Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.

Kategorie

Vyděračské viry nepřestávají strašit. Útoků je stále více

Novinky.cz - bezpečnost - 4 hodiny 11 min zpět
Vyděračské viry, které jsou často označovány souhrnným názvem ransomware, byly v loňském roce jednou z nejrozšířenějších hrozeb. Podle zprávy bezpečnostní společnosti Emsisoft je dokonce výskyt těchto nezvaných návštěvníků na vzestupu, jak upozornil server TechPowerUp.
Kategorie: Hacking & Security

Na Facebooku prozradila číslo mobilu. Pak postupně přicházela o peníze

Novinky.cz - bezpečnost - 7 hodin 27 min zpět
Vykutálení podvodníci neustále vymýšlejí nové triky, jak připravit důvěřivce o peníze. Stačí k tomu, abyste prozradili číslo svého mobilu na Facebooku, načež vás kyberzločinci řadou důmyslných fint připraví o peníze. Jeden takový případ Novinky.cz zmapovaly.
Kategorie: Hacking & Security

FC Barcelona Suffers Likely Credential-Stuffing Attack on Twitter

Threatpost - 18 Únor, 2020 - 23:18
OurMine took over the Spanish powerhouse soccer team's Twitter account.
Kategorie: Hacking & Security

Ring Mandates 2FA After Rash of Hacks

Threatpost - 18 Únor, 2020 - 21:09
Ring outlined new security and data privacy measures, Tuesday, following backlash of the connected doorbell in the past year.
Kategorie: Hacking & Security

Iran-Backed APTs Collaborate on 3-Year ‘Fox Kitten’ Global Spy Campaign

Threatpost - 18 Únor, 2020 - 20:48
APT34/OilRig and APT33/Elfin have established a highly developed and persistent infrastructure that could be converted to distribute destructive wiper malware.
Kategorie: Hacking & Security

Titan Security Keys - now available in Austria, Canada, France, Germany, Italy, Japan, Spain, Switzerland, and the UK

Google Security Blog - 18 Únor, 2020 - 19:30
Posted by Christiaan Brand, Product Manager, Google Cloud 

Security keys provide the strongest protection against phishing attacks. That’s why they are an important feature of the Advanced Protection Program that provides Google’s strongest account protections for users that consider themselves at a higher risk of targeted, sophisticated attacks on their personal or work Google Accounts.

Last year, we made the Titan Security Key bundle with USB-A/NFC and Bluetooth/USB/NFC keys available in Canada, France, Japan, the UK, and the US. Starting today, USB-C Titan Security Keys are available in those countries, and the bundle and USB-C Titan Security Keys are now available on the Google Store in Austria, Germany, Italy, Spain, and Switzerland.

Titan Security Keys are now available in 10 countries
Security keys use public-key cryptography to verify your identity and URL of the login page so that an attacker can’t access your account even if they have your username or password. Unlike other two-factor authentication (2FA) methods that try to verify your sign-in, security keys support FIDO standards that provide the strongest protection against automated bots, bulk phishing attacks, and targeted phishing attacks.

We highly recommend users at a higher risk of targeted attacks (e.g., political campaign teams, activists, journalists, IT administrators, executives) to get Titan Security Keys and enroll into the Advanced Protection Program (APP). If you’re working in a federal political campaigns team in the US, you can now request free Titan Security Keys via Defending Digital Campaigns and get help enrolling into the APP. Bulk orders are also available for enterprise organizations in select countries.

You can also use Titan Security Keys for any site where FIDO security keys are supported for 2FA, including your personal or work Google Account, 1Password, Bitbucket, Bitfinex, Coinbase, Dropbox, Facebook, GitHub, Salesforce, Stripe, Twitter, and more.
Kategorie: Hacking & Security

Active Exploits Hit Vulnerable WordPress ThemeGrill Plugin

Threatpost - 18 Únor, 2020 - 18:27
Websites using a vulnerable version of the WordPress plugin, ThemeGrill Demo Importer, are being targeted by attackers.
Kategorie: Hacking & Security

How to use Microsoft Passport in Windows 10

InfoSec Institute Resources - 18 Únor, 2020 - 17:11

Introduction Passwords, the long-relied-upon information security measure that helps secure billions of user accounts daily, have become a little long in the tooth. When you consider advances in attack techniques and information security technology, the days of the password are numbered. This raises the question of what to do about user privacy on Windows 10 […]

The post How to use Microsoft Passport in Windows 10 appeared first on Infosec Resources.

