Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.

Kategorie

Black Hat 2018: Widespread Critical Flaws Found in Smart-City Gear

Threatpost - 9 Srpen, 2018 - 19:38
More than a dozen flaws in smart-city gear could open the door to attackers bent on sowing public panic, according to IBM X-Force.
Kategorie: Hacking & Security

Black Hat 2018: Stealthy Kernel Attack Flies Under Windows Mitigation Radar

Threatpost - 9 Srpen, 2018 - 19:35
Researchers create PoC of a post-exploitation kernel-mode fileless attack technique.
Kategorie: Hacking & Security

Hacking For Sport: A Journey in Reverse Engineering a Toshiba Wireless SD Card

Threatpost - 9 Srpen, 2018 - 19:26
Reverse engineering the Toshiba FlashAir SD storage card allowed a researcher to execute remote code - and could've allowed him to add other malicious or practical features.
Kategorie: Hacking & Security

Windows 10 to get disposable sandboxes for dodgy apps

Ars Technica - 9 Srpen, 2018 - 19:08

Enlarge (credit: F Delventhal)

Microsoft is building a new Windows 10 sandboxing feature that will let users run untrusted software in a virtualized environment that's discarded when the program finishes running.

The new feature was revealed in a bug-hunting quest for members of the Insider program and will carry the name "InPrivate Desktop." While the quest has now been removed, the instructions outlined the basic system requirements—a Windows 10 Enterprise system with virtualization enabled and adequate disk and memory—and briefly described how it would be used. There will be an InPrivate Desktop app in the store; running it will present a virtualized desktop environment that can be used to run questionable programs and will be destroyed when the window is closed.

While it would, of course, be possible to manually create a virtual machine to run software of dubious merit, InPrivate Desktop will streamline and automate that process, making it painless to run things in a safe environment. There's some level of integration with the host operating system—the clipboard can be used to transfer data, for example—but one assumes that user data is off limits, preventing data theft, ransomware, and similar nastiness.

Read 3 remaining paragraphs | Comments

Kategorie: Hacking & Security

New Actor DarkHydrus Targets Middle East with Open-Source Phishing

Threatpost - 9 Srpen, 2018 - 17:28
DarkHydrus uses the open-source Phishery tool to create two of the known Word documents used in the attacks.
Kategorie: Hacking & Security

Google to warn companies targeted in government-backed attacks

Sophos Naked Security - 9 Srpen, 2018 - 16:34
G Suite admins will have the option of enabling alerts if Google suspects government-backed hacking attempts.

Black Hat 2018: Cortana Flaw Allowed Takeover of Locked Windows 10 Device

Threatpost - 9 Srpen, 2018 - 16:24
A flaw in Cortana allowed researchers to take over a locked Windows machine and execute arbitrary code.
Kategorie: Hacking & Security

Free Facial Recognition Tool Can Track People Across Social Media Sites

The Hacker News - 9 Srpen, 2018 - 16:22
Security researchers at Trustwave have released a new open-source tool that uses facial recognition technology to locate targets across numerous social media networks on a large scale. Dubbed Social Mapper, the facial recognition tool automatically searches for targets across eight social media platforms, including—Facebook, Instagram, Twitter, LinkedIn, Google+, the Russian social networking
Kategorie: Hacking & Security

Complimentary Gartner Report: Peer Insights ‘Voice of the Customer’ – Security Awareness CBT

InfoSec Institute Resources - 9 Srpen, 2018 - 16:22

We’re pleased to announce InfoSec Institute is named to the Customers’ Choice Zone of the Gartner Peer Insights ‘Voice of the Customer’: Security Awareness Computer-Based Training Market Report. Free from vendor influence, Gartner Peer Insights research reports are based on enterprise professionals’ software and service reviews and first-hand experiences through various stages of the IT […]

The post Complimentary Gartner Report: Peer Insights ‘Voice of the Customer’ – Security Awareness CBT appeared first on InfoSec Resources.

