1. Startseite

ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese
Anzeige

Webseiten News

News vom: 07.09.2018 um 04:56 Uhr

Hallo Liebe Gemeinde,

habe das Caching deaktiviert damit die Webseite sich schneller aktuallisiert,

Weitere News Beiträge ansehen: Webseiten News (31)

Startseite und alle Kategorien


Suchen

System -> System Authentication/Authorization need some input

IT Security Nachrichten vom 17.10.2018 um 19:42 Uhr | Quelle reddit.com

I am looking for a good (standard) approach for system to system authentication/authorization. I have a 2-way ssl setup outside of our DMZ with a firewall only allowing a few IP addresses to access my system.

My system is a micro service (REST API Interface) which is going to have the truth about what transport tickets are currently valid, so a number of different traffic companies are (hopefully) going to register a ticket they have sold through my API.

My main concern in authorization, it should not be possible to register a ticket as someone else than exactly you ie. X should never be able to issue something in the name of Y, also X should never be able to do business interactions on the ticket such as a refund or the like on a ticket Y owns.

I would also like to check the integrity of the data, but that is a bonus (at least at the current state of the system).

The easiest solution seems to either be to do Basic Auth or some static secret API key, but I do not like either of these.

I have looked a bit into a JWT token solution, but I cannot figure out what the standard for system to system communication is, especially when a usual interaction is one POST and nothing more. So a session based login or the like seems overkill.

submitted by /u/Nicolaum
[link] [comments]
Newsbewertung

Weiterlesen

VB2018 paper: The dark side of WebAssembly

Malware / Trojaner / Viren vom 17.10.2018 um 19:40 Uhr | Quelle virusbulletin.com
Today, we publish the VB2018 paper by Symantec researchers Aishwarya Lonkar and Siddhesh Chandrayan on the security risks that come with WebAssembly.

Read more
Newsbewertung

Weiterlesen

Google Shutting Down Consumer Version of Google+

Nachrichten vom 17.10.2018 um 19:40 Uhr | Quelle eweek.com
DAILY VIDEO: Google+ is updated for enterprise users as the consumer version shuts down, and IBM opens up a series of security, AI and cloud initiatives.
Newsbewertung

Weiterlesen

100 MBit/s: Netcologne beginnt mit Vectoring im Nahbereich

Nachrichten vom 17.10.2018 um 19:33 Uhr | Quelle golem.de
Nicht nur die Telekom hat beim Vectoring-Ausbau der Kabelverzweiger am Straßenrand den Zuschlag erhalten. Netcologne aus Köln beginnt nun auch und verlegt dabei 25 Kilometer Glasfaserleitungen, erklärt Geschäftsführer Timo von Lepel. (Glasfaser, Internet)
Newsbewertung

Weiterlesen

(ISC)2 Report Finds Cybersecurity Workforce Gap Has Increased To More Than 2.9 Million Globally

IT Security Nachrichten vom 17.10.2018 um 19:30 Uhr | Quelle informationsecuritybuzz.com

Despite 59% of cybersecurity professionals saying the widening workforce gap puts their organizations at risk, a majority of workers report strong job satisfaction and are focused on developing new skills (ISC)² – the world’s largest nonprofit association of certified cybersecurity professionals – today announced the findings of the 2018 (ISC)2 Cybersecurity Workforce Study. The research shows a widening …

The ISBuzz Post: This Post (ISC)2 Report Finds Cybersecurity Workforce Gap Has Increased To More Than 2.9 Million Globally appeared first on Information Security Buzz.


