1. Startseite


Webseiten News

News vom: 29.10.2017 um 22:13 Uhr

Hallo liebe TSecurity Gemeinde, heute war TSecurity zu große Teilen Offline. Ich bitte das zu entschuldigen.

Das Problem lag am gitlab-Server welcher nginix VHOST Container überschrieben hatte ohne das ich dies bemerkt habe.

Folge uns auf Twitter um einen Echtzeit-Stream zu erhalten. Updates alle 5 Minuten!

Weitere News Beiträge ansehen: Webseiten News (22)

Startseite und alle Kategorien


EU-DSGVO: Innentäter abwehren, nicht Mitarbeiter überwachen

IT Security Nachrichten vom 18.02.2018 um 05:45 Uhr | Quelle searchsecurity.de
Die Datenschutz-Grundverordnung und das neue Bundes-Datenschutzgesetz sehen einen besonderen Datenschutz für Beschäftigte vor. Aktuelle Gerichtsurteile bestärken dies.

Weiterlesen Artikel ansehen

#0daytoday #Microsoft Windows 10 - CiSetFileCache TOCTOU Security Feature Bypass Vulnerability [#0day #Exploit]

PoC vom 20.11.2017 um 23:18 Uhr | Quelle 0day.today

Weiterlesen Artikel ansehen

An Ethereum Startup Just Vanished After People Invested $374K

IT Security Nachrichten vom 20.11.2017 um 23:00 Uhr | Quelle news.slashdot.org
An anonymous reader quotes a report from Motherboard: A startup on the Ethereum platform vanished from the internet on Sunday after raising $374,000 USD from investors in an Initial Coin Offering (ICO) fundraiser. Confido is a startup that pitched itself as a blockchain-based app for making payments and tracking shipments. It sold digital tokens to investors over the Ethereum blockchain in an ICO that ran from November 6 to 8. During the token sale, Confido sold people bespoke digital tokens that represent their investment in exchange for ether, Ethereum's digital currency. But on Sunday, the company unceremoniously deleted its Twitter account and took down its website. A company representative posted a brief comment to the company's now-private subforum on Reddit, citing legal problems that prevent the Confido team from continuing their work. The same message was also posted to Medium but quickly deleted. "Right now, we are in a tight spot, as we are having legal trouble caused by a contract we signed," the message stated (a cached version of the Medium post is viewable). "It is likely that we will be able to find a solution to rectify the situation. However, we cannot assure you with 100% certainty that we will get through this." The message was apparently written by Confido's founder, one Joost van Doorn, who seems to have no internet presence besides a now-removed LinkedIn profile. Even the Confido representative on Reddit doesn't seem to know what's going on, though, posting hours after the initial message, "Look I have absolutely no idea what has happened here. The removal of all of our social media platforms and website has come as a complete surprise to me." Confido tokens had a market cap of $10 million last week, before the company disappeared, but now the tokens are worthless. And investors are crying foul.

Read more of this story at Slashdot.

Weiterlesen Artikel ansehen

Google Play Referrer API: Track and measure your app installs easily and securely

Android Tipps vom 20.11.2017 um 22:49 Uhr | Quelle feedproxy.google.com
Posted by Neto Marin, Developer Advocate

Understanding how people find your app and what they do once they've installed it is crucial to helping you make the right product and marketing decisions. This is especially important when you're deciding your advertising strategy and budget. Today many app measurement companies and ad networks offer ad attribution solutions based on referral data. As such accurate install referral data is vital for correctly attributing app installs, as well as discounting fraudulent attempts for install credit.

To help you obtain more accurate and reliable data about your installs, we're introducing the Google Play Install Referrer API, a reliable way to securely retrieve install referral content. Using this API, your app will get precise information straight from the Play Store, including:

  • The referrer URL of the installed package.
  • The timestamp, in seconds, of when the referrer click happened.
  • The timestamp, in seconds, of when the installation began.

We've tested the API with our App Attribution Program partners including Adjust, AppsFlyer, Singular and TUNE.

"The new Play API provides us with the data we need to effectively detect and prevent click injection; it's a monumental step in securing a crucial information exchange on Android."

