Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.

Kategorie

What Is an IdM and How to Discover If You Need One

InfoSec Institute Resources - 14 Červen, 2018 - 17:50

IdM is an abbreviation for “Identity Management,” i.e., management of user accounts. Let’s turn to Wikipedia: “IdM is the security discipline that enables the right individuals to access the right resources at the right times and for the right reasons.” Interestingly Wikipedia takes this definition from the Gartner IT Glossary.  I would like to expand […]

The post What Is an IdM and How to Discover If You Need One appeared first on InfoSec Resources.

What Is an IdM and How to Discover If You Need One was first posted on June 14, 2018 at 10:50 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Gaining Shell Access via UART Interface Part 1

InfoSec Institute Resources - 14 Červen, 2018 - 17:10

What is IoT The Internet of Things (IoT) is the network of physical devices, vehicles, home, appliances, vehicle, and other items embedded with electronics, software, sensors, actuators, and connectivity which enables these objects to connect and exchange data. A word on IoT Security IoT is the next big technology which will change the way we communicate and […]

The post Gaining Shell Access via UART Interface Part 1 appeared first on InfoSec Resources.

Gaining Shell Access via UART Interface Part 1 was first posted on June 14, 2018 at 10:10 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Chinese Hackers Carried Out Country-Level Watering Hole Attack

The Hacker News - 14 Červen, 2018 - 17:10
Cybersecurity researchers have uncovered an espionage campaign that has targeted a national data center of an unnamed central Asian country in order to conduct watering hole attacks. The campaign is believed to be active covertly since fall 2017 but was spotted in March by security researchers from Kaspersky Labs, who have attributed these attacks to a Chinese-speaking threat actor group called
Kategorie: Hacking & Security

U.S. Intelligence Cautions World Cup Travelers on Mobile Use

Threatpost - 14 Červen, 2018 - 15:38
World Cup travelers should leave their mobile phones, laptops and tablets behind.
Kategorie: Hacking & Security

Apple fixed firmware vulnerability found by Positive Technologies

Positive Research Center - 14 Červen, 2018 - 15:15
The vulnerability allowed exploiting a critical flaw in Intel Management Engine and still can be present in equipment of vendors that use Intel processors.

Apple released an update for macOS High Sierra 10.13.4, which fixes the firmware vulnerability CVE-2018-4251 found by Positive Technologies experts Maxim Goryachy and Mark Ermolov. For more details, see Apple Support.

Maxim Goryachy notes: "The vulnerability allows an attacker with administrator rights to gain unauthorized access to critical parts of firmware, write a vulnerable version of Intel ME, and exploit it to secretly gain a foothold in the device. Next, it is possible to obtain full control over the computer and spy with no chance of being detected."Manufacturing ModeIntel ME has Manufacturing Mode designed to be used exclusively by motherboard manufacturers. This mode provides additional opportunities, and an attacker can gain an advantage over them. The risk imposed by this mode and its impact on Intel МЕ performance was discussed by many researchers, including Positive Technologies experts (How to Become the Sole Owner of Your PC), but numerous manufacturers still do not disable this mode.

When operating in Manufacturing Mode, Intel ME allows performing a specific command, after which ME region becomes writable via the SPI controller built into the motherboard. Having a possibility to run code on the attacked system and send commands to Intel ME, the attacker can rewrite Intel ME firmware to another version, including the version vulnerable to CVE-2017-5705, CVE-2017-5706, and CVE-2017-5707, and execute arbitrary code on Intel ME even if the system is patched.

This mode is enabled in MacBook, as well. Although firmware itself is additionally protected from SPI Flash region rewriting attacks (if access to any region is open, firmware does not allow OS download), researchers found an undocumented command that restarts Intel ME without the main system restart, which allows bypassing this protection. Not only Apple computers can be attacked this way.

Positive Technologies developed a special utility that checks the status of Manufacturing Mode. You can download it using this link. If the check shows that the mode is on, we recommend you to ask your computer's manufacturer for instructions on how to turn off the mode. The utility is designed for system based on Windows and Linux. Apple users only need to install the above mentioned update.

Intel Management Engine Intel Management Engine is a microcontroller integrated into the Platform Controller Hub (PCH) microchip with a set of built-in peripherals. PCH manages almost all communication between the processor and peripherals; therefore, Intel ME has access to almost all data on the computer. Researchers found a flaw that allows executing unsigned code inside PCH on any motherboard for Skylake processors and later versions.

The extent of the problemVulnerable Intel chipsets are used all over the world, from home and work laptops to enterprise servers. The update previously released by Intel does not prevent exploitation of vulnerabilities CVE-2017-5705, CVE-2017-5706, and CVE-2017-5707, because with write access to ME region, an attacker can write a vulnerable version of МЕ and exploit a vulnerability in it.