Newsbewertung

Weiterlesen

Information of 396K Users Exposed in Facepunch Data Breach

IT Security Nachrichten vom 17.10.2018 um 19:29 Uhr | Quelle news.softpedia.com
As reported by Troy Hunt's Have I Been Pwned breach notification service, the Facepunch game studio was the victim of a data breach in June 2016 which led to sensitive information of 396,650 users being exposed. Facepunch is a game development studio based in Wallsall, UK, known for developing the Rust survival game and the Garry's Mod physics sandbox. The Have I Been Pwned (HIBP) service was created by Troy hunt as a repository of all the data leaked in security breaches made public, with passwords being removed from the information stored in HIBP's database. HIBP can also automatically notify you when your e-mail address appears in a database stolen after a data breach. According to the e-mail sent by Have I Been Pwned to all users who had their data leaked in the Facepunch data breach, "The breached data included usernames, email and IP addresses, dates of birth and salted MD5 password hashes." ...
Newsbewertung

Weiterlesen

Is it safe to enable ACS ( D-Link Modem ) ? ISP operator said it's good to enable it.

IT Security Nachrichten vom 17.10.2018 um 19:22 Uhr | Quelle reddit.com

Hi

Can they access my PC or I don't know steal my information when it's enabled ?

submitted by /u/Artaherzadeh
[link] [comments]
Newsbewertung

Weiterlesen

Have you ever used or are you considering to use a Virtual Private Network (VPN) soon?

IT Security Nachrichten vom 17.10.2018 um 19:22 Uhr | Quelle reddit.com

Please take our question survey to help us understand how people decide to use Virtual Private Networks? https://clemson.ca1.qualtrics.com/jfe/form/SV_5A6BFnJtEDJhMkR

submitted by /u/PersonalRespond
[link] [comments]
Newsbewertung

Weiterlesen

A serious bug in libssh could allow crooks to connect to your server – with no password requested or required. here’s what you need to know.

IT Security Nachrichten vom 17.10.2018 um 19:21 Uhr | Quelle reddit.com
A serious bug in libssh could allow crooks to connect to your server – with no password requested or required. here’s what you need to know. submitted by /u/RonaldvanderMeer
[link] [comments]

Newsbewertung

Weiterlesen

Gegen lahmes Konsolen-Tippen: Microsoft patentiert rundes Keyboard

IT Security Nachrichten vom 17.10.2018 um 19:19 Uhr | Quelle winfuture.de
Microsoft, Konsole, Spielkonsole, Xbox, Xbox One, Microsoft Xbox One, Controller, Xbox One Controller, Xbox Controller, Afterglow Texteingaben mit Controllern sind trotz verschiedener Entwicklungen meist sehr kompliziert. In einem neuen Patent beschreibt jetzt Microsoft eine Lösung, die Buchstaben und Zahlen in einem Kreis anordnet, je nach Eingabe soll sich diese Oberfläche dann automatisch anpassen, um ein noch effektiveres Tippen zu ermöglichen. (Weiter lesen)
Newsbewertung

Weiterlesen

Material Components, Material.io, and Theming (The Boring Flutter Development Show, Ep. 9)

Videos vom 17.10.2018 um 19:18 Uhr | Quelle youtube.com

Newsbewertung

Weiterlesen

Volksbegehren für mehr Videoüberwachung: Berliner Senat lässt Zulässigkeit prüfen

Nachrichten vom 17.10.2018 um 19:18 Uhr | Quelle netzpolitik.org
(Symbolbild Berlin) Gemeinfrei-ähnlich freigegeben durch unsplash.com Luca Bracco1000 Kameras an bis zu 50 Orten in Berlin will das "Aktionsbündnis für mehr Videoaufklärung und Datenschutz" über ein Volksbegehren durchsetzen. Der Berliner Senat stuft das Vorhaben als unzulässig ein und gibt den Fall an den Verfassungsgerichtshof weiter.
Newsbewertung

Weiterlesen

Apple's privacy portal now lets US customers download their data

IT Security Nachrichten vom 17.10.2018 um 19:14 Uhr | Quelle cnet.com
The company has already made the portal available in Europe.
Newsbewertung

