Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.

Kategorie

These 28+ Android Apps with 10 Million Downloads from the Play Store Contain Malware

The Hacker News - 27 Červenec, 2022 - 15:37
As many as 30 malicious Android apps with cumulative downloads of nearly 10 million have been found on the Google Play Store distributing adware. "All of them were built into various programs, including image-editing software, virtual keyboards, system tools and utilities, calling apps, wallpaper collection apps, and others," Dr.Web said in a Tuesday write-up. While masquerading as innocuous Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.com
Kategorie: Hacking & Security

8 Top SBOM Tools to Consider

LinuxSecurity.com - 27 Červenec, 2022 - 13:00
To really secure software, you need to know what's inside its code. That's why a software bill of materials is essential today. It used to be that we didn't worry that much about our code's security. Bad binaries, sure. The code itself? Not so much. We were so foolish.
Kategorie: Hacking & Security

Your Linux Firewall Cant Stop These 3 Attacks!

LinuxSecurity.com - 27 Červenec, 2022 - 13:00
Nowadays, Linux systems are considered fairly secure, as people think that Linux rarely gets infected with malware such as viruses, rootkits, worms, etc. You might also see that we hardly ever come across Antivirus software being sold for Linux, giving the illusion that Linux is an ultimately secure Operating System. Given that roughly 75 percent of the world's servers run on Linux, we can't truly believe that Linux is as secure as we think it is. Linux is only as secure as the person controlling and configuring it. Essentially, if a user has bad security practices, e.g. opening unauthorized emails or downloading potentially malicious links, then there is a very high chance that their Linux system will be compromised.
Kategorie: Hacking & Security

New Ducktail Infostealer Malware Targeting Facebook Business and Ad Accounts

The Hacker News - 27 Červenec, 2022 - 12:28
Facebook business and advertising accounts are at the receiving end of an ongoing campaign dubbed Ducktail designed to seize control as part of a financially driven cybercriminal operation.  "The threat actor targets individuals and employees that may have access to a Facebook Business account with an information-stealer malware," Finnish cybersecurity company WithSecure (formerly F-Secure Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.com
Kategorie: Hacking & Security

Taking the Risk-Based Approach to Vulnerability Patching

The Hacker News - 27 Červenec, 2022 - 11:21
Software vulnerabilities are a major threat to organizations today. The cost of these threats is significant, both financially and in terms of reputation.Vulnerability management and patching can easily get out of hand when the number of vulnerabilities in your organization is in the hundreds of thousands of vulnerabilities and tracked in inefficient ways, such as using Excel spreadsheets or The Hacker Newshttp://www.blogger.com/profile/16801458706306167627noreply@blogger.com
Kategorie: Hacking & Security

Každý desátý počítač s Windows v ohrožení. Hackeři jej zotročí pomocí Kalkulačky

Novinky.cz - bezpečnost - 27 Červenec, 2022 - 11:10
V operačním systému Windows 7 byla objevena nebezpečná trhlina, kterou mohou útočníci zneužít k propašování prakticky libovolného škodlivého kódu do napadeného stroje. Stačí jim přitom k tomu program Kalkulačka (Windows Calculator), který je nedílnou součástí operačního systému.
Kategorie: Hacking & Security

Malicious IIS Extensions Gaining Popularity Among Cyber Criminals for Persistent Access

The Hacker News - 27 Červenec, 2022 - 09:17
Threat actors are increasingly abusing Internet Information Services (IIS) extensions to backdoor servers as a means of establishing a "durable persistence mechanism." That's according to a new warning from the Microsoft 365 Defender Research Team, which said that "IIS backdoors are also harder to detect since they mostly reside in the same directories as legitimate modules used by target Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.com
Kategorie: Hacking & Security

Novel Malware Hijacks Facebook Business Accounts

Threatpost - 26 Červenec, 2022 - 20:15
Newly discovered malware linked to Vietnamese threat actors targets users through a LinkedIn phishing campaign to steal data and admin privileges for financial gain.
Kategorie: Hacking & Security

Experts Find Similarities Between New LockBit 3.0 and BlackMatter Ransomware

The Hacker News - 26 Červenec, 2022 - 18:07
Cybersecurity researchers have reiterated similarities between the latest iteration of the LockBit ransomware and BlackMatter, a rebranded variant of the DarkSide ransomware strain that closed shop in November 2021. The new version of LockBit, called LockBit 3.0 aka LockBit Black, was released in June 2022, launching a brand new leak site and what's the very first ransomware bug bounty program, Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.com
Kategorie: Hacking & Security

