Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.

Kategorie

Einstein Healthcare Network Announces August Breach

Threatpost - 17 min 28 sek zpět
Einstein is in violation of the the HHS 60-day breach notification rule, but unlikely to face penalty.
Kategorie: Hacking & Security

SQL Server Malware Tied to Iranian Software Firm, Researchers Allege

Threatpost - 35 min zpět
Researchers have traced the origins of a campaign - infecting SQL servers to mine cryptocurrency - back to an Iranian software firm.
Kategorie: Hacking & Security

Google Forms Set Baseline For Widespread BEC Attacks

Threatpost - 5 hodin 15 min zpět
Researchers warn that attackers are collecting reconnaissance for future business email compromise attacks using Google Forms.
Kategorie: Hacking & Security

MrbMiner Crypto-Mining Malware Links to Iranian Software Company

The Hacker News - 5 hodin 19 min zpět
A relatively new crypto-mining malware that surfaced last year and infected thousands of Microsoft SQL Server (MSSQL) databases has now been linked to a small software development company based in Iran. The attribution was made possible due to an operational security oversight, said researchers from cybersecurity firm Sophos, that led to the company's name inadvertently making its way into the
Kategorie: Hacking & Security

Here's How SolarWinds Hackers Stayed Undetected for Long Enough

The Hacker News - 6 hodin 11 min zpět
Microsoft on Wednesday shared more specifics about the tactics, techniques, and procedures (TTPs) adopted by the attackers behind the SolarWinds hack to stay under the radar and avoid detection, as cybersecurity companies work towards getting a "clearer picture" of one of the most sophisticated attacks in recent history. Calling the threat actor "skillful and methodic operators who follow
Kategorie: Hacking & Security

Hackers Accidentally Expose Passwords Stolen From Businesses On the Internet

The Hacker News - 6 hodin 12 min zpět
A new large-scale phishing campaign targeting global organizations has been found to bypass Microsoft Office 365 Advanced Threat Protection (ATP) and steal credentials belonging to over a thousand corporate employees. The cyber offensive is said to have originated in August last year, with the attacks aimed specifically at energy and construction companies, said researchers from Check Point
Kategorie: Hacking & Security

Google Searches Expose Stolen Corporate Credentials

Threatpost - 6 hodin 17 min zpět
A phishing campaign spoofs Xerox notifications to lure victims into clicking on malicious HTML attachments.
Kategorie: Hacking & Security

Importance of Application Security and Customer Data Protection to a Startup

The Hacker News - 9 hodin 8 min zpět
When you are a startup, there are umpteen things that demand your attention. You must give your hundred percent (probably even more!) to work effectively and efficiently with the limited resources. Understandably, the application security importance may be pushed at the bottom of your things-to-do list. One other reason to ignore web application protectioncould be your belief that only large
Kategorie: Hacking & Security

Critical Cisco SD-WAN Bugs Allow RCE Attacks

Threatpost - 20 Leden, 2021 - 22:47
Cisco is stoppering critical holes in its SD-WAN solutions and its smart software manager satellite.
Kategorie: Hacking & Security

NVIDIA Gamers Face DoS, Data Loss from Shield TV Bugs

Threatpost - 20 Leden, 2021 - 21:45
The company also issued patches for Tesla-based GPUs as part of an updated, separate security advisory.
Kategorie: Hacking & Security

Has the coronavirus pandemic affected Apple’s hardware design?

Sophos Naked Security - 20 Leden, 2021 - 20:58
The more things change... the more they stay the same!

Malwarebytes Hit by SolarWinds Attackers

Threatpost - 20 Leden, 2021 - 18:36
The attack vector was not the Orion platform but rather an email-protection application for Microsoft 365.
Kategorie: Hacking & Security

Google Details Patched Bugs in Signal, FB Messenger, JioChat Apps

The Hacker News - 20 Leden, 2021 - 17:58
In January 2019, a critical flaw was reported in Apple's FaceTime group chats feature that made it possible for users to initiate a FaceTime video call and eavesdrop on targets by adding their own number as a third person in a group chat even before the person on the other end accepted the incoming call. The vulnerability was deemed so severe that the iPhone maker removed the FaceTime group
Kategorie: Hacking & Security

