Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.

Kategorie

CERT-UA Warns of Cyber Scams Using Fake AnyDesk Requests for Fraudulent Security Audits

The Hacker News - 2 hodiny 1 min zpět
The Computer Emergency Response Team of Ukraine (CERT-UA) is warning of ongoing attempts by unknown threat actors to impersonate the cybersecurity agency by sending AnyDesk connection requests. The AnyDesk requests claim to be for conducting an audit to assess the "level of security," CERT-UA added, cautioning organizations to be on the lookout for such social engineering attempts that seek to Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Microsoft: Exchange 2016 and 2019 reach end of support in October

Bleeping Computer - 20 Leden, 2025 - 21:11
​Microsoft has reminded admins that Exchange 2016 and Exchange 2019 will reach the end of extended support in October and shared guidance for those who need to decommission outdated servers. [...]
Kategorie: Hacking & Security

HPE investigates breach as hacker claims to steal source code

Bleeping Computer - 20 Leden, 2025 - 20:06
Hewlett Packard Enterprise (HPE) is investigating claims of a new breach after a threat actor said they stole documents from the company's developer environments. [...]
Kategorie: Hacking & Security

Microsoft fixes Windows Server 2022 bug breaking device boot

Bleeping Computer - 20 Leden, 2025 - 18:29
Microsoft has fixed a bug that was causing some Windows Server 2022 systems with two or more NUMA nodes to fail to start up. [...]
Kategorie: Hacking & Security

Unsecured Tunneling Protocols Expose 4.2 Million Hosts, Including VPNs and Routers

The Hacker News - 20 Leden, 2025 - 16:08
New research has uncovered security vulnerabilities in multiple tunneling protocols that could allow attackers to perform a wide range of attacks. "Internet hosts that accept tunneling packets without verifying the sender's identity can be hijacked to perform anonymous attacks and provide access to their networks," Top10VPN said in a study, as part of a collaboration with KU Leuven professor Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

DoNot Team Linked to New Tanzeem Android Malware Targeting Intelligence Collection

The Hacker News - 20 Leden, 2025 - 15:53
The Threat actor known as DoNot Team has been linked to a new Android malware as part of highly targeted cyber attacks. The artifacts in question, named Tanzeem (meaning "organization" in Urdu) and Tanzeem Update, were spotted in October and December 2024 by cybersecurity company Cyfirma. The apps in question have been found to incorporate identical functions, barring minor modifications to the Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Před 35 lety řádil první ransomware. Šířil se poštou na disketách

Zive.cz - bezpečnost - 20 Leden, 2025 - 14:45
Na přelomu let 1989 a 1990 se objevil první vyděračský software. Tento ransomware se jmenoval jednoduše AIDS, protože se tvářil jako program, který poskytne informace a rady týkající se této zákeřné choroby. Odhaduje se, že zaútočil až na 26 tisíc počítačů. Tehdy svět ještě nebyl propojený ...
Kategorie: Hacking & Security

⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [20 January]

The Hacker News - 20 Leden, 2025 - 13:02
As the digital world becomes more complicated, the lines between national security and cybersecurity are starting to fade. Recent cyber sanctions and intelligence moves show a reality where malware and fake news are used as tools in global politics. Every cyberattack now seems to have deeper political consequences. Governments are facing new, unpredictable threats that can't be fought with Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Windows 11 ukazují Administrator protection. Řízení uživatelských účtů je nedostatečné

Zive.cz - bezpečnost - 20 Leden, 2025 - 12:45
**Windows 11 Insider Preview build 27774 vyšly v kanále Canary **Instalační program vyžaduje potvrzení při odstranění a formátování oddílu **Administrator protection přiděluje práva správce bezpečněji než UAC
Kategorie: Hacking & Security

Microsoft shares temp fix for Outlook crashing when writing emails

Bleeping Computer - 20 Leden, 2025 - 12:44
Microsoft has shared a temporary fix for a known issue that causes classic Outlook to crash when writing, replying to, or forwarding an email. [...]
Kategorie: Hacking & Security

Product Walkthrough: How Satori Secures Sensitive Data From Production to AI

The Hacker News - 20 Leden, 2025 - 12:10
Every week seems to bring news of another data breach, and it’s no surprise why: securing sensitive data has become harder than ever. And it’s not just because companies are dealing with orders of magnitude more data. Data flows and user roles are constantly shifting, and data is stored across multiple technologies and cloud environments. Not to mention, compliance requirements are only getting [email protected]
Kategorie: Hacking & Security

2025’s first Patch Tuesday: 159 patches, including several zero-day fixes

Computerworld.com [Hacking News] - 20 Leden, 2025 - 12:00

Microsoft began 2025 with a hefty patch release this month, addressing eight zero-days with 159 patches for Windows, Microsoft Office and Visual Studio. Both Windows and Microsoft Office have “Patch Now” recommendations (with no browser or Exchange patches) for January.