“Hey, Cortana, did Patch Tuesday fix a serious lock screen bug?”

Sophos Naked Security - 14 Červen, 2018 - 15:12
This month's Update Tuesday includes fixes for 50 high-impact vulnerabilities in Microsoft Windows.

Trial of two men accused of $20m hacked press release fraud begins

Sophos Naked Security - 14 Červen, 2018 - 14:13
This is reportedly the first time criminal charges have been brought for a securities fraud scheme involving hacked inside information.

Google locks out extensions that don’t come from its Chrome Web Store

Sophos Naked Security - 14 Červen, 2018 - 12:49
Time's up for Chrome extensions from third-party sites.

Podcast: The Growing Social Media Threat Landscape

Threatpost - 14 Červen, 2018 - 12:11
How can we keep up with the social media threat landscape as it grows to include more malware, hacks and scams? We discuss on the latest Threatpost podcast.
Kategorie: Hacking & Security

Trial of two men accused of $20m hacked press release fraud begins

LinuxSecurity.com - 14 Červen, 2018 - 11:21
LinuxSecurity.com: We didn't know the information that made us rich was stolen from PR agencies! That appears to be the defence proffered by two defendants in the hacked press release trial.
Kategorie: Hacking & Security

Cyber threat intelligence versus business risk intelligence: What you need to know

LinuxSecurity.com - 14 Červen, 2018 - 11:18
LinuxSecurity.com: Devising a comprehensive strategy to protect your organisation from hackers, data breaches and other cyber security threats is complicated.
Kategorie: Hacking & Security

Windows, Explorer i Office. Microsoft opravil bezpečnostní chyby

Novinky.cz - bezpečnost - 14 Červen, 2018 - 10:07
Hned několik oprav týkajících se bezpečnostních trhlin vydala společnost Microsoft. Zranitelnosti jsou obsaženy jak v samotném operačním systému Windows, tak v dalších aplikacích, které tento americký softwarový gigant nabízí.
Kategorie: Hacking & Security

Cortana byla děravá. Útočník mohl ze zamknuté obrazovky oběti změnit heslo do systému

Zive.cz - bezpečnost - 14 Červen, 2018 - 10:06
Pro jednou je dobře, že u nás není Cortana k dispozici, chytrá asistentka Microsoftu, která je součástí Windows 10, totiž nemusela pomoci jen majiteli počítače, ale i potenciálnímu záškodníkovi. Experti z McAfee na blogu popsali zajímavý a vlastně naprosto primitivní útok, v rámci kterého ...
Kategorie: Hacking & Security

New 'Lazy FP State Restore' Vulnerability Found in All Modern Intel CPUs

The Hacker News - 14 Červen, 2018 - 09:59
Hell Yeah! Another security vulnerability has been discovered in Intel chips that affects the processor's speculative execution technology—like Specter and Meltdown—and could potentially be exploited to access sensitive information, including encryption related data. Dubbed Lazy FP State Restore, the vulnerability (CVE-2018-3665) within Intel Core and Xeon processors has just been confirmed
Kategorie: Hacking & Security

Kybernetickou bezpečnost je potřeba posílit, vyzval Evropský parlament

Novinky.cz - bezpečnost - 14 Červen, 2018 - 09:21
Evropská unie by v souvislosti s rostoucím rizikem útoků vedených prostřednictvím počítačů měla posílit svou kybernetickou bezpečnost. Vyzvali k tomu ve středečním usnesení poslanci Evropského parlamentu, podle nichž by měla EU zřídit týmy rychlé reakce schopné zasáhnout proti novým hrozbám. EP navrhl v této věci rovněž prohloubit spolupráci EU se Severoatlantickou aliancí.
Kategorie: Hacking & Security

Malicious Docker Containers Earn Cryptomining Criminals $90K

Threatpost - 13 Červen, 2018 - 23:55
Researchers said over a dozen malicious docker images available on Docker Hub allowed hackers to earn $90,000 in cryptojacking profits.
Kategorie: Hacking & Security

Microsoft Reveals Which Bugs It Won’t Patch

Threatpost - 13 Červen, 2018 - 23:29
A draft document lays out its criteria for addressing various flaws and notes the exceptions.
Kategorie: Hacking & Security

Two Bugs in WordPress Tooltipy Plugin Patched

Threatpost - 13 Červen, 2018 - 22:55
The bugs include a reflected cross-site scripting glitch and a cross-site request forgery vulnerability.
Kategorie: Hacking & Security
Syndikovat obsah