Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.

Kategorie

33 hardware and firmware vulnerabilities: A guide to the threats>

LinuxSecurity.com - 7 Leden, 2021 - 14:15
Meltdown and Spectre have raised awareness of the danger of hardware and firmware vulnerabilities. Here's a roundup of the ones that present the most significant threats.
Kategorie: Hacking & Security

6 Open Source Tools for Your Security Team>

LinuxSecurity.com - 7 Leden, 2021 - 14:11
Looking to improve your company's security in 2021? Open-source tools can be great additions to your cloud security arsenal. Here are a half-dozen to get you started.
Kategorie: Hacking & Security

Facebook’s Mandatory Data-Sharing Rules for WhatsApp Spark Ire

Threatpost - 7 Leden, 2021 - 13:53
The messaging platform will update its privacy platform on Feb. 8 to integrate further with its parent company, prompting users to cry foul over privacy issues.
Kategorie: Hacking & Security

Skrze Telegram je možné odhalit vaši přesnou polohu. Musíte to ale povolit

Zive.cz - bezpečnost - 7 Leden, 2021 - 10:25
Kecálek Telegram má šikovnou funkci People Nearby, která umožňuje zobrazit další uživatele aplikace v okolí. Nezobrazuje sice jejich polohu, ukáže ale přesnou vzdálenost na metry. Dá se tak zjistit, kde se osoba nachází. Na potenciální problém upozornil Ahmed Hassan v blogovém příspěvku, který i ...
Kategorie: Hacking & Security

NSA Urges SysAdmins to Replace Obsolete TLS Protocols

Threatpost - 6 Leden, 2021 - 23:16
The NSA released new guidance providing system administrators with the tools to update outdated TLS protocols.
Kategorie: Hacking & Security

It’s Not the Trump Sex Tape, It’s a RAT

Threatpost - 6 Leden, 2021 - 22:20
Criminals are using the end of the Trump presidency to deliver a new remote-access trojan (RAT) variant disguised as a sex video of the outgoing POTUS, researchers report.
Kategorie: Hacking & Security

Feds Issue Recommendations for Maritime Cybersecurity

Threatpost - 6 Leden, 2021 - 21:29
Report outlines deep cybersecurity challenges for the public/private seagoing sector.
Kategorie: Hacking & Security

Zyxel hardcoded admin password found – patch now!

Sophos Naked Security - 6 Leden, 2021 - 18:27
Hardcoded passwords are always wrong - they are equivalent to implanting a global backdoor and hoping no one will find it.

Jak zabezpečit počítač: Využijte šifrování a pokročilé možnosti přihlašování

Zive.cz - bezpečnost - 6 Leden, 2021 - 17:45
Heslo napsané prostřednictvím klávesnice bývá nejčastějším způsobem autentizace uživatele. Existují i komfortnější metody, ne všechny počítače je ale standardně nabízejí. Poradíme, jak využít všech možností. Autentizace je proces ověření, zda je osoba před zařízením skutečně osobou, za ...
Kategorie: Hacking & Security

Cybercriminals Ramp Up Exploits Against Serious Zyxel Flaw

Threatpost - 6 Leden, 2021 - 17:40
More than 100,000 Zyxel networking products could be vulnerable to a hardcoded credential vulnerability (CVE-2020-29583) potentially allowing cybercriminal device takeover.
Kategorie: Hacking & Security

Feds Pinpoint Russia as ‘Likely’ Culprit Behind SolarWinds Attack

Threatpost - 6 Leden, 2021 - 16:05
The widespread compromise affecting key government agencies is ongoing, according to the U.S. government.
Kategorie: Hacking & Security

Hackers Using Fake Trump's Scandal Video to Spread QNode Malware

The Hacker News - 6 Leden, 2021 - 15:00
Cybesecurity researchers today revealed a new malspam campaign that distributes a remote access Trojan (RAT) by purporting to contain a sex scandal video of U.S. President Donald Trump. The emails, which carry with the subject line "GOOD LOAN OFFER!!," come attached with a Java archive (JAR) file called "TRUMP_SEX_SCANDAL_VIDEO.jar," which, when downloaded, installs Qua or Quaverse RAT (QRAT)
Kategorie: Hacking & Security

RCE ‘Bug’ Found and Disputed in Popular PHP Scripting Framework>

LinuxSecurity.com - 6 Leden, 2021 - 14:18
A high-risk RCE bug impacting PHP-based websites running a vulnerable version of the web-app creation tool Zend Framework and some Laminas Project releases has been discovered and disputed by Zend. Regardless of the dispute, Zend has issued a patch addressing this vulnerability which "provides type checking of the $streamName property before performing a cleanup operation (which results in an unlink() operation, which, previously, could have resulted in an implied call to an an object's __toString() method) in the Laminas\Http\Response\Stream destructor".
Kategorie: Hacking & Security

Cryptocurrency stealer for Windows, macOS, and Linux went undetected for a year>

LinuxSecurity.com - 6 Leden, 2021 - 14:11
The ElectroRAT cryptocurrency-stealing malware was written from scratch and was likely installed by thousands of Linux, Windows and MacOS users over the past year.
Kategorie: Hacking & Security

Cyberpunk 2077 pro mobily? Jde to, ale pozor na zavirovanou verzi

Novinky.cz - bezpečnost - 6 Leden, 2021 - 11:40
Cyberpunk 2077 byl jednou z nejočekávanějších her loňského roku. Přestože jde o titul, který je určen výhradně pro výkonné herní stroje, hrát se dá prostřednictvím cloudových platforem i na chytrých telefonech. Právě toho se ale snaží zneužít počítačoví piráti, kteří již internetem šíří zavirovanou mobilní verzi.
Kategorie: Hacking & Security

FBI, CISA, NSA Officially Blame Russia for SolarWinds Cyber Attack

The Hacker News - 6 Leden, 2021 - 08:17
The U.S. government on Tuesday formally pointed fingers at the Russian government for orchestrating the massive SolarWinds supply chain attack that came to light early last month. "This work indicates that an Advanced Persistent Threat (APT) actor, likely Russian in origin, is responsible for most or all of the recently discovered, ongoing cyber compromises of both government and
Kategorie: Hacking & Security

Google Speech-to-Text API Can Help Attackers Easily Bypass Google reCAPTCHA

The Hacker News - 6 Leden, 2021 - 06:55
A three-year-old attack technique to bypass Google's audio reCAPTCHA by using its own Speech-to-Text API has been found to still work with 97% accuracy. Researcher Nikolai Tschacher disclosed his findings in a proof-of-concept (PoC) of the attack on January 2. "The idea of the attack is very simple: You grab the MP3 file of the audio reCAPTCHA and you submit it to Google's own speech-to-text API
Kategorie: Hacking & Security

RCE ‘Bug’ Found and Disputed in Popular PHP Scripting Framework

Threatpost - 5 Leden, 2021 - 23:28
Impacted are PHP-based websites running a vulnerable version of the web-app creation tool Zend Framework and some Laminas Project releases.
Kategorie: Hacking & Security

Cyberattacks on Healthcare Spike 45% Since November

Threatpost - 5 Leden, 2021 - 22:33
The relentless rise in COVID-19 cases is battering already frayed healthcare systems — and ransomware criminals are using the opportunity to strike.
Kategorie: Hacking & Security

Telegram Triangulation Pinpoints Users’ Exact Locations

Threatpost - 5 Leden, 2021 - 21:33
The "People Nearby" feature in the secure messaging app can be abused to unmask a user's precise location, a researcher said.
Kategorie: Hacking & Security
Syndikovat obsah