Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.

Kategorie

Facebook news feed changes – it’s a hoax!

Sophos Naked Security - 14 Srpen, 2018 - 11:55
One scoop of "copy & paste to screw with the algorithm" between two slices of "limiting news feed posts to 25 friends". A baloney sandwich!

New Man-in-the-Disk attack leaves millions of Android phones vulnerable

The Hacker News - 14 Srpen, 2018 - 10:46
Security researchers at Check Point Software Technologies have discovered a new attack vector against the Android operating system that could potentially allow attackers to silently infect your smartphones with malicious apps or launch denial of service attacks. Dubbed Man-in-the-Disk, the attack takes advantage of the way Android apps utilize 'External Storage' system to store app-related data,
Kategorie: Hacking & Security

ex-NSA Hacker Discloses macOS High Sierra Zero-Day Vulnerability

The Hacker News - 14 Srpen, 2018 - 07:11
Your Mac computer running the Apple's latest High Sierra operating system can be hacked by tweaking just two lines of code, a researcher demonstrated at the Def Con security conference on Sunday. Patrick Wardle, an ex-NSA hacker and now Chief Research Officer of Digita Security, uncovered a critical zero-day vulnerability in the macOS operating system that could allow a malicious application
Kategorie: Hacking & Security

Autonomní drony by mohly odhánět hejna ptáků od letišť

Zive.cz - bezpečnost - 14 Srpen, 2018 - 07:00
Střety letadel s ptáky jsou sice poměrně ojedinělé, nicméně rizika takové události jsou natolik velká, že letiště této problematice věnují velkou pozornost. Do boje proti opeřencům budou možná nasazovat autonomní drony, píše Tech Crunch. Mediálně nejznámějším případem střetu letadla s ptáky je ...
Kategorie: Hacking & Security

New Variant of KeyPass Ransomware Discovered

Threatpost - 13 Srpen, 2018 - 22:10
Samples of the malware have been found in an array of countries, including Brazil and Vietnam.
Kategorie: Hacking & Security

Google Tracks Android, iPhone Users Even With 'Location History' Turned Off

The Hacker News - 13 Srpen, 2018 - 19:37
Google tracks you everywhere, even if you explicitly tell it not to. Every time a service like Google Maps wants to use your location, Google asks your permission to allow access to your location if you want to use it for navigating, but a new investigation shows that the company does track you anyway. An investigation by Associated Press revealed that many Google services on Android and
Kategorie: Hacking & Security

Black Hat 2018: IoT Security Issues Will Lead to Legal ‘Feeding Frenzy’

Threatpost - 13 Srpen, 2018 - 19:29
A "wave of litigation over IoT liability is on the horizon," according to an attorney who has represented plaintiffs in the 2015 Jeep hack.
Kategorie: Hacking & Security

GoDaddy Leaks ‘Map of the Internet’ via Amazon S3 Cloud Bucket Misconfig

Threatpost - 13 Srpen, 2018 - 19:26
Configuration data for GoDaddy servers could be used as a reconnaissance tool for malicious actors to uncover ripe targets.
Kategorie: Hacking & Security

The Ultimate Guide to (ISC)² Certifications

InfoSec Institute Resources - 13 Srpen, 2018 - 18:45

The International Information System Security Certification Consortium, or (ISC)², is a global, non-profit body that sets training standards for the information security industry and offers internationally-recognized, vendor-neutral security certifications that demonstrate applied expertise in different areas of information security. These certifications are grounded in (ISC)²’s Common Body of Knowledge (CBK), which outlines global information security […]

The post The Ultimate Guide to (ISC)² Certifications appeared first on InfoSec Resources.

The Ultimate Guide to (ISC)² Certifications was first posted on August 13, 2018 at 11:45 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

The DoD IAT Level 2

InfoSec Institute Resources - 13 Srpen, 2018 - 18:30

The DoD IAT Level 2 Overview The Department of Defense (DoD) Directive 8570 can be specifically defined as follows: “. . . . guidance and procedures for the training, certification, and management of the DoD workforce conducting Information Assurance functions in assigned duty positions. It also provides guidance on reporting metrics.” (SOURCE: 1) It is […]

The post The DoD IAT Level 2 appeared first on InfoSec Resources.

