je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.


FIN7 Lures Unwitting Security Pros to Carry Out Ransomware Attacks

Threatpost - 22 Říjen, 2021 - 21:59
The infamous Carbanak operator is looking to juice its ransomware game by recruiting IT staff to its fake Bastion Secure "pen-testing" company.
Kategorie: Hacking & Security

Prohlížeče a soukromí. Tady nejde o špionáž, ale především o reklamu - bezpečnost - 22 Říjen, 2021 - 20:45
Moderní prohlížeče se snaží stále více vaše soukromí do nějaké míry chránit a znesnadňovat skriptům sledování vašeho počínání. Nechtějí dát skriptům nabízejícím reklamu vaše data na stříbrném podnose. Úplnou anonymitu ale nebudete mít nikdy.
Kategorie: Hacking & Security

REvil Servers Shoved Offline by Governments – But They’ll Be Back, Researchers Say

Threatpost - 22 Říjen, 2021 - 19:01
A multi-country effort has given ransomware gang REvil a taste of its own medicine by pwning its backups and pushing its leak site and Tor payment site offline.
Kategorie: Hacking & Security

'Lone Wolf' Hacker Group Targeting Afghanistan and India with Commodity RATs

The Hacker News - 22 Říjen, 2021 - 17:01
A new malware campaign targeting Afghanistan and India is exploiting a now-patched, 20-year-old flaw affecting Microsoft Office to deploy an array of commodity remote access trojans (RATs) that allow the adversary to gain complete control over the compromised endpoints. Cisco Talos attributed the cyber campaign to a "lone wolf" threat actor operating a Lahore-based fake IT company called Bunse
Kategorie: Hacking & Security

Cisco SD-WAN Security Bug Allows Root Code Execution

Threatpost - 22 Říjen, 2021 - 16:48
The high-severity bug, tracked as CVE-2021-1529, is an OS command-injection flaw.
Kategorie: Hacking & Security

REvil ransomware gang allegedly forced offline by law enforcement counterattacks

Sophos Naked Security - 22 Říjen, 2021 - 16:03
One down. Lots more to go. Here's what to do...

Hackers Set Up Fake Company to Get IT Experts to Launch Ransomware Attacks

The Hacker News - 22 Říjen, 2021 - 15:46
The financially motivated FIN7 cybercrime gang has masqueraded as yet another fictitious cybersecurity company called "Bastion Secure" to recruit unwitting software engineers under the guise of penetration testing in a likely lead-up to a ransomware scheme. "With FIN7's latest fake company, the criminal group leveraged true, publicly available information from various legitimate cybersecurity
Kategorie: Hacking & Security

Researchers Discover Microsoft-Signed FiveSys Rootkit in the Wild

The Hacker News - 22 Říjen, 2021 - 14:41
A newly identified rootkit has been found with a valid digital signature issued by Microsoft that's used to proxy traffic to internet addresses of interest to the attackers for over a year targeting online gamers in China. Bucharest-headquartered cybersecurity technology company Bitdefender named the malware "FiveSys," calling out its possible credential theft and in-game-purchase hijacking
Kategorie: Hacking & Security

Threat Actors Abuse Discord to Push Malware

Threatpost - 22 Říjen, 2021 - 13:44
The platform’s Content Delivery Network and core features are being used to send malicious files—including RATs--across its network of 150 million users, putting corporate workplaces at risk.
Kategorie: Hacking & Security

Jak se šíří nejobávanější virus? Kyberzločinci změnili v Česku taktiku - bezpečnost - 22 Říjen, 2021 - 13:23
Statistikám nejrozšířenějších virových hrozeb pro počítače s operačním systémem Windows v Česku stále kraluje Spy.Agent.AES, který je známý také jako Agent Tesla. Bezpečnostní experti antivirové společnosti Eset nicméně varovali, že kyberzločinci v minulém měsíci změnili taktiku svých útoků – více se zaměřili na tuzemské uživatele.
Kategorie: Hacking & Security

These stealthy hackers avoid Windows but target Linux as they look to steal phone data> - 22 Říjen, 2021 - 13:00
The stealthy LightBasin hacking group (also known as UNC1945) is infiltrating telecommunications companies around the world in a campaign that researchers have linked to intelligence gathering and cyber espionage. LightBasin's primary focus is on Linux and Solaris servers that are critical for running telecommunications infrastructure '' and are likely to have less security measures in place than Windows systems.
Kategorie: Hacking & Security

Two Eastern Europeans Sentenced for Providing Bulletproof Hosting to Cyber Criminals

The Hacker News - 22 Říjen, 2021 - 08:34
Two Eastern European nationals have been sentenced in the U.S. for offering "bulletproof hosting" services to cybercriminals, who used the technical infrastructure to distribute malware and attack financial institutions across the country between 2009 to 2015. Pavel Stassi, 30, of Estonia, and Aleksandr Shorodumov, 33, of Lithuania, have been each sentenced to 24 months and 48 months in prison,
Kategorie: Hacking & Security

Bug in Popular WinRAR Software Could Let Attackers Hack Your Computer

The Hacker News - 22 Říjen, 2021 - 08:33
A new security weakness has been disclosed in the WinRAR trialware file archiver utility for Windows that could be abused by a remote attacker to execute arbitrary code on targeted systems, underscoring how vulnerabilities in such software could beсome a gateway for a roster of attacks. Tracked as CVE-2021-35052, the bug impacts the trial version of the software running version 5.70. "This
Kategorie: Hacking & Security

U.S. Ban on Sales of Cyberattack Tools Is Anemic, Experts Warn

Threatpost - 21 Říjen, 2021 - 21:41
Meanwhile, Zerodium's quest to buy VPN exploits is problematic, researchers said.
Kategorie: Hacking & Security

TA551 Shifts Tactics to Install Sliver Red-Teaming Tool

Threatpost - 21 Říjen, 2021 - 21:31
A new email campaign from the threat group uses the attack-simulation framework in a likely leadup to ransomware deployment.
Kategorie: Hacking & Security

S3 Ep55: Live malware, global encryption, dating scams, and secret emanations [Podcasts]

Sophos Naked Security - 21 Říjen, 2021 - 20:13
Latest episode - listen now! (And sign up for our forthcoming Live Malware Demo at the same time.)

Before and After a Pen Test: Steps to Get Through It

The Hacker News - 21 Říjen, 2021 - 19:52
An effective cybersecurity strategy can be challenging to implement correctly and often involves many layers of security. Part of a robust security strategy involves performing what is known as a penetration test (pen test). The penetration test helps to discover vulnerabilities and weaknesses in your security defenses before the bad guys discover these. They can also help validate remedial
Kategorie: Hacking & Security

Gigabyte Allegedly Hit by AvosLocker Ransomware

Threatpost - 21 Říjen, 2021 - 19:33
If AvosLocker stole Gigabyte's master keys, threat actors could force hardware to download fake drivers or BIOS updates in a supply-chain attack a la SolarWinds.
Kategorie: Hacking & Security

Why is Cybersecurity Failing Against Ransomware?

Threatpost - 21 Říjen, 2021 - 15:16
Hardly a week goes by without another major company falling victim to a ransomware attack. Nate Warfield, CTO at Prevailion, discusses the immense challenges in changing that status quo.
Kategorie: Hacking & Security
Syndikovat obsah