RSS ze světa hackingu


36-Year-Old SCP Clients' Implementation Flaws Discovered

A set of 36-year-old vulnerabilities has been uncovered in the Secure Copy Protocol (SCP) implementation of many client applications that can be exploited by malicious servers to overwrite arbitrary files in the SCP client target directory unauthorizedly. Session Control Protocol (SCP), also known as secure copy, is a network protocol that allows users to securely transfer files between a …

Datum: 15. 1. 2019

How to Secure Your Mid-Size Organization From the Next Cyber Attack

If you are responsible for the cybersecurity of a medium-sized company, you may assume your organization is too small to be targeted. Well, think again. While the major headlines tend to focus on large enterprises getting breached – such as Sony, Equifax, or Target the actual reality is that small and mid-sized companies are experiencing similar threats. According to Verizon’s 2018 Data …

Datum: 15. 1. 2019

Unpatched vCard Flaw Could Let Hackers Compromise Your Windows PCs

A zero-day vulnerability has been discovered and reported in the Microsoft's Windows operating system that, under a certain scenario, could allow a remote attacker to execute arbitrary code on Windows machine. Discovered by security researcher John Page (@hyp3rlinx), the vulnerability was reported to the Microsoft security team through Trend Micro's Zero Day Initiative (ZDI) Program over 6 …

Datum: 15. 1. 2019

Police Can't Force You To Unlock Your Phone Using Face or Fingerprint Scan

Can feds force you to unlock your iPhone or Android phone? ..."NO" A Northern California judge has ruled that federal authorities can't force you to unlock your smartphone using your fingerprints or other biometric features such as facial recognition—even with a warrant. The ruling came in the case of two unspecified suspects allegedly using Facebook Messenger to threaten a man with the …

Datum: 15. 1. 2019

Does WhatsApp Has A Privacy Bug That Could Expose Your Messages?

In-short conclusion—Whatsapp service or its 45-days deletion policy doesn't seem to have a bug. For detailed logical explanation, please read below. An Amazon employee earlier today tweeted details about an incident that many suggests could be a sign of a huge privacy bug in the most popular end-to-end encrypted Whatsapp messaging app that could expose some of your secret messages under …

Datum: 11. 1. 2019

DDoSing Hospital Networks Landed This Hacktivist in Jail for Over 10 Years

A simple DDoS attack could land you in jail for 10 years or even more. A Massachusetts man has been sentenced to over 10 years in prison for launching DDoS attacks against the computer network of two healthcare organizations in 2014 to protest the treatment of a teenager at the centers. Beyond serving 121 months in prison, Martin Gottesfeld, 34, was also ordered by U.S. District Judge …

Datum: 11. 1. 2019

PyLocky Ransomware Decryption Tool Released — Unlock Files For Free

If your computer has been infected with PyLocky Ransomware and you are searching for a free ransomware decryption tool to unlock or decrypt your files—your search might end here. Security researcher Mike Bautista at Cisco's Talos cyber intelligence unit have released a free decryption tool that makes it possible for victims infected with the PyLocky ransomware to unlock their encrypted files …

Datum: 11. 1. 2019

Over 202 Million Chinese Job Seekers' Details Exposed On the Internet

Cybersecurity researcher has discovered online a massive database containing records of more than 202 million Chinese citizens that remained accessible to anyone on the Internet without authentication until last week. The unprotected 854.8 gigabytes of the database was stored in an instance of MongoDB, a NoSQL high performance and cross-platform document-oriented database, hosted by an …

Datum: 10. 1. 2019

New Systemd Privilege Escalation Flaws Affect Most Linux Distributions

Security researchers have discovered three vulnerabilities in Systemd, a popular init system and service manager for most Linux operating systems, that could allow unprivileged local attackers or malicious programs to gain root access on the targeted systems. The vulnerabilities, assigned as CVE-2018-16864, CVE-2018-16865, and CVE-2018-16866, actually resides in the "systemd-journald" service …

Datum: 10. 1. 2019

Hackers Using Zero-Width Spaces to Bypass MS Office 365 Protection

Security researchers have been warning about a simple technique that cybercriminals and email scammers are already being using in the wild to bypass security features of Microsoft Office 365, including Safe Links, which are originally designed to protect users from malware and phishing attacks. Safe Links has been included by Microsoft in Office 365 as part of its ATP (Advanced Threat Protection …

Datum: 10. 1. 2019

Stránky: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149