- Paul Müller, CTO & Co-Founder, Adjust

"The new Google Play API introduces fresh insights into both mobile ad fraud and the mobile user journey, two key domains with impact across the ecosystem."

- Elad Mashiach, VP, AppsFlyer

"Google's new API is a game changer that will help marketing analytics platforms like Singular identify and prevent a significant portion of Ad Fraud, and provide security and accuracy to mobile advertisers"

- Gadi Eliashiv, CEO & Co-Founder, Singular

"This new data from Google Play is essential for marketers who demand accountability out of their mobile app install advertising spend. At TUNE, this data is allowing us to outright eliminate entire forms of mobile app install fraud while providing new insight into how mobile app installs are driven."

– Dan Koch, Chief Technical Officer, TUNE

Starting today, the API works with the Play Store app from version 8.3.73 and later for all developers.

Play Install Referrer Library 1.0 now available

To make it easy to integrate the Install Referrer API, we've released the Install Referrer Library 1.0 for Android. The library is available in our Maven repository. To start using it, add the following dependency to your app module build.gradle file:

dependencies {
          compile 'com.android.installreferrer:installreferrer:1.0'

All communication with the Play Store app happens through a Service, so the first step is to establish the connection between your app and the Play Store. Also, to receive the connection result and updates it's necessary to implement a listener, InstallReferrerStateListener. This listener could be your current Activity or any other class you want to use:

public class MainActivity extends AppCompatActivity 
    implements InstallReferrerStateListener {

Now that you have an InstallReferrerStateListener, you can start binding your app to the Play Store app service. To establish the connection, you must build an InstallReferrerClient instance and call the startConnection() method:

InstallReferrerClient mReferrerClient
mReferrerClient = newBuilder(this).build();

Then, handle the connection result in the onInstallReferrerSetupFinished() method. If the connection is OK, the app can retrieve install referrer information, by calling the getInstallReferrer() method:

public void onInstallReferrerSetupFinished(int responseCode) {
   switch (responseCode) {
       case InstallReferrerResponse.OK:
           try {
               Log.v(TAG, "InstallReferrer conneceted");
               ReferrerDetails response = mReferrerClient.getInstallReferrer();
           } catch (RemoteException e) {
       case InstallReferrerResponse.FEATURE_NOT_SUPPORTED:
           Log.w(TAG, "InstallReferrer not supported");
       case InstallReferrerResponse.SERVICE_UNAVAILABLE:
           Log.w(TAG, "Unable to connect to the service");
           Log.w(TAG, "responseCode not found.");

For more details about the new API and the client library, visit the Install Referrer Client Library page and the reference documentation.

Other Implementations

If you are not able to use our client library, you can use the AIDL interface and establish the connection with Google Play Store on your own. Check out the IGetInstallReferrerService AIDL reference for details of the methods and the service specification.

What's next?

Check out the Play Install Referrer API documentation for details about the new API, the library's reference docs, and our Quick Start guide.

Weiterlesen Artikel ansehen

Aktion: Brütal Legend kostenlos im Humble Store [Notiz]

Nachrichten vom 20.11.2017 um 22:29 Uhr | Quelle computerbase.de

Die Steam-Version von Tim Schafers Brütal Legend wird noch rund 45 Stunden lang kostenlos im Humble Store angeboten. Der Titel versucht sich an einer Mischung aus Action- und Strategiesequenzen. Seine eigentliche Qualität liegt jedoch in der Parodie auf Rock- und Metalgrößen – sowie einem erstklassigen, riesigen Soundtrack.

Weiterlesen Artikel ansehen

Amazon Launches a Cloud Service For US Intelligence Agencies

IT Security Nachrichten vom 20.11.2017 um 22:20 Uhr | Quelle hardware.slashdot.org
Amazon Web Services on Monday introduced cloud service for the CIA and other members of the U.S. intelligence community. From a report: The launch of the so-called AWS Secret Region comes six years after AWS introduced GovCloud, its first data center region for public sector customers. AWS has since announced plans to expand GovCloud. The new Secret Region signals interest in using AWS from specific parts of the U.S. government. In 2013 news outlets reported on a $600 million contract between AWS and the CIA. That event singlehandledly helped Amazon in its effort to sign up large companies to use its cloud, whose core services have been available since 2006.

Read more of this story at Slashdot.

