Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.

Kategorie

New BLISTER Malware Update Fuelling Stealthy Network Infiltration

The Hacker News - 5 Září, 2023 - 16:04
An updated version of a malware loader known as BLISTER is being used as part of SocGholish infection chains to distribute an open-source command-and-control (C2) framework called Mythic. “New BLISTER update includes keying feature that allows for precise targeting of victim networks and lowers exposure within VM/sandbox environments,” Elastic Security Labs researchers Salim Bitam and Daniel THNhttp://www.blogger.com/profile/09767675513435997467noreply@blogger.comCyber Threat / Malware37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

New Python Variant of Chaes Malware Targets Banking and Logistics Industries

The Hacker News - 5 Září, 2023 - 14:19
Banking and logistics industries are under the onslaught of a reworked variant of a malware called Chaes. "It has undergone major overhauls: from being rewritten entirely in Python, which resulted in lower detection rates by traditional defense systems, to a comprehensive redesign and an enhanced communication protocol," Morphisec said in a new detailed technical write-up shared with The Hacker THNhttp://www.blogger.com/profile/09767675513435997467noreply@blogger.comCyber Threat / Malware37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

Way Too Vulnerable: Join this Webinar to Understand and Strengthen Identity Attack Surface

The Hacker News - 5 Září, 2023 - 13:56
In today's digital age, it's not just about being online but how securely your organization operates online. Regardless of size or industry, every organization heavily depends on digital assets. The digital realm is where business takes place, from financial transactions to confidential data storage. While organizations have quickly adopted tools like Multi-Factor Authentication (MFA), The Hacker Newshttp://www.blogger.com/profile/16801458706306167627noreply@blogger.comAttack Surface / Identity Threats37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

Key Cybersecurity Tools That Can Mitigate the Cost of a Breach

The Hacker News - 5 Září, 2023 - 13:14
IBM's 2023 installment of their annual "Cost of a Breach" report has thrown up some interesting trends. Of course, breaches being costly is no longer news at this stage! What’s interesting is the difference in how organizations respond to threats and which technologies are helping reduce the costs associated with every IT team’s nightmare scenario.  The average cost of a breach rose once again The Hacker Newshttp://www.blogger.com/profile/16801458706306167627noreply@blogger.comData Breach / Password Security37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

Researchers Warn of Cyber Weapons Used by Lazarus Group's Andariel Cluster

The Hacker News - 5 Září, 2023 - 12:15
The North Korean threat actor known as Andariel has been observed employing an arsenal of malicious tools in its cyber assaults against corporations and organizations in the southern counterpart. “One characteristic of the attacks identified in 2023 is that there are numerous malware strains developed in the Go language,” the AhnLab Security Emergency Response Center (ASEC) said in a deep dive THNhttp://www.blogger.com/profile/09767675513435997467noreply@blogger.comCyber Attack / Malware37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

Meta Takes Down Thousands of Accounts Involved in Disinformation Ops from China and Russia

The Hacker News - 5 Září, 2023 - 08:17
Meta has disclosed that it disrupted two of the largest known covert influence operations in the world from China and Russia, blocking thousands of accounts and pages across its platform. “It targeted more than 50 apps, including Facebook, Instagram, X (formerly Twitter), YouTube, TikTok, Reddit, Pinterest, Medium, Blogspot, LiveJournal, VKontakte, Vimeo, and dozens of smaller platforms and THNhttp://www.blogger.com/profile/09767675513435997467noreply@blogger.comSocial Media / Disinformation37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

Hackers Exploit MinIO Storage System Vulnerabilities to Compromise Servers

The Hacker News - 4 Září, 2023 - 16:13
An unknown threat actor has been observed weaponizing high-severity security flaws in the MinIO high-performance object storage system to achieve unauthorized code execution on affected servers. Cybersecurity and incident response firm Security Joes said the intrusion leveraged a publicly available exploit chain to backdoor the MinIO instance. The comprises CVE-2023-28432 (CVSS score: 7.5) and THNhttp://www.blogger.com/profile/09767675513435997467noreply@blogger.comVulnerability / Server Security37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

X (Twitter) to Collect Biometric Data from Premium Users to Combat Impersonation

The Hacker News - 4 Září, 2023 - 14:54
X, the social media site formerly known as Twitter, has updated its privacy policy to collect users’ biometric data to tackle fraud and impersonation on the platform. “Based on your consent, we may collect and use your biometric information for safety, security, and identification purposes,” the company said. The revised policy is expected to go into effect on September 29, 2023. The social THNhttp://www.blogger.com/profile/09767675513435997467noreply@blogger.comPrivacy / Biometrics37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

Everything You Wanted to Know About AI Security but Were Afraid to Ask

The Hacker News - 4 Září, 2023 - 13:29
There’s been a great deal of AI hype recently, but that doesn’t mean the robots are here to replace us. This article sets the record straight and explains how businesses should approach AI. From musing about self-driving cars to fearing AI bots that could destroy the world, there has been a great deal of AI hype in the past few years. AI has captured our imaginations, dreams, and occasionally, The Hacker Newshttp://www.blogger.com/profile/16801458706306167627noreply@blogger.comArtificial Intelligence / Cyber Security37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

Everything You Wanted to Know About AI Security but Were Afraid to Ask

The Hacker News - 4 Září, 2023 - 13:29
There’s been a great deal of AI hype recently, but that doesn’t mean the robots are here to replace us. This article sets the record straight and explains how businesses should approach AI. From musing about self-driving cars to fearing AI bots that could destroy the world, there has been a great deal of AI hype in the past few years. AI has captured our imaginations, dreams, and occasionally,
Kategorie: Hacking & Security