Microsoft also released a significant servicing stack update (SSU) that changes how desktop and server platforms are updated, requiring additional testing on how MSI Installer, MSIX and AppX packages are installed, updated, and uninstalled. 

To navigate these changes, the Readiness team has provided this useful infographic detailing the risks of deploying the updates.

Known issues 

Readiness worked with both Citrix and Microsoft to detail the more serious update issues affecting enterprise desktops, including:

  • Windows 10/11: Following the installation of the October 2024 security update, some customers report that theOpenSSH (Open Secure Shell) service fails to start, preventing SSH connections. The service fails without detailed logging; manual intervention is required to run the sshd.exe process. Microsoft is investigating the issue with no (as of now) published schedule for either mitigations or a resolution.

Citrix reported significant issues with its Session Recording Agent (SRA), causing the January update to fail to complete successfully. Microsoft published a security bulletin (KB5050009) that says: “Affected devices might initially download and apply the January 2025 Windows security update correctly, such as via the Windows Update page in Settings.” Once this situation occurs, however, the update process stops and proceeds to rollback to the original state.

In short, if you have the Citrix SRA installed, your device was (likely) not updated this month.

Major revisions

For this Patch Tuesday, we have the following revisions to previously released updates:

Microsoft also released CVE-2025-21224 to address two memory related security vulnerabilities in the legacy line printer daemon (LPD), a Windows feature that has been deprecated for 15 years. I can’t see things improving for these print-related functions (given the problems we’ve seen for the past decade). Maybe now is the time to start removing these legacy features from your platform.

Windows lifecycle and enforcement updates

The following Microsoft products will be retired this year:

Of course, we don’t need to mention the elephant in the room. Microsoft will end support for Windows 10 in October.

Each month, we analyze Microsoft’s updates across key product families — Windows, Office, and developer tools — to help you prioritize patching efforts. This prescriptive, actionable, guidance is based on assessing a large application portfolio and a detailed analysis of the Microsoft patches and their potential impact on the Windows platforms and apps.

For this release cycle from Microsoft, we have grouped the critical updates and required testing efforts into different functional areas including:

Remote desktop

January has a heavy focus on Remote Desktop Gateway (RD Gateway) and network protocols, with the following testing guidance:

  • RD Gateway Connections: Ensure RD Gateway (RDG) continues to facilitate both UDP and TCP traffic seamlessly without performance degradation. Try disconnecting RDG from an existing/established connection.
  • VPN, Wi-Fi, and Bluetooth Scenarios: test end-to-end configurations and nearby sharing functionality.
  • DNS Management for Operators: Verify that users in the “Network Configuration Operators” group can manage DNS client settings effortlessly.
Local Windows file system and storage

File system and storage components also get minor updates. Desktop and server file system testing efforts should focus on:

  • Offline Files and Mapped Drives: Test mapped network drives under both online and offline conditions. Pay close attention to Sync Center status updates.
  • BitLocker: Validate drive locking and unlocking, BitLocker-native boot scenarios, and post-hibernation states with BitLocker enabled.
Virtualization and Microsoft Hyper-V

Hyper-V and virtual machines receive lightweight updates:

  • Traffic Testing: Install the Hyper-V feature and restart systems. Monitor network performance and ensure no regressions in virtual network traffic or virtual machine management.
Security and authentication

Key areas for security-related testing include:

  • Digest Authentication Stress Testing: Simulate heavy loads while using Digest authentication to uncover potential issues.
  • SPNEGO Negotiations: Verify Secure Negotiation Protocol (SPNEGO) functionalities in cross-domain or multi-forest Active Directory setups.
  • Authentication Scenarios: Test applications relying on LSASS processes and ensure that protocols like Kerberos, NTLM, and certificate-based authentication remain stable under load.
Other critical updates

There are some additional testing priorities for this release:

  • App Deployment Scenarios: Install and update MSIX/Appx packages with and without packaged services, confirming admin-only requirements for updates.
  • WebSocket Connections: Establish and monitor secure WebSocket connections, ensuring proper encryption and handshake results.
  • Graphics and Themes: Test GDI+-based apps and workflows involving theme files to ensure UI elements render correctly across different view modes. Some suggestions include foreign language applications that rely on Input Method Editors (IMEs).

January’s updates maintain a medium-risk profile for most systems, but testing remains essential — especially for networking, authentication, and file system scenarios. We recommend prioritizing remote network traffic validation, with light testing for storage and virtualization environments. If you have a large MSIX/Appx package portfolio, there’s a lot of work to do to ensure that your package installs, updates and uninstalls successfully.

Each month, we break down the update cycle into product families (as defined by Microsoft) with the following basic groupings: 

  • Browsers (Microsoft IE and Edge) 
  • Microsoft Windows (both desktop and server) 
  • Microsoft Office
  • Microsoft Exchange and SQL Server 
  • Microsoft Developer Tools (Visual Studio and .NET)
  • Adobe (if you get this far) 
Browsers

There were no Microsoft browser updates for Patch Tuesday this month. Expect Chromium updates that will affect Microsoft Edge in the coming week. (You can find the enterprise release schedule for Chromium here.)