Complimentary Gartner Report: Peer Insights ‘Voice of the Customer’ – Security Awareness CBT was first posted on August 9, 2018 at 9:22 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Researchers Developed Artificial Intelligence-Powered Stealthy Malware

The Hacker News - 9 Srpen, 2018 - 16:20
Artificial Intelligence (AI) has been seen as a potential solution for automatically detecting and combating malware, and stop cyber attacks before they affect any organization. However, the same technology can also be weaponized by threat actors to power a new generation of malware that can evade even the best cyber-security defenses and infects a computer network or launch an attack only
Kategorie: Hacking & Security

“Attack” on FCC over net neutrality was legitimate traffic, report says

Sophos Naked Security - 9 Srpen, 2018 - 15:21
An FCC Office of Inspector General (OIG) report has found no evidence of DDoS attacks on the FCC's comments system.

Top Five SecurityIQ Phishing Templates: July 2018 Edition

InfoSec Institute Resources - 9 Srpen, 2018 - 14:58

SecurityIQ phishing simulation data from July confirms end users remain susceptible to banking and file-sharing phishing attempts. We looked at performance data from 1,000s phishing templates to bring you the most popular phishing simulations from last month — or the templates with the most sends in July. If you haven’t already sent these templates to […]

The post Top Five SecurityIQ Phishing Templates: July 2018 Edition appeared first on InfoSec Resources.

Top Five SecurityIQ Phishing Templates: July 2018 Edition was first posted on August 9, 2018 at 7:58 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

DARPA takes aim at deepfake forgeries

Sophos Naked Security - 9 Srpen, 2018 - 14:55
DARPA's MediaFor project has come up with tools it says can spot AI-created fakes.

Black Hat 2018: Google Bug Hunter Urges Apple to Change its iOS Security Culture

Threatpost - 9 Srpen, 2018 - 14:40
Project Zero researcher highlights stubborn iOS bugs as an example of why Apple and the rest of the industry needs to take a fresh approach to securing systems.
Kategorie: Hacking & Security

Fortnite for Android goes “off market” – is that good or bad? [VIDEO]

Sophos Naked Security - 9 Srpen, 2018 - 13:39
Fortnite for Android will sidestep Google Play and be an “off market” experience - is that good or bad? We discuss the issues...

Over 20 Flaws Discovered in Popular Healthcare Software

LinuxSecurity.com - 9 Srpen, 2018 - 11:54
LinuxSecurity.com: Multiple vulnerabilities in a popular healthcare software provider's products may have put at risk the data of over 90 million patients.
Kategorie: Hacking & Security

#BHUSA: Politics and Cyber-Defense Are Colliding

LinuxSecurity.com - 9 Srpen, 2018 - 11:27
LinuxSecurity.com: Opening Black Hat USA in Las Vegas, Black Hat founder Jeff Moss commented on the convergence of cybersecurity and political issues and said that world events "have caught up with us and we're being tested."
Kategorie: Hacking & Security

Kamera Driver i z vás udělá lepšího řidiče – bude mluvit do řízení

Zive.cz - bezpečnost - 9 Srpen, 2018 - 08:00
** Chytrá kamera Driver i sleduje dění ve voze i před ním ** Dokáže varovat před nebezpečím a hodnotí řidiče ** Umělá inteligence se učí reagovat na situace na silnici
Kategorie: Hacking & Security

Black Hat 2018: Mixed Signal Microcontrollers Open to Side-Channel Attacks

Threatpost - 8 Srpen, 2018 - 22:30
In mixed-design radio chips the processor’s activity leaks into the analog portion of the chip - and is broadcast as output.
Kategorie: Hacking & Security

Black Hat 2018: Google’s Tabriz Talks Complex Security Landscapes

Threatpost - 8 Srpen, 2018 - 22:24
At Black Hat, Google's Parisa Tabriz discussed how to navigate the complex security environment with long-term thinking and a policy of open collaboration.
Kategorie: Hacking & Security
Syndikovat obsah