Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.

Kategorie

Microsoft: New Windows scheduled task will launch Office apps faster

Bleeping Computer - 27 Březen, 2025 - 19:00
​In May, Microsoft plans to roll out a new Windows scheduled task that launches automatically to help Microsoft Office apps load faster. [...]
Kategorie: Hacking & Security

New Morphing Meerkat Phishing Kit Mimics 114 Brands Using Victims’ DNS Email Records

The Hacker News - 27 Březen, 2025 - 18:58
Cybersecurity researchers have shed light on a new phishing-as-a-service (PhaaS) platform that leverages the Domain Name System (DNS) mail exchange (MX) records to serve fake login pages that impersonate about 114 brands. DNS intelligence firm Infoblox is tracking the actor behind the PhaaS, the phishing kit, and the related activity under the moniker Morphing Meerkat. "The threat actor behind
Kategorie: Hacking & Security

New Morphing Meerkat Phishing Kit Mimics 114 Brands Using Victims’ DNS Email Records

The Hacker News - 27 Březen, 2025 - 18:58
Cybersecurity researchers have shed light on a new phishing-as-a-service (PhaaS) platform that leverages the Domain Name System (DNS) mail exchange (MX) records to serve fake login pages that impersonate about 114 brands. DNS intelligence firm Infoblox is tracking the actor behind the PhaaS, the phishing kit, and the related activity under the moniker Morphing Meerkat. "The threat actor behind Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

The 4 WordPress flaws hackers targeted the most in Q1 2025

Bleeping Computer - 27 Březen, 2025 - 18:29
A new report sheds light on the most targeted WordPress plugin vulnerabilities hackers used in the first quarter of 2025 to compromise sites. [...]
Kategorie: Hacking & Security

Mozilla warns Windows users of critical Firefox sandbox escape flaw

Bleeping Computer - 27 Březen, 2025 - 16:48
Mozilla has released Firefox 136.0.4 to patch a critical security vulnerability that can let attackers escape the web browser's sandbox on Windows systems. [...]
Kategorie: Hacking & Security

WhatsApp's Meta AI is now rolling out in Europe, and it can't be turned off

Bleeping Computer - 27 Březen, 2025 - 16:31
You can't escape Meta AI in WhatsApp even if you are based in one of the 41 European countries, with the feature now rolling out to more devices. [...]
Kategorie: Hacking & Security

Hackers Repurpose RansomHub's EDRKillShifter in Medusa, BianLian, and Play Attacks

The Hacker News - 27 Březen, 2025 - 16:10
A new analysis has uncovered connections between affiliates of RansomHub and other ransomware groups like Medusa, BianLian, and Play. The connection stems from the use of a custom tool that's designed to disable endpoint detection and response (EDR) software on compromised hosts, according to ESET. The EDR killing tool, dubbed EDRKillShifter, was first documented as used by RansomHub actors in
Kategorie: Hacking & Security

Hackers Repurpose RansomHub's EDRKillShifter in Medusa, BianLian, and Play Attacks

The Hacker News - 27 Březen, 2025 - 16:10
A new analysis has uncovered connections between affiliates of RansomHub and other ransomware groups like Medusa, BianLian, and Play. The connection stems from the use of a custom tool that's designed to disable endpoint detection and response (EDR) software on compromised hosts, according to ESET. The EDR killing tool, dubbed EDRKillShifter, was first documented as used by RansomHub actors in Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Recent Windows Server 2025 updates cause Remote Desktop freezes

Bleeping Computer - 27 Březen, 2025 - 15:59
​Microsoft says a known issue is causing Remote Desktop freezes on Windows Server 2025 systems after installing security updates released since the February 2025 Patch Tuesday. [...]
Kategorie: Hacking & Security

Vivaldi integrates Proton VPN into the browser to fight web tracking

Bleeping Computer - 27 Březen, 2025 - 15:39
Vivaldi has announced the integration of Proton VPN directly into its browser without requiring add-on downloads or plugin activations, allowing users to protect their data against 'Big Tech' surveillance for free. [...]
Kategorie: Hacking & Security

Qualcomm launches global antitrust offensive against Arm, accusing it of stifling competition

Computerworld.com [Hacking News] - 27 Březen, 2025 - 15:37

Qualcomm has launched a global antitrust offensive against Arm Holdings, accusing its longtime partner of anti-competitive practices in regulatory complaints filed across three continents. This escalating legal battle marks a significant shift in the relationship between two of the most influential players in the semiconductor industry.

