World Press - Úvod  Net-Security  SANS  Threatpost 


 

Datum

Obrázek

Název

Info

Web

18.11.2018

TrickBot Banking Trojan Starts Stealing Windows Problem History ImageTrickBot Banking Trojan Starts Stealing Windows Problem HistoryA version of TrickBot spotted recently shows interest in data that is peculiar for the normal scope of banking trojans: the Windows system reliability and performance information.Bleepingcomputer

17.11.2018

Speech Synthesis API Being Restricted in Chrome 71 Due to Abuse ImageSpeech Synthesis API Being Restricted in Chrome 71 Due to AbuseWeb developers can use the SpeechSynthesis API to convert text on a web page into synthesized audio speech. While this feature is great for accessibility and audio queues, it is being abused by advertisements and low quality/scammy web sites.

Bleepingcomputer

17.11.2018Microsoft Turns Off Ads in Windows 10 Mail App After Outrage ImageMicrosoft Turns Off Ads in Windows 10 Mail App After OutrageMicrosoft was experimenting with ads Mail app ads in Brazil, Canada, Australia, and India to get user feedback on ads in Mail. Microsoft confirmed on Twitter that this is an experimental feature that was never intended to be tested broadly and is now being turned off.

Bleepingcomputer

17.11.2018Scammers Use Facebook Sharer Page to Push Tech Support Scams ImageScammers Use Facebook Sharer Page to Push Tech Support ScamsA new tech support scam trick is underway that utilizes Facebook's Sharer dialog to scare a user into thinking that their Facebook account has an issue. The scammers then hope that the user will be scared into calling the listed phone number.

Bleepingcomputer

17.11.2018Hacker Say They Compromised ProtonMail. ProtonMail Says It's BS. ImageHacker Say They Compromised ProtonMail. ProtonMail Says It's BS.A person or group claiming to have hacked ProtonMail and stolen "significant" amounts of data has posted a lengthy ransom demand with some wild claims to an anonymous Pastebin. ProtonMail states it's complete BS.

Bleepingcomputer

16.11.2018

Secret Charges Against Julian Assange Revealed Due to "Cut-Paste" Error

Secret Charges Against Julian Assange Revealed Due to "Cut-Paste" Error

Has Wikileaks founder Julian Assange officially been charged with any unspecified criminal offense in the United States? — YES United St

Thehackernews

16.11.2018

Russian Banks Under Phishing Attack Image

Russian Banks Under Phishing Attack

Banks in Russia today were the target of a massive phishing campaign that aimed to deliver a tool used by the Silence group of hackers believed to have a background in legitimate infosec activities.

Bleepingcomputer

16.11.2018

Gmail Bugs Allow Changing From: Field and Spoofing Recipient's Address Image

Gmail Bugs Allow Changing From: Field and Spoofing Recipient's Address


A bug in the way Gmail handles the structure of the 'from:' header allows placing of an arbitrary email address in the sender field.

Bleepingcomputer

16.11.2018

YouTube Now Lets You Scroll Down to View Comments When in Full Screen Image

YouTube Now Lets You Scroll Down to View Comments When in Full Screen

Watching a video on YouTube in full screen is the optimal way to use the site, but it prevents you from using other features such as comments and the rest of the site A new feature has been released today by YouTube that allows you to watch a video in full screen, but at the same time, scroll down and view the site.

Bleepingcomputer

16.11.2018

Firefox Now Shows Warnings On Sites with Data Breaches Image

Firefox Now Shows Warnings On Sites with Data Breaches

Mozilla's has added a new feature to their desktop Quantum Browser that displays a warning from Firefox Monitor when visiting a site that previously had a data breach. These warnings are designed to alert people about possible concerns and to suggest they check their email to see if it was part of the breach.

Bleepingcomputer

16.11.2018

Misconfigured Docker Services Actively Exploited in Cryptojacking Operation Image

Misconfigured Docker Services Actively Exploited in Cryptojacking Operation

Adversaries looking for an easy way to mine for cryptocurrency are actively targeting publicly exposed Docker services. They use a malicious script capable to scan the network in search of vulnerable hosts and compromise them.