Investment Scammers Prey on Dating App Users, Interpol Warns

Threatpost - 20 Leden, 2021 - 17:42
Users of dating apps - like Tinder, Match and Bumble - should be on the lookout for investment-fraud scammers.
Kategorie: Hacking & Security

Google Research Pinpoints Security Soft Spot in Multiple Chat Platforms

Threatpost - 20 Leden, 2021 - 16:21
Mystery of spying using popular chat apps uncovered by Google Project Zero researcher.
Kategorie: Hacking & Security

SolarWinds Hackers Also Breached Malwarebytes Cybersecurity Firm

The Hacker News - 20 Leden, 2021 - 12:27
Malwarebytes on Tuesday said it was breached by the same group who broke into SolarWinds to access some of its internal emails, making it the fourth major cybersecurity vendor to be targeted after FireEye, Microsoft, and CrowdStrike. The company said its intrusion was not the result of a SolarWinds compromise, but rather due to a separate initial access vector that works by "abusing applications
Kategorie: Hacking & Security

New Year, new password protections in Chrome

Google Security Blog - 19 Leden, 2021 - 22:31
Posted by Ali Sarraf, Product Manager, Chrome

Passwords help protect our online information, which is why it’s never been more important to keep them safe. But when we’re juggling dozens (if not hundreds!) of passwords across various websites—from shopping, to entertainment to personal finance—it feels like there’s always a new account to set up or manage. While it’s definitely a best practice to have a strong, unique password for each account, it can be really difficult to remember them all—that’s why we have a password manager in Chrome to back you up.

As you browse the web, on your phone, computer or tablet, Chrome can create, store and fill in your passwords with a single click. We'll warn you if your passwords have been compromised after logging in to sites, and you can always check for yourself in Chrome Settings. As we kick off the New Year, we’re excited to announce new updates that will give you even greater control over your passwords:

Easily fix weak passwords

We’ve all had moments where we’ve rushed to set up a new login, choosing a simple “name-of-your-pet” password to get set up quickly. However, weak passwords expose you to security risks and should be avoided. In Chrome 88, you can now complete a simple check to identify any weak passwords and take action easily.

To check your passwords, click on the key icon under your profile image, or type chrome://settings/passwords in your address bar.

Edit your passwords in one place

Chrome can already prompt you to update your saved passwords when you log in to websites. However, you may want to update multiple usernames and passwords easily, in one convenient place. That’s why starting in Chrome 88, you can manage all of your passwords even faster and easier in Chrome Settings on desktop and iOS (Chrome’s Android app will be getting this feature soon, too).

Building on the 2020 improvements

These new updates come on top of many improvements from last year which have all contributed to your online safety and make browsing the web even easier:

  • Password breaches remain a critical concern online. So we’re proud to share that Chrome’s Safety Check is used 14 million times every week! As a result of Safety Check and other improvements launched in 2020, we’ve seen a 37% reduction in compromised credentials stored in Chrome.
  • Starting last September, iOS users were able to autofilll their saved passwords in other apps and browsers. Today, Chrome is streamlining 3 million sign-ins across iOS apps every week! We also made password filling more secure for Chrome on iOS users by adding biometric authentication (coming soon to Chrome on Android).
  • We’re always looking for ways to improve the user experience, so we made the password manager easier to use on Android with features like Touch-to-fill.

The new features with Chrome 88 will be rolled out over the coming weeks, so take advantage of the new updates to keep your passwords secure. Stay tuned for more great password features throughout 2021.

Kategorie: Hacking & Security

DNSpooq Flaws Allow DNS Hijacking of Millions of Devices

Threatpost - 19 Leden, 2021 - 22:25
Seven flaws in open-source software Dnsmasq could allow DNS cache poisoning attacks and remote code execution.
Kategorie: Hacking & Security

Rob Joyce to Take Over as NSA Cybersecurity Director

Threatpost - 19 Leden, 2021 - 21:20
Joyce will replace Anne Neuberger, who is now deputy national security advisor for the incoming Biden administration.
Kategorie: Hacking & Security
Syndikovat obsah