Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.

Kategorie

High-Severity Intel Processor Bug Exposes Encryption Keys

Threatpost - 15 Listopad, 2021 - 21:52
CVE-2021-0146, arising from a debugging functionality with excessive privileges, allows attackers to read encrypted files.
Kategorie: Hacking & Security

Cybercriminals Target Alibaba Cloud for Cryptomining, Malware

Threatpost - 15 Listopad, 2021 - 21:10
Malicious groups disable features in Alibaba Cloud ECS instances for Monero cryptojacking, according to Trend Micro researchers.
Kategorie: Hacking & Security

FBI Says Its System Was Exploited to Email Fake Cyberattack Alert

Threatpost - 15 Listopad, 2021 - 17:25
The alert was mumbo jumbo, but it was indeed sent from the bureau's email system, from the agency’s own internet address.
Kategorie: Hacking & Security

Hackerům se podařilo nabourat server FBI. Odeslali přes něj tisíce e-mailů

Zive.cz - bezpečnost - 15 Listopad, 2021 - 16:45
Nepříjemnou sobotu zažil americký Federální úřad pro vyšetřování (FBI). Do jedné z jeho e-mailových schránek se podařilo dostat neznámým hackerům, jménem úřadu odeslali přes sto tisíc zpráv. Žádná data však nezcizili, ani do e-mailů nepřipojili malware, píše agentura Reuters. FBI incident potvrdila ...
Kategorie: Hacking & Security

Researchers Demonstrate New Fingerprinting Attack on Tor Encrypted Traffic

The Hacker News - 15 Listopad, 2021 - 16:30
A new analysis of website fingerprinting (WF) attacks aimed at the Tor web browser has revealed that it's possible for an adversary to glean a website frequented by a victim, but only in scenarios where the threat actor is interested in a specific subset of the websites visited by users. "While attacks can exceed 95% accuracy when monitoring a small set of five popular websites, indiscriminate (
Kategorie: Hacking & Security

North Korean Hackers Target Cybersecurity Researchers with Trojanized IDA Pro

The Hacker News - 15 Listopad, 2021 - 16:14
Lazarus, the North Korea-affiliated state-sponsored group, is attempting to once again target security researchers with backdoors and remote access trojans using a trojanized pirated version of the popular IDA Pro reverse engineering software. The findings were reported by ESET security researcher Anton Cherepanov last week in a series of tweets. IDA Pro is an Interactive Disassembler that's
Kategorie: Hacking & Security

Unikátní simulační hra naučí diplomaty a úředníky bojovat proti hackerům

Novinky.cz - bezpečnost - 15 Listopad, 2021 - 15:01
Kyberútoky jsou stále častější a nebezpečnější. I proto antivirová společnost Kaspersky vyvinula ve spolupráci s neziskovou vzdělávací organizací DiploFoundation unikátní on-line simulační hru, která má připravit diplomaty a úředníky na nájezdy hackerů. Novinky.cz vyzkoušely hru jako jediné médium v Česku.
Kategorie: Hacking & Security

Keep calm and learn Rust: We'll be seeing a lot more of the language in Linux very soon>

LinuxSecurity.com - 15 Listopad, 2021 - 13:00
To become a Linux developer, you used to need C as your passport. Now Rust can let you be an OS programmer as well.
Kategorie: Hacking & Security

FBI's Email System Hacked to Send Out Fake Cyber Security Alert to Thousands

The Hacker News - 15 Listopad, 2021 - 10:54
The U.S. Federal Bureau of Investigation (FBI) on Saturday confirmed unidentified threat actors have breached one of its email servers to blast hoax messages about a fake "sophisticated chain attack." The incident, which was first publicly disclosed by threat intelligence non-profit SpamHaus, involved sending rogue warning emails with the subject line "Urgent: Threat actor in systems"
Kategorie: Hacking & Security

