RSS ze světa hackingu

If you think KRACK attack for WiFi is the worst vulnerability of this year, then hold on… ...we have got another one for you which is even worse. Microsoft, Google, Lenovo, HP and Fujitsu are warning their customers of a potentially serious vulnerability in widely used RSA cryptographic library produced by German semiconductor manufacturer Infineon Technologies. It's noteworthy that this …

FinSpy—the infamous surveillance malware is back and infecting high-profile targets using a new Adobe Flash zero-day exploit delivered through Microsoft Office documents. Security researchers from Kaspersky Labs have discovered a new zero-day remote code execution vulnerability in Adobe Flash, which was being actively exploited in the wild by a group of advanced persistent threat actors, …

Security researchers have discovered a new privilege-escalation vulnerability in Linux kernel that could allow a local attacker to execute code on the affected systems with elevated privileges. Discovered by Venustech ADLab (Active-Defense Lab) researchers, the Linux kernel vulnerability (CVE-2017-15265) is due to a use-after-free memory error in the Advanced Linux Sound Architecture (ALSA) …

We don't really know the pain and cost of a downtime event unless we are directly touched. Be it a flood, electrical failure, ransomware attack or other broad geographic events; we don't know what it is really like to have to restore IT infrastructure unless we have had to do it ourselves. We look at other people's backup and recovery issues and hope we are smarter or clever enough to keep …

Do you think your wireless network is secure because you're using WPA2 encryption? If yes, think again! Security researchers have discovered several key management vulnerabilities in the core of Wi-Fi Protected Access II (WPA2) protocol that could allow an attacker to hack into your Wi-Fi network and eavesdrop on the Internet communications. WPA2 is a 13-year-old WiFi authentication scheme …

Remember NotPetya? The Ransomware that shut down thousands of businesses, organisations and banks in Ukraine as well as different parts of Europe in June this year. Now, Ukrainian government authorities are once again warning its citizens to brace themselves for next wave of "large-scale" NotPetya-like cyber attack. According to a press release published Thursday by the Secret Service of …

DoubleLocker—as the name suggests, it locks device twice. Security researchers from cybersecurity firm ESET have discovered a new Android ransomware that not just encrypts users’ data, but also locks them out of their devices by changing lock screen PIN. On top of that: DoubleLocker is the first-ever ransomware to misuse Android accessibility—a feature that provides users alternative ways …

If you receive a message from any of your Facebook Friends asking for urgent help to recover their Facebook account, since they've added you as one of their 'Trusted Contacts'—just don’t blindly believe it. Researchers have detected a new Facebook phishing scam that can even trick an experienced technical user into falling victim to the scam, helping an attacker gain access to your Facebook …

Since new forms of cybercrime are on the rise, traditional techniques seem to be shifting towards more clandestine that involve the exploitation of standard system tools and protocols, which are not always monitored. Security researchers at Cisco's Talos threat research group have discovered one such attack campaign spreading malware-equipped Microsoft Word documents that perform code …

Beware, If you are using S/MIME protocol over Microsoft Outlook to encrypt your email communication, you need to watch out. From at least last 6 months, your messages were being sent in both encrypted and unencrypted forms, exposing all your secret and sensitive communications to potential eavesdroppers. S/MIME, or Secure/Multipurpose Internet Mail Extensions, is an end-to-end encryption …