Bleepingcomputer

16.11.2018

Windows 10 Build 18282 Released To Insiders With New Light Theme Image

Windows 10 Build 18282 Released To Insiders With New Light Theme

Windows 10 19H1 Build 18282 is now available to Insiders in Fast and Skip Ahead Rings. Today's preview update for Windows 10 brings a light theme to Start Menu, Taskbar, Action Center and other elements.

Bleepingcomputer

16.11.2018

iPhone X, Galaxy S9, Xiaomi Mi6 Fall at Pwn2Own Tokyo Image

iPhone X, Galaxy S9, Xiaomi Mi6 Fall at Pwn2Own Tokyo

iPhone X, Samsung Galaxy S9, and Xiaomi Mi6 all fell at the hands of hackers that found bugs in various components and crafted exploits that allowed complete take over of the targeted device.

Bleepingcomputer

16.11.2018

Infowars Store Affected by Magecart Credit Card Stealing Hack Image

Infowars Store Affected by Magecart Credit Card Stealing Hack

A MageCart credit card skimming attack has been discovered on the online store for the Infowars web site. Visitors who purchased anything on the store while the malicious code was present, would have had their payment information sent to the attacker's server in Lithuania.

Bleepingcomputer

16.11.2018

State-Sponsored Actors Focus Attacks on Asia Image

State-Sponsored Actors Focus Attacks on Asia

Southeast Asia is the most actively attacked region, accordingly to Cyber Security firm, Group-IB. Their annual Hi-Tech Crime Trends Report 2018 advises: "In just one year, 21 state-sponsored groups were detected in this area, which is more than in the United States and Europe."

Bleepingcomputer

16.11.2018

Microsoft Patches Windows Zero-Day Exploited in Cyber Attacks Image

Microsoft Patches Windows Zero-Day Exploited in Cyber Attacks

A zero-day vulnerability in certain editions of Windows operating system helped at least one advanced threat group increase their privileges on compromised machines until Microsoft patched it with this month's release of security updates.

Bleepingcomputer

15.11.2018

Why you need to know about Penetration Testing and Compliance Audits?

Why you need to know about Penetration Testing and Compliance Audits?

We live in an age where data flows like water, becoming the new life source of our everyday ventures. As such, you can just imagine what a

Thehackernews

15.11.2018

Popular AMP Plugin for WordPress Patches Critical Flaw â?? Update Now

Popular AMP Plugin for WordPress Patches Critical Flaw – Update Now

A security researcher has disclosed details of a critical vulnerability in one of the popular and widely active plugins for WordPress th..

Thehackernews

15.11.2018

0-Days Found in iPhone X, Samsung Galaxy S9, Xiaomi Mi6 Phones

0-Days Found in iPhone X, Samsung Galaxy S9, Xiaomi Mi6 Phones

At Pwn2Own 2018 mobile hacking competition held in Tokyo on November 13-14, white hat hackers once again demonstrated that even the fully pa...

Thehackernews

15.11.2018

7 New Meltdown and Spectre-type CPU Flaws Affect Intel, AMD, ARM CPUs

7 New Meltdown and Spectre-type CPU Flaws Affect Intel, AMD, ARM CPUs

Disclosed earlier this year, potentially dangerous Meltdown and Spectre vulnerabilities that affected a large family of modern processor...

Thehackernews

14.11.2018

63 New Flaws (Including 0-Days) Windows Users Need to Patch Now

63 New Flaws (Including 0-Days) Windows Users Need to Patch Now

It's Patch Tuesday once again…time for another round of security updates for the Windows operating system and other Microsoft product..

Thehackernews

14.11.2018

Another Facebook Bug Could Have Exposed Your Private Information

Another Facebook Bug Could Have Exposed Your Private Information

Another security vulnerability has been reported in Facebook that could have allowed attackers to obtain certain personal information abo.

Thehackernews

14.11.2018

The US Office of Personnel Management Systems Are Still Insecure Image

The US Office of Personnel Management Systems Are Still Insecure

The security posture of the Office of Personnel Management has improved drastically and by the end of the year, the agency is on track to meeting almost all recommendations the US Government Accountability Office (GAO) made over the past two years. Full compliance is expected by the end of 2019.