Weiterlesen Artikel ansehen

CCleaner jetzt mit Werbung: Avast Antivirus wird mit installiert

IT Security Nachrichten vom 20.11.2017 um 22:11 Uhr | Quelle winfuture.de
Tool, Ccleaner, Wartung, festplattenanalyse Der Softwarehersteller Avast hat nach der Übernahme des kleineren Anbieters Piriform begonnen, dessen beliebtes Tool CCleaner zu Werbezwecken zu nutzen, um so die hauseigene kostenlose Antivirus-Lösung an den Mann zu bringen. Ab sofort wird bei der Installation von CCleaner automatisch Avast Antivirus mitinstalliert - es sei denn der Nutzer greift ein. (Weiter lesen)

Weiterlesen Artikel ansehen

Getting Back into 3D Printing - Hak5 2310

IT Security Video vom 20.11.2017 um 21:45 Uhr | Quelle youtube.com

Weiterlesen Artikel ansehen

Apple Could Have Brought a Big iPhone X Feature To Older iPhone But Didn't, Developer Says

IT Security Nachrichten vom 20.11.2017 um 21:40 Uhr | Quelle mobile.slashdot.org
Steven Troughton-Smith, a prominent iOS developer best known for combing new software codes for references for upcoming features, over the weekend indicated that portrait mode lighting effects, a major feature in the current iPhone generation -- iPhone 8 Plus, and iPhone X, could technically be added to iPhone 7 Plus from last year. The feature works like this: you take a picture, go to the photos app on your new iPhone and play with the "Lighting" effects. He writes: So yeah you just need to hexedit the metadata in the HEIC. Not quite sure where, I copied a whole section from an iPhone X Portrait Mode photo and it worked. Original photo taken on 7 Plus on iOS 11. Someone could automate this. Just to add insult to injury, if you AirDrop that photo back to the iPhone 7 Plus now it shows the Portrait Lighting UI, and lets you change mode. So Portrait Lighting is 100% an artificial software limitation. 7 Plus photos can have it, 7 Plus can do it.

Read more of this story at Slashdot.

Weiterlesen Artikel ansehen

How To DDoS - Xerxes - The Most Powerful DoS Tool

IT Security Video vom 20.11.2017 um 21:32 Uhr | Quelle youtube.com

Weiterlesen Artikel ansehen

Staingate: Apple verlängert und erweitert MacBook-Austauschprogramm

IT Security Nachrichten vom 20.11.2017 um 21:24 Uhr | Quelle winfuture.de
Macbook, defekt, Staingate, Display-Defekt Apple verlängert noch einmal die Möglichkeit des kostenlosen Austauschs für sich ablösende Display-Beschichtungen bei verschiedenen MacBooks. Der unter dem Namen "Staingate" bekannt gewordenen Fehler scheint doch weiter verbreitet zu sein, als zunächst angenommen. (Weiter lesen)

Weiterlesen Artikel ansehen

Autonomes Fahren: Wer bei Unfällen haften soll, bleibt umstritten

Nachrichten vom 20.11.2017 um 21:22 Uhr | Quelle computerbase.de

Das Gesetz für autonomes Fahren hatte die Große Koalition bereits Anfang des Jahres beschlossen. Was aber immer noch nicht klar ist, ist wer bei einem Unfall haftet. Selbst innerhalb der Automobilindustrie herrscht noch Uneinigkeit, zeigt eine Studie des IT-Branchenverbands Bitkom.

Weiterlesen Artikel ansehen


Hacking vom 20.11.2017 um 21:08 Uhr | Quelle zone-h.org
http://www.rdcyusipang.gov.bt notified by ErrOr SquaD

Weiterlesen Artikel ansehen

It was El Reg wot won it: Bing banishes bogus Brit bank banner ad

IT Security Nachrichten vom 20.11.2017 um 21:06 Uhr | Quelle go.theregister.com

Link to fake TSB site canned after we help raise alarm

Microsoft has axed a Bing search result advert that masqueraded as a legit online banking website – but was in fact a sophisticated phishing operation.…

Weiterlesen Artikel ansehen

USN-3483-1: procmail vulnerability

Unix Server vom 20.11.2017 um 21:06 Uhr | Quelle ubuntu.com

Ubuntu Security Notice USN-3483-1

20th November, 2017

procmail vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 17.10
  • Ubuntu 17.04
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS


formail could be made to crash or run programs if it processed specially crafted mail.

