Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.

Kategorie

5 Steps For Securing Your Remote Work Space

Threatpost - 10 Září, 2021 - 16:35
With so many people still working from home, cybercriminals are trying to cash in. Cyberattacks have increased 300% and the risk of losing important data or being compromised is much greater at home. Here are five recommendations for securing your home office.
Kategorie: Hacking & Security

SPDX becomes internationally recognized standard>

LinuxSecurity.com - 10 Září, 2021 - 14:32
In use for a decade as the de facto standard for communicating software bills of materials, The Linux Foundation has announced that the Software Package Data Exchange (SPDX) specification has been published as ISO/IEC 5962:2021 and recognized as the open standard for security, license compliance and other software supply chain artifacts.
Kategorie: Hacking & Security

Moving Forward After CentOS 8 EOL

The Hacker News - 10 Září, 2021 - 13:14
The Linux community was caught unprepared when, in December 2020, as part of a change in the way Red Hat supports and develops CentOS, Red Hat suddenly announced that it's cutting the official CentOS 8 support window from ten years – to just two, with support ending Dec 31, 2021. It created a peculiar situation where CentOS 7 users that did the right thing and upgraded quickly to CentOS 8 were
Kategorie: Hacking & Security

Windows obsahují nově objevenou chybu, zranitelných je 90 % počítačů

Novinky.cz - bezpečnost - 10 Září, 2021 - 12:55
Operační systém Windows obsahuje nově objevenou bezpečnostní chybu, která umožňuje vzdálené ovládnutí počítače. V Česku se může týkat až 90 procent všech uživatelů PC. Problém je v zabezpečení modulu, který se používá k zobrazení webové stránky v dokumentech Word nebo Excel.
Kategorie: Hacking & Security

Stolen Credentials Led to Data Theft at United Nations

Threatpost - 10 Září, 2021 - 12:46
Threat actors accessed the organization’s proprietary project management software, Umoja, in April, accessing the network and stealing info that can be used in further attacks.
Kategorie: Hacking & Security

SOVA: New Android Banking Trojan Emerges With Growing Capabilities

The Hacker News - 10 Září, 2021 - 12:24
A mix of banking applications, cryptocurrency wallets, and shopping apps from the U.S. and Spain are the target of a newly discovered Android trojan that could enable attackers to siphon personally identifiable information from infected devices, including banking credentials and open the door for on-device fraud. Dubbed S.O.V.A. (referring to the Russian word for owl), the current version of the
Kategorie: Hacking & Security

Útočili ruští hackeři? Německá prokuratura vyšetřuje útoky na poslance

Novinky.cz - bezpečnost - 10 Září, 2021 - 10:02
Generální prokuratura v Německu ve čtvrtek uvedla, že začala vyšetřovat kybernetické útoky proti německým politikům, které úřady připisují hackerské skupině Ghostwriter napojené na Rusko. Učinila tak na základě informací dodaných tajnými službami, informovala agentura DPA s odvoláním na sdělení státního zastupitelství v Karlsruhe. Moskva nařčení odmítá.
Kategorie: Hacking & Security

Thousands of Fortinet VPN Account Credentials Leaked

Threatpost - 10 Září, 2021 - 00:49
They were posted for free by former Babuk gang members who’ve bickered, squabbled and huffed off to start their own darn ransomware businesses, dagnabbit.
Kategorie: Hacking & Security

McDonald’s Email Blast Includes Password to Monopoly Game Database

Threatpost - 9 Září, 2021 - 22:38
Usernames, passwords for database sent in prize redemption emails.
Kategorie: Hacking & Security

Yandex odvrátil největší DDoS útok v dějinách internetu

Novinky.cz - bezpečnost - 9 Září, 2021 - 20:37
Počítačové systémy ruské internetové společnosti Yandex se v srpnu pokusili napadnout hackeři a firma tvrdí, že se jí podařilo odvrátit „největší kybernetický útok v dějinách internetu“. Šlo o útok typu DDoS, informovala agentura Reuters.
Kategorie: Hacking & Security

Financial Cybercrime: Why Cryptocurrency is the Perfect ‘Getaway Car’

Threatpost - 9 Září, 2021 - 19:51
John Hammond, security researcher with Huntress, discusses how financially motivated cybercrooks use and abuse cryptocurrency.
Kategorie: Hacking & Security

Introducing Android’s Private Compute Services

Google Security Blog - 9 Září, 2021 - 19:00
Posted by Suzanne Frey, VP, Product, Android & Play Security and Privacy

We introduced Android’s Private Compute Core in Android 12 Beta. Today, we're excited to announce a new suite of services that provide a privacy-preserving bridge between Private Compute Core and the cloud.