Bleepingcomputer

14.11.2018

Adobe Releases Security Update for Acrobat Vulnerability with Public PoC Image

Adobe Releases Security Update for Acrobat Vulnerability with Public PoC

Adobe has published their monthly Patch Tuesday updates for the month of November 2018. These updates are for Flash Player, Adobe Acrobat and Reader, and Photoshop CC.

Bleepingcomputer

14.11.2018

Microsoft Releases Windows 7 & 8.1 Cumulative Updates KB4467107 & KB4467697 Image

Microsoft Releases Windows 7 & 8.1 Cumulative Updates KB4467107 & KB4467697

After releasing cumulative updates for all supported versions of Windows 10, Microsoft has also released a new patch for Windows 7 and 8.1 with security and general fixes. 

Bleepingcomputer

14.11.2018

Microsoft November 2018 Patch Tuesday Fixes 12 Critical Vulnerabilities Image

Microsoft November 2018 Patch Tuesday Fixes 12 Critical Vulnerabilities

Today is Microsoft's November 2018 Patch Tuesday, which means we get a ton of security updates to install for Windows and other Microsoft products. As these updates are commonly exploited by attackers, malware, and exploit kits, it is strongly advised that all users install these updates as soon as possible.

Bleepingcomputer

14.11.2018

Windows 10 Cumulative Update KB4467708, KB4464455 and KB4467702 Released Image

Windows 10 Cumulative Update KB4467708, KB4464455 and KB4467702 Released

Windows 10 cumulative updates for Windows 10 October 2018 Update, Windows 10 April 2018 Update and Windows 10 Fall Creators Update is now rolling out to compatible devices. Today's update for Windows 10 has addressed the security and non-security issues.

Bleepingcomputer

14.11.2018

Microsoft Resumes Rollout of Windows 10 October 2018 Update Image

Microsoft Resumes Rollout of Windows 10 October 2018 Update

Windows 10 October 2018 Update is once again available for download but it's rolling out in stages so it may not show up on your device now. To check if it is available, you can head over to Settings > Update & Security > Windows Update and check for new updates.

Bleepingcomputer

14.11.2018

Google Services Unreachable After Traffic Hijacking Image

Google Services Unreachable After Traffic Hijacking

Services from Google on Monday became unavailable for up to two hours as user traffic followed a tortuous path through operators in Russia and Nigeria before hitting the Great Firewall of China.

Bleepingcomputer

13.11.18

Cynet Review: Simplify Security with a True Security Platform

Cynet Review: Simplify Security with a True Security Platform

In 1999, Bruce Schneier wrote, "Complexity is the worst enemy of security." That was 19 years ago (!) and since then, cyber sec.

Thehackernews

13.11.18

HookAds Malvertising Installing Malware via the Fallout Exploit Kit Image

HookAds Malvertising Installing Malware via the Fallout Exploit Kit

The HookAds malvertising campaign has been active lately and redirecting visitors to the Fallout Exploit Kit. Once the kit is activated, it will attempt to exploit known vulnerabilities in Windows to install different malware such as the DanaBot banking Trojan, the Nocturnal information stealer, and GlobeImposter ransomware.

Bleepingcomputer

13.11.18

The Intel Microcode Boot Loader Protects Older CPUs From Spectre Image

The Intel Microcode Boot Loader Protects Older CPUs From Spectre

The Intel Microcode Boot Loader creates a bootable USB flash drive that automatically applies the latest Intel microcodes to your identified CPU so that you are protected from the speculative execution side-channel attacks called Spectre.

Bleepingcomputer

13.11.18

iSH - An iOS Linux Shell for Your iPhone or iPad Image

iSH - An iOS Linux Shell for Your iPhone or iPad

Have you ever wanted to run a Linux shell on your iOS device to transfer files, write shell scripts, or simply to use Vi to develop code or edit files?  Now you can, with a project called iSH that is currently available as a TestFlight beta for iOS devices.

Bleepingcomputer

12.11.18

New APIs Suggest WPA3 Wi-Fi Security Support Coming Soon to Windows 10

New APIs Suggest WPA3 Wi-Fi Security Support Coming Soon to Windows 10

Windows 10 users don't have to wait much longer for the support of latest WPA3 Wi-Fi security standard , a new blog post from Microsof..

