Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.

Kategorie

USB-C Titan Security Keys - available tomorrow in the US

Google Security Blog - 17 min 1 sek zpět
Posted by Christiaan Brand, Product Manager, Google Cloud 


Securing access to online accounts is critical for safeguarding private, financial, and other sensitive data online. Phishing - where an attacker tries to trick you into giving them your username and password - is one of the most common causes of data breaches. To protect user accounts, we’ve long made it a priority to offer users many convenient forms of 2-Step Verification (2SV), also known as two-factor authentication (2FA), in addition to Google’s automatic protections. These measures help to ensure that users are not relying solely on passwords for account security.

For users at higher risk (e.g., IT administrators, executives, politicians, activists) who need more effective protection against targeted attacks, security keys provide the strongest form of 2FA. To make this phishing-resistant security accessible to more people and businesses, we recently built this capability into Android phones, expanded the availability of Titan Security Keys to more regions (Canada, France, Japan, the UK), and extended Google’s Advanced Protection Program to the enterprise.

Starting tomorrow, you will have an additional option: Google’s new USB-C Titan Security Key, compatible with your Android, Chrome OS, macOS, and Windows devices.



USB-C Titan Security Key
We partnered with Yubico to manufacture the USB-C Titan Security Key. We have had a long-standing working and customer relationship with Yubico that began in 2012 with the collaborative effort to create the FIDO Universal 2nd Factor (U2F) standard, the first open standard to enable phishing-resistant authentication. This is the same security technology that we use at Google to protect access to internal applications and systems.

USB-C Titan Security Keys are built with a hardware secure element chip that includes firmware engineered by Google to verify the key’s integrity. This is the same secure element chip and firmware that we use in our existing USB-A/NFC and Bluetooth/NFC/USB Titan Security Key models manufactured in partnership with Feitian Technologies.

USB-C Titan Security Keys will be available tomorrow individually for $40 on the Google Store in the United States. USB-A/NFC and Bluetooth/NFC/USB Titan Security Keys will also become available individually in addition to the existing bundle. Bulk orders are available for enterprise organizations in select countries.


We highly recommend all users at a higher risk of targeted attacks to get Titan Security Keys and enroll into the Advanced Protection Program (APP), which provides Google’s industry-leading security protections to defend against evolving methods that attackers use to gain access to your accounts and data. You can also use Titan Security Keys for any site where FIDO security keys are supported for 2FA, including your personal or work Google Account, 1Password, Coinbase, Dropbox, Facebook, GitHub, Salesforce, Stripe, Twitter, and more.
Kategorie: Hacking & Security

Fake iOS Jailbreak Site Lures in Apple Users

Threatpost - 1 hodina 4 min zpět
A fake website purports to enable iPhone users to download an iOS jailbreak - but ultimately prompts them to download a gaming app and conducts click fraud.
Kategorie: Hacking & Security

Adobe Releases Out-of-Band Security Patches for 82 Flaws in Various Products

The Hacker News - 1 hodina 8 min zpět
No, it's not a patch Tuesday. It's the third Tuesday of the month, and as The Hacker News shared an early heads-up late last week on Twitter, Adobe today finally released pre-announced out-of-band security updates to patch a total of 82 security vulnerabilities across its various products. The affected products that received security patches today include: Adobe Acrobat and Reader Adobe
Kategorie: Hacking & Security

Sudo Bug Opens Root Access on Linux Systems

Threatpost - 1 hodina 13 min zpět
The bug allows users to bypass privilege restrictions to execute commands as root.
Kategorie: Hacking & Security

V energetickém průmyslu útočí hackeři stále častěji

Novinky.cz - bezpečnost - 3 hodiny 20 min zpět
Stále častěji se kybernetičtí útočníci zaměřují na počítače průmyslově řídicích systémů (ICS) v energetickém sektoru. V prvním pololetí letošního roku zachytili bezpečnostní experti z antivirové společnosti Kaspersky útoky na téměř polovinu sledovaných počítačů. Mezi nejpočetnější hrozby se řadily červy, spyware a programy nelegálně těžící kryptoměny.
Kategorie: Hacking & Security

Ethical hacking: Breaking Windows passwords

InfoSec Institute Resources - 4 hodiny 5 min zpět

Introduction to Windows passwords Windows is the most common desktop platform currently in use. As a result, it is not uncommon for hackers to encounter a Windows password that they need to crack in order to gain access to a specific account on a machine or move laterally throughout the network. In the past, Windows […]

The post Ethical hacking: Breaking Windows passwords appeared first on Infosec Resources.

Ethical hacking: Breaking Windows passwords was first posted on October 15, 2019 at 8:03 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Degree vs. certification: Entry-level penetration tester

InfoSec Institute Resources - 4 hodiny 8 min zpět

Introduction Have you ever wanted to use your cybersecurity know-how and skills to help organizations improve their information security and stamp out vulnerabilities? If so, the role of penetration tester is for you.  For those looking to obtain their first penetration tester role within an organization, do you know how to get to this role […]

The post Degree vs. certification: Entry-level penetration tester appeared first on Infosec Resources.

