Kategorie

Patch now: The popular biz-collaboration platform is seeing mass scanning and exploitation just two weeks after a critical RCE bug was disclosed.

The privacy-touting, end-to-end encrypted email provider erased its site's “we don’t log your IP” boast after France sicced Swiss cops on it.

Better support for Microsoft's NTFS file-system is coming to the Linux 5.15 kernel, along with some important process and security lessons for developers about how code submissions to the kernel should be made.

A hacker known only as “Mr. A” was picked up by authorities at a South Korean airport after getting stuck in the country due to COVID-19 travel restrictions.

** Bezpečnostní experti odhalili 16 bezpečnostních děr v Bluetooth ** Pojmenovali je jako BrakTooth a ukázali podrobnosti ** Většina postižených zařízení bohužel nedostala zápolatu

Verizon DBIR is already funny, useful & well-written, and it just got better with mapping to MITRE ATT&CK TTPs. The marriage could finally bring answers to "What are we doing right?" instead of the constant reminders of what's not working in fending off threats.

Bezpečnostní expert Troy Hunt včera oznámil, že Česko je již 27. zemí, která s spolupracuje s jeho projektem haveibeenpwned.com. Národní úřad pro kybernetickou a informační bezpečnost tak získá plný přístup k databázi týkající se internetových domén státní správy. V praxi to znamená, že ...

The maintainers of Jenkins—a popular open-source automation server software—have disclosed a security breach after unidentified threat actors gained access to one of their servers by exploiting a recently disclosed vulnerability in Atlassian Confluence service to install a cryptocurrency miner. The "successful attack," which is believed to have occurred last week, was mounted against its

Šifrovaná e-mailová služba ProtonMail v podmínkách uvádí, že standardně neuchovává IP adresy uživatelů. Výjimkou jsou případy, kdy zjistí, že některé slouží pro spamování, DDoS a jiné útoky. Teď však provozovatelé přidali ještě jednu – IP adresy mohou předat švýcarským kriminalistům, ...

End-to-end encrypted email service provider ProtonMail has drawn criticism after it ceded to a legal request and shared the IP address of anti-gentrification activists with law enforcement authorities, leading to their arrests in France. The Switzerland-based company said it received a "legally binding order from the Swiss Federal Department of Justice" related to a collective called Youth for

An ongoing campaign has been found to leverage a network of websites acting as a "dropper as a service" to deliver a bundle of malware payloads to victims looking for "cracked" versions of popular business and consumer applications. "These malware included an assortment of click fraud bots, other information stealers, and even ransomware," researchers from cybersecurity firm Sophos said in a

3,000,000 downloads a week... if only they'd read the fastidious manual!

Tony Lauro, director of security technology and strategy at Akamai, discusses how to disrupt account takeovers in the exploitation phase of an attack.

Zabezpečení mnoha současných počítačových systémů stojí a padá na tom, že je jejich prolomení hrubou silou příliš drahé, a tak se žádnému útočníkovi nevyplatí. Stručně řečeno, k prolomení celého šifrovacího systému byste potřebovali tak ohromný výpočetní výkon, kterým dnes v praxi nikdo ...

Německá vláda vyzvala Rusko, aby přestalo s kybernetickými útoky na německé instituce. Terčem hackerů se v uplynulých měsících opakovaně stal Spolkový sněm.

OpenWrt 21.02 has been released with exciting new features and higher security with WPA3, HTTPS & TLS enabled by default, as well as initial support for the Distributed Switch Architecture ( DSA ), the Linux standard for configurable Ethernet switches.

The first half of 2021 saw 1.5 billion attacks on smart devices, with attackers looking to steal data, mine cryptocurrency or build botnets.

Networking, storage and security solutions provider Netgear on Friday issued patches to address three security vulnerabilities affecting its smart switches that could be abused by an adversary to gain full control of a vulnerable device. The flaws, which were discovered and reported to Netgear by Google security engineer Gynvael Coldwind, impact the following models - GC108P (fixed in firmware

A recent wave of spear-phishing campaigns leveraged weaponized Windows 11 Alpha-themed Word documents with Visual Basic macros to drop malicious payloads, including a JavaScript implant, against a point-of-sale (PoS) service provider located in the U.S. The attacks, which are believed to have taken place between late June to late July 2021, have been attributed with "moderate confidence" to a

Microsoft has shared technical details about a now-fixed, actively exploited critical security vulnerability affecting SolarWinds Serv-U managed file transfer service that it has attributed with "high confidence" to a threat actor operating out of China. In mid-July, the Texas-based company remedied a remote code execution flaw (CVE-2021-35211) that was rooted in Serv-U's implementation of the