AI features to the popular Paint and Notepad apps on Windows 11. [...]
Kategorie: Hacking & Security

Microsoft says recent Windows 11 updates break SSH connections

Bleeping Computer - 9 Listopad, 2024 - 17:27
Microsoft has confirmed that last month's Windows security updates are breaking SSH connections on some Windows 11 22H2 and 23H2 systems. [...]
Kategorie: Hacking & Security

Prodal firmu Avastu a teď v Česku vyrábí zařízení, které nahradí mobily v přihlašování do bankovních účtů

Zive.cz - bezpečnost - 9 Listopad, 2024 - 16:45
Petr Dvořák byl jedním ze spoluzakladatelů firmy Inmite, zaměřené na vývoj mobilních aplikací, kterou v roce 2014 koupil Avast (dnes Gen Digital), aby posílil svůj vstup na chytré telefony. Dvořák po čase z Avastu odešel a rozjel novou společnost Wultra, jež dodává bankám a fintechům software pro ...
Kategorie: Hacking & Security

Malicious PyPI package with 37,000 downloads steals AWS keys

Bleeping Computer - 9 Listopad, 2024 - 16:17
A malicious Python package named 'fabrice' has been present in the Python Package Index (PyPI) since 2021, stealing Amazon Web Services credentials from unsuspecting developers. [...]
Kategorie: Hacking & Security

Palo Alto Advises Securing PAN-OS Interface Amid Potential RCE Threat Concerns

The Hacker News - 9 Listopad, 2024 - 07:12
Palo Alto Networks on Friday issued an informational advisory urging customers to ensure that access to the PAN-OS management interface is secured because of a potential remote code execution vulnerability. "Palo Alto Networks is aware of a claim of a remote code execution vulnerability via the PAN-OS management interface," the company said. "At this time, we do not know the specifics of the
Kategorie: Hacking & Security

Palo Alto Advises Securing PAN-OS Interface Amid Potential RCE Threat Concerns

The Hacker News - 9 Listopad, 2024 - 07:12
Palo Alto Networks on Friday issued an informational advisory urging customers to ensure that access to the PAN-OS management interface is secured because of a potential remote code execution vulnerability. "Palo Alto Networks is aware of a claim of a remote code execution vulnerability via the PAN-OS management interface," the company said. "At this time, we do not know the specifics of the Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Bitcoin Fog Founder Sentenced to 12 Years for Cryptocurrency Money Laundering

The Hacker News - 9 Listopad, 2024 - 06:42
The 36-year-old founder of the Bitcoin Fog cryptocurrency mixer has been sentenced to 12 years and six months in prison for facilitating money laundering activities between 2011 and 2021. Roman Sterlingov, a dual Russian-Swedish national, pleaded guilty to charges of money laundering and operating an unlicensed money-transmitting business earlier this March. The U.S. Department of Justice (DoJ)
Kategorie: Hacking & Security

Bitcoin Fog Founder Sentenced to 12 Years for Cryptocurrency Money Laundering

The Hacker News - 9 Listopad, 2024 - 06:42
The 36-year-old founder of the Bitcoin Fog cryptocurrency mixer has been sentenced to 12 years and six months in prison for facilitating money laundering activities between 2011 and 2021. Roman Sterlingov, a dual Russian-Swedish national, pleaded guilty to charges of money laundering and operating an unlicensed money-transmitting business earlier this March. The U.S. Department of Justice (DoJ) Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Critical Veeam RCE bug now used in Frag ransomware attacks

Bleeping Computer - 8 Listopad, 2024 - 21:23
After being used in Akira and Fog ransomware attacks, a critical Veeam Backup & Replication (VBR) security flaw was also recently exploited to deploy Frag ransomware. [...]
Kategorie: Hacking & Security

Mistral’s new tool automatically deletes offending content

Computerworld.com [Hacking News] - 8 Listopad, 2024 - 20:37

French tech company Mistral AI has launched a new online moderation tool based on the AI ​​model Ministral 8B that can detect and remove offensive or illegal posts automatically. (There is still a risk of some misjudgments, however.)

According to Techcrunch, for example, some studies have shown that posts about people with disabilities can be flagged as “negative” or “toxic” even though that’s not the case.