Thehackernews

11.11.18

Cloudflare Brings its 1.1.1.1 DNS Service to Android & iOS Mobile Devices Image

Cloudflare Brings its 1.1.1.1 DNS Service to Android & iOS Mobile Devices

This past April, Cloudflare and APNIC released a new 1.1.1.1 public DNS resolver service whose goal was not only to make looking up Internet addresses faster, but also make them more private. Today, Cloudflare has released a 1.1.1.1 app for Android and iOS to easily bring these same features to your mobile devices.

Bleepingcomputer

11.11.18

Internal Chrome Page Shows All Google Interstitial Warnings Image

Internal Chrome Page Shows All Google Interstitial Warnings

An internal Google Chrome page allows users to see all interstitial warnings or notifications that may be encountered while browsing the web with Chrome.

Bleepingcomputer

9.11.18

Hacker Who DDoSed Sony, EA and Steam Gaming Servers Pleads Guilty

Hacker Who DDoSed Sony, EA and Steam Gaming Servers Pleads Guilty

A 23-year-old hacker from Utah pleaded guilty this week to launching a series of denial-of-service (DoS) attacks against multiple online.

Thehackernews

8.11.18

Here's How Hackers Could Have Spied On Your DJI Drone Account

Here's How Hackers Could Have Spied On Your DJI Drone Account

Cybersecurity researchers at Check Point today revealed details of a potential dangerous vulnerability in DJI Drone web app that could ha...

Thehackernews

8.11.18

New Android API Lets Developers Push Updates Within their Apps

New Android API Lets Developers Push Updates Within their Apps

You might have read somewhere online today that Google is granting Android app developers powers to forcefully install app updates…but it

Thehackernews

8.11.18

StatCounter Analytics Code Hijacked to Steal Bitcoins from Cryptocurrency Users

StatCounter Analytics Code Hijacked to Steal Bitcoins from Cryptocurrency Users

Late last week an unknown hacker or a group of hackers successfully targeted a cryptocurrency exchange with an aim to steal Bitcoins by c...

Thehackernews

8.11.18

Unpatched VirtualBox Zero-Day Vulnerability and Exploit Released Online

Unpatched VirtualBox Zero-Day Vulnerability and Exploit Released Online

An independent exploit developer and vulnerability researcher has publicly disclosed a zero-day vulnerability in VirtualBox —a popular op...

Thehackernews

7.11.18

Popular WooCommerce WordPress Plugin Patches Critical Vulnerability

Popular WooCommerce WordPress Plugin Patches Critical Vulnerability

If you own an eCommerce website built on WordPress and powered by WooCommerce plugin, then beware of a new vulnerability that could comp...

Thehackernews

5.11.18

Flaws in Popular Self-Encrypting SSDs Let Attackers Decrypt Data

Flaws in Popular Self-Encrypting SSDs Let Attackers Decrypt Data

We all have something to hide, something to protect. But if you are also relying on self-encrypting drives for that, then you should read.

Thehackernews

3.11.18

New Intel CPU Flaw Exploits Hyper-Threading to Steal Encrypted Data

New Intel CPU Flaw Exploits Hyper-Threading to Steal Encrypted Data

A team of security researchers has discovered another serious side-channel vulnerability in Intel CPUs that could allow an attacker to sniff.

Thehackernews

1.11.18

Accused CIA Leaker Faces New Charges of Leaking Information From Prison

Accused CIA Leaker Faces New Charges of Leaking Information From Prison

Joshua Adam Schulte , a 30-year-old former CIA computer programmer who was indicted over four months ago  for masterminding the largest leak.

Thehackernews

1.11.18

Two New Bluetooth Chip Flaws Expose Millions of Devices to Remote Attacks

Two New Bluetooth Chip Flaws Expose Millions of Devices to Remote Attacks

Security researchers have unveiled details of two critical vulnerabilities in Bluetooth Low Energy (BLE) chips embedded in millions of ac.

Thehackernews

31.10.18

Apple's New MacBook Disconnects Microphone "Physically" When Lid is Closed

Apple's New MacBook Disconnects Microphone "Physically" When Lid is Closed

Apple introduces a new privacy feature for all new MacBooks that "at some extent" will prevent hackers and malicious applications.