Microsoft Windows

This is a pretty large update for the Windows ecosystem, with 124 patches for both desktops and servers, covering over 50 product/feature groups. We’ve highlighted some of the major areas of interest:

  • Fax/Telephony
  • MSI/AppX/Installer and the Windows update mechanisms
  • Windows COM/DCOM/OLE
  • Networking, Remote Desktop
  • Kerberos, Digital Certificates, BitLocker, Windows Boot Manager
  • Windows graphics (GDI) and Kernel drivers

Unfortunately, Windows security vulnerabilities CVE-2025-21275 and CVE-2025-21308 both affect core application functionality and have been publicly disclosed. Add these Windows updates to your “Patch Now” release schedule.

Microsoft Office

Microsoft Office gets three critical updates, and a further 17 patches rated important. Unusually, three Microsoft Office updates affecting Microsoft Access fall into the zero-day category with CVE-2025-21366, CVE-2025-21395 and CVE-2025-21186 publicly disclosed. Add these Microsoft updates to your “Patch Now” calendar.

Microsoft Exchange and SQL Server

There were no updates from Microsoft for SQL Server or Microsoft Exchange servers this month. 

Microsoft Developer Tools (Visual Studio and .NET)

Microsoft has released seven updates rated as important affecting Microsoft .NET and Visual Studio. Given the urgent attention required for Office and Windows this month, you can add these standard, low-profile patches to your standard developer release schedule. 

Adobe and third-party updates

No Adobe related patches were released by Microsoft this month. However, two third-party, development related updates were published; they affect GitHub (CVE-2024-50338) and CERT CC patch (CVE-2024-7344). Both updates can be added to the standard developer release schedule.

Kategorie: Hacking & Security

Hackers Deploy Malicious npm Packages to Steal Solana Wallet Keys via Gmail SMTP

The Hacker News - 20 Leden, 2025 - 06:45
Cybersecurity researchers have identified three sets of malicious packages across the npm and Python Package Index (PyPI) repository that come with capabilities to steal data and even delete sensitive data from infected systems. The list of identified packages is below - @async-mutex/mutex, a typosquat of async-mute (npm) dexscreener, which masquerades as a library for accessing liquidity pool Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

TikTok is back up in the US after Trump says he will extend deadline

Bleeping Computer - 19 Leden, 2025 - 20:08
TikTok is back up in the United States after Trump announced today that he would extend a 90-day deadline for the company to find a U.S. purchaser. [...]
Kategorie: Hacking & Security

TikTok shuts down in the US as Trump throws the company a lifeline

Bleeping Computer - 19 Leden, 2025 - 17:56
TikTok shut down in the U.S. late Saturday night following the Supreme Court's decision to uphold the law that banned the company over national security concerns. [...]
Kategorie: Hacking & Security

Star Blizzard hackers abuse WhatsApp to target high-value diplomats

Bleeping Computer - 19 Leden, 2025 - 16:23
Russian nation-state actor Star Blizzard has been running a new spear-phishing campaign to compromise WhatsApp accounts of targets in government, diplomacy, defense policy, international relations, and Ukraine aid organizations. [...]
Kategorie: Hacking & Security

Microsoft v lednu opravil 161 děr. Je to dvojnásobek oproti běžným lednům

Zive.cz - bezpečnost - 19 Leden, 2025 - 10:45
**Microsoft vydal 14. ledna nové servisní aktualizace pro Windows **Do Windows 11 protentokrát nepřidává nové funkce **Opravil neobvyklých 161 děravých míst v kódu nejen Windows
Kategorie: Hacking & Security

TikTok Goes Dark in the U.S. as Federal Ban Takes Effect January 19, 2025

The Hacker News - 19 Leden, 2025 - 06:24
Popular video-sharing social network TikTok has officially gone dark in the United States, as a federal ban on the app comes into effect on January 19, 2025. "We regret that a U.S. law banning TikTok will take effect on January 19 and force us to make our services temporarily unavailable," the company said in a pop-up message. "We're working to restore our service in the U.S. as soon as possible
Kategorie: Hacking & Security

TikTok Goes Dark in the U.S. as Federal Ban Takes Effect January 19, 2025

The Hacker News - 19 Leden, 2025 - 06:24
Popular video-sharing social network TikTok has officially gone dark in the United States, as a federal ban on the app comes into effect on January 19, 2025. "We regret that a U.S. law banning TikTok will take effect on January 19 and force us to make our services temporarily unavailable," the company said in a pop-up message. "We're working to restore our service in the U.S. as soon as possibleRavie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

FTC orders GM to stop collecting and selling driver’s data

Bleeping Computer - 18 Leden, 2025 - 17:17
The Federal Trade Commission (FTC) has announced action against General Motors (GM) and its subsidiary, OnStar, for unlawful collection and sale of drivers' precise geolocation and driving behavior data without first obtaining their consent. [...]
Kategorie: Hacking & Security
Syndikovat obsah