Kategorie

Meltdown and Spectre have raised awareness of the danger of hardware and firmware vulnerabilities. Here's a roundup of the ones that present the most significant threats.

Looking to improve your company's security in 2021? Open-source tools can be great additions to your cloud security arsenal. Here are a half-dozen to get you started.

The messaging platform will update its privacy platform on Feb. 8 to integrate further with its parent company, prompting users to cry foul over privacy issues.

Kecálek Telegram má šikovnou funkci People Nearby, která umožňuje zobrazit další uživatele aplikace v okolí. Nezobrazuje sice jejich polohu, ukáže ale přesnou vzdálenost na metry. Dá se tak zjistit, kde se osoba nachází. Na potenciální problém upozornil Ahmed Hassan v blogovém příspěvku, který i ...

The NSA released new guidance providing system administrators with the tools to update outdated TLS protocols.

Criminals are using the end of the Trump presidency to deliver a new remote-access trojan (RAT) variant disguised as a sex video of the outgoing POTUS, researchers report.

Report outlines deep cybersecurity challenges for the public/private seagoing sector.

Hardcoded passwords are always wrong - they are equivalent to implanting a global backdoor and hoping no one will find it.

Heslo napsané prostřednictvím klávesnice bývá nejčastějším způsobem autentizace uživatele. Existují i komfortnější metody, ne všechny počítače je ale standardně nabízejí. Poradíme, jak využít všech možností. Autentizace je proces ověření, zda je osoba před zařízením skutečně osobou, za ...

More than 100,000 Zyxel networking products could be vulnerable to a hardcoded credential vulnerability (CVE-2020-29583) potentially allowing cybercriminal device takeover.

The widespread compromise affecting key government agencies is ongoing, according to the U.S. government.

Cybesecurity researchers today revealed a new malspam campaign that distributes a remote access Trojan (RAT) by purporting to contain a sex scandal video of U.S. President Donald Trump. The emails, which carry with the subject line "GOOD LOAN OFFER!!," come attached with a Java archive (JAR) file called "TRUMP_SEX_SCANDAL_VIDEO.jar," which, when downloaded, installs Qua or Quaverse RAT (QRAT)

A high-risk RCE bug impacting PHP-based websites running a vulnerable version of the web-app creation tool Zend Framework and some Laminas Project releases has been discovered and disputed by Zend. Regardless of the dispute, Zend has issued a patch addressing this vulnerability which "provides type checking of the $streamName property before performing a cleanup operation (which results in an unlink() operation, which, previously, could have resulted in an implied call to an an object's __toString() method) in the Laminas\Http\Response\Stream destructor".

The ElectroRAT cryptocurrency-stealing malware was written from scratch and was likely installed by thousands of Linux, Windows and MacOS users over the past year.

Cyberpunk 2077 byl jednou z nejočekávanějších her loňského roku. Přestože jde o titul, který je určen výhradně pro výkonné herní stroje, hrát se dá prostřednictvím cloudových platforem i na chytrých telefonech. Právě toho se ale snaží zneužít počítačoví piráti, kteří již internetem šíří zavirovanou mobilní verzi.

The U.S. government on Tuesday formally pointed fingers at the Russian government for orchestrating the massive SolarWinds supply chain attack that came to light early last month. "This work indicates that an Advanced Persistent Threat (APT) actor, likely Russian in origin, is responsible for most or all of the recently discovered, ongoing cyber compromises of both government and

A three-year-old attack technique to bypass Google's audio reCAPTCHA by using its own Speech-to-Text API has been found to still work with 97% accuracy. Researcher Nikolai Tschacher disclosed his findings in a proof-of-concept (PoC) of the attack on January 2. "The idea of the attack is very simple: You grab the MP3 file of the audio reCAPTCHA and you submit it to Google's own speech-to-text API

Impacted are PHP-based websites running a vulnerable version of the web-app creation tool Zend Framework and some Laminas Project releases.

The relentless rise in COVID-19 cases is battering already frayed healthcare systems — and ransomware criminals are using the opportunity to strike.

The "People Nearby" feature in the secure messaging app can be abused to unmask a user's precise location, a researcher said.