Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.

Kategorie

Hackers Creating Fraudulent Crypto Tokens as Part of 'Rug Pull' Scams

The Hacker News - 1 hodina 6 min zpět
Misconfigurations in smart contracts are being exploited by scammers to create malicious cryptocurrency tokens with the goal of stealing funds from unsuspecting users. The instances of token fraud in the wild include hiding 99% fee functions and concealing backdoor routines, researchers from Check Point said in a report shared with The Hacker News. Smart contracts are programs stored on the
Kategorie: Hacking & Security

Linux Servers at Risk of RCE Due to Critical CWP Bugs

Threatpost - 8 hodin 6 min zpět
The two flaws in Control Web Panel – a popular web hosting management software used by 200K+ servers – allow code execution as root on Linux servers.
Kategorie: Hacking & Security

MoleRats APT Launches Spy Campaign on Bankers, Politicians, Journalists

Threatpost - 24 Leden, 2022 - 22:54
State-sponsored cyberattackers are using Google Drive, Dropbox and other legitimate services to drop spyware on Middle-Eastern targets and exfiltrate data.
Kategorie: Hacking & Security

Surge in Malicious QR Codes Sparks FBI Alert

Threatpost - 24 Leden, 2022 - 22:13
QR codes have become a go-to staple for contactless transactions of all sorts during the pandemic, and the FBI is warning cybercriminals are capitalizing on their lax security to steal data and money, and drop malware.
Kategorie: Hacking & Security

Dark Souls 3 Servers Shut Down Due to Critical RCE Bug

Threatpost - 24 Leden, 2022 - 21:26
The bug can allow attackers to remotely execute code on gamers’ computers. The devs temporarily deactivated PvP servers across multiple affected versions.
Kategorie: Hacking & Security

Tajemná sovětská frekvence UWB-76 začala vysílat Gangnam Style, trolící postavičky a maskota Anonymous

Zive.cz - bezpečnost - 24 Leden, 2022 - 17:45
Každý radioamatér a fanoušek SDR zná signál UVB-76. Má přezdívku „The Buzzer“ a (nejméně) posledních čtyřicet let pípá na krátkých vlnách 4,625 MHz, které se díky odrazům od ionosféry šíří na ohromné vzdálenosti. Pípání čas od času přeruší hlasová zpráva v ruštině, protože se jedná o rádiový ...
Kategorie: Hacking & Security

ZTNAs Address Requirements VPNs Cannot. Here's Why.

The Hacker News - 24 Leden, 2022 - 15:52
I recently hopped on the Lookout podcast to talk about virtual private networks (VPNs) and how they've been extended beyond their original use case of connecting remote laptops to your corporate network. Even in this new world where people are using personal devices and cloud apps, VPN continues to be the go-to solution for remote access and cloud access. After my conversation with Hank Schless,
Kategorie: Hacking & Security

Alleged carder gang mastermind and three acolytes under arrest in Russia

Sophos Naked Security - 24 Leden, 2022 - 15:14
The motto of the gang was "In Fraud We Trust", and they went by a dizzying range of online nicknames.

Měsíce pečlivě sledují, pak udeří. BlueNoroff drancuje účty startupů

Novinky.cz - bezpečnost - 24 Leden, 2022 - 14:27
Jak probíhá sofistikovaný hackerský útok? Není výjimkou, že na něm pracují počítačoví piráti i několik měsíců, kdy pečlivě sledují svou oběť. Teprve až potom udeří. Uvedli to bezpečnostní experti z antivirové společnosti Kaspersky, kteří detailně zmapovali aktéra pokročilých perzistentních hrozeb (APT) BlueNoroff.
Kategorie: Hacking & Security

Unusual ‘Donald Trump’ Packer Malware Delivers RATs, Infostealers

Threatpost - 24 Leden, 2022 - 11:00
The ‘DTPacker’ downloader used fake Liverpool Football Club sites as lures for several weeks, a report finds.
Kategorie: Hacking & Security

Emotet Now Using Unconventional IP Address Formats to Evade Detection

The Hacker News - 24 Leden, 2022 - 08:10
Social engineering campaigns involving the deployment of the Emotet malware botnet have been observed using "unconventional" IP address formats for the first time in a bid to sidestep detection by security solutions. This involves the use of hexadecimal and octal representations of the IP address that, when processed by the underlying operating systems, get automatically converted "to the dotted
Kategorie: Hacking & Security

