Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.

Kategorie

Hacker who stole Celebrity Emails, Sex Tapes, Movie Scripts Gets 5 Years in Prison

The Hacker News - 1 hodina 53 min zpět
A hacker who was arrested last year for hacking into celebrities' email accounts to steal the unreleased movie and television scripts, their private messages, and sex tapes to sell them has finally been sentenced five years in prison. Alonzo Knowles, a 24-year-old Bahamian man, was convicted by U.S. District Judge Paul A. Engelmayer in Manhattan on Tuesday. Knowles, who maintained a list of
Kategorie: Hacking & Security

Charities hit with fines for sharing donors’ data without consent

Sophos Naked Security - 1 hodina 57 min zpět
Animal and heart charities built up pictures of donors without their knowledge to target them for cash

5-Year-Old Linux Kernel Local Privilege Escalation Flaw Discovered

The Hacker News - 2 hodiny 37 sek zpět
A 5-year-old serious privilege-escalation vulnerability has been discovered in Linux kernel that affects almost every distro of the Linux operating system, including Redhat, and Ubuntu. Over a month back, a nine-year-old privilege-escalation vulnerability, dubbed "Dirty COW," was discovered in the Linux kernel that affected every distro of the open-source operating system, including Red Hat,
Kategorie: Hacking & Security

V bezpečnostních IP kamerách Sony byla nalezena „zadní vrátka“, umožnila administrátorský přístup komukoli

Zive.cz - bezpečnost - 2 hodiny 49 min zpět
S rozmachem internetu věcí vzniká i rozmach bezpečnostních hrozeb z počtu zařízení, která lze hacknout kvůli chybám v jejich zabezpečení. Ironií je, že tentokrát se ale problém objevil u profesionálních bezpečnostních kamer od Sony řady Ipela Engine . Jak objevila bezpečnostní společnost SEC ...
Kategorie: Hacking & Security

Critical Vulnerability Patched in Roundcube Webmail

Threatpost - 3 hodiny 13 min zpět
Open source webmail provider Roundcube was patched against a vulnerability that could be trivially exploited to run code on servers or access email accounts.
Kategorie: Hacking & Security

Zombie routery chystaly útok v Německu a Británii, stejný vir dříve odstavil Twitter

Novinky.cz - bezpečnost - 3 hodiny 15 min zpět
Říjnový masový výpadek sociální sítě Twitter, ale také internetového obchodu Amazon nebo Facebooku ve Spojených státech, k němuž došlo při masovém DDoS útoku přes zařízení napojená na sítě Internetu věcí, se tento týden v menším měřítku zopakoval v Německu a ve Velké Británii.
Kategorie: Hacking & Security

Flaw spotted in North Korea’s Red Star operating system

Sophos Naked Security - 3 hodiny 45 min zpět
Flaw in bundled browser could give an attacker complete control over a user's PC

Nintendo targets 3DS vulnerabilities in new bug bounty

Sophos Naked Security - 4 hodiny 37 min zpět
Bug bounty program focuses on hardware exploits

5 Benefits of Cloud-Based End-Point Security Products

InfoSec Institute Resources - 5 hodin 13 min zpět
With the emergence of cloud technologies, many products arrived that utilized the newly created possibilities in one way or another. Of course, some very good security products have been created that benefit from these possibilities as well. End-point security products, which are basically the old anti-virus suites, have probably been transformed the most in this […]
Kategorie: Hacking & Security

Denial of Service Attack

InfoSec Institute Resources - 5 hodin 13 min zpět
In this post, we examine the DoS (Denial of Service attack), how it works, what’s the impact of such an attack, and some tools to perform this kind of exploitation in different vectors. The DoS attack is one of the most destructive attacks on the web. It attempts to exhaust the resources of the victim […]
Kategorie: Hacking & Security

Hackers Gamify DDoS Attacks With Collaborative Platform

Threatpost - 5 hodin 14 min zpět
A hacking group is luring participants to use a DDoS platform where they can compete with peers to earn redeemable points exchangeable for hacking tools and click-fraud software.
Kategorie: Hacking & Security

Where Cybercriminals Go To Buy Your Stolen Data

LinuxSecurity.com - 8 hodin 10 min zpět
LinuxSecurity.com: With nothing more than a standard Web browser, cybercriminals can find personal, private information all over the public Internet. It isn't just legitimate services - from genealogy sites to public records and social media - that can be mined and exploited for nefarious purposes. Openly malicious criminal activities are also happening on the public Internet.
Kategorie: Hacking & Security