Weiterlesen

libssh Authentication Bypass Makes it Trivial to Pwn Rafts of Servers

IT Security Nachrichten vom 17.10.2018 um 19:08 Uhr | Quelle threatpost.com
The flaw affects thousands of servers; but GitHub, a major libssh user, is unaffected.
Newsbewertung

Weiterlesen

35 Million US Voter Registration Records Found for Sale on Dark Web

IT Security Nachrichten vom 17.10.2018 um 19:04 Uhr | Quelle tripwire.com

Weeks before the November midterm elections, roughly 35 million U.S. voter registration records from 19 states have appeared for sale on the dark web.  Researchers from Anomali Labs and Intel 471 discovered the data for sale, which reportedly includes voters’ “full name, phone numbers, physical addresses, voting history, and other unspecified voting data.” Just three […]… Read More

The post 35 Million US Voter Registration Records Found for Sale on Dark Web appeared first on The State of Security.


Newsbewertung

Weiterlesen

FBI Releases Document with Measures for Defending Against Payroll Phishing Scams

IT Security Nachrichten vom 17.10.2018 um 18:56 Uhr | Quelle news.softpedia.com
The Federal Bureau of Investigation (FBI) has released a document describing the measures companies and their employees can take to avoid being the victims of payroll phishing scams. Phishing attacks are used by crooks to target random victims on the Internet with malware or specific targets of high interest such as financial department employees with access to money transfer operations. This type of security attack can be performed by bad actors either via e-mail messages containing malicious links or attachments or via maliciously crafted websites designed to pose as a trusted entity and to ask for sensitive information. The payroll phishing scams described in FBI's "Building a Digital Defense Against Payroll Phishing Scams" article are targeting a company's direct deposit transactions, stealing...
Newsbewertung

Weiterlesen

It isn't possible to sign out on the Uber Eats app.

IT Security Nachrichten vom 17.10.2018 um 18:54 Uhr | Quelle reddit.com

When I log out of Uber Eats on Android, I am still able to log in again without a password.

submitted by /u/MillennialNo365
[link] [comments]
Newsbewertung

Weiterlesen

Seattle Startup Vets Takes on Google with Helm, a New $499 Personal Email Server

IT Security Nachrichten vom 17.10.2018 um 18:53 Uhr | Quelle yro.slashdot.org
A Seattle-area startup is aiming to take on giants such as Google and change the way we do email with a new physical personal email server. From a report: Helm today unveiled its $499 device that lets consumers send and receive email from their own domain, in addition to saving contacts and calendar events. It's a bold bet that aims to provide comfort at a time when privacy and security issues related to personal data hosted by big tech companies in the cloud are top of mind. The idea comes from Giri Sreenivas and Dirk Sigurdson, two entrepreneurs who already sold a security startup and raised a $4 million seed round from top venture capital firms last year. The device is about the size of a router and looks like an upside-down book placed on a table. It connects to a home network and pairs with a mobile app that lets users create their own domain name, passwords, and recovery keys. Helm support standard protocols and works with regular email clients such as Outlook or the Mail app, with encryption protecting connection between the device and the apps.

Read more of this story at Slashdot.


Newsbewertung

Weiterlesen

Vulkan SDK for Ubuntu Linux made easier with Native Linux Packaging!

Linux Tipps vom 17.10.2018 um 18:50 Uhr | Quelle reddit.com

LunarG now delivers native Ubuntu Linux packages for all the elements in the Vulkan SDK and also continues to provide the Linux SDK tarball. Follow the Ubuntu Packages link on the LunarXchange SDK web page to gain access to the native Ubuntu Linux packages.

submitted by /u/LunarGInc
[link] [comments]
Newsbewertung

Weiterlesen

Crypto Wars: Google fordert das FBI mit neuer Android-Verschlüsselung heraus

Nachrichten vom 17.10.2018 um 18:48 Uhr | Quelle heise.de
Google macht Ernst mit der Ende-zu-Ende-Verschlüsselung bei Android-Backups in der Cloud und schürt damit Ängste von Strafverfolgern vor einem "Going Dark".
Newsbewertung