Software description

  • procmail - Versatile e-mail processor


Jakub Wilk discovered that the formail tool incorrectly handled certain
malformed mail messages. An attacker could use this flaw to cause formail
to crash, resulting in a denial of service, or possibly execute arbitrary

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 17.10:
procmail 3.22-25ubuntu0.17.10.1
Ubuntu 17.04:
procmail 3.22-25ubuntu0.17.04.1
Ubuntu 16.04 LTS:
procmail 3.22-25ubuntu0.16.04.1
Ubuntu 14.04 LTS:
procmail 3.22-21ubuntu0.2

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.



Weiterlesen Artikel ansehen

Eric Schmidt Says Google News Will 'Engineer' Russian Propaganda Out of the Feed

IT Security Nachrichten vom 20.11.2017 um 21:00 Uhr | Quelle tech.slashdot.org
Justin Ling, writing for Motherboard: Eric Schmidt, Executive Chariman of Alphabet, says the company is working to ferret out Russian propaganda from Google News after facing criticism that Kremlin-owned media sites had been given plum placement on the search giant's news and advertising platforms. "We're well aware of this one, and we're working on detecting this kind of scenario you're describing and deranking those kinds of sites," Schmidt said, after being asked why the world's largest search company continued to classify the Russian sites as news. Schmidt, in an interview at the Halifax International Security Forum over the weekend, name-checked two state-owned enterprises. "It's basically RT and Sputnik," Schmidt added. "We're well aware and we're trying to engineer the systems to prevent it."

Read more of this story at Slashdot.

Weiterlesen Artikel ansehen

Wi-Fi Encryption - Secure Digital Life #39

IT Security Video vom 20.11.2017 um 20:57 Uhr | Quelle youtube.com

Weiterlesen Artikel ansehen

BMW i3: Crashtest führt zu US-Verkaufsstopp und Rückrufaktion

IT Security Nachrichten vom 20.11.2017 um 20:56 Uhr | Quelle winfuture.de
BMW, Elektroauto, I3 BMW ruft alle in den USA verkauften i3s zurück und wird den Vertrieb bis auf weiteres einzufrieren. Das Fahrzeug konnte die strengen Vorgaben eines Crashtests nicht erfüllen, bei dem eine nicht angeschnallte Dummy-Puppe zum Einsatz kommt. (Weiter lesen)

Weiterlesen Artikel ansehen


Hacking vom 20.11.2017 um 20:50 Uhr | Quelle zone-h.org
http://www.nationalmuseum.gov.bt notified by ErrOr SquaD

Weiterlesen Artikel ansehen


Hacking vom 20.11.2017 um 20:49 Uhr | Quelle zone-h.org
http://www.cfm.gov.bt notified by ErrOr SquaD

Weiterlesen Artikel ansehen

Amazon Echo and Google Home patched against BlueBorne threat

IT Security Nachrichten vom 20.11.2017 um 20:42 Uhr | Quelle nakedsecurity.sophos.com
The attack doesn't require the targeted to be paired to the attacker’s device, or to be in discoverable mode

Weiterlesen Artikel ansehen

Windows 10 S: Laptops mit dem neuen Betriebssystem jetzt ab 179 Euro

IT Security Nachrichten vom 20.11.2017 um 20:35 Uhr | Quelle winfuture.de
Windows 10, Logo, Schule, Bildung, Windows 10 S Microsoft hat Windows 10 S bereits mit dem Surface Laptop eingeführt, doch bisher ließen die Geräte von Drittherstellern noch immer auf sich warten. Eigentlich war von Ende Oktober als Termin für die Verfügbarkeit die Rede, doch daraus wurde nichts. Jetzt ist es soweit, denn die ersten Laptops und sogar 2-in-1-Geräte mit Windows 10 S sind im deutschen Handel angekommen. (Weiter lesen)