Initially, Mistral’s new moderation tool will support Arabic, English, French, Italian, Japanese, Chinese, Korean, Portuguese, Russian, Spanish and German, with more languages ​​are on the way later. Mistral in July launched a large language model that can generate longer tranches of code faster than other open-source models.

Kategorie: Hacking & Security

D-Link won’t fix critical flaw affecting 60,000 older NAS devices

Bleeping Computer - 8 Listopad, 2024 - 20:21
More than 60,000 D-Link network-attached storage devices that have reached end-of-life are vulnerable to a command injection vulnerability with a publicly available exploit. [...]
Kategorie: Hacking & Security

How to install App Store apps onto SSD drives using macOS Sequoia

Computerworld.com [Hacking News] - 8 Listopad, 2024 - 19:17

Did you know that Apple’s macOS 15.1 Sequoia now lets you install and use applications acquired from the Mac App Store directly onto an external drive? This enhancement is actually particularly useful if your workflow requires you to handle a space-devouring application.

Here’s what you need to know about it and how it works.

What’s changed?

While anyone who is paying attention should already be impressed by the sheer speed and performance of Apple’s new Macs, that performance also means pro users will push the platform to its limits, banging into any inherent challenges to how Macs work.

One of these challenges is the need to optimize the space you have on your Mac when running larger applications — and given the cost of installing additional space on most Apple hardware, there was demand for a lower-cost way to do just that. The solution comes with macOS Sequoia 15.1.

Wait, is this really new?

So you’ve spotted that many Mac apps (downloaded from outside the App Store) allow users to install and use them on external drives. This is not automatically the case for applications downloaded and installed from the Mac App Store,however — these insist on being hosted on the Mac’s own drive. You have always been able to run most apps and macOS from an external drive, but now you can do the same with App Store apps, including Pro Apple apps.

What are the limitations?

There are some limits to the new feature tweak. 

  • The biggest is that you’ll only be able to install applications larger than 1GB in size, which is great for games and pro apps, less great for users of smaller apps, who may just want to manage storage their own way. We can hope Apple lifts the 1GB restriction eventually.
  • The second limitation is the speed of the external SSD; obviously, the speedier it is, the better the offloaded application will perform.
  • The final — and most inconvenient — limitation is that once it is enabled it is not optional. In the future, you’ll need to install any application of 1GB or more on external storage unless you turn the setting off. 
What do you need?

You need to be running macOS 15.1 and have a suitable connected drive. The drive must also be formatted to APFS. To check that this is so, with the drive connected to your Mac, right-click the drive icon in Finder and select “Get Info.”

How to begin installing Mac apps on external drives

Before you use the feature, you need to open the Mac App Store on your Mac.

  • Go to App Store>Settings in the Menu bar.
  • Check the box beside the “Download and install large apps to a separate disk” item in Settings.
  • When you have enabled that setting, you can select the external drive you want to save your applications to.

After that, when you want to install a large application from the Mac App Store, you will need to ensure the external SSD you want to use is connected to your computer.

How to use a Mac app on an external drive

At the risk of sounding obvious, you do need to connect the drive your application is stored on to your Mac to use the application you have hosted there. It is relatively seamless after that — the app will be visible in your Applications folder, opens with a double click and can be used just like any other app. (One thing it does not do is appear in Launchpad.)

Why does it matter?

Cost is the biggest reason this is important. Additional storage in Macs isn’t cheap; it will cost you an additional $600 to slot 2TB of storage inside the base model MacBook Pro, while a good and speedy external SSD should cost you around two-thirds of that, or less if you’re a little more flexible. That cost increases if you are provisioning multiple seats, so in some cases this feature could help you stretch purchasing budgets a little further. Consumer users can also use this to enable them to better explore and learn about professional applications without needing to worry about having enough space on their Mac.

Please follow me on LinkedInMastodon, or join me in the AppleHolic’s bar & grill group on MeWe.

