Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.

Kategorie

Linux Log Analysis

LinuxSecurity.com - 21 Září, 2022 - 13:00
With the rise of containers and virtual machines, some system administrators check their system logs less frequently. However, this is a mistake. Even if an application is containerized, it is still important to keep and analyze logs.
Kategorie: Hacking & Security

Google Debugs, JFrog Jumps Code, Confidential Kubernetes, Meta-PyTorch

LinuxSecurity.com - 21 Září, 2022 - 13:00
As the open-source model continues to prove its sustainability in the enterprise, the software community is ramping up its security-mindedness. That concern was evident in recent weeks as leading Linux groups led the way for better code security.
Kategorie: Hacking & Security

Linus Torvalds: Rust will go into Linux 6.1

LinuxSecurity.com - 21 Září, 2022 - 13:00
At the Kernel Maintainers Summit, the question wasn't, "Would Rust make it into Linux?" Instead, it was, "What to do about its compilers?"
Kategorie: Hacking & Security

U.S. Adds 2 More Chinese Telecom Firms to National Security Threat List

The Hacker News - 21 Září, 2022 - 12:54
The U.S. Federal Communications Commission (FCC) has added Pacific Network Corp, along with its subsidiary ComNet (USA) LLC, and China Unicom (Americas) Operations Limited, to the list of communications equipment and services that have been deemed a threat to national security. The agency said the companies are subject to the Chinese government's exploitation, influence, and control, and could Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.com
Kategorie: Hacking & Security

Record DDoS Attack with 25.3 Billion Requests Abused HTTP/2 Multiplexing

The Hacker News - 21 Září, 2022 - 08:30
Cybersecurity company Imperva has disclosed that it mitigated a distributed denial-of-service (DDoS) attack with a total of over 25.3 billion requests on June 27, 2022. The "strong attack," which targeted an unnamed Chinese telecommunications company, is said to have lasted for four hours and peaked at 3.9 million requests per second (RPS). "Attackers used HTTP/2 multiplexing, or combining Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.com
Kategorie: Hacking & Security

Critical Remote Hack Flaws Found in Dataprobe's Power Distribution Units

The Hacker News - 21 Září, 2022 - 07:24
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday released an industrial control systems (ICS) advisory warning of seven security flaws in Dataprobe's iBoot-PDU power distribution unit product, mostly used in industrial environments and data centers. "Successful exploitation of these vulnerabilities could lead to unauthenticated remote code execution on the Dataprobe Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.com
Kategorie: Hacking & Security

Product Review: Stellar Cyber Open XDR Platform

The Hacker News - 21 Září, 2022 - 07:20
Almost every vendor, from email gateway companies to developers of threat intelligence platforms, is positioning themselves as an XDR player. But unfortunately, the noise around XDR makes it harder for buyers to find solutions that might be right for them or, more importantly, avoid ones that don't meet their needs.  Stellar Cyber delivers an Open XDR solution that allows organizations to use The Hacker Newshttp://www.blogger.com/profile/16801458706306167627noreply@blogger.com
Kategorie: Hacking & Security

Ford odhalí cyklisty a chodce v okolí. Auto k tomu přitom nepotřebuje kameru ani radar

Zive.cz - bezpečnost - 20 Září, 2022 - 16:45
Automobilka Ford se podílí na výzkumném projektu, jehož cílem je včas upozornit řidiče na chodce a cyklisty v okolí. Informovala o tom v rámci akce ITS World Congress 2022, která aktuálně probíhá v americkém Los Angeles. Má se jednat o „cenově dostupnou a škálovatelnou komunikační technologii ...
Kategorie: Hacking & Security

Russian Sandworm Hackers Impersonate Ukrainian Telecoms to Distribute Malware

The Hacker News - 20 Září, 2022 - 14:56
A threat cluster linked to the Russian nation-state actor tracked as Sandworm has continued its targeting of Ukraine with commodity malware by masquerading as telecom providers, new findings show. Recorded Future said it discovered new infrastructure belonging to UAC-0113 that mimics operators like Datagroup and EuroTransTelecom to deliver payloads such as Colibri loader and Warzone RAT. The Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.com
Kategorie: Hacking & Security

