Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.
A hacker who was arrested last year for hacking into celebrities' email accounts to steal the unreleased movie and television scripts, their private messages, and sex tapes to sell them has finally been sentenced five years in prison.
Alonzo Knowles, a 24-year-old Bahamian man, was convicted by U.S. District Judge Paul A. Engelmayer in Manhattan on Tuesday.
Knowles, who maintained a list of
Animal and heart charities built up pictures of donors without their knowledge to target them for cash
A 5-year-old serious privilege-escalation vulnerability has been discovered in Linux kernel that affects almost every distro of the Linux operating system, including Redhat, and Ubuntu.
Over a month back, a nine-year-old privilege-escalation vulnerability, dubbed "Dirty COW," was discovered in the Linux kernel that affected every distro of the open-source operating system, including Red Hat,
S rozmachem internetu věcí vzniká i rozmach bezpečnostních hrozeb z počtu zařízení, která lze hacknout kvůli chybám v jejich zabezpečení. Ironií je, že tentokrát se ale problém objevil u profesionálních bezpečnostních kamer od Sony řady Ipela Engine . Jak objevila bezpečnostní společnost SEC ...
Open source webmail provider Roundcube was patched against a vulnerability that could be trivially exploited to run code on servers or access email accounts.
Říjnový masový výpadek sociální sítě Twitter, ale také internetového obchodu Amazon nebo Facebooku ve Spojených státech, k němuž došlo při masovém DDoS útoku přes zařízení napojená na sítě Internetu věcí, se tento týden v menším měřítku zopakoval v Německu a ve Velké Británii.
Flaw in bundled browser could give an attacker complete control over a user's PC
Bug bounty program focuses on hardware exploits
With the emergence of cloud technologies, many products arrived that utilized the newly created possibilities in one way or another. Of course, some very good security products have been created that benefit from these possibilities as well. End-point security products, which are basically the old anti-virus suites, have probably been transformed the most in this […]
In this post, we examine the DoS (Denial of Service attack), how it works, what’s the impact of such an attack, and some tools to perform this kind of exploitation in different vectors. The DoS attack is one of the most destructive attacks on the web. It attempts to exhaust the resources of the victim […]
A hacking group is luring participants to use a DDoS platform where they can compete with peers to earn redeemable points exchangeable for hacking tools and click-fraud software.
LinuxSecurity.com: With nothing more than a standard Web browser, cybercriminals can find personal, private information all over the public Internet. It isn't just legitimate services - from genealogy sites to public records and social media - that can be mined and exploited for nefarious purposes. Openly malicious criminal activities are also happening on the public Internet.
LinuxSecurity.com: A type of denial of service attack relevant in the 1990s has resurfaced with surprising potency against modern-day firewalls. Dubbed a BlackNurse attack, the technique leverages a low-volume Internet Control Message Protocol (ICMP) -based attack on vulnerable firewalls made by Cisco, Palo Alto, SonicWall and others, according to researchers.
LinuxSecurity.com: North Korea's own homegrown computer operating system, that's supposed to be fully hacker proof and more secure than foreign OS, like Microsoft's Windows, can easily be hacked remotely.
If you have visited any popular mainstream website over the past two months, your computer may have been infected — Thanks to a new exploit kit discovered by security researchers.
Researchers from antivirus provider ESET released a report on Tuesday stating that they have discovered an exploit kit, dubbed Stegano, hiding malicious code in the pixels of banner advertisements that are currently
Millions of people visiting mainstream websites over the past two months have been exposed to a novel form of malicious ads that embed attack code in individual pixels of the banners.
Researchers from antivirus provider Eset said "Stegano," as they've dubbed the campaign, dates back to 2014. Beginning in early October, its unusually stealthy operators scored a major coup by getting the ads displayed on a variety of unnamed reputable news sites, each with millions of daily visitors. Borrowing from the word steganography—the practice of concealing secret messages inside a larger document that dates back to at least 440 BC—Stegano hides parts of its malicious code in parameters controlling the transparency of pixels used to display banner ads. While the attack code alters the tone or color of the images, the changes are almost invisible to the untrained eye.
Left: Clean picture; middle: picture with malicious content; right: malicious version enhanced for illustrative purposes. (credit: Eset)
The malicious script is concealed in the alpha channel that defines the transparency of pixels, making it extremely difficult for even sharp-eyed ad networks to detect. After verifying that the targeted browser isn't running in a virtual machine or connected to other types of security software often used to detect attacks, the script redirects the browser to a site that hosts three exploits for now-patched Adobe Flash vulnerabilities.
Read 6 remaining paragraphs | Comments
The worldwide healthcare sector is expected to be one of the fastest growing employers for the next 10 years. With the growth of the healthcare industry, the risks and consequences of keeping health information protected and secure are increasing. Thus, the need for qualified professionals with the necessary competence to secure and protect health information […]
Byla zjištěna slabina v zabezpečení u IP kamer v 80 různých výrobcích Sony SNC series. Ve firmware je napevno uloženo heslo pro uživatele root a admin. Při získání root oprávnění je možné kameru následně využít ke sledování či dalším útokům v síti. Sony již vydalo bezpečnostní aktualizaci, která má tento problém vyřešit.
Nedávno objevená chyba v zabezpečení poslední verze iOS (iPhone, iPad) umožňuje neoprávněnou aktivaci zcizeného zařízení uzamčeného pomocí Activation Lock (Zámek aktivace). Chyba je způsobená neošetřenou maximální délkou Wi-Fi SSID, která může způsobit buffer overflow.
An Adobe Flash Player vulnerability used by the Sofacy APT gang was also found in seven of the top exploit kits, according to an analysis by Recorded Future.