Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.

Kategorie

Zařízení určené k ochraně Země před asteroidy se již nachází ve fázi montáže

Zive.cz - bezpečnost - 13 Září, 2018 - 16:00
V okolí Země se vyskytuje více než 18 000 asteroidů, jejichž oběžná dráha je čas od času zavede do blízkosti naší planety. Jejich průměr kolísá od několika metrů až po desítky kilometrů a některé z nich se v budoucnosti se Zemí dokonce mohou srazit. Z tohoto důvodu NASA a další kosmické agentury ...
Kategorie: Hacking & Security

Veeam leaves MongoDB database wide open, exposes 445m records

Sophos Naked Security - 13 Září, 2018 - 15:55
The data-management firm's customer database held names, email addresses, some IP addresses and more: a wealth of ammo for phishers.

Russian Hacker Pleads Guilty to Operating Kelihos Botnet

The Hacker News - 13 Září, 2018 - 15:47
The Russian man who was accused of operating the infamous Kelihos botnet has finally pleaded guilty in a U.S. federal court. Peter Yuryevich Levashov, 38, of St. Petersburg, Russia, pleaded guilty on Wednesday in U.S. federal court in Connecticut to computer crime, wire fraud, conspiracy and identity theft charges. Levashov, also known by many online aliases including Peter Severa, Petr
Kategorie: Hacking & Security

Street gang members indicted for stealing POS terminals

Sophos Naked Security - 13 Září, 2018 - 15:41
...and using the credit card terminals to allegedly issue themselves fraudulent returns and to steal taxpayer IDs and bank info.

How To Check If Your Twitter Account Has Been Hacked

The Hacker News - 13 Září, 2018 - 15:15
Did you ever wonder if your Twitter account has been hacked and who had managed to gain access and when it happened? Twitter now lets you know this. After Google and Facebook, Twitter now lets you see all the devices—laptop, phone, tablet, and otherwise—logged into your Twitter account. Twitter has recently rolled out a new security feature for its users, dubbed Apps and Sessions, allowing
Kategorie: Hacking & Security

Experts Bemoan Shortcomings with IoT Security Bill

Threatpost - 13 Září, 2018 - 15:14
The infosec community say California's IoT security bill is "nice," but doesn't hit on the important issues.
Kategorie: Hacking & Security

New Cold Boot Attack Unlocks Disk Encryption On Nearly All Modern PCs

The Hacker News - 13 Září, 2018 - 14:28
Security researchers have revealed a new attack to steal passwords, encryption keys and other sensitive information stored on most modern computers, even those with full disk encryption. The attack is a new variation of a traditional Cold Boot Attack, which is around since 2008 and lets attackers steal information that briefly remains in the memory (RAM) after the computer is shut down.
Kategorie: Hacking & Security

California bill regulates IoT for first time in US

LinuxSecurity.com - 13 Září, 2018 - 12:00
LinuxSecurity.com: California looks set to regulate IoT devices, becoming the first US state to do so and beating the Federal Government to the post.
Kategorie: Hacking & Security

Edinburgh Uni Hit by Major Cyber-Attack

LinuxSecurity.com - 13 Září, 2018 - 11:55
LinuxSecurity.com: The website of Edinburgh University was still down at the time of writing after the institution suffered a major cyber-attack during its Freshers' Week.
Kategorie: Hacking & Security

California bill regulates IoT for first time in US

Sophos Naked Security - 13 Září, 2018 - 11:53
California looks set to regulate IoT devices, becoming the first US state to do so and beating the Federal Government to the post.

BEC scam artist ordered to pay back $2.5 million, lands hefty prison sentence

LinuxSecurity.com - 13 Září, 2018 - 11:52
LinuxSecurity.com: A Nigerian resident has been ordered to pay back $2.5 million in damages and serve five years in prison for running business email compromise (BEC) scams which sought to defraud victims out of $25 million.
Kategorie: Hacking & Security

Update now! Microsoft’s September 2018 Patch Tuesday is here

Sophos Naked Security - 13 Září, 2018 - 11:47
September’s Patch Tuesday is upon Windows users - 61 CVEs, 17 flaws rated as critical, a zero-day and a flaw affecting Adobe Flash Player.