The unprecedented legal offensive spans three continents, with Qualcomm filing complaints with the European Commission, US Federal Trade Commission, and Korea Fair Trade Commission, reported Bloomberg.

The dispute threatens to upend the global technology supply chain, potentially impacting billions of devices — from smartphones and laptops to AI-driven systems and data center infrastructure. At stake is the future of semiconductor intellectual property licensing, with potential ripple effects including increased costs for manufacturers and consumers, as well as heightened uncertainty across an industry that relies heavily on Arm’s processor designs.

A shifting semiconductor landscape

The dispute centers on Arm’s shift from an open licensing model — under which chipmakers like Qualcomm could develop custom processors based on Arm’s designs — to a more restrictive approach favoring its own chip products. Qualcomm argues that this move threatens competition in the semiconductor industry, which has relied on Arm’s technology for over two decades.

The chipmaker argues that Arm is undermining the competitive ecosystem it previously cultivated by pursuing its own chipmaking ambitions.

Arm has received the EU complaint and preparing to respond, the report added.

The report also said that Qualcomm met with US Federal Trade Commission officials in Washington earlier this year to discuss its concerns. The company has accused Arm of withholding critical technology that should be provided under existing license agreements.

Additionally, Qualcomm has raised similar concerns with South Korea’s antitrust regulator, the report added citing people familiar with the development.

The dispute emerges against the backdrop of Arm’s recent strategic pivot, including its controversial decision to design and sell server chips directly to Meta — a move that has already disrupted traditional industry dynamics.

As Arm continues to push forward with its strategic vision — including its direct chip design efforts — the stakes have never been higher in this high-stakes technological chess match.

“Arm remains focused on enhancing innovation, promoting competition, and respecting contractual rights and obligations. Any allegation of anti-competitive conduct is nothing more than a desperate attempt by Qualcomm to detract from the merits and expand the parties’ ongoing commercial dispute for its own competitive benefit. Arm is confident that it will ultimately prevail in this dispute,” an Arm spokesperson said.

Qualcomm did not comment on the development.

Market dynamics and technological shifts

At the heart of the conflict lies Arm’s instruction set architecture — the fundamental code enabling software communication with processors. Qualcomm’s challenge extends beyond immediate commercial interests, potentially questioning the very mechanisms of technological licensing and intellectual property management in the semiconductor sector.

The complaints come as regulators worldwide scrutinize the evolving dynamics of the semiconductor market. Arm, which is majority-owned by Japan’s SoftBank, licenses its processor architecture to a vast ecosystem of chipmakers, including Apple and MediaTek.

However, under CEO Rene Haas, the company has moved toward offering more complete chip designs, competing directly with some of its own customers. That move signaled a dramatic shift from Arm’s traditional role as a neutral technology licensing company to a direct competitor in the semiconductor market.

This strategic repositioning has fundamentally altered the company’s relationship with long-standing partners like Qualcomm, Nvidia, and Apple.

However, both companies are maneuvering to capitalize on the expanding computing market, particularly in AI and high-performance computing. The smartphone chip market — previously a primary revenue source — has become increasingly saturated, pushing companies to seek new growth opportunities.

Arm’s response to the allegations has been robust and devoid of any wrongdoing. The company stated it remains “focused on enhancing innovation, promoting competition, and respecting contractual rights and obligations,” characterizing Qualcomm’s complaints as “a desperate attempt to detract from the merits” of their ongoing commercial dispute, the report added.

Potential industry ramifications

The ongoing legal and regulatory battles between Qualcomm and Arm highlight broader tensions in the semiconductor industry, particularly as companies position themselves to capitalize on growing demand for computing chips beyond smartphones. AI, data centers, and enterprise computing are emerging as key battlegrounds, with chipmakers vying for market dominance.

Both companies have a history of regulatory challenges. Qualcomm, which previously faced scrutiny over its own licensing practices, has largely prevailed in antitrust cases, including a high-profile appeal against the FTC. Meanwhile, Arm is under pressure to sustain growth following its failed acquisition by Nvidia in 2022 and its subsequent public listing.

With court-ordered mediation talks scheduled and multiple regulatory investigations underway, the technology industry will be watching closely. The outcome could significantly reshape the semiconductor landscape, influencing how chip design companies interact with their customers and compete in an increasingly complex market.

