Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.

Kategorie

Google Chrome to Distrust Symantec SSLs for Mis-issuing 30,000 EV Certificates

The Hacker News - 1 hodina 55 min zpět
Google announced its plans to punish Symantec by gradually distrusting its SSL certificates after the company was caught improperly issuing 30,000 Extended Validation (EV) certificates over the past few years. The Extended Validation (EV) status of all certificates issued by Symantec-owned certificate authorities will no longer be recognized by the Chrome browser for at least a year until
Kategorie: Hacking & Security

Latest WikiLeaks dump shows CIA targeting Apple earlier than others

Sophos Naked Security - 2 hodiny 9 min zpět
Focusing on Macs makes sense, say experts: 'many high-value targets love to use Macs'

Google takes Symantec to the woodshed for mis-issuing 30,000 HTTPS certs [updated]

Ars Technica - 2 hodiny 23 min zpět

Enlarge (credit: Nyttend)

In a severe rebuke of one of the biggest suppliers of HTTPS credentials, Google Chrome developers announced plans to drastically restrict transport layer security certificates sold by Symantec-owned issuers following the discovery they have allegedly mis-issued more than 30,000 certificates.

Effective immediately, Chrome plans to stop recognizing the extended validation status of all certificates issued by Symantec-owned certificate authorities, Ryan Sleevi, a software engineer on the Google Chrome team, said Thursday in an online forum. Extended validation certificates are supposed to provide enhanced assurances of a site's authenticity by showing the name of the validated domain name holder in the address bar. Under the move announced by Sleevi, Chrome will immediately stop displaying that information for a period of at least a year. In effect, the certificates will be downgraded to less-secure domain-validated certificates.

More gradually, Google plans to update Chrome to effectively nullify all currently valid certificates issued by Symantec-owned CAs. With Symantec certificates representing more than 30 percent of the Internet's valid certificates by volume in 2015, the move has the potential to prevent millions of Chrome users from being able to access large numbers of sites. What's more, Sleevi cited Firefox data that showed Symantec-issued certificates are responsible for 42 percent of all certificate validations. To minimize the chances of disruption, Chrome will stagger the mass nullification in a way that requires they be replaced over time. To do this, Chrome will gradually decrease the "maximum age" of Symantec-issued certificates over a series of releases. Chrome 59 will limit the expiration to no more than 33 months after they were issued. By Chrome 64, validity would be limited to nine months.

Read 10 remaining paragraphs | Comments

Kategorie: Hacking & Security

Threatpost News Wrap, March 27, 2017

Threatpost - 3 hodiny 1 sek zpět
The latest Wikileaks dump of Apple hacking tools, the LastPass vulnerabilities, and a new Android security report are discussed.
Kategorie: Hacking & Security

Still running Windows Vista? Here’s a wake-up call for you

Sophos Naked Security - 3 hodiny 20 min zpět
Microsoft is finally ending its extended support for Windows Vista, which means no more security patches or other updates. If you're one of the hold-outs, it's time to act

Adware Apps Booted from Google Play

Threatpost - 4 hodiny 8 min zpět
More than a dozen apps removed from Google Play store after it was determined they were overly aggressive adware.
Kategorie: Hacking & Security

Man charged with $100m ‘whaling’ attack on two US tech giants

Sophos Naked Security - 5 hodin 40 min zpět
Victims of whaling attack not named, but it's not the first time a big multinational has been targeted, and it won't be the last

Launching Shellcode from Cat Pictures

InfoSec Institute Resources - 5 hodin 45 min zpět

We all know the internet loves cats! I was thinking of how we can combine cats and malware. Then, it struck me! I occasionally see a particular method of code execution which includes some executable file and an image. Usually, I will see that the program will download the image file and then convert it […]

The post Launching Shellcode from Cat Pictures appeared first on InfoSec Resources.

Kategorie: Hacking & Security

MASSCAN – Scan the Internet in minutes

InfoSec Institute Resources - 5 hodin 45 min zpět

Scanning is a really important part of any penetration testing. It gives us more information about our target which leads to narrowing the scope of the attack. I am sure most of us are familiar with Nmap, the most famous port scanner available. Masscan produces the same results as Nmap and in a much faster […]

The post MASSCAN – Scan the Internet in minutes appeared first on InfoSec Resources.

Kategorie: Hacking & Security

Spock will unlock Kirk ransomware – after you beam up a bunch of Monero

Sophos Naked Security - 6 hodin 32 min zpět
It's ransomware, Jim, but not as we know it

Zaplaťte, nebo smažeme data miliónů uživatelů. Hackeři vyhrožují Applu

Novinky.cz - bezpečnost - 7 hodin 35 min zpět
Velmi nepříjemnou situaci musí nyní řešit bezpečnostní experti společnosti Apple. Hackerům se totiž podařilo údajně dostat k údajům stovek miliónů uživatelů služby iCloud. Nyní tak americkému počítačovému gigantu vyhrožují, že pokud nezaplatí výkupné, smažou všechna data uložená uživateli a tím nevratně poškodí i pověst podniku s logem nakousnutého jablka.
Kategorie: Hacking & Security