Weiterlesen

iPhone XR: Details zu Verkaufsstart und Vorbestellung

Nachrichten vom 17.10.2018 um 18:48 Uhr | Quelle heise.de
Apple bringt das etwas billigere 6,1"-iPhone am 26. Oktober in über 50 Ländern in den Handel. Auch in Geschäften soll es Geräte geben.
Newsbewertung

Weiterlesen

5G: Vodafone für gleiche Regeln bei Frequenzvergabe in der EU

Nachrichten vom 17.10.2018 um 18:44 Uhr | Quelle golem.de
Die Finnen haben es laut Hannes Ametsreiter bei der 5G-Auktion richtig gemacht, weil nur 77,6 Millionen Euro Erlös erzielt wurden. Der Vodafone-Deutschland-Chef tritt für einheitliche Vergaberegeln in der EU ein. (Vodafone, Handy)
Newsbewertung

Weiterlesen

Reveal password from Linux app

Linux Tipps vom 17.10.2018 um 18:37 Uhr | Quelle reddit.com
submitted by /u/wf09gvhhl5
[link] [comments]
Newsbewertung

Weiterlesen

[$] Secure key handling using the TPM

Linux Tipps vom 17.10.2018 um 18:36 Uhr | Quelle lwn.net

Trusted Computing has not had the best reputation over the years — Richard Stallman dubbing it "Treacherous Computing" probably hasn't helped — though those fears of taking away users' control of their computers have not proven to be founded, at least yet. But the Trusted Platform Module, or TPM, inside your computer can do more than just potentially enable lockdown. In our second report from Kernel Recipes 2018, we look at a talk from James Bottomley about how the TPM works, how to talk to it, and how he's using it to improve his key handling.


Newsbewertung

Weiterlesen

Brain-to-Brain Communication is Coming!

Videos vom 17.10.2018 um 18:28 Uhr | Quelle youtube.com

Newsbewertung

Weiterlesen

Weirdo Twitter messages were a glitch, not a hack

IT Security Nachrichten vom 17.10.2018 um 18:27 Uhr | Quelle nakedsecurity.sophos.com
Were you one of the dozens of people who got a bizarre Twitter message yesterday? It's OK. It wasn't a disturbance in the Matrix.
Newsbewertung

Weiterlesen

José rodríguez has demonstrated how an attacker with physical access to a device running ios 12.0.1 can gain access to photos stored on it.

IT Security Nachrichten vom 17.10.2018 um 18:21 Uhr | Quelle reddit.com
José rodríguez has demonstrated how an attacker with physical access to a device running ios 12.0.1 can gain access to photos stored on it. submitted by /u/RonaldvanderMeer
[link] [comments]

Newsbewertung

Weiterlesen

http://anger.gv.at

Hacking vom 17.10.2018 um 18:14 Uhr | Quelle zone-h.org
http://anger.gv.at notified by Abdellah Elmaghribi
Newsbewertung

Weiterlesen

http://lassnitzhoehe.gv.at

Hacking vom 17.10.2018 um 18:13 Uhr | Quelle zone-h.org
http://lassnitzhoehe.gv.at notified by Abdellah Elmaghribi
Newsbewertung

Weiterlesen

A History of Defense-in-Depth; and the Evolution of Data Sharing

IT Security Nachrichten vom 17.10.2018 um 18:12 Uhr | Quelle feedproxy.google.com