Recap: What is Private Compute Core?

Android’s Private Compute Core is an open source, secure environment that is isolated from the rest of the operating system and apps. With each new Android release we’ll add more privacy-preserving features to the Private Compute Core. Today, these include:

  • Live Caption, which adds captions to any media using Google’s on-device speech recognition
  • Now Playing, which recognizes music playing nearby and displays the song title and artist name on your device’s lock screen
  • Smart Reply, which suggests relevant responses based on the conversation you’re having in messaging apps

For these features to be private, they must:

  1. Keep the information on your device private. Android ensures that the sensitive data processed in the Private Compute Core is not shared to any apps without you taking an action. For instance, until you tap a Smart Reply, the OS keeps your reply hidden from both your keyboard and the app you’re typing into.
  2. Let your device use the cloud (to download new song catalogs or speech-recognition models) without compromising your privacy. This is where Private Compute Services comes in.

Introducing Android’s Private Compute Services

Machine learning features often improve by updating models, and Private Compute Services helps features get these updates over a private path. Android prevents any feature inside the Private Compute Core from having direct access to the network. Instead, features communicate over a small set of purposeful open-source APIs to Private Compute Services, which strips out identifying information and uses a set of privacy technologies, including Federated Learning, Federated Analytics, and Private information retrieval.

We will publicly publish the source code for Private Compute Services, so it can be audited by security researchers and other teams outside of Google. This means it can go through the same rigorous security programs that ensure the safety of the Android platform.

We’re enthusiastic about the potential for machine learning to power more helpful features inside Android, and Android’s Private Compute Core will help users benefit from these features while strengthening privacy protections via the new Private Compute Services. Android is the first open source mobile OS to include this kind of externally verifiable privacy; Private Compute Services helps the Android OS continue to innovate in machine learning, while also maintaining the highest standards of privacy and security.

Kategorie: Hacking & Security

‘Azurescape’ Kubernetes Attack Allows Cross-Container Cloud Compromise

Threatpost - 9 Září, 2021 - 18:39
A chain of exploits could allow a malicious Azure user to infiltrate other customers' cloud instances within Microsoft's container-as-a-service offering.
Kategorie: Hacking & Security

SideWalk Backdoor Linked to China-Linked Spy Group ‘Grayfly’

Threatpost - 9 Září, 2021 - 16:30
Grayfly campaigns have launched the novel malware against businesses in Taiwan, Vietnam, the US and Mexico and are targeting Exchange and MySQL servers. 
Kategorie: Hacking & Security

Zoho ManageEngine Password Manager Zero-Day Gets a Fix, Amid Attacks

Threatpost - 9 Září, 2021 - 14:58
An authentication bypass vulnerability in the ManageEngine ADSelfService Plus platform leading to remote code execution offers up the keys to the corporate kingdom.
Kategorie: Hacking & Security

3 years, 17 alphas, 2 betas, and over 7,500 commits later, OpenSSL version 3 is here>

LinuxSecurity.com - 9 Září, 2021 - 14:27
The OpenSSL team has released version 3.0 of its secure communications library after a lengthy gestation period. What have we learned during that time? Quite a bit, it appears.
Kategorie: Hacking & Security

BladeHawk Attackers Target Kurds with Android Apps

Threatpost - 9 Září, 2021 - 13:26
Pro-Kurd Facebook profiles deliver '888 RAT' and 'SpyNote' trojans, masked as legitimate apps, to perform mobile espionage.
Kategorie: Hacking & Security

Threat landscape for industrial automation systems in H1 2021

Kaspersky Securelist - 9 Září, 2021 - 12:00

The H1 2021 ICS threat report at a glance Percentage of ICS computers attacked
  1. During the first half of 2021 (H1 2021), the percentage of attacked ICS computers was 8%, which was 0.4 percentage points (p.p.) higher than that for H2 2020.

    Percentage of ICS computers on which malicious objects were blocked (download)

    Numbers per country varied from 58.4% in Algeria to 6.8% in Israel.

    Top 15 countries and territories with the largest percentages of ICS computers on which malicious objects were blocked in H1 2021 (download)

    Top 10 countries and territories with the lowest percentages of ICS computers on which malicious objects were blocked in H1 2021 (download)

    When we look at regional numbers, Africa led with 46.1%, followed by Southeast Asia at 44.1%, East Asia at 43.1% and Central Asia at 42.1%.