Degree vs. certification: Entry-level penetration tester was first posted on October 15, 2019 at 8:01 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Malware spotlight: What are worms?

InfoSec Institute Resources - 4 hodiny 9 min zpět

Introduction Worms are a particularly virulent type of malware that has been around since the 1980s and wreaking havoc on infected systems ever since. Some believe that viruses and worms are the same thing, but this could not be less true: in fact, it is the differences between the two that make worms a unique, […]

The post Malware spotlight: What are worms? appeared first on Infosec Resources.

Malware spotlight: What are worms? was first posted on October 15, 2019 at 8:00 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Windows OS Security Brief History

InfoSec Institute Resources - 4 hodiny 9 min zpět

Introduction Microsoft’s Windows operating system (OS) is possibly the most famous OS on Earth, and it is ubiquitous in the business world. But the Windows OS has also evolved since its first appearance, adding considerable security capabilities and features.  This article will show a brief history of Windows OS security development and refinement since Windows […]

The post Windows OS Security Brief History appeared first on Infosec Resources.

Windows OS Security Brief History was first posted on October 15, 2019 at 8:00 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com
Kategorie: Hacking & Security

Update now! Windows users targeted by iTunes Software Updater zero-day

Sophos Naked Security - 5 hodin 3 min zpět
The flaw is a rare ‘unquoted path class’ described as "so thoroughly documented that you would expect programmers to be well aware..." But that's not the case.

Pitney Bowes Hit with Ransomware Attack

Threatpost - 5 hodin 4 min zpět
The attack left customers unable to access key services for shipping and mailing, the company said.
Kategorie: Hacking & Security

Apple Under Fire Over Sending Some Users Browsing Data to China's Tencent

The Hacker News - 5 hodin 5 min zpět
Do you know Apple is sending iOS web browsing related data of some of its users to Chinese Internet company Tencent? I am sure many of you are not aware of this, neither was I, and believe me, none of us could expect this from a tech company that promotes itself as a champion of consumer privacy. Late last week, it was widely revealed that starting from at least iOS 12.2, Apple silently
Kategorie: Hacking & Security

A Deepfake Deep Dive into the Murky World of Digital Imitation

Threatpost - 5 hodin 9 min zpět
Deepfake technology is becoming easier to create – and that’s opening the door for a new wave of malicious threats, from revenge porn to social-media misinformation.
Kategorie: Hacking & Security

Facebook’s Libra cryptocurrency loses all but one payment company

Sophos Naked Security - 5 hodin 9 min zpět
Gone: Mastercard, Visa, PayPal, eBay, Stripe, Mercado Pago. Of six payments firms first involved in Libra, just one, PayU, remains.

Sudo Flaw Lets Linux Users Run Commands As Root Even When They're Restricted

The Hacker News - 5 hodin 15 min zpět
Attention Linux Users! A new vulnerability has been discovered in Sudo—one of the most important, powerful, and commonly used utilities that comes as a core command installed on almost every UNIX and Linux-based operating system. The vulnerability in question is a sudo security policy bypass issue that could allow a malicious user or a program to execute arbitrary commands as root on a
Kategorie: Hacking & Security

Apple says Tencent isn’t snooping on your browsing habits

Sophos Naked Security - 6 hodin 23 min zpět
Apple was quick to allay user concerns this weekend after someone spotted that it was working with Chinese company Tencent to check its users' website requests for malicious URLs.

350+ hackers hunt down missing people in first such hackathon

Sophos Naked Security - 6 hodin 27 min zpět
Organizers said 100 leads were generated every 10 minutes by contestants using OSINT - open-source intelligence such as online searches.

Firefox Blocks Inline and Eval JavaScript on Internal Pages to Prevent Injection Attacks

The Hacker News - 6 hodin 29 min zpět
In an effort to mitigate a large class of potential cross-site scripting issues in Firefox, Mozilla has blocked execution of all inline scripts and potentially dangerous eval-like functions for built-in "about: pages" that are the gateway to sensitive preferences, settings, and statics of the browser. Firefox browser has 45 such internal locally-hosted about pages, some of which are listed
Kategorie: Hacking & Security

350+ hackers hunt down missing people in first such hackathon

LinuxSecurity.com - 7 hodin 2 min zpět
More than 350 ethical hackers got together in cities across Australia on Friday for a hackathon in which they worked to cyber trace a missing face', in the first-ever capture the flag event devoted to finding missing persons. Learn more about this hackathon:
Kategorie: Hacking & Security

This is how CIOs should approach ethics and privacy

LinuxSecurity.com - 7 hodin 7 min zpět
Ethics checks and balances within an organization lower risks for everyone involved. Learn more in an interesting The Next Web article:
Kategorie: Hacking & Security
Syndikovat obsah