How to Tackle SaaS Security Misconfigurations

The Hacker News - 15 Listopad, 2021 - 10:53
Whether it's Office 365, Salesforce, Slack, GitHub or Zoom, all SaaS apps include a host of security features designed to protect the business and its data. The job of ensuring these apps' security settings are properly configured falls on the security team. The challenge lies within how burdensome this responsibility is — each app has tens or hundreds of security settings to configure, in
Kategorie: Hacking & Security

Palo Alto Warns of Zero-Day Bug in Firewalls Using GlobalProtect Portal VPN

The Hacker News - 15 Listopad, 2021 - 06:16
A new zero-day vulnerability has been disclosed in Palo Alto Networks GlobalProtect VPN that could be abused by an unauthenticated network-based attacker to execute arbitrary code on affected devices with root user privileges. Tracked as CVE-2021-3064 (CVSS score: 9.8), the security weakness impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.17. Massachusetts-based cybersecurity firm Randori
Kategorie: Hacking & Security

Critical Flaws in Philips TASY EMR Could Expose Patient Data

The Hacker News - 15 Listopad, 2021 - 06:15
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of critical vulnerabilities affecting Philips Tasy electronic medical records (EMR) system that could be exploited by remote threat actors to extract sensitive personal data from patient databases. "Successful exploitation of these vulnerabilities could result in patients' confidential data being exposed or extracted
Kategorie: Hacking & Security

Hackers Exploit macOS Zero-Day to Hack Hong Kong Users with new Implant

The Hacker News - 15 Listopad, 2021 - 05:47
Google researchers on Thursday disclosed that it found a watering hole attack in late August exploiting a now-patched zero-day in macOS operating system and targeting Hong Kong websites related to a media outlet and a prominent pro-democracy labor and political group to deliver a never-before-seen backdoor on compromised machines. "Based on our findings, we believe this threat actor to be a
Kategorie: Hacking & Security

Hackeři pronikli do e-mailu FBI a rozeslali tisíce zpráv

Novinky.cz - bezpečnost - 14 Listopad, 2021 - 06:32
Neznámým hackerům se v sobotu podařilo dostat do jedné ze schránek elektronické pošty Federálního úřadu pro vyšetřování (FBI). Uvedla to agentura Bloomberg. Podle organizace Spamhaus Project, která se zabývá kybernetickými hrozbami, hackeři rozeslali z oficiální schránky FBI desítky tisíc vzkazů. Úřad potvrdil, že jeho schránka byla napadena.
Kategorie: Hacking & Security

FBI email hack spreads fake security alerts. Here’s what to do…

Sophos Naked Security - 13 Listopad, 2021 - 21:50
Fake warnings and false accusations - it's a "call to distraction"

Threat from Organized Cybercrime Syndicates Is Rising

Threatpost - 13 Listopad, 2021 - 01:46
Europol reports that criminal groups are undermining the EU’s economy and its society, offering everything from murder-for-hire to kidnapping, torture and mutilation.
Kategorie: Hacking & Security

Costco Confirms: A Data Skimmer’s Been Ripping Off Customers

Threatpost - 13 Listopad, 2021 - 00:19
Big-box behemoth retailer Costco is offering victims 12 months of credit monitoring, a $1 million insurance reimbursement policy and ID theft recovery services.
Kategorie: Hacking & Security

Top 10 Cybersecurity Best Practices to Combat Ransomware

Threatpost - 12 Listopad, 2021 - 21:24
Immutable storage and more: Sonya Duffin, data protection expert at Veritas Technologies, offers the Top 10 steps for building a multi-layer resilience profile.
Kategorie: Hacking & Security

Samba update patches plaintext password plundering problem

Sophos Naked Security - 12 Listopad, 2021 - 20:59
When Microsoft itself says STOP USING X, where X is one of its own protocols... we think you should listen.

Windows 10 Privilege-Escalation Zero-Day Gets an Unofficial Fix

Threatpost - 12 Listopad, 2021 - 20:49
Researchers warn that CVE-2021-34484 can be exploited with a patch bypass for a bug originally addressed in August by Microsoft.
Kategorie: Hacking & Security
Syndikovat obsah