How to use Microsoft Passport in Windows 10 was first posted on February 18, 2020 at 10:11 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Cynet Offers Free Threat Assessment for Mid-sized and Large Organizations

The Hacker News - 18 Únor, 2020 - 17:11
Visibility into an environment attack surface is the fundamental cornerstone to sound security decision making. However, the standard process of 3rd party threat assessment as practiced today is both time consuming and expensive. Cynet changes the rules of the game with a free threat assessment offering (click here to learn more) based on more than 72 hours of data collection, enabling
Kategorie: Hacking & Security

Driver Security in Windows 10

InfoSec Institute Resources - 18 Únor, 2020 - 16:55

Introduction Drivers are an essential group of files that allow a hardware component(s) to communicate with the computer’s operating system (OS). If an attacker successfully exploits a kernel-based driver, the user might as well sign away the OS to the attacker.  This article details driver security in Windows 10, including fundamentals of driver signature enforcement, […]

The post Driver Security in Windows 10 appeared first on Infosec Resources.

Driver Security in Windows 10 was first posted on February 18, 2020 at 9:55 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Iranian Hackers Exploiting VPN Flaws to Backdoor Organizations Worldwide

The Hacker News - 18 Únor, 2020 - 16:13
A new report published by cybersecurity researchers has unveiled evidence of Iranian state-sponsored hackers targeting dozens of companies and organizations in Israel and around the world over the past three years. Dubbed "Fox Kitten," the cyber-espionage campaign is said to have been directed at companies from the IT, telecommunication, oil and gas, aviation, government, and security sectors
Kategorie: Hacking & Security

Ring now requires two-factor sign-ins for its home security devices>

LinuxSecurity.com - 18 Únor, 2020 - 15:32
Ring is continuing its bid to improve privacy and security after facing criticism. As of today, the Amazon brand will start requiring two-factor authentication for all users when they sign into their Ring accounts.
Kategorie: Hacking & Security

Millions Of Windows And Linux Systems Are Vulnerable To This ‘Hidden’ Cyber Attack>

LinuxSecurity.com - 18 Únor, 2020 - 15:27
What if I told you that there is an exploitable security risk hiding in plain sight that could result in the compromise of your Linux or Windows machine? What if I told you that the attack vector has been exploited since 2015 and that both vendors and attackers are well aware of it?
Kategorie: Hacking & Security

Web server security: Web server hardening

InfoSec Institute Resources - 18 Únor, 2020 - 15:01

Introduction A web server is not just any other device that you employ in your network environment. Unlike other devices sitting behind layers of defenses and firewalls, web servers sit at the rim of your network and are designed to share information about your organization with the outside world, regardless of who they are.  Therefore, […]

The post Web server security: Web server hardening appeared first on Infosec Resources.

Web server security: Web server hardening was first posted on February 18, 2020 at 8:01 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

What is NoSQL injection?

InfoSec Institute Resources - 18 Únor, 2020 - 15:00

Introduction to injection Injection attacks are considered some of the most dangerous types of vulnerabilities in existence. According to the OWASP Top Ten List of web application vulnerabilities, injection is the most common and dangerous type. On the 2019 CWE Top 25 Most Dangerous Software Errors list, poor input sanitization (which enables injection attacks) took […]

The post What is NoSQL injection? appeared first on Infosec Resources.

What is NoSQL injection? was first posted on February 18, 2020 at 8:00 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Malware and HTTPS – a growing love affair

Sophos Naked Security - 18 Únor, 2020 - 14:32
HTTPS web encryption - blessing or curse? A new SophosLabs report looks at how much the crooks love TLS.

Hacker Scheme Threatens AdSense Customers with Account Suspension

Threatpost - 18 Únor, 2020 - 14:26
Scam threatens to flood sites using Google’s banner-ad program with bot and junk traffic if owners don’t pay $5K in bitcoin.
Kategorie: Hacking & Security

Council returns to using pen and paper after cyberattack

Sophos Naked Security - 18 Únor, 2020 - 12:44
Ten days after a suspected ransomware attack, residents of the English borough of Redcar and Cleveland must be starting to wonder when their Council’s IT systems will return.

AI filter launched to block Twitter cyberflashing

Sophos Naked Security - 18 Únor, 2020 - 12:35
A small but determined group of Twitter users think it is a good idea to direct message (DM) pictures of male genitals to complete strangers.

IOTA shuts down network temporarily to fight wallet hacker

Sophos Naked Security - 18 Únor, 2020 - 12:12
Popular cryptocurrency IOTA has temporarily shut down its entire network after a hacker stole funds from ten of its highest-value users.
Syndikovat obsah