Google proposes sending Symantec to TLS sin bin

LinuxSecurity.com - 7 hodin 1 min zpět
LinuxSecurity.com: Google has announced plans to reduce the trust in Symantec TLS certificates until a point is reached in early 2018 where Chrome 64 will only trust certificates issued for 279 days or less from the security giant and its subsidiaries.
Kategorie: Hacking & Security

FBI director floats international framework on access to encrypted data

LinuxSecurity.com - 7 hodin 42 min zpět
LinuxSecurity.com: FBI director James Comey has suggested that an international agreement between governments could ease fears about IT products with government-mandated backdoors, but privacy advocates are doubtful.
Kategorie: Hacking & Security

Další várka úniků ze CIA: „Temná hmota“ a „sonický šroubovák“ jsou postrachem jablíčkářů

Zive.cz - bezpečnost - 7 hodin 46 min zpět
** Po dvou týdnech je tu další várka uniklých dokumentů ** Tato nepotěší majitele macbooků ** CIA má celý balík nástrojů na jejich odposlech
Kategorie: Hacking & Security

US Senate Just Voted to Let ISPs Sell Your Web Browsing Data Without Permission

The Hacker News - 9 hodin 23 min zpět
The ISPs can now sell certain sensitive data like your browsing history without permission, thanks to the US Senate. The US Senate on Wednesday voted, with 50 Republicans for it and 48 Democrats against, to roll back a set of broadband privacy regulations passed by the Federal Communication Commission (FCC) last year when it was under Democratic leadership. In October, the Federal
Kategorie: Hacking & Security

Hackeři vydírají Apple: Zaplaťte, jinak vymažeme miliony zařízení!

Zive.cz - bezpečnost - 10 hodin 17 min zpět
Společnosti Apple hackeři hrozí, že pokud nezaplatí výkupné, odstraní data z milionů zařízení jejich zákazníků. Hackerská skupina Turkish Crime Family tvrdí, že disponuje databází s přibližně 627 miliony přihlašovacích údajů do cloudové služby iCloud. Účty prý uživatelům vymažou 7. dubna , ...
Kategorie: Hacking & Security

Wikileaks Reveals How CIA Was Hacking Your iPhones And MacBooks

The Hacker News - 23 Březen, 2017 - 22:45
As part of its "Vault 7" series, Wikileaks — the popular whistle-blowing platform — has just released another batch of classified documents focused on exploits and hacking techniques the Central Intelligence Agency (CIA) designed to target Apple MacOS and iOS devices. Dubbed "Dark Matter," the leak uncovers macOS vulnerabilities and attack vectors developed by a special division of the CIA
Kategorie: Hacking & Security

New WikiLeaks dump: The CIA built Thunderbolt exploit, implants to target Macs

Ars Technica - 23 Březen, 2017 - 21:11

Enlarge / One of these things is a CIA implant dropper. (credit: From an original image by Scott Ackerman)

WikiLeaks today dumped a smaller subset of documents from its "Vault 7" collection of files from a CIA software developer server. Yet again, these documents are more important from the perspective of WikiLeaks having them than for showing any revelatory content. The exploits detailed in these new files are for vulnerabilities that have largely been independently discovered and patched in the past. The files also reveal that the CIA likely built one of these tools after seeing a presentation on the exploits of Apple's EFI boot firmware at Black Hat in 2012.

The latest batch of files, dramatically named "DarkMatter" (after one of the tools described in the dump), consists of user manuals and other documentation for exploits targeting Apple MacBooks—including malware that leveraged a vulnerability in Apple's Thunderbolt interface uncovered by a researcher two years ago. Named "Sonic Screwdriver" after the ever-useful tool carried by the fictional Doctor of Dr. Who, the malware was stored on an ordinary Thunderbolt Ethernet adapter. It exploited the Thunderbolt interface to allow anyone with physical access to a MacBook to bypass password protection on firmware and install one of a series of Apple-specific CIA "implants."

The first (and only documented) version of Sonic Screwdriver was released in 2012. It worked only on MacBooks built between late 2011 and mid-2012, and the tool used a vulnerability in the firmware of those computers that allowed commands to be sent via the Thunderbolt adapter to change the "boot path" (the location of the files used to boot the computer). The change would allow a local attacker to boot the targeted MacBook from an external device to install malware that eavesdropped on the computer during normal use. Those implants included "DarkMatter," the predecessor to "QuarkMatter." (QuarkMatter is malware that was revealed in the previous WikiLeaks dump, and it infected the EFI partition of a MacBook's storage device.)

Read 5 remaining paragraphs | Comments

Kategorie: Hacking & Security

WikiLeaks Dump Shows CIA Interdiction of iPhone Supply Chain

Threatpost - 23 Březen, 2017 - 20:26
Today's WikiLeaks Vault 7 Dark Matter release shows the CIA's capabilities to attack and persist on Apple iPhone and Mac firmware and an apparent interdiction of the iPhone supply chain.
Kategorie: Hacking & Security
Syndikovat obsah