Thehackernews

30.10.18

New iPhone Passcode Bypass Found Hours After Apple Releases iOS 12.1

New iPhone Passcode Bypass Found Hours After Apple Releases iOS 12.1

It's only been a few hours since Apple releases iOS 12.1 and an iPhone enthusiast has managed to find a passcode bypass hack, once a.

Thehackernews

30.10.18

Windows 10 Bug Let UWP Apps Access All Files Without Users' Consent

Windows 10 Bug Let UWP Apps Access All Files Without Users' Consent

Microsoft silently patched a bug in its Windows 10 operating system with the October 2018 update (version 1809) that allowed Microsoft S.

Thehackernews

29.10.18

Unpatched MS Word Flaw Could Allow Hackers to Infect Your Computer

Unpatched MS Word Flaw Could Allow Hackers to Infect Your Computer

Cybersecurity researchers have revealed an unpatched logical flaw in Microsoft Office 2016 and older versions that could allow an attacker t.

Thehackernews

29.10.18

Signal Secure Messaging App Now Encrypts Sender's Identity As Well

Signal Secure Messaging App Now Encrypts Sender's Identity As Well

Signal, the popular end-to-end encrypted messaging app, is planning to roll out a new feature that aims to hide the sender's identity.

Thehackernews

29.10.18

Windows Built-in Antivirus Gets Secure Sandbox Mode â?? Turn It ON

Windows Built-in Antivirus Gets Secure Sandbox Mode – Turn It ON

Microsoft Windows built-in anti-malware tool, Windows Defender, has become the very first antivirus software to have the ability to run in.

Thehackernews

28.10.18

IBM Buys "Red Hat" Open-Source Software Company for $34 Billion

IBM Buys "Red Hat" Open-Source Software Company for $34 Billion

It's been quite a year for the open source platforms. Earlier this year, Microsoft acquired popular code repository hosting service...

Thehackernews

26.10.18

New Privilege Escalation Flaw Affects Most Linux Distributions

New Privilege Escalation Flaw Affects Most Linux Distributions

An Indian security researcher has discovered a highly critical flaw in X.Org Server package that impacts OpenBSD and most Linux distributi...

Thehackernews

25.10.18

Facebook Fined £500,000 for Cambridge Analytica Data Scandal

Facebook Fined £500,000 for Cambridge Analytica Data Scandal

Facebook has finally been slapped with its first fine of £500,000 for allowing political consultancy firm Cambridge Analytica to improper...

Thehackernews

24.10.18

Google Makes 2 Years of Android Security Updates Mandatory for Device Makers

Google Makes 2 Years of Android Security Updates Mandatory for Device Makers

When it comes to security updates, Android is a real mess. Even after Google timely rolls out security patches for its Android platform...

Thehackernews

24.10.18

FireEye: Russian Research Lab Aided the Development of TRITON Industrial Malware

FireEye: Russian Research Lab Aided the Development of TRITON Industrial Malware

Cybersecurity firm FireEye claims to have discovered evidence that proves the involvement of a Russian-owned research institute in the de...

Thehackernews

23.10.18

Hacker Discloses New Windows Zero-Day Exploit On Twitter

Hacker Discloses New Windows Zero-Day Exploit On Twitter

A security researcher with Twitter alias SandboxEscaper—who two months ago publicly dropped a zero-day exploit for Microsoft Windows Tas...

Thehackernews

19.10.18

Critical Code Execution Flaw Found in LIVE555 Streaming Library

Critical Code Execution Flaw Found in LIVE555 Streaming Library

Security researchers have discovered a serious code execution vulnerability in the LIVE555 streaming media library—which is being used by...

Thehackernews

18.10.18

Critical Flaws Found in Amazon FreeRTOS IoT Operating System

Critical Flaws Found in Amazon FreeRTOS IoT Operating System

A security researcher has discovered several critical vulnerabilities in one of the most popular embedded real-time operating systems—cal...

Thehackernews

17.10.18

Tumblr Patches A Flaw That Could Have Exposed Usersâ?? Account Info

Tumblr Patches A Flaw That Could Have Exposed Users’ Account Info

Tumblr today published a report admitting the presence of a security vulnerability in its website that could have allowed hackers to st...

Thehackernews