BlackNurse Low-Volume DoS Attack Targets Firewalls

LinuxSecurity.com - 8 hodin 17 min zpět
LinuxSecurity.com: A type of denial of service attack relevant in the 1990s has resurfaced with surprising potency against modern-day firewalls. Dubbed a BlackNurse attack, the technique leverages a low-volume Internet Control Message Protocol (ICMP) -based attack on vulnerable firewalls made by Cisco, Palo Alto, SonicWall and others, according to researchers.
Kategorie: Hacking & Security

North Korea's Linux-based Red Star OS can be Hacked Remotely with just a Link

LinuxSecurity.com - 8 hodin 18 min zpět
LinuxSecurity.com: North Korea's own homegrown computer operating system, that's supposed to be fully hacker proof and more secure than foreign OS, like Microsoft's Windows, can easily be hacked remotely.
Kategorie: Hacking & Security

Hacking Millions with Just an Image — Recipe: Pixels, Ads & Exploit Kit

The Hacker News - 10 hodin 4 min zpět
If you have visited any popular mainstream website over the past two months, your computer may have been infected — Thanks to a new exploit kit discovered by security researchers. Researchers from antivirus provider ESET released a report on Tuesday stating that they have discovered an exploit kit, dubbed Stegano, hiding malicious code in the pixels of banner advertisements that are currently
Kategorie: Hacking & Security

Millions exposed to malvertising that hid attack code in banner pixels

Ars Technica - 6 Prosinec, 2016 - 23:16

Millions of people visiting mainstream websites over the past two months have been exposed to a novel form of malicious ads that embed attack code in individual pixels of the banners.

Researchers from antivirus provider Eset said "Stegano," as they've dubbed the campaign, dates back to 2014. Beginning in early October, its unusually stealthy operators scored a major coup by getting the ads displayed on a variety of unnamed reputable news sites, each with millions of daily visitors. Borrowing from the word steganography—the practice of concealing secret messages inside a larger document that dates back to at least 440 BC—Stegano hides parts of its malicious code in parameters controlling the transparency of pixels used to display banner ads. While the attack code alters the tone or color of the images, the changes are almost invisible to the untrained eye.

Left: Clean picture; middle: picture with malicious content; right: malicious version enhanced for illustrative purposes. (credit: Eset)

The malicious script is concealed in the alpha channel that defines the transparency of pixels, making it extremely difficult for even sharp-eyed ad networks to detect. After verifying that the targeted browser isn't running in a virtual machine or connected to other types of security software often used to detect attacks, the script redirects the browser to a site that hosts three exploits for now-patched Adobe Flash vulnerabilities.

Read 6 remaining paragraphs | Comments

Kategorie: Hacking & Security

HCISSP

InfoSec Institute Resources - 6 Prosinec, 2016 - 21:46
The worldwide healthcare sector is expected to be one of the fastest growing employers for the next 10 years. With the growth of the healthcare industry, the risks and consequences of keeping health information protected and secure are increasing. Thus, the need for qualified professionals with the necessary competence to secure and protect health information […]
Kategorie: Hacking & Security

Objeven backdoor u Sony IP kamer

CSIRT.cz - 6 Prosinec, 2016 - 21:39

Byla zjištěna slabina v zabezpečení u IP kamer v 80 různých výrobcích Sony SNC series. Ve firmware je napevno uloženo heslo pro uživatele root a admin. Při získání root oprávnění je možné kameru následně využít ke sledování či dalším útokům v síti. Sony již vydalo bezpečnostní aktualizaci, která má tento problém vyřešit.

Kategorie: Hacking & Security

Neoprávněná aktivace zcizených iOS based zařízení

CSIRT.cz - 6 Prosinec, 2016 - 21:37

Nedávno objevená chyba v zabezpečení poslední verze iOS (iPhone, iPad) umožňuje neoprávněnou aktivaci zcizeného zařízení uzamčeného pomocí Activation Lock (Zámek aktivace). Chyba je způsobená neošetřenou maximální délkou Wi-Fi SSID, která může způsobit buffer overflow.

Kategorie: Hacking & Security

Flash Exploit Found in Seven Exploit Kits

Threatpost - 6 Prosinec, 2016 - 19:58
An Adobe Flash Player vulnerability used by the Sofacy APT gang was also found in seven of the top exploit kits, according to an analysis by Recorded Future.
Kategorie: Hacking & Security
Syndikovat obsah