Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.

Kategorie

Crafting and Communicating Your Cybersecurity Strategy for Board Buy-In

The Hacker News - 1 hodina 14 min zpět
In an era where digital transformation drives business across sectors, cybersecurity has transcended its traditional operational role to become a cornerstone of corporate strategy and risk management. This evolution demands a shift in how cybersecurity leaders—particularly Chief Information Security Officers (CISOs)—articulate the value and urgency of cybersecurity investments to their boards.&The Hacker Newshttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Hackers Exploiting Popular Document Publishing Sites for Phishing Attacks

The Hacker News - 1 hodina 19 min zpět
Threat actors are leveraging digital document publishing (DDP) sites hosted on platforms like FlipSnack, Issuu, Marq, Publuu, RelayTo, and Simplebooklet for carrying out phishing, credential harvesting, and session token theft, once again underscoring how threat actors are repurposing legitimate services for malicious ends. "Hosting phishing lures on DDP sites increases the likelihood Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Threat landscape for industrial automation systems. H2 2023

Kaspersky Securelist - 1 hodina 1 min zpět

Global statistics across all threats

In the second half of 2023, the percentage of ICS computers on which malicious objects were blocked decreased by 2.1 pp to 31.9%.

Percentage of ICS computers on which malicious objects were blocked, by half year

Selected industries

In H2 2023, building automation once again had the highest percentage of ICS computers on which malicious objects were blocked of all industries that we looked at. Oil and Gas was the only industry to see a slight (0.5 pp) increase in the second half of the year.

Percentage of ICS computers on which malicious objects were blocked in selected industries

Main threat sources

The internet, email clients and removable media remained the main sources of threats to computers connected to enterprise OT networks. In the second half of 2023, the percentage of ICS computers on which malicious objects were blocked dropped for each of the main sources.

Percentage of ICS computers on which malicious objects from various sources were blocked

Malicious object categories

Malicious objects blocked by Kaspersky products on ICS computers belonged to many categories. In H2 2023, only one category saw an increase on the first half of the year: ICS computers on which miner executable files for Windows were blocked, by 1.4 times.

Percentage of ICS computers on which the activity of various categories of malicious objects was prevented

Regions

In H2 2023, the percentage of computers on which malicious activity was prevented varied across regions from 38.2% in Africa to 14.8% in Northern Europe. The percentage increased in South Asia, Eastern Europe and Southern Europe.

Regions ranked by percentage of ICS computers on which malicious objects were blocked, H2 2023

Africa

Africa leads the region rankings

  • By percentage of ICS computers where malicious objects were blocked (all threats).
  • By percentage of ICS computers on which spyware was blocked.

    Regions ranked by percentage of ICS computers on which spyware was blocked, H2 2023

  • By percentage of ICS computers on which worms were blocked.

    Regions ranked by percentage of ICS computers on which worms were blocked, H2 2023

  • By percentage of ICS computers on which web miners were blocked.

    Regions ranked by percentage of ICS computers on which browser-based web miners were blocked, H2 2023

  • By percentage of ICS computers on which removable media threats were blocked

    Regions ranked by percentage of ICS computers on which removable media threats were blocked, H2 2023

Southern Europe
  • Leads the regions by percentage of ICS computers on which email threats (malicious email attachments and phishing links) were blocked.

    Regions ranked by percentage of ICS computers on which malicious email attachments and phishing links were blocked, H2 2023

  • Second among the regions by percentage of ICS computers on which malicious documents were blocked.
  • One of the two regions where the percentage of ICS computers on which spyware was blocked rose in the six-month period.
Eastern Europe
  • Saw the largest, among all regions, increase in the percentage of ICS computers on which malicious objects were blocked in H2 2023: 6 pp.
  • Second among the regions by percentage of ICS computers on which malicious scripts and phishing pages were blocked.
  • In the six-month period, the region saw a rise in the percentage of ICS computers on which the following were blocked:
    • Malicious scripts and phishing pages: by 2.9 pp
    • Miner executable files for Windows: by 0.9 pp
    • Worms: by 0.43 pp (the only region where this percentage rose)
    • Denylisted internet resources: by 0.4 pp (the only region where this percentage rose).
Russia
  • Second among the regions by percentage of ICS computers on which miners in the form of executable files for Windows were blocked.
Central Asia
  • Leads the regions by percentage of ICS computers on which denylisted internet resources were blocked.

    Regions ranked by percentage of ICS computers on which denylisted internet resources were blocked, H2 2023

  • Leads by percentage of ICS computers on which miners in the form of executable files for Windows were blocked.

