Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.

Kategorie

Ukrainian Radio Stations Hacked to Broadcast Fake News About Zelenskyy's Health

The Hacker News - 22 Červenec, 2022 - 09:13
Ukrainian radio operator TAVR Media on Thursday became the latest victim of a cyberattack, resulting in the broadcast of a fake message that President Volodymyr Zelenskyy was seriously ill. "Cybercriminals spread information that the President of Ukraine, Volodymyr Zelenskyy, is allegedly in intensive care, and his duties are performed by the Chairman of the Verkhovna Rada, Ruslan Stefanchuk," Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.com
Kategorie: Hacking & Security

Candiru Spyware Caught Exploiting Google Chrome Zero-Day to Target Journalists

The Hacker News - 22 Červenec, 2022 - 08:40
The actively exploited but now-fixed Google Chrome zero-day flaw that came to light at the start of this month was weaponized by an Israeli spyware company and used in attacks targeting journalists in the Middle East. Czech cybersecurity firm Avast linked the exploitation to Candiru (aka Saito Tech), which has a history of leveraging previously unknown flaws to deploy a Windows malware dubbed Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.com
Kategorie: Hacking & Security

Apple patches “0-day” browser bug fixed 2 weeks ago in Chrome, Edge

Sophos Naked Security - 21 Červenec, 2022 - 22:38
One vendor's zero-day is another vendor's routine patch...

S3 Ep92: Log4Shell4Ever, travel tips, and scamminess [Audio + Text]

Sophos Naked Security - 21 Červenec, 2022 - 20:25
Latest episode - listen, read or both!

New Linux Malware Framework Lets Attackers Install Rootkit on Targeted Systems

The Hacker News - 21 Červenec, 2022 - 15:22
A never-before-seen Linux malware has been dubbed a "Swiss Army Knife" for its modular architecture and its capability to install rootkits. This previously undetected Linux threat, called Lightning Framework by Intezer, is equipped with a plethora of features, making it one of the most intricate frameworks developed for targeting Linux systems. "The framework has both passive and active Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.com
Kategorie: Hacking & Security

Hackers for Hire: Adversaries Employ ‘Cyber Mercenaries’

Threatpost - 21 Červenec, 2022 - 14:59
Also known as the Atlantis Cyber-Army, the emerging organization has an enigmatic leader and a core set of admins that offer a range of services, including exclusive data leaks, DDoS and RDP.
Kategorie: Hacking & Security

Hackers Target Ukrainian Software Company Using GoMet Backdoor

The Hacker News - 21 Červenec, 2022 - 14:02
A large software development company whose software is used by different state entities in Ukraine was at the receiving end of an "uncommon" piece of malware, new research has found. The malware, first observed on the morning of May 19, 2022, is a custom variant of the open source backdoor known as GoMet and is designed for maintaining persistent access to the network. "This access could be Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.com
Kategorie: Hacking & Security

Hackers Use Evilnum Malware to Target Cryptocurrency and Commodities Platforms

The Hacker News - 21 Červenec, 2022 - 14:01
The advanced persistent threat (APT) actor tracked as Evilnum is once again exhibiting signs of renewed activity aimed at European financial and investment entities. "Evilnum is a backdoor that can be used for data theft or to load additional payloads," enterprise security firm Proofpoint said in a report shared with The Hacker News. "The malware includes multiple interesting components to evadeRavie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.com
Kategorie: Hacking & Security

The New Weak Link in SaaS Security: Devices

The Hacker News - 21 Červenec, 2022 - 13:59
Typically, when threat actors look to infiltrate an organization's SaaS apps, they look to SaaS app misconfigurations as a means of entry. However, employees now use their personal devices, whether their phones or laptops, etc., to get their jobs done. If the device's hygiene is not up to par, it increases the risk for the organization and widens the attack surface for bad actors. And so, The Hacker Newshttp://www.blogger.com/profile/16801458706306167627noreply@blogger.com
Kategorie: Hacking & Security

New Lightning Framework Linux Malware Installs Rootkits, Backdoors

LinuxSecurity.com - 21 Červenec, 2022 - 13:56
A new and previously undetected malware dubbed 'Lightning Framework' targets Linux systems and can be used to backdoor infected devices using SSH and deploy multiple types of rootkits.
Kategorie: Hacking & Security

Linux Lands Fix For A Trivial Lockdown Bypass Bug

LinuxSecurity.com - 21 Červenec, 2022 - 13:53
Merged yesterday afternoon to the mainline Linux 5.19 Git kernel and set for back-porting is a fix for a new security bug. Oracle made public CVE-2022-21505 on Tuesday as a trivial bypass to the Linux kernel's lockdown mode.
Kategorie: Hacking & Security

