RSS ze světa hackingu


How to Audit Password Changes in Active Directory

Today's admins certainly have plenty on their plates, and boosting ecosystem security remains a top priority. On-premises, and especially remote, accounts are gateways for accessing critical information. Password management makes this possible. After all, authentication should ensure that a user is whom they claim to be. This initial layer of security is crucial for protecting one's entire…

Datum: 4. 2. 2021

Beware: New Matryosh DDoS Botnet Targeting Android-Based Devices

A nascent malware campaign has been spotted co-opting Android devices into a botnet with the primary purpose of carrying out distributed denial-of-service (DDoS) attacks. Called "Matryosh" by Qihoo 360's Netlab researchers, the latest threat has been found reusing the Mirai botnet framework and propagates through exposed Android Debug Bridge (ADB) interfaces to infect Android devices and ensnare…

Datum: 4. 2. 2021

Why Human Error is #1 Cyber Security Threat to Businesses in 2021

Phishing and Malware Among the major cyber threats, the malware remains a significant danger. The 2017 WannaCry outbreak that cost businesses worldwide up to $4 billion is still in recent memory, and other new strains of malware are discovered on a daily basis. Phishing has also seen a resurgence in the last few years, with many new scams being invented to take advantage of unsuspecting…

Datum: 4. 2. 2021

Critical Bugs Found in Popular Realtek Wi-Fi Module for Embedded Devices

Major vulnerabilities have been discovered in the Realtek RTL8195A Wi-Fi module that could have been exploited to gain root access and take complete control of a device's wireless communications. The six flaws were reported by researchers from Israeli IoT security firm Vdoo. The Realtek RTL8195A module is a standalone, low-power-consumption Wi-Fi hardware module targeted at embedded devices used…

Datum: 4. 2. 2021

Over a Dozen Chrome Extensions Caught Hijacking Google Search Results for Millions

New details have emerged about a vast network of rogue extensions for Chrome and Edge browsers that were found to hijack clicks to links in search results pages to arbitrary URLs, including phishing sites and ads. Collectively called "CacheFlow" by Avast, the 28 extensions in question — including Video Downloader for Facebook, Vimeo Video Downloader, Instagram Story Downloader, VK Unblock — made…

Datum: 3. 2. 2021

3 New Severe Security Vulnerabilities Found In SolarWinds Software

Cybersecurity researchers on Wednesday disclosed three severe security vulnerabilities impacting SolarWinds products, the most severe of which could have been exploited to achieve remote code execution with elevated privileges. Two of the flaws (CVE-2021-25274 and CVE-2021-25275) were identified in the SolarWinds Orion Platform, while a third separate weakness (CVE-2021-25276) was found in the…

Datum: 3. 2. 2021

Guide: How Security Consolidation Helps Small Cybersecurity Teams

The dynamic nature of cybersecurity, the changes in the threat landscape, and the expansion of the attack surface lead organizations to add more security solutions—from different vendors—creating a layered security infrastructure that introduces new challenges to any team, with a much more significant impact on small ones. And yet, sophisticated attacks continue to bypass these advanced security…

Datum: 3. 2. 2021

A New Linux Malware Targeting High-Performance Computing Clusters

High-performance computing clusters belonging to university networks as well as servers associated with government agencies, endpoint security vendors, and internet service providers have been targeted by a newly discovered backdoor that gives attackers the ability to execute arbitrary commands on the systems remotely. Cybersecurity firm ESET named the malware "Kobalos" — a nod to a "mischievous…

Datum: 3. 2. 2021

Agent Tesla Malware Spotted Using New Delivery & Evasion Techniques

Security researchers on Tuesday uncovered new delivery and evasion techniques adopted by Agent Tesla remote access trojan (RAT) to get around defense barriers and monitor its victims. Typically spread through social engineering lures, the Windows spyware not only now targets Microsoft's Antimalware Scan Interface (AMSI) in an attempt to defeat endpoint protection software, it also employs a…

Datum: 2. 2. 2021

Data Breach Exposes 1.6 Million Jobless Claims Filed in the Washington State

The Office of the Washington State Auditor (SAO) on Monday said it's investigating a security incident that resulted in the compromise of personal information of more than 1.6 million people who filed for unemployment claims in the state in 2020. The SAO blamed the breach on a software vulnerability in Accellion's File Transfer Appliance (FTA) service, which allows organizations to share…

Datum: 2. 2. 2021

Stránky: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270