    Regions ranked by percentage of ICS computers on which miners in the form of executable files for Windows were blocked, H2 2023

  • Second among the regions by percentage of ICS computers on which worms were blocked.
East Asia
  • Leads the regions by percentage of ICS computers on which malware for AutoCAD was blocked.
  • Second among the regions by percentage of ICS computers on which viruses were blocked.
  • Spyware ranked second in the region among all malware categories by percentage of ICS computers on which it was blocked.
South-East Asia
  • Leader among the regions by percentage of ICS computers on which viruses were blocked.

    Regions ranked by percentage of ICS computers on which viruses were blocked, H2 2023

  • Viruses ranked third in the region among all malware categories by percentage of ICS computers on which they were blocked.
South Asia
  • Leader (along with the Middle East) among the regions by percentage of ICS computers on which ransomware was blocked.

    Regions ranked by percentage of ICS computers on which ransomware was blocked, H2 2023

Middle East
  • Leads (together with South Asia) the regions by percentage of ICS computers on which ransomware was blocked.
  • Second among the regions by percentage of ICS computers on which spyware was blocked.
  • Second among the regions by percentage of ICS computers on which web miners were blocked.
Latin America
  • Leads the regions by percentage of ICS computers on which malicious scripts and phishing pages were blocked.

    Regions ranked by percentage of ICS computers on which malicious scripts and phishing pages were blocked, H2 2023

  • Leader by percentage of ICS computers on which malicious documents were blocked.

    Regions ranked by percentage of ICS computers on which malicious documents were blocked, H2 2023

  • Second among the regions by percentage of ICS computers on which malicious email attachments and phishing links were blocked.
Australia and New Zealand
  • The only region where the percentage of ICS computers on which malicious documents were blocked rose in the six-month period.

The full report is available on the Kaspersky ICS CERT website.

Suspected Russian Data-Wiping 'AcidPour' Malware Targeting Linux x86 Devices

The Hacker News - 1 hodina 52 min zpět
A new variant of a data wiping malware called AcidRain has been detected in the wild that's specifically designed for targeting Linux x86 devices. The malware, dubbed AcidPour, is compiled for Linux x86 devices, SentinelOne's Juan Andres Guerrero-Saade said in a series of posts on X. "The new variant [...] is an ELF binary compiled for x86 (not MIPS) and while it refers to similar devices/Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

New Phishing Attack Uses Clever Microsoft Office Trick to Deploy NetSupport RAT

The Hacker News - 6 hodin 23 min zpět
A new phishing campaign is targeting U.S. organizations with the intent to deploy a remote access trojan called NetSupport RAT. Israeli cybersecurity company Perception Point is tracking the activity under the moniker Operation PhantomBlu. "The PhantomBlu operation introduces a nuanced exploitation method, diverging from NetSupport RAT’s typical delivery mechanism by leveraging OLE (ObjectNewsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

E-Root Marketplace Admin Sentenced to 42 Months for Selling 350K Stolen Credentials

The Hacker News - 7 hodin 4 min zpět
A 31-year-old Moldovan national has been sentenced to 42 months in prison in the U.S. for operating an illicit marketplace called E-Root Marketplace that offered for sale hundreds of thousands of compromised credentials, the Department of Justice (DoJ) announced. Sandu Boris Diaconu was charged with conspiracy to commit access device and computer fraud and possession of 15 or more unauthorized Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

New DEEP#GOSU Malware Campaign Targets Windows Users with Advanced Tactics

The Hacker News - 18 Březen, 2024 - 18:56
A new elaborate attack campaign has been observed employing PowerShell and VBScript malware to infect Windows systems and harvest sensitive information. Cybersecurity company Securonix, which dubbed the campaign DEEP#GOSU, said it's likely associated with the North Korean state-sponsored group tracked as Kimsuky. "The malware payloads used in the DEEP#GOSU represent a Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Zorin OS 17.1: Facilitating a Seamless Transition for Windows Apps on Linux

LinuxSecurity.com - 18 Březen, 2024 - 17:46
Zorin OS 17.1 , the latest release of the Linux distribution, aims to streamline the process of running Windows applications on a Linux system. By combining the Wine compatibility layer with the Bottles application , Zorin OS offers a user-friendly solution for Linux admins, infosec professionals, and sysadmins looking to harness the benefits of Linux while still enjoying their essential Windows apps.
Kategorie: Hacking & Security

Fortra Patches Critical RCE Vulnerability in FileCatalyst Transfer Tool

The Hacker News - 18 Březen, 2024 - 13:58
Fortra has released details of a now-patched critical security flaw impacting its FileCatalyst file transfer solution that could allow unauthenticated attackers to gain remote code execution on susceptible servers. Tracked as CVE-2024-25153, the shortcoming carries a CVSS score of 9.8 out of a maximum of 10. "A directory traversal within the 'ftpservlet' of the FileCatalyst Workflow Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Hackers Using Sneaky HTML Smuggling to Deliver Malware via Fake Google Sites