The DoD IAT Level 2 was first posted on August 13, 2018 at 11:30 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

DEF CON 2018: ‘Man in the Disk’ Attack Surface Affects All Android Phones

Threatpost - 13 Srpen, 2018 - 18:15
Sloppy Android developers not following security guidelines for external storage opens the door to device takeover and more.
Kategorie: Hacking & Security

How to Achieve DoD 8570 IAT Level I Compliance

InfoSec Institute Resources - 13 Srpen, 2018 - 18:15

DoD 8570 IAM Level 3 Overview The Department of Defense Information Assurance Training, Certification, and Workforce Management (DoD IAM)contains a plethora of different exams to test competence in the IT workforce. Within the DoD directive, Level 3 includes a series of baseline certifications that further validate I.T staff’s skills and expertise. Certifications within DoD IAM […]

The post How to Achieve DoD 8570 IAT Level I Compliance appeared first on InfoSec Resources.

How to Achieve DoD 8570 IAT Level I Compliance was first posted on August 13, 2018 at 11:15 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

How a cryptocurrency-destroying bug almost didn’t get reported

Sophos Naked Security - 13 Srpen, 2018 - 18:03
A researcher recently revealed how he found a bug that could have brought the fourth largest cryptocurrency to its knees – and how he was almost unable to report it.

CISA Domain 5 – Protection of Information Assets

InfoSec Institute Resources - 13 Srpen, 2018 - 18:00

The focus of Domain 5 is the evaluation of controls for protecting information assets. The syllabus covers: Logical security controls Physical and environmental security controls Information management Evaluating the effectiveness of the overall security system This is the largest of the CISA domain and represents 25% of the syllabus – about 38 questions. Background With […]

The post CISA Domain 5 – Protection of Information Assets appeared first on InfoSec Resources.

CISA Domain 5 – Protection of Information Assets was first posted on August 13, 2018 at 11:00 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

The Complete Guide to CIPP/G Certification

InfoSec Institute Resources - 13 Srpen, 2018 - 17:45

By possessing the Certified Information Privacy Professional (CIPP) certification, practitioners put privacy laws and policy in action. With this certification, organizations are recognized as having the best in compliance and risk avoidance policies. Each professional that earns the CIPP designation has the insights and knowledge that are needed to be an intricate part of privacy […]

The post The Complete Guide to CIPP/G Certification appeared first on InfoSec Resources.

The Complete Guide to CIPP/G Certification was first posted on August 13, 2018 at 10:45 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

How to Achieve DoD 8570 IAT Level I Compliance

InfoSec Institute Resources - 13 Srpen, 2018 - 17:30

DoD IAT Level I Overview A part of the larger Department of Defense (DoD) Directive to provide guidance and procedures for the training, certification, and management of all government employees working in the DoD’s technical environment, the DoD IAT Level I policy governs the Information Assurance Training (IAT) expected of individuals in specific security positions. […]

The post How to Achieve DoD 8570 IAT Level I Compliance appeared first on InfoSec Resources.

How to Achieve DoD 8570 IAT Level I Compliance was first posted on August 13, 2018 at 10:30 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

What is DoD 8570?

InfoSec Institute Resources - 13 Srpen, 2018 - 17:15

Department of Defense Directive 8570, or DoDD 8570 provides guidance and procedures for the training, certification, and management of all government employees who perform IA functions in their official assigned duties. These individuals are required to have an approved certification for their specific job classification. All DOD IA jobs are defined as either ‘Management’ (IAM) […]

The post What is DoD 8570? appeared first on InfoSec Resources.

What is DoD 8570? was first posted on August 13, 2018 at 10:15 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Everything You Need to Know About CIPT Certification

InfoSec Institute Resources - 13 Srpen, 2018 - 17:00

Data privacy is certainly a hot topic in cybersecurity. While many technology professionals work hard on the security of data; sometimes privacy falls short. A renewed commitment to data privacy signals an opportunity for technology professionals with data privacy experience. Organizations, as well, should consider how their data privacy experts will stay up-to-date on new […]

The post Everything You Need to Know About CIPT Certification appeared first on InfoSec Resources.

Everything You Need to Know About CIPT Certification was first posted on August 13, 2018 at 10:00 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Black Hat Video Exclusive: Mobile APTs Redefining Phishing Attacks

Threatpost - 13 Srpen, 2018 - 16:47
Mike Murray, vice president of security intelligence at Lookout, discusses how mobile is redefining phishing, taking it out of the traditional inbox and into SMS and Facebook messages.
Kategorie: Hacking & Security

Flaws in Pre-Installed Apps Expose Millions of Android Devices to Hackers

The Hacker News - 13 Srpen, 2018 - 16:13
Bought a new Android phone? What if I say your brand new smartphone can be hacked remotely? Nearly all Android phones come with useless applications pre-installed by manufacturers or carriers, usually called bloatware, and there's nothing you can do if any of them has a backdoor built-in—even if you're careful about avoiding sketchy apps. That's exactly what security researchers from mobile
Kategorie: Hacking & Security
Syndikovat obsah