    Percentage of ICS computers on which malicious objects were blocked, by region (download)

  2. The largest increases in the percentage of attacked ICS computers during H1 2021 were as follows:
    • Over 10 p.p. in Belarus (50.4%) and Ukraine (33.1%);
    • 4 p.p. in the Czech Republic (20.2%) and Slovakia (24.3%);
    • 5 p.p. in Hong Kong (20.8%);
    • 6 p.p. in Australia (23%) and Cameroon (45.2%).

    The internet was the main source of threats causing these increases.

  3. The percentage of ICS computers on which threats were blocked decreased in all monitored industries. This was especially noticeable in the oil and gas (36.5%) and building automation (40.3%) sectors (-7.5 p.p. and -6.3 p.p., respectively).

Percentage of ICS computers on which malicious objects were blocked in selected industries (download)

Major threat sources

The internet, removable media and email continue to be the main sources of threats to computers in ICS environments.

Percentage of ICS computers on which malicious objects from various sources were blocked (download)

  1. Threats from the internet were blocked on 18.2% of ICS computers
  2. (+1.5 p.p.).

    In H1 2021, the largest increases in this indicator were observed in Belarus (+12.2 p.p.), Ukraine (+8 p.p.) and Russia (+6.7 p.p.)

    Russia led the regional rankings with 27.6%.

    Percentage of ICS computers on which malicious objects from the internet were blocked, by region (download)

    Belarus leads in the country rankings with 32.8%.

    Top 15 countries and territories with the highest percentages of ICS computers on which internet threats were blocked in H1 2021 (download)

  3. Threats arriving via removable media were blocked on 5.2% of ICS computers (-0.2 p.p.), which continued a downward trend that began in H2 2019.
    Africa leads noticeably in the regional rankings with 15.6%. In H1 2021, the percentage of ICS computers on which threats were blocked when removable media were connected decreased in Asian regions.

    Regions ranked by percentage of ICS comuters on which malware was blocked when removable media was connected in H1 2021 (download)

    Algeria leads among individual countries with 24%.

    Fifteen countries and territories with the largest percentage of ICS computers on which malware was blocked when removable media was connected in H1 2021 (download)

  4. Malicious email attachments were blocked on 3.4% of ICS computers (-0.6 p.p.).
    Southern Europe ranked the highest with 6.4%. The only region where the percentage increased was Australia and New Zealand (+1.3 p.p.).

    Regions ranked by percentage of ICS computers on which malicious email attachments were blocked in H1 2021 (download)

    Bangladesh led among individual countries with 8.8%.

    Top 15 countries with the highest percentages of ICS computers on which malicious email attachments were blocked in H1 2021 (download)

    The variety of malware detected

    In H1 2021, Kaspersky security solutions blocked more than 20.1 thousand malware variants from 5,150 families in ICS environments.

  5. Denylisted internet resources were the main threat source and were blocked on 14% of ICS computers.
    Threat actors use malicious scripts on various media resources and sites hosting pirated content. These scripts redirect users to websites that spread spyware and/or cryptocurrency miners. The percentage of computers where this type of threats was blocked has grown since 2020.
  6. Malicious scripts and redirects (JS and HTML) were blocked on 8.8% of ICS computers (+0.7 p.p.).
    Australia and New Zealand (+3.8 p.p.), as well as Russia (+4.4 p.p.) saw a noticeable growth in the percentage of computers where malicious scripts used for downloading spyware were blocked.
  7. Spyware (backdoors, trojan spies and keyloggers) were blocked on 7.4% of ICS computers (+0.4 p.p.).
    This figure was highest in East Asia (14.3%), Africa (13.4%) and Southeast Asia (11.2%).
  8. Ransomware was blocked on 0.40% of ICS computers (-0.1 p.p.)
    This figure was highest in East Asia with 0.82%.

    In the Middle East, we saw an increase in the percentage of computers on which worms (+0.4 p.p.) and ransomware (+0.3 p.p.) were blocked.

    Percentage of ICS computers on which malicious objects from various categories were blocked (download)

    1. The full report is available on the Kaspersky ICS CERT website.

Russian Ransomware Group REvil Back Online After 2-Month Hiatus

The Hacker News - 9 Září, 2021 - 11:57
The operators behind the REvil ransomware-as-a-service (RaaS) staged a surprise return after a two-month hiatus following the widely publicized attack on technology services provider Kaseya on July 4. <!--adsense--> Two of the dark web portals, including the gang's Happy Blog data leak site and its payment/negotiation site, have resurfaced online, with the most recent victim added on July 8,
Kategorie: Hacking & Security
Syndikovat obsah