High-Severity Rust Programming Bug Could Lead to File, Directory Deletion

The Hacker News - 24 Leden, 2022 - 07:53
The maintainers of the Rust programming language have released a security update for a high-severity vulnerability that could be abused by a malicious party to purge files and directories from a vulnerable system in an unauthorized manner. "An attacker could use this security issue to trick a privileged program into deleting files and directories the attacker couldn't otherwise access or delete,
Kategorie: Hacking & Security

Chinese Hackers Spotted Using New UEFI Firmware Implant in Targeted Attacks

The Hacker News - 24 Leden, 2022 - 07:26
A previously undocumented firmware implant deployed to maintain stealthy persistence as part of a targeted espionage campaign has been linked to the Chinese-speaking Winnti advanced persistent threat group (APT41). Kaspersky, which codenamed the rootkit MoonBounce, characterized the malware as the "most advanced UEFI firmware implant discovered in the wild to date," adding "the purpose of the
Kategorie: Hacking & Security

New BHUNT Password Stealer Malware Targeting Cryptocurrency Wallets

The Hacker News - 24 Leden, 2022 - 07:26
A new evasive crypto wallet stealer named BHUNT has been spotted in the wild with the goal of financial gain, adding to a list of digital currency stealing malware such as CryptBot, Redline Stealer, and WeSteal. "BHUNT is a modular stealer written in .NET, capable of exfiltrating wallet (Exodus, Electrum, Atomic, Jaxx, Ethereum, Bitcoin, Litecoin wallets) contents, passwords stored in the
Kategorie: Hacking & Security

Více než polovina nemocničních zařízení připojených k internetu má zranitelnost, která může ohrozit zdraví či životy pacientů

Zive.cz - bezpečnost - 23 Leden, 2022 - 14:45
Podle zprávy společnosti Cynerio, která se zabývá kybernetickou bezpečností ve zdravotnictví, má více než polovina zařízení připojených k internetu používaných v nemocnicích nějakou zranitelnost, která může ohrozit zdraví i životy pacientů, důvěrné údaje nebo použitelnost. Zpráva analyzovala ...
Kategorie: Hacking & Security

Utopili jste telefon? Ještě není vše ztraceno. Poradíme, jak jej zachránit

Zive.cz - bezpečnost - 23 Leden, 2022 - 12:45
** Voděodolnost dnes ještě stále není samozřejmost u všech telefonů ** Polití či utopení tak může telefon nenávratně zničit ** Poradíme, co v takových případech dělat a jak jej zachránit
Kategorie: Hacking & Security

Hackers Attempt to Exploit New SolarWinds Serv-U Bug in Log4Shell Attacks

The Hacker News - 23 Leden, 2022 - 07:42
Microsoft on Wednesday disclosed details of a new security vulnerability in SolarWinds Serv-U software that it said was being weaponized by threat actors to propagate attacks leveraging the Log4j flaws to compromise targets. Tracked as CVE-2021-35247 (CVSS score: 5.3), the issue is an "input validation vulnerability that could allow attackers to build a query given some input and send that query
Kategorie: Hacking & Security

Kybernetická kriminalita je v Česku na vzestupu, varovala policie

Novinky.cz - bezpečnost - 23 Leden, 2022 - 01:05
V Česku loni oproti roku 2020 přibylo trestných činů páchaných v kyberprostoru o 1445 na 9518 skutků. Objasněna byla čtvrtina z nich. V tiskové zprávě k vývoji registrované kriminality za loňský rok to uvedl mluvčí policejního prezidia Ondřej Moravčík.
Kategorie: Hacking & Security

Experts Find Strategic Similarities b/w NotPetya and WhisperGate Attacks on Ukraine

The Hacker News - 22 Leden, 2022 - 15:47
Latest analysis into the wiper malware that targeted dozens of Ukrainian agencies earlier this month has revealed "strategic similarities" to NotPetya malware that was unleashed against the country's infrastructure and elsewhere in 2017. The malware, dubbed WhisperGate, was discovered by Microsoft last week, which said it observed the destructive cyber campaign targeting government, non-profit,
Kategorie: Hacking & Security

Molerats Hackers Hiding New Espionage Attacks Behind Public Cloud Infrastructure

The Hacker News - 22 Leden, 2022 - 15:21
An active espionage campaign has been attributed to the threat actor known as Molerats that abuses legitimate cloud services like Google Drive and Dropbox to host malware payloads and for command-and-control and the exfiltration of data from targets across the Middle East. The cyber offensive is believed to have been underway since at least July 2021, according to cloud-based information
Kategorie: Hacking & Security
Syndikovat obsah