Kategorie: Hacking & Security

Unpatched Mazda Connect bugs let hackers install persistent malware

Bleeping Computer - 8 Listopad, 2024 - 18:48
Attackers could exploit several vulnerabilities in the Mazda Connect infotainment unit, present in multiple car models including Mazda 3 (2014-2021), to execute arbitrary code with root permission. [...]
Kategorie: Hacking & Security

Palo Alto Networks warns of potential PAN-OS RCE vulnerability

Bleeping Computer - 8 Listopad, 2024 - 18:42
Palo Alto Networks warned customers to restrict access to their next-generation firewalls because of a potential remote code execution vulnerability in the PAN-OS management interface. [...]
Kategorie: Hacking & Security

Webinar: Learn How Storytelling Can Make Cybersecurity Training Fun and Effective

The Hacker News - 8 Listopad, 2024 - 18:23
Let’s face it—traditional security training can feel as thrilling as reading the fine print on a software update. It’s routine, predictable, and, let’s be honest, often forgotten the moment it's over. Now, imagine cybersecurity training that’s as unforgettable as your favorite show. Remember how "Hamilton" made history come alive, or how "The Office" taught us CPR (Staying Alive beat, anyone?)?
Kategorie: Hacking & Security

Webinar: Learn How Storytelling Can Make Cybersecurity Training Fun and Effective

The Hacker News - 8 Listopad, 2024 - 18:23
Let’s face it—traditional security training can feel as thrilling as reading the fine print on a software update. It’s routine, predictable, and, let’s be honest, often forgotten the moment it's over. Now, imagine cybersecurity training that’s as unforgettable as your favorite show. Remember how "Hamilton" made history come alive, or how "The Office" taught us CPR (Staying Alive beat, anyone?)? The Hacker Newshttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Microsoft adds Copilot AI features to some non-US M365 consumer plans

Computerworld.com [Hacking News] - 8 Listopad, 2024 - 17:29

Microsoft is bundling its Copilot generative AI (genAI) assistant with consumer Microsoft 365 subscriptions in several countries, the company announced last week

Copilot Pro will be included in Microsoft 365 Personal and Family subscriptions in Australia, Malaysia, New Zealand, Singapore, Taiwan, and Thailand, the company said in a statement first spotted by ZDNet. It means users will gain access to Copilot features in apps such as Word, Excel, and PowerPoint. Designer — Microsoft’s text-to-image app — is also included.

Microsoft will also increase the cost of the subscription — prices will vary in each country — though this will be less than the cost of a separate Copilot Pro subscription. Australian customers, for example, will pay an additional $4 AUD a month for M365 Family subscriptions, and an extra $5 AUD for M365 Personal subscriptions, according to The Verge. In comparison, Copilot Pro costs $33 AUD per user each month. 

Customers will be limited in how much they use Copilot in apps, however, with a credit system in place. Those who want unrestricted access will need to pay for a Copilot Pro subscription. 

Microsoft didn’t say whether it plans to extend the changes to consumer M365 subscriptions in other regions, but it’s possible the move is a trial run for US and European markets.  

In the US, Copilot Pro costs an extra $20 per user per month for M365 Family and Personal customers. 

“I suspect this is just the first step in [Microsoft] bundling Copilot to a larger audience,” said Jack Gold,founder and principal analyst at J. Gold Associates. “The initial countries are probably a trial deployment to see how it goes, what the most common uses are, and how much they can charge. I’ll bet that in the next [one to two] quarters, you’ll see a much wider rollout to many other countries.”

It’s also possible the Copilot bundling in consumer M365 subscriptions could presage a similar move for business customers, though there’s no mention of such a move on the horizon just yet. 

Microsoft charges an extra $30-per-user-a-month fee to businesses for access to Copilot in Microsoft 365. Despite considerable interest in the M365 Copilot, businesses have been slow to rollout the genAI assistant widely across their organizations, in part due to high costs and a perceived lack of value.

It’s likely this will be the case sooner or later: Analysts at Gartner have said they expect genAI features to be included at no extra cost in office software subscriptions by 2028, according to a recent report (subscription required), as vendors seek broader adoption of their AI tools. 

For Microsoft, this could even mean the addition of a new M365 pricing tier — the long-rumored “E7” — that would include premium features currently available as paid-for add-ons, such as Copilot.  

Kategorie: Hacking & Security
Syndikovat obsah