Kategorie

A team of cybersecurity researchers today disclosed details of two new potentially serious CPU vulnerabilities that could allow attackers to retrieve cryptographic keys protected inside TPM chips manufactured by STMicroelectronics or firmware-based Intel TPMs. Trusted Platform Module (TPM) is a specialized hardware or firmware-based security solution that has been designed to store and protect

Před koncem roku jsou počítačoví podvodníci nejaktivnější. Těží ze zájmu lidí o vánoční dárky a lákají je na výhodné ceny i exkluzivní nabídky. Místo ušetřených peněz ale lidé často spláčou nad výdělkem. Poradíme, jak podvodníkům nenaletět.

It appears that Facebook at the center of yet another issue involving privacy. Reportedly, multiple iPhone users have come forward on social media complaining that the Facebook app secretly activates their smartphone's camera in the background while they scroll through their Facebook feeds or looking at the photos on the social network. As shown in the Twitter videos below, when users click

Jihomoravští policisté od začátku roku dosud zablokovali asi 200 internetových domén včetně e-shopů, které podle nich byly zneužívané k páchání trestné činnosti. Loni za celý rok jich bylo zablokovaných asi 90. Uvedl to mluvčí policie Pavel Šváb. Policie před vánočními svátky opětovně varuje před podvody na internetu.

Rogue employees -- not just external threat groups -- pose a formidable threat to incident response teams.

Microsoft tackles 74 bugs as part of its November Patch Tuesday security bulletin.

IIoT-generated data – calibrations, measurements and other parameters – still need to be stored, managed and shared securely.

The issue is in an Intel chip used for remote management.

The platform is a favorite target for the Magecart collective of card-skimming threat groups.

Adobe’s monthly patch load is low for November, with only three critical bugs and eight important ones fixed.

Introduction Higher education is a popular target for phishing scams. However, the industry’s vulnerability is often overlooked by both cybersecurity specialists and university administrators alike. And the threat is serious: The education sector ranked #3 for the highest number of data breaches, according to the Symantec Internet Security Threat Report for 2015 Higher education data […]

The post Phishing in academic environments appeared first on Infosec Resources.

Phishing in academic environments was first posted on November 12, 2019 at 8:02 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

Introduction The progression of information security has been heavily focused on the internet as the primary source of threats. What may be overlooked is the specter that was around during the early days of computing that has always been and remains with us — the threat posed by removable media. While information security measures and […]

The post MITRE ATT&CK: Replication through removable media appeared first on Infosec Resources.

MITRE ATT&CK: Replication through removable media was first posted on November 12, 2019 at 8:01 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

Introduction It is almost impossible to leave a conversation with a cybersecurity professional, take an introductory networking class, or break into ethical hacking without hearing about Wireshark. Wireshark is arguably the most popular tool and likely the gold standard when it comes to network protocol capture and analysis.  From the moment the software runs, Wireshark […]

The post Network traffic analysis for IR: Alternatives to Wireshark appeared first on Infosec Resources.

Network traffic analysis for IR: Alternatives to Wireshark was first posted on November 12, 2019 at 8:00 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

Apple may care about your privacy but that doesn't mean it gets it right all the time, especially when it comes to training its Siri AI assistant.

The update fixes 11 mainly high-severity security flaws in Windows and GeForce graphics card drivers, including three in the program used to update them.

The move takes a broader stand to protect user data and support the requirements of CCPA nationwide.

Kyberbezpečnostní společnost Check Point zveřejnila svůj pravidelný žebříček nejrozšířenějších hrozeb, se kterými se mohou setkat majitelé nejen klasických počítačů, ale také chytrých telefonů a tabletů. Uživatele v uplynulém měsíci potrápily těžařské či reklamní viry.

The SIM-swap victim knew he was in trouble when he got a 3:30 a.m. message about his phone service being cut off.

With more than 440,000 customers, SmarterASP.NET is said to be one of the most popular ASP.NET hosting providers.

Na internetu číhá celá hromada hrozeb. Pokud pomineme nejrůznější viry a škodlivé kódy, velké riziko představují především on-line predátoři – nejohroženější skupinou jsou v tomto ohledu děti a mladiství, kteří ještě nedokážou všechna rizika rozpoznat.