North Korean Malware Targets Windows, MacOS and Linux

LinuxSecurity.com - 4 Září, 2023 - 13:00
Cybersecurity researchers at ReversingLabs claim that a recent malicious cyber campaign targeting MacOS, Linux, and Windows systems was carried out by the North Korean threat group Lazarus.
Kategorie: Hacking & Security

Vietnamese Cybercriminals Targeting Facebook Business Accounts with Malvertising

The Hacker News - 4 Září, 2023 - 10:40
Malicious actors associated with the Vietnamese cybercrime ecosystem are leveraging advertising-as-a-vector on social media platforms such as Meta-owned Facebook to distribute malware. “Threat actors have long used fraudulent ads as a vector to target victims with scams, malvertising, and more,” WithSecure researcher Mohammad Kazem Hassan Nejad said. “And with businesses now leveraging the reach
Kategorie: Hacking & Security

Vietnamese Cybercriminals Targeting Facebook Business Accounts with Malvertising

The Hacker News - 4 Září, 2023 - 10:40
Malicious actors associated with the Vietnamese cybercrime ecosystem are leveraging advertising-as-a-vector on social media platforms such as Meta-owned Facebook to distribute malware. “Threat actors have long used fraudulent ads as a vector to target victims with scams, malvertising, and more,” WithSecure researcher Mohammad Kazem Hassan Nejad said. “And with businesses now leveraging the reachTHNhttp://www.blogger.com/profile/09767675513435997467noreply@blogger.comMalvertising / Social Media37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

Beware of MalDoc in PDF: A New Polyglot Attack Allowing Attackers to Evade Antivirus

The Hacker News - 4 Září, 2023 - 07:40
Cybersecurity researchers have called attention to a new antivirus evasion technique that involves embedding a malicious Microsoft Word file into a PDF file. The sneaky method, dubbed MalDoc in PDF by JPCERT/CC, is said to have been employed in an in-the-wild attack in July 2023. "A file created with MalDoc in PDF can be opened in Word even though it has magic numbers and file structure of PDF,"
Kategorie: Hacking & Security

Beware of MalDoc in PDF: A New Polyglot Attack Allowing Attackers to Evade Antivirus

The Hacker News - 4 Září, 2023 - 07:40
Cybersecurity researchers have called attention to a new antivirus evasion technique that involves embedding a malicious Microsoft Word file into a PDF file. The sneaky method, dubbed MalDoc in PDF by JPCERT/CC, is said to have been employed in an in-the-wild attack in July 2023. "A file created with MalDoc in PDF can be opened in Word even though it has magic numbers and file structure of PDF,"THNhttp://www.blogger.com/profile/09767675513435997467noreply@blogger.comCyber Threat / Malware37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

Chinese-Speaking Cybercriminals Launch Large-Scale iMessage Smishing Campaign in U.S.

The Hacker News - 4 Září, 2023 - 07:30
A new large-scale smishing campaign is targeting the U.S. by sending iMessages from compromised Apple iCloud accounts with an aim to conduct identity theft and financial fraud. “The Chinese-speaking threat actors behind this campaign are operating a package-tracking text scam sent via iMessage to collect personally identifying information (PII) and payment credentials from victims, in the THNhttp://www.blogger.com/profile/09767675513435997467noreply@blogger.comFinancial Fraud / Phishing37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641
Kategorie: Hacking & Security

Chinese-Speaking Cybercriminals Launch Large-Scale iMessage Smishing Campaign in U.S.

The Hacker News - 4 Září, 2023 - 07:30
A new large-scale smishing campaign is targeting the U.S. by sending iMessages from compromised Apple iCloud accounts with an aim to conduct identity theft and financial fraud. “The Chinese-speaking threat actors behind this campaign are operating a package-tracking text scam sent via iMessage to collect personally identifying information (PII) and payment credentials from victims, in the
Kategorie: Hacking & Security

What Is Kali Linux? Everything To Know About the Popular Linux Distro

LinuxSecurity.com - 3 Září, 2023 - 13:00
One of the most-used Linux distros is Kali Linux, which is preferred by security professionals.
Kategorie: Hacking & Security

SELinux In Linux 6.6 Removes References To Its Origins At The US NSA

LinuxSecurity.com - 3 Září, 2023 - 13:00
Security Enhanced Linux (SELinux) has been part of the mainline kernel for two decades to provide a security module implementing access control security policies and is now widely-used for enhancing the security of production Linux servers and other systems. Those that haven't been involved with Linux for a long time may be unaware that SELinux originates from the US National Security Agency (NSA). But now with Linux 6.6 the NSA references are being removed.
Kategorie: Hacking & Security

PoC Exploit Released for Critical VMware Aria's SSH Auth Bypass Vulnerability

The Hacker News - 3 Září, 2023 - 06:42
Proof-of-concept (PoC) exploit code has been made available for a recently disclosed and patched critical flaw impacting VMware Aria Operations for Networks (formerly vRealize Network Insight). The flaw, tracked as CVE-2023-34039, is rated 9.8 out of a maximum of 10 for severity and has been described as a case of authentication bypass due to a lack of unique cryptographic key generation. “A
Kategorie: Hacking & Security
Syndikovat obsah