We need a new way to manage access to data. No, not because the “good guys” are losing to Advanced Persistent Threats, nation-state attackers, or whatever term we use to describe the cybersecurity boogey-man du jour. We need a new way to manage access to data because the old ways don’t work in the cloud. The cloud is not evil from a security standpoint, but cloud adoption has introduced two critical shifts to enterprise computing:

read more


Newsbewertung

Weiterlesen

Crypto Wars: Google fordert das FBI mit neuer Android-Verschlüsselung heraus

IT Security Nachrichten vom 17.10.2018 um 18:09 Uhr | Quelle heise.de
Google macht Ernst mit der Ende-zu-Ende-Verschlüsselung bei Android-Backups in der Cloud und schürt damit Ängste von Strafverfolgern vor einem "Going Dark".
Newsbewertung

Weiterlesen

Podcast: A Utility Ransomware Attack, Post-Hurricane

IT Security Nachrichten vom 17.10.2018 um 18:06 Uhr | Quelle threatpost.com
A “critical water utility” was hit by a recent ransomware attack, significantly impeding the service in the week after Hurricane Florence hit the East Coast of the U.S. The Onslow Water and Sewer Authority (ONWASA) said in a Monday release that a “sophisticated ransomware attack… has left the utility with limited computer capabilities.” While customer data […]
Newsbewertung

Weiterlesen

Hackers accused of ties to Russia hit three East European companies: ESET researchers

IT Security Nachrichten vom 17.10.2018 um 18:05 Uhr | Quelle reddit.com
Hackers accused of ties to Russia hit three East European companies: ESET researchers submitted by /u/campuscodi
[link] [comments]

Newsbewertung

Weiterlesen

The Results of Your Genetic Test Are Reassuring. But That Can Change.

IT Security Nachrichten vom 17.10.2018 um 18:05 Uhr | Quelle science.slashdot.org
Laboratories frequently "reclassify" genetic mutations. But there is no reliable system for telling patients or doctors that the results of their genetic tests are no longer valid. From a report: The results of a genetic test may seem final -- after all, a gene mutation is present or it is not. That mutation increases the risk of a disease, or it does not. In fact, those findings are not as straightforward as they might seem, and the consequences may have grave implications for patients. While a person's genome doesn't change, the research linking particular bits of DNA to disease is very much in flux. Geneticists and testing labs constantly receive new information that leads them to reassess genetic mutations. As a result, a mutation seen as benign today may be found dangerous tomorrow. And vice versa. But there is no good way to get the new information to doctors and patients. The result: The gene test you had a few years ago might yield a startlingly different result now. The problem affects a minority of patients, mostly people with unusual mutations. The more common disease-causing mutations -- like those that predispose you to breast or colon cancer -- are so well studied that their meaning is not in doubt. In a recent study, researchers at Myriad Genetics, a diagnostic company, reviewed data on 1.45 million patients who had genetic tests from 2006 to 2016 to see if the results originally reported still held true. The lab issued new reports for nearly 60,000 of them, meaning the old results had been superseded by new data. But many patients who carry mutations that have been reclassified remain in the dark.

Read more of this story at Slashdot.


Newsbewertung

Weiterlesen

TP-Link TL-SC3130 1.6.18 Unauthenticated RTSP Stream Disclosure

IT Security Tools vom 17.10.2018 um 17:57 Uhr | Quelle packetstormsecurity.com
TP-Link TL-SC3130 version 1.6.18 suffers from an unauthenticated and unauthorized live RTSP stream disclosure.
Newsbewertung

Weiterlesen

Seitennavigation

Seite 8 von 11.168 Seiten (Bei Beitrag 245 - 280)
390.878x Beiträge in dieser Kategorie

Auf Seite 7 zurück | Nächste 9 Seite | Letzte Seite
[ 3 ] [ 4 ] [ 5 ] [ 6 ] [ 7 ] [8] [ 9 ] [ 10 ] [ 11 ] [ 12 ] [ 13 ] [ 14 ] [ 15 ] [ 16 ] [ 17 ] [ 18 ]

Folge uns auf Twitter um einen Echtzeit-Stream zu erhalten. Updates alle 5 Minuten!

Die Webseite benutzt einen Cache von 10-15 Minuten