Uber Blames LAPSUS$ Hacking Group for Recent Security Breach

The Hacker News - 20 Září, 2022 - 11:21
Uber on Monday disclosed more details related to the security incident that happened last week, pinning the attack on a threat actor it believes is affiliated to the notorious LAPSUS$ hacking group. "This group typically uses similar techniques to target technology companies, and in 2022 alone has breached Microsoft, Cisco, Samsung, NVIDIA, and Okta, among others," the San Francisco-based Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.com
Kategorie: Hacking & Security

LastPass source code breach – incident response report released

Sophos Naked Security - 19 Září, 2022 - 20:59
Wondering how you'd handle a data breach report if the worst happened to you? Here's a useful example.

Rockstar Games Confirms Hacker Stole Early Grand Theft Auto VI Footage

The Hacker News - 19 Září, 2022 - 19:33
American video game publisher Rockstar Games on Monday revealed it was a victim of a "network intrusion" that allowed an unauthorized party to illegally download early footage for the Grand Theft Auto VI. "At this time, we do not anticipate any disruption to our live game services nor any long-term effect on the development of our ongoing projects," the company said in a notice shared on its Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.com
Kategorie: Hacking & Security

Does Linux Need a Firewall & How To Configure the Linux Firewall with firewall-cmd

LinuxSecurity.com - 19 Září, 2022 - 18:37
Linux is more secure than other operating systems. But that's not the only reason why you might not need an antivirus or firewall while using Linux.
Kategorie: Hacking & Security

External attack surface and ongoing cybercriminal activity in APAC region

Kaspersky Securelist - 19 Září, 2022 - 16:00

To prevent a cyberattack, it is vital to know what the attack surface for your organization is. To be prepared to repel the attacks of cybercriminals, businesses around the world collect threat intelligence themselves or subscribe for threat intelligence services.

Continuous threat research enables Kaspersky to discover, infiltrate and monitor resources frequented by adversaries and cybercriminals worldwide. Kaspersky Digital Footprint Intelligence leverages this access to proactively detect threats targeted at organizations worldwide, their assets or brands, and alert our customers to them.

In our public reports, we provide overview of threats for different industries and regions based on the anonymized data collected by Kaspersky Digital Footprint Intelligence. Last time, we shared insights on the external attack surface for businesses and government organizations in the Middle East. This report focuses on Asia Pacific, Australia and China. We analyzed data on external threats and criminal activities affecting more than 4,700 organizations in 15 countries and territories across this region.

Main findings
  • Kaspersky Digital Footprint Intelligence found 103,058 exposed network services with unpatched software. Government institutions’ network resources were the most affected by known vulnerabilities.
  • More than one in ten encountered vulnerabilities in the external perimeters of organizations were ProxyLogon. In Japan, this vulnerability was found in 43% of all unpatched services.
  • 16,003 remote access and management services were available for attackers. Government institutions were the most affected ones.
  • On the Darknet, hackers prefer to buy and sell accesses to organizations from Australia, mainland China, India and Japan.
  • Australia, mainland China, India and Singapore comprise 84% of all data leak sell orders placed on Darknet forums.

You can find more information about the external attack surface for organizations in APAC region, as well as data sold and searched for in the dark web, in the full version of our report. Fill in the form to download it.