Atlassian Rolls Out Security Patch for Critical Confluence Vulnerability

The Hacker News - 21 Červenec, 2022 - 10:41
Atlassian has rolled out fixes to remediate a critical security vulnerability pertaining to the use of hard-coded credentials affecting the Questions For Confluence app for Confluence Server and Confluence Data Center. The flaw, tracked as CVE-2022-26138, arises when the app in question is enabled on either of two services, causing it to create a Confluence user account with the username "Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.com
Kategorie: Hacking & Security

FBI Seizes $500,000 Ransomware Payments and Crypto from North Korean Hackers

The Hacker News - 21 Červenec, 2022 - 10:25
The U.S. Department of Justice (DoJ) has announced the seizure of $500,000 worth of Bitcoin from North Korean hackers who extorted digital payments from several organizations by using a new ransomware strain known as Maui. "The seized funds include ransoms paid by healthcare providers in Kansas and Colorado," the DoJ said in a press release issued Tuesday. The recovery of the bitcoin ransoms Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.com
Kategorie: Hacking & Security

Cynomi Automated Virtual CISO (vCISO) Platform for Service Providers

The Hacker News - 21 Červenec, 2022 - 10:23
Growing cyber threats, tightening regulatory demands and strict cyber insurance requirements are driving small to medium-sized enterprises demand for strategic cybersecurity and compliance guidance and management. Since most companies this size don't have in-house CISO expertise – the demand for virtual CISO (vCISO) services is also growing. Yet current vCISO services models still rely on manualThe Hacker Newshttp://www.blogger.com/profile/16801458706306167627noreply@blogger.com
Kategorie: Hacking & Security

Česká republika patří k zemím, kde hackeři prolamují účty nejčastěji

Novinky.cz - bezpečnost - 21 Červenec, 2022 - 10:14
Česká republika byla ve druhém čtvrtletí třináctá na světě v počtu prolomených internetových účtů – v porovnání s předchozím čtvrtletím se jejich počet zvýšil o 135 procent na téměř 450 000 účtů. To znamená dva až čtyři prolomené účty za minutu. Vyplývá to z průzkumu organizace Surfshark. Nejhůře se v celosvětovém měříku situace v tomto ohledu zhoršila v Japonsku, Číně a Jižní Koreji.
Kategorie: Hacking & Security

Apple Releases Security Patches for all Devices Fixing Dozens of New Vulnerabilities

The Hacker News - 21 Červenec, 2022 - 08:40
Apple on Wednesday rolled out software fixes for iOS, iPadOS, macOS, tvOS, and watchOS to address a number of security flaws affecting its platforms. This includes at least 37 flaws spanning different components in iOS and macOS that range from privilege escalation to arbitrary code execution and from information disclosure to denial-of-service (DoS). Chief among them is Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.com
Kategorie: Hacking & Security

Cisco Releases Patches for Critical Flaws Impacting Nexus Dashboard for Data Centers

The Hacker News - 21 Červenec, 2022 - 06:58
Cisco on Wednesday released security patches for 45 vulnerabilities affecting a variety of products, some of which could be exploited to execute arbitrary actions with elevated permissions on affected systems. Of the 45 bugs, one security vulnerability is rated Critical, three are rated High, and 41 are rated Medium in severity.  The most severe of the issues are CVE-2022-20857, CVE-2022-20858, Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.com
Kategorie: Hacking & Security

Last member of Gozi malware troika arrives in US for criminal trial

Sophos Naked Security - 20 Červenec, 2022 - 20:56
His co-conspirators went into and got out of prison years ago, while he remained free. Now the tables have turned...

Google Adds Support for DNS-over-HTTP/3 in Android to Keep DNS Queries Private

The Hacker News - 20 Červenec, 2022 - 15:41
Google on Tuesday officially announced support for DNS-over-HTTP/3 (DoH3) for Android devices as part of a Google Play system update designed to keep DNS queries private. To that end, Android smartphones running Android 11 and higher are expected to use DoH3 instead of DNS-over-TLS (DoT), which was incorporated into the mobile operating system with Android 9.0. DoH3 is also an alternative to Ravie Lakshmananhttp://www.blogger.com/profile/10975661172932160797noreply@blogger.com
Kategorie: Hacking & Security

Conti’s Reign of Chaos: Costa Rica in the Crosshairs

Threatpost - 20 Červenec, 2022 - 14:35
Aamir Lakhani, with FortiGuard Labs, answers the question; Why is the Conti ransomware gang targeting people and businesses in Costa Rica?
Kategorie: Hacking & Security
Syndikovat obsah