Kategorie: Hacking & Security

APT36 Spoofs India Post Website to Infect Windows and Android Users with Malware

The Hacker News - 27 Březen, 2025 - 14:31
An advanced persistent threat (APT) group with ties to Pakistan has been attributed to the creation of a fake website masquerading as India's public sector postal system as part of a campaign designed to infect both Windows and Android users in the country. Cybersecurity company CYFIRMA has attributed the campaign with medium confidence to a threat actor called APT36, which is also known as
Kategorie: Hacking & Security

APT36 Spoofs India Post Website to Infect Windows and Android Users with Malware

The Hacker News - 27 Březen, 2025 - 14:31
An advanced persistent threat (APT) group with ties to Pakistan has been attributed to the creation of a fake website masquerading as India's public sector postal system as part of a campaign designed to infect both Windows and Android users in the country. Cybersecurity company CYFIRMA has attributed the campaign with medium confidence to a threat actor called APT36, which is also known as Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Dozens of solar inverter flaws could be exploited to attack power grids

Bleeping Computer - 27 Březen, 2025 - 14:00
Dozens of vulnerabilities in products from three leading makers of solar inverters, Sungrow, Growatt, and SMA, could be exploited to control devices or execute code remotely on the vendor's cloud platform. [...]
Kategorie: Hacking & Security

New Report Explains Why CASB Solutions Fail to Address Shadow SaaS and How to Fix It

The Hacker News - 27 Březen, 2025 - 13:25
Whether it’s CRMs, project management tools, payment processors, or lead management tools - your workforce is using SaaS applications by the pound. Organizations often rely on traditional CASB solutions for protecting against malicious access and data exfiltration, but these fall short for protecting against shadow SaaS, data damage, and more. A new report, Understanding SaaS Security Risks: Why
Kategorie: Hacking & Security

New Report Explains Why CASB Solutions Fail to Address Shadow SaaS and How to Fix It

The Hacker News - 27 Březen, 2025 - 13:25
Whether it’s CRMs, project management tools, payment processors, or lead management tools - your workforce is using SaaS applications by the pound. Organizations often rely on traditional CASB solutions for protecting against malicious access and data exfiltration, but these fall short for protecting against shadow SaaS, data damage, and more. A new report, Understanding SaaS Security Risks: [email protected]
Kategorie: Hacking & Security

Top 3 MS Office Exploits Hackers Use in 2025 – Stay Alert!

The Hacker News - 27 Březen, 2025 - 12:00
Hackers have long used Word and Excel documents as delivery vehicles for malware, and in 2025, these tricks are far from outdated. From phishing schemes to zero-click exploits, malicious Office files are still one of the easiest ways into a victim’s system. Here are the top three Microsoft Office-based exploits still making the rounds this year and what you need to know to avoid them. 1.
Kategorie: Hacking & Security

Top 3 MS Office Exploits Hackers Use in 2025 – Stay Alert!

The Hacker News - 27 Březen, 2025 - 12:00
Hackers have long used Word and Excel documents as delivery vehicles for malware, and in 2025, these tricks are far from outdated. From phishing schemes to zero-click exploits, malicious Office files are still one of the easiest ways into a victim’s system. Here are the top three Microsoft Office-based exploits still making the rounds this year and what you need to know to avoid them. 1. [email protected]
Kategorie: Hacking & Security

150,000 Sites Compromised by JavaScript Injection Promoting Chinese Gambling Platforms

The Hacker News - 27 Březen, 2025 - 10:13
An ongoing campaign that infiltrates legitimate websites with malicious JavaScript injects to promote Chinese-language gambling platforms has ballooned to compromise approximately 150,000 sites to date. "The threat actor has slightly revamped their interface but is still relying on an iframe injection to display a full-screen overlay in the visitor's browser," c/side security analyst Himanshu
Kategorie: Hacking & Security

150,000 Sites Compromised by JavaScript Injection Promoting Chinese Gambling Platforms

The Hacker News - 27 Březen, 2025 - 10:13
An ongoing campaign that infiltrates legitimate websites with malicious JavaScript injects to promote Chinese-language gambling platforms has ballooned to compromise approximately 150,000 sites to date. "The threat actor has slightly revamped their interface but is still relying on an iframe injection to display a full-screen overlay in the visitor's browser," c/side security analyst Himanshu Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security
Syndikovat obsah