4 Steps the Financial Industry Can Take to Cope With Their Growing Attack Surface

The Hacker News - 26 Červenec, 2022 - 18:01
The financial services industry has always been at the forefront of technology adoption, but the 2020 pandemic accelerated the widespread of mobile banking apps, chat-based customer service, and other digital tools. Adobe's 2022 FIS Trends Report, for instance, found that more than half of the financial services and insurance firms surveyed experienced a notable increase in digital/mobile The Hacker Newshttp://www.blogger.com/profile/16801458706306167627noreply@blogger.com
Kategorie: Hacking & Security

Už je to tu zas… 21tunový kus čínské rakety padá k Zemi a nikdo neví, kam dopadne

Zive.cz - bezpečnost - 26 Červenec, 2022 - 16:30
Čína se již potřetí rozhodla nechat neřízeně spadnout obrovský raketový stupeň zpět na Zemi. Tentokrát se jedná o první stupeň rakety Dlouhý pochod 5B, který dle pozorování Jonathana McDowella z Harvard-Smithsonian Center for Astrophysics váží asi 21 tun, uvádí web Space.com. „Oběžná dráha ...
Kategorie: Hacking & Security

Phishing Attacks Skyrocket with Microsoft and Facebook as Most Abused Brands

Threatpost - 26 Červenec, 2022 - 15:05
Instances of phishing attacks leveraging the Microsoft brand increased 266 percent in Q1 compared to the year prior.
Kategorie: Hacking & Security

IoT Botnets Fuels DDoS Attacks – Are You Prepared?

Threatpost - 26 Červenec, 2022 - 14:38
The increased proliferation of IoT devices paved the way for the rise of IoT botnets that amplifies DDoS attacks today. This is a dangerous warning that the possibility of a sophisticated DDoS attack and a prolonged service outage will prevent businesses from growing.
Kategorie: Hacking & Security

Hackers Increasingly Using WebAssembly Coded Cryptominers to Evade Detection

The Hacker News - 26 Červenec, 2022 - 14:13
As many as 207 websites have been infected with malicious code designed to launch a cryptocurrency miner by leveraging WebAssembly (Wasm) on the browser. Web security company Sucuri, which published details of the campaign, said it launched an investigation after one of its clients had their computer slowed down significantly every time upon navigating to their own WordPress portal. This Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.com
Kategorie: Hacking & Security

LinuxONE: IBM's New Linux Mainframes

LinuxSecurity.com - 26 Červenec, 2022 - 13:00
IBM is not just introducing new mainframes, but a new way of paying for on premises big iron that makes mainframes cheaper than they've even before.
Kategorie: Hacking & Security

Critical FileWave MDM Flaws Open Organization-Managed Devices to Remote Hackers

The Hacker News - 26 Červenec, 2022 - 12:12
FileWave's mobile device management (MDM) system has been found vulnerable to two critical security flaws that could be leveraged to carry out remote attacks and seize control of a fleet of devices connected to it. "The vulnerabilities are remotely exploitable and enable an attacker to bypass authentication mechanisms and gain full control over the MDM platform and its managed devices," Claroty Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.com
Kategorie: Hacking & Security

SmokeLoader Infecting Targeted Systems with Amadey Info-Stealing Malware

The Hacker News - 26 Červenec, 2022 - 09:18
An information-stealing malware called Amadey is being distributed by means of another backdoor called SmokeLoader. The attacks hinge on tricking users into downloading SmokeLoader that masquerades as software cracks, paving the way for the deployment of Amadey, researchers from the AhnLab Security Emergency Response Center (ASEC) said in a report published last week. Amadey, a Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.com
Kategorie: Hacking & Security

Hackers Exploit PrestaShop Zero-Day to Steal Payment Data from Online Stores

The Hacker News - 26 Červenec, 2022 - 05:09
Malicious actors are exploiting a previously unknown security flaw in the open source PrestaShop e-commerce platform to inject malicious skimmer code designed to swipe sensitive information. "Attackers have found a way to use a security vulnerability to carry out arbitrary code execution in servers running PrestaShop websites," the company noted in an advisory published on July 22. PrestaShop isRavie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.com
Kategorie: Hacking & Security

T-Mobile to cough up $500 million over 2021 data breach

Sophos Naked Security - 25 Červenec, 2022 - 20:20
Technically, it's not a fine, and the lawyers will get a big chunk of it. But it still adds up to a half-billion-dollar data breach.

FBI bije na poplach. Huawei se nám umí nabourat do jaderného arzenálu

Novinky.cz - bezpečnost - 25 Červenec, 2022 - 18:38
Pomocí vysílačů mobilního signálu se čínská společnost Huawei zřejmě pokusila na středozápadě USA nabourat šifrovanou komunikaci strategického velitelství americké armády, která dohlíží na jaderný arzenál. Upozornila na to o víkendu stanice CNN.
Kategorie: Hacking & Security
Syndikovat obsah