Weiterlesen Artikel ansehen

Windows 10 S: Laptops mit dem neuen Betriebssystem jetzt ab 179 Euro

Nachrichten vom 20.11.2017 um 20:35 Uhr | Quelle winfuture.de
Windows 10, Logo, Schule, Bildung, Windows 10 SMicrosoft hat Windows 10 S bereits mit dem Surface Laptop eingeführt, doch bisher ließen die Geräte von Drittherstellern noch immer auf sich warten. Eigentlich war von Ende Oktober als Termin für die Verfügbarkeit die Rede, doch daraus wurde nichts. Jetzt ist es soweit, denn die ersten Laptops und sogar 2-in-1-Geräte mit Windows 10 S sind ... (Weiter lesen)

Weiterlesen Artikel ansehen

Secureworks Releases Open Source IDS Tools

IT Security Nachrichten vom 20.11.2017 um 20:31 Uhr | Quelle feedproxy.google.com

Secureworks has released two open source tools, Flowsynth and Dalton, designed to help analysts test rules for intrusion detection systems (IDS) and intrusion prevention systems (IPS) such as Snort and Suricata.

read more

Weiterlesen Artikel ansehen

Plump & dreist: BankBot-Trojaner nimmt deutsche Konten ins Visier

IT Security Nachrichten vom 20.11.2017 um 20:31 Uhr | Quelle winfuture.de
Google, Play Store, Android 8, Play Protect Sicherheitsforscher warnen, dass der Trojaner BankBot auch deutsche Nutzer von Online-Banking-Apps ins Visier nimmt. Um der Schadsoftware, die sich in kleinen Android-Apps versteckt, zum Opfer zu fallen, müssen wie so oft aber viele Warnhinweise übersehen werden. (Weiter lesen)

Weiterlesen Artikel ansehen

BlackBerry: The Most Important Mobile Company of the Future?

Nachrichten vom 20.11.2017 um 20:24 Uhr | Quelle technewsworld.com
If you are like many, when you saw this headline you likely were surprised BlackBerry was still around. As BlackBerry phones left the market, the company fell out of sight. However, behind the scenes it has been moving into industries like automotive. Also, it remains the leading vendor providing mobile security to our politicians, military personnel and major corporations.

Weiterlesen Artikel ansehen

Dark Side of Gig Economy: Some Instacart Workers Go On Strike Over Pay That Can Be as Low as $1 Per Hour

IT Security Nachrichten vom 20.11.2017 um 20:20 Uhr | Quelle news.slashdot.org
From a report: Instacart shoppers and drivers -- the people who gather your groceries and deliver them to you after you order via the Instacart app -- are on strike. While independent contractors can't technically strike, via a Facebook group some of the company's thousands of employees have organized a "no delivery day" in the hopes of getting higher wages, the San Francisco Chronicle reports. The strike is only taking place in a few of the 154 cities nationwide that Instacart operates in. The action may be small, but the grievances are big. While Instacart, the 5-year-old San Francisco startup, is valued at $3.4 billion, it allegedly pays its workers as little as $1 per order. Ars Technica has a great breakdown of all the issues surrounding how Instacart employees get paid and it's complex, with three different income streams coming together Voltron-like to form a wage. The result, though, is that some shoppers are being paid less than the federal minimum wage, like a Jackson, Miss., worker who put in a 19-hour week in Jackson, Mississippi, that paid out $37.75 (roughly $2/hour). That's far below the $14/hour wage that Ars Technica says Instacart is targeting.

Read more of this story at Slashdot.

Weiterlesen Artikel ansehen

Bipartisan Harvard-Gremium empfiehlt, Sicherheitsvorkehrungen für Wahlen zu hacken.

Hacking vom 20.11.2017 um 20:18 Uhr | Quelle google.com
SAN FRANCISCO, 20. November – Ein überparteiliches Projekt der Harvard University, das darauf abzielt, Wahlen vor Hacking und Propaganda zu schützen, wird heute seine ersten Empfehlungen veröffentlichen, wie US-Wahlen vor Hacking-Angriffen geschützt werden können. Der 27-seitige ...