The Hacker News - 18 Březen, 2024 - 13:35
Cybersecurity researchers have discovered a new malware campaign that leverages bogus Google Sites pages and HTML smuggling to distribute a commercial malware called AZORult in order to facilitate information theft. "It uses an unorthodox HTML smuggling technique where the malicious payload is embedded in a separate JSON file hosted on an external website," Netskope Threat Labs Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

WordPress Admins Urged to Remove miniOrange Plugins Due to Critical Flaw

The Hacker News - 18 Březen, 2024 - 10:46
WordPress users of miniOrange's Malware Scanner and Web Application Firewall plugins are being urged to delete them from their websites following the discovery of a critical security flaw. The flaw, tracked as CVE-2024-2172, is rated 9.8 out of a maximum of 10 on the CVSS scoring system and discovered by Stiofan. It impacts the following versions of the two plugins - Malware Scanner (Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

APT28 Hacker Group Targeting Europe, Americas, Asia in Widespread Phishing Scheme

The Hacker News - 18 Březen, 2024 - 06:59
The Russia-linked threat actor known as APT28 has been linked to multiple ongoing phishing campaigns that employ lure documents imitating government and non-governmental organizations (NGOs) in Europe, the South Caucasus, Central Asia, and North and South America. "The uncovered lures include a mixture of internal and publicly available documents, as well as possible actor-generated Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Severe X.Org Memory Safety, Code Execution Vulns Fixed

LinuxSecurity.com - 17 Březen, 2024 - 12:00
After recent heap overflow, out-of-bounds write, and privilege escalation flaws brought X.Org into the spotlight, more severe memory safety and code execution vulnerabilities have been identified in the popular X server. These issues affect the X.Org X11 server.
Kategorie: Hacking & Security

Multiple Chromium DoS, Info Disclosure Vulns Fixed

LinuxSecurity.com - 17 Březen, 2024 - 12:00
Multiple severe security issues were discovered in Chromium before version 122.0.6261.128, which could result in arbitrary code execution, denial of service, or information disclosure. Let's examine these vulnerabilities, their impact, and how to protect against them.
Kategorie: Hacking & Security

Hackers Using Cracked Software on GitHub to Spread RisePro Info Stealer

The Hacker News - 16 Březen, 2024 - 13:31
Cybersecurity researchers have found a number of GitHub repositories offering cracked software that are used to deliver an information stealer called RisePro. The campaign, codenamed gitgub, includes 17 repositories associated with 11 different accounts, according to G DATA. The repositories in question have since been taken down by the Microsoft-owned subsidiary. "The repositories look Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

GhostRace – New Data Leak Vulnerability Affects Modern CPUs

The Hacker News - 15 Březen, 2024 - 18:46
A group of researchers has discovered a new data leakage attack impacting modern CPU architectures supporting speculative execution. Dubbed GhostRace (CVE-2024-2193), it is a variation of the transient execution CPU vulnerability known as Spectre v1 (CVE-2017-5753). The approach combines speculative execution and race conditions. "All the common synchronization primitives implemented Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Third-Party ChatGPT Plugins Could Lead to Account Takeovers

The Hacker News - 15 Březen, 2024 - 12:34
Cybersecurity researchers have found that third-party plugins available for OpenAI ChatGPT could act as a new attack surface for threat actors looking to gain unauthorized access to sensitive data. According to new research published by Salt Labs, security flaws found directly in ChatGPT and within the ecosystem could allow attackers to install malicious plugins without users' consent Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

New GhostRace Attack Impacts Major CPU, Software Vendors

LinuxSecurity.com - 15 Březen, 2024 - 12:00
A new data leakage attack called GhostRace ( CVE-2024-2193 ) was recently discovered. It affects major CPU manufacturers and widely used software. This critical analysis will investigate the implications of this attack and discuss its significance for Linux admins, infosec professionals, and Internet security enthusiasts.
Kategorie: Hacking & Security

Open Source is Not Insecure, Despite Common Misconceptions

LinuxSecurity.com - 15 Březen, 2024 - 12:00
A common misconception is that open-source software is less secure than proprietary software. To help dispel this myth, we'll highlight the benefits of open-source software in terms of security and show that the trust placed in the open-source community is well-founded.
Kategorie: Hacking & Security

Google Introduces Enhanced Real-Time URL Protection for Chrome Users

The Hacker News - 15 Březen, 2024 - 08:50
Google on Thursday announced an enhanced version of Safe Browsing to provide real-time, privacy-preserving URL protection and safeguard users from visiting potentially malicious sites. “The Standard protection mode for Chrome on desktop and iOS will check sites against Google’s server-side list of known bad sites in real-time,” Google’s Jonathan Li and Jasika Bawa said. “If we Newsroomhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security
Syndikovat obsah