Kategorie

The Dream Market's lustrously bearded 'OxyMonster' is facing a 20 year prison sentence.

From the growing list of routers affected by VPNFilter and the reason behind Bitcoin's priceplosion to Florida's year without gun background checks, and more!

LinuxSecurity.com: Open source is all about freedom. The freedom to share, to collaborate, and ultimately, to innovate.

LinuxSecurity.com: Europol has taken major steps to disrupting a long-running global cybercrime group after eight arrests in the past year including one in Thailand announced last week.

Na konci května začalo platit nové unijní nařízení o ochraně osobních údajů (GDPR), kvůli čemuž jednotlivé společnosti často oslovují jednotlivé uživatele a žádají je o souhlas se zpracováním osobních údajů. Totéž ale zkoušejí také kyberzločinci ve snaze vylákat od důvěřivců peníze.

LinuxSecurity.com: Even though Donald Trump is on good terms with North Korea, the Department of Homeland Security is still following that country's ongoing cyberattack campaign (which it's dubbed "Hidden Cobra"). Now CNN reports there's a new variant of North Korean malware to look out for: Typeframe.

LinuxSecurity.com: Millions of Dixons Carphone customers have had their financial and personal data illegally accessed after a major breach at the UK company.

Německá rozvědka BND špehovala v Rakousku od 90. let téměř 2000 institucí, uvedl v pátek rakouský deník Der Standard. Cílem elektronické špionáže se podle něj stala ministerstva, ambasády, firmy, univerzity i novináři. Zachycené informace Berlín sdílel mimo jiné s Američany, napsal list. Rakouský kancléř Sebastian Kurz chce od Berlína podrobnosti o vyzvědačské aféře a rakouský prezident Alexander Van der Bellen označil počínání Německa za nepřijatelné, napsala agentura AP.

** Nový výzkum odhaluje nečekané možnosti využití pohybových senzorů telefonu ** Pomocí těchto senzorů lze detekovat a nahrávat hlas v okolí telefonu ** Nebezpečí je velké, protože k těmto senzorům mají aplikace přístup bez kontroly

LinuxSecurity.com: Banco de Chile publicly disclosed on 28 May that it had detected a virus, presumably from international networks, that affected thousands of its workstations. Now the bank has learned that the cyber-attack was malware and resulted in attackers transferring approximately $10m via the bank's SWIFT international money transfer systems.

** Co znamená hláška „Zařízení bylo resetováno“? ** Existuje způsob, jak tuto nepříjemnost obejít? ** Ochrana FRP způsobuje problémy uživatelům

LinuxSecurity.com: The recent meeting in Singapore between US President Donald Trump and North Korea's Kim Jong Un appears to have attracted an inordinate amount of interest in US activities from threat actors based in Russia.

Apple vydal aktualizované pokyny pro vývojáře. Tento soubor pravidel musí dodržovat každý autor aplikace, pokud ji chce dostat k uživatelům přes App Store. Jednou z provedených změn je výslovný zákaz těžby kryptoměn na pozadí, další novinka byla zařazena v tichosti a upozornil na ní zpravodajský ...

In a David-and-Goliath moment, the 49-year-old librarian has won satisfaction in the wake of its head-spinningly massive 2017 data breach.

Identity Governance and Administration (IGA) can be considered a very important area in the management of information technology in enterprises and organizations. The level of IGA importance can be compared to managing licenses, configurations, security incidents, vulnerabilities and other processes well described in the ITIL libraries. Moreover, although IGA is not the basic process of […]

The post Identity Governance and Administration (IGA) in IT Infrastructure of Today appeared first on InfoSec Resources.

Identity Governance and Administration (IGA) in IT Infrastructure of Today was first posted on June 15, 2018 at 4:23 pm.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

1. Introduction At present, there is no EU-wide certification framework that allows suppliers of ICT products to obtain information security certificates valid in all 28 EU countries. For example, if a supplier of software for smart meters obtains a certificate based on the so-called Common Criteria (CC) for Information Technology Security Evaluation (ISO 15408), the […]

The post The EU Plans to Adopt a Cybersecurity Certification Framework appeared first on InfoSec Resources.

The EU Plans to Adopt a Cybersecurity Certification Framework was first posted on June 15, 2018 at 3:18 pm.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

When the question of storing passwords arise, the first idea is to simply keep them in clear text in the corresponding table in the database. However, in 2018 cybercriminals are very good at getting access to such passwords. There are well-known SQL injections and many other potential vulnerabilities. It is generally accepted to assume the […]

The post And Again, About Storing Passwords appeared first on InfoSec Resources.

And Again, About Storing Passwords was first posted on June 15, 2018 at 2:34 pm.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

The Feds say Marcus Hutchins is behind both the UPAS Kit backdoor and the Kronos banking trojan.

While other malware families have been searching for new overlay techniques for Android 7 and 8, MysteryBot appears to have found a solution.

An essential part in building an information security (InfoSec) professionals’ expertise is played by hands-on experience and years of activity. However, a solid theoretical foundation is also essential to acquire the solid knowledge required to keep up with technology and the evolutions of threats and hackers’ modalities. Computer security sourcebooks, handbooks, or technical / reference […]

The post The Top 15 Must-Have Books in InfoSec appeared first on InfoSec Resources.

The Top 15 Must-Have Books in InfoSec was first posted on June 15, 2018 at 2:02 pm.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com