Weiterlesen Artikel ansehen

Dealing With Data Loss Your Firewall Can't Stop

IT Security Nachrichten vom 20.11.2017 um 20:12 Uhr | Quelle feedproxy.google.com

Information security is built on the pillars of confidentiality, integrity, and availability. Confidentiality is about making sure your secrets stay secret.

read more

Weiterlesen Artikel ansehen


Hacking vom 20.11.2017 um 20:12 Uhr | Quelle zone-h.org
http://www.mfd.gov.np notified by Dark Terr0rist

Weiterlesen Artikel ansehen

Walking Dead - Staffel 8: Vorschau so geht es in Episode 6 weiter (S08E06)

Nachrichten vom 20.11.2017 um 20:00 Uhr | Quelle feedproxy.google.com
In der 5. Episode der 8. Staffel von The Walking Dead erlebten wir den Angriff auf das Sanctuary aus Sicht der Saviors. In Folge 6 "The King, the Widow, and Rick" werden wir nächste Woche nicht nur Rick, sondern auch einige Charaktere wiedersehen, die wir lange nicht gesehen haben. Dieser Artikel wurde einsortiert unter The Walking Dead (TV-Serie).

Weiterlesen Artikel ansehen

AMD Epyc: HPE Gen10 Server DL385 stellt neue Weltrekorde auf

Nachrichten vom 20.11.2017 um 19:47 Uhr | Quelle zdnet.de
Die SPECrate-Rekorde wurden mit einem Zwei-Sockel-System und dem AMD-Flaggschiff Epyc 7601 erzielt. Der Serverprozessor punktet mit 32 Rechenkernen, 64 Threads, großer Speicherbandbreite und High-Speed-I/O. HPE ProLiant DL385 Gen10 Server mit AMD Epyc kommt im Dezember 2017.

Weiterlesen Artikel ansehen

Another Tor Browser Feature Makes It Into Firefox: First-Party Isolation

IT Security Nachrichten vom 20.11.2017 um 19:41 Uhr | Quelle news.slashdot.org
An anonymous reader writes: Unbeknown to most users, Mozilla added a privacy-enhancing feature to the Firefox browser over the summer that can help users block online advertisers from tracking them across the Internet. The feature is named First-Party Isolation (FPI) and was silently added to the Firefox browser in August, with the release of Firefox 55. FPI works by separating cookies on a per-domain basis. This is important because most online advertisers drop a cookie on the user's computer for each site the user visits and the advertisers loads an ad. With FPI enabled, the ad tracker won't be able to see all the cookies it dropped on that user's PC, but only the cookie created for the domain the user is currently viewing. This will force the ad tracker to create a new user profile for each site the user visits and the advertiser won't be able to aggregate these cookies and the user's browsing history into one big fat profile. This feature was first implemented in the Tor Browser, a privacy-focused fork of the Firefox browser managed by the Tor Project, where it is known as Cross-Origin Identifier Unlinkability. FPI was added to Firefox as part of the Tor Uplift project, an initiative to bolster the Firefox codebase with some of the Tor Browser's unique privacy-focused features. The feature is not enabled by default. Information on how to enable it is in the linked article.

Read more of this story at Slashdot.

Weiterlesen Artikel ansehen

US intelligence can’t break vulnerability hoarding habit

IT Security Nachrichten vom 20.11.2017 um 19:28 Uhr | Quelle nakedsecurity.sophos.com
Vulnerabilities: keep them secret as a weapon against the bad guys or tell the world so we can all get patched?

Weiterlesen Artikel ansehen

Verwirrung um Apps: iPhone & iPad und Co. erhalten Update-Flut

IT Security Nachrichten vom 20.11.2017 um 19:25 Uhr | Quelle winfuture.de
Apple, Apps, App Store, Appstore Viele Nutzer von iPhone, iPad und AppleTV erleben seit dem Wochenende eine Flut an Updates, die für Apps über den App Store ausgeliefert werden. Da die Entwickler aber keine Neuerungen bereitgestellt haben, hat wohl Apple bei den Anwendungen Zertifikate erneuert. (Weiter lesen)

Weiterlesen Artikel ansehen


Seite 1 von 6.592 Seiten (Bei Beitrag 1 - 35)
230.708x Beiträge in dieser Kategorie

Nächste 2 Seite | Letzte Seite

Folge uns auf Twitter um einen Echtzeit-Stream zu erhalten. Updates alle 5 Minuten!

Die Webseite benutzt einen Cache von 10-15 Minuten