MktoForms2.loadForm("//app-sj06.marketo.com", "802-IJN-240", 8202, function(form) { form.onSuccess(function(values, followUpUrl){ //Take the lead to a different page on successful submit, ignoring the forms configured followUpUrl. location.href = "https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2022/09/16113048/Kaspersky-DFI_V7_opt.pdf"; //return false to prevent the submission handler continuing with its own processing return false; }); }); .googleRecaptcha { padding: 20px !important; } var GOOGLE_RECAPTCHA_SITE_KEY = '6Lf2eUQUAAAAAC-GQSZ6R2pjePmmD6oA6F_3AV7j'; var insertGoogleRecaptcha = function (form) { var formElem = form.getFormElem().get(0); if (formElem && window.grecaptcha) { var div = window.document.createElement('div'); var divId = 'g-recaptcha-' + form.getId(); var buttonRow = formElem.querySelector('.mktoButtonRow'); var button = buttonRow ? buttonRow.querySelector('.mktoButton[type="submit"]') : null; var submitHandler = function (e) { var recaptchaResponse = window.grecaptcha && window.grecaptcha.getResponse(widgetId); e.preventDefault(); if (form.validate()) { if (!recaptchaResponse) { div.setAttribute('data-error', 'true'); } else { div.setAttribute('data-error', 'false'); form.addHiddenFields({ reCAPTCHAFormResponse: recaptchaResponse, }); form.submit(); } } }; div.id = divId; div.classList.add('googleRecaptcha'); if (button) { button.addEventListener('click', submitHandler); } if (buttonRow) { formElem.insertBefore(div, buttonRow); } if (window.grecaptcha.render) { var widgetId = window.grecaptcha.render(divId, { sitekey: GOOGLE_RECAPTCHA_SITE_KEY, }); formElem.style.display = ''; } } }; function onloadApiCallback() { var forms = MktoForms2.allForms(); for (var i = 0; i < forms.length; i++) { insertGoogleRecaptcha(forms[i]); } } (function () { MktoForms2.whenReady(function (form) { form.getFormElem().get(0).style.display = 'none'; jQuery.getScript('//www.google.com/recaptcha/api.js?onload=onloadApiCallback'); }); })();

If you do not see the form above this sentence, please, add this page to exceptions in your browser privacy settings and/or your ad blocker.

Emotet Botnet Started Distributing Quantum and BlackCat Ransomware

The Hacker News - 19 Září, 2022 - 14:42
The Emotet malware is now being leveraged by ransomware-as-a-service (RaaS) groups, including Quantum and BlackCat, after Conti's official retirement from the threat landscape this year. Emotet started off as a banking trojan in 2014, but updates added to it over time have transformed the malware into a highly potent threat that's capable of downloading other payloads onto the victim's machine, Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.com
Kategorie: Hacking & Security

Microsoft Teams' GIFShell Attack: What Is It and How You Can Protect Yourself from It

The Hacker News - 19 Září, 2022 - 14:00
Organizations and security teams work to protect themselves from any vulnerability, and often don't realize that risk is also brought on by configurations in their SaaS apps that have not been hardened. The newly published GIFShell attack method, which occurs through Microsoft Teams, is a perfect example of how threat actors can exploit legitimate features and configurations that haven't been The Hacker Newshttp://www.blogger.com/profile/16801458706306167627noreply@blogger.com
Kategorie: Hacking & Security

Everything You Need to Know About BlackArch Linux

LinuxSecurity.com - 19 Září, 2022 - 13:00
BlackArch is a well-known penetration testing distribution based on Arch Linux, but not everyone is aware of the unique features that set it apart.
Kategorie: Hacking & Security

When It Comes to Security, Dont Overlook Your Linux Systems

LinuxSecurity.com - 19 Září, 2022 - 13:00
Linux systems are a popular delivery mechanism for malware. While they're not the most popular '' that distinction goes to HTML and Javascript '' don't think you can ignore them. Linux-based attacks are very much still happening.
Kategorie: Hacking & Security

Hackers Targeting WebLogic Servers and Docker APIs for Mining Cryptocurrencies

LinuxSecurity.com - 19 Září, 2022 - 13:00
Malicious actors such as Kinsing are taking advantage of both recently disclosed and older security flaws in Oracle WebLogic Server to deliver cryptocurrency-mining malware.
Kategorie: Hacking & Security

Linux Mint 21 Release Brings Reviewer a Welcome Reunion

LinuxSecurity.com - 19 Září, 2022 - 13:00
Is your favorite Linux desktop Cinnamon, MATE, or Xfce? Or you are hankering for a change to something different and potentially better?
Kategorie: Hacking & Security
Syndikovat obsah