PowerShell Obfuscation Ups the Ante on Antivirus

Threatpost - 12 Září, 2018 - 22:07
The development fits a trend that sees threat actors turning to well-known, commodity malware, overcoming its easy detection with ever-better obfuscation methods.
Kategorie: Hacking & Security

Apple Yet to Patch Safari Browser Address Bar Spoofing Flaw

Threatpost - 12 Září, 2018 - 18:17
A flaw in Safari - that allows an attacker to spoof websites and trick victims into handing over their credentials - has yet to be patched.
Kategorie: Hacking & Security

Osiris Banking Trojan Displays Modern Malware Innovation

Threatpost - 12 Září, 2018 - 18:12
Osiris’ fundamental makeup positions it in the fore of malware trends, despite being based on old source code that’s been knocking around for years.
Kategorie: Hacking & Security

Tesla Model S Hack Could Let Thieves Clone Key Fobs to Steal Cars

The Hacker News - 12 Září, 2018 - 15:48
Despite having proper security measures in place to protect the driving systems of its cars against cyber attacks, a team of security researchers discovered a way to remotely hack a Tesla Model S luxury sedans in less than two seconds. Yes, you heard that right. A team of researchers from the Computer Security and Industrial Cryptography (COSIC) group of the Department of Electrical
Kategorie: Hacking & Security

Positive Technologies researcher finds vulnerability enabling disclosure of Intel ME encryption keys

Positive Research Center - 12 Září, 2018 - 15:14
Image credit: UnsplashIntel has issued a patch in response to a serious vulnerability in Intel ME firmware discovered by Positive Technologies expert Dmitry Sklyarov. The vulnerability involved security mechanisms in the MFS file system, which Intel ME uses to store data. By exploiting this flaw, attackers could manipulate the state of MFS and extract important secrets.

Intel ME (short for "Management Engine") stores data with the help of MFS (which likely stands for "ME File System"). MFS security mechanisms make heavy use of cryptographic keys. Keys differ in purpose (confidentiality vs. integrity) and degree of data sensitivity (Intel vs. non-Intel). The most sensitive data is protected by Intel Keys, with Non-Intel Keys used for everything else. So in total, four keys are used: Intel Integrity Key, Non-Intel Integrity Key, Intel Confidentiality Key, and Non-Intel Confidentiality Key.

In 2017, Positive Technologies experts Mark Ermolov and Maxim Goryachy uncovered a vulnerability that could be exploited to obtain all four keys, thus completely compromising MFS security mechanisms.

Intel later issued an update addressing this vulnerability. By increasing the Security Version Number (SVN), Intel updated all keys to make MFS security work as intended. It should now have been impossible to obtain the MFS keys for updated ME firmware versions (those with the new SVN value).

But in 2018, Positive Technologies expert Dmitry Sklyarov discovered vulnerability CVE-2018-3655, described in advisory Intel-SA-00125. He found that Non-Intel Keys are derived from two values: the SVN and the immutable non-Intel root secret, which is unique to each platform. By using an earlier vulnerability to enable the JTAG debugger, it was possible to obtain the latter value. Knowing the immutable root secret enables calculating the values of both Non-Intel Keys even in the newer firmware version.

Attackers could calculate the Non-Intel Integrity Key and Non-Intel Confidentiality Key for firmware that has the updated SVN value, and therefore compromise the MFS security mechanisms that rely on these keys.

The Non-Intel Integrity Key enforces the integrity of all MFS directories. Knowledge of this key could be abused to add files, delete files, and change their protection attributes. This key also underlies anti-replay tables, which are intended to prevent substitution of the contents of some files with previous versions. Anti-replay mechanisms could be easily bypassed as a result. The Non-Intel Confidentiality Key secures certain files and is used to encrypt the AMT password, for example.

By sequentially exploiting the vulnerabilities discovered by Positive Technologies in 2017 and 2018, an attacker could take advantage of ME to obtain vital secrets. Although the need for physical access makes exploitation more difficult, the scope of the threat remains breathtaking.

Positive Technologies experts have found a number of vulnerabilities in Intel ME. Mark Ermolov and Maxim Goryachy gave a talk at Black Hat Europe regarding a vulnerability they discovered. At the same conference, Dmitry Sklyarov delved into the workings of the ME file system.

In addition, Positive Technologies experts devised a method for disabling Intel ME by using an undocumented mode and showed how to enable JTAG debugging.

Microsoft purges 3,000 tech support scams hiding on TechNet

Sophos Naked Security - 12 Září, 2018 - 15:03
Microsoft has taken down thousands of ads for tech support scams that infested the company’s TechNet support domain.

Beware: WhatsApp scammers target children with ‘Olivia’ porn message

Sophos Naked Security - 12 Září, 2018 - 14:10
"I can send a picture where all of us are together," says "Olivia," before sending a porn URL. Tell kids not to click!

Younger Facebook users 4 times more likely to delete app, study shows

Sophos Naked Security - 12 Září, 2018 - 14:04
They also appear to be more privacy-wary, with 64% changing their settings, comparing to just a third of older users.
Syndikovat obsah