1. IT-Security


ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese
Anzeige

IT-Security


Suchen

Google’s Latest Smartwatch Deal Could Make the Pixel Watch a Dream Come True

IT Security Nachrichten vom 18.01.2019 um 09:04 Uhr | Quelle news.softpedia.com
Google is out shopping once again, and one of the goodies the company brings home this time is Fossil smartwatch technology that could eventually help it build the eagerly-anticipated Pixel Watch. The search giant will pay no less than $40 million for the technology and a group from the R&D team, which will join the company as part of the deal. The intellectual property being sold to Google is believed to include secret technology that hasn’t been announced yet and which could help the Mountain View-based firm innovate in the smartwatch industry should it decide to launch its own device. Greg McKelvey, Fossil’s executive vice president of chief strategy and digital officer, confirmed for Wareable that the technology sold to Google is a “new product innovation that’s not yet hit the market.” No specifics were provided on this tech. The Pixel Watch project ...
Newsbewertung

Weiterlesen

Attacks in the wild leverage flaw in ThinkPHP Framework

Hacking vom 18.01.2019 um 08:58 Uhr | Quelle securityaffairs.co

Threat actors in the wild are leveraging a recently discovered flaw in the ThinkPHP PHP framework to install cryptominers, skimmers, and other malware. Multiple threat actors are leveraging a recently discovered code execution vulnerability (CVE-2018-20062) in the ThinkPHP framework. The flaw was already addressed by the Chinese firm TopThink that designed the framework, but security expert Larry […]

The post Attacks in the wild leverage flaw in ThinkPHP Framework appeared first on Security Affairs.


Newsbewertung

Weiterlesen

Best security oriented Firefox alternative?

IT Security Nachrichten vom 18.01.2019 um 08:52 Uhr | Quelle reddit.com

I know there are quite a few Firefox forks such as Waterfox and Palemoon, but I'm not quite sure which is the optimal choice for security.

I don't like that firefox started adding many unnecessary features recently yet ignore things like fingerprinting and other essential security vulnerabilities.

There's obviously Tor build of Firefox, but this is not exactly ideal for everyday use.

Can someone help me choose which one to use for everday browsing?

submitted by /u/Lurlerrr
[link] [comments]
Newsbewertung

Weiterlesen

Week 3 in Information Security, 2019

IT Security Nachrichten vom 18.01.2019 um 08:50 Uhr | Quelle reddit.com

35-year-old vulnerability has been discovered in the SCP file transfer utility. According to the advisory impact section, "Malicious scp server can write arbitrary files to scp target directory, change the target directory permissions and to spoof the client output."
https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt

Multiple U.S. government websites SSL certificates have expired and some sites are inaccessible due to properly used HTTP Strict Transport Security.
There's nobody there to renew them due to a government shutdown.
https://news.netcraft.com/archives/2019/01/10/gov-security-falters-during-u-s-shutdown.html

Researchers found a new kind of Windows malware using encrypted messaging app Telegram to receive "encrypted" instructions. Nothing innovative with the malware sample, but what is really interesting is, that telegram messages are coupled with unique IDs and malware analysts from the Forcepoint Labs were able to retroactively scrape all the messages issued by the malware operator.
Not sure what kind of channel was used by the bot, but it looks really suspicious to be able to scrape old messages.
https://techcrunch.com/2019/01/17/decrypted-telegram-bot-windows-malware

The researchers at the CanSecWest Vancouver conference will be able to participate in the annual Pwn2Own challenge. This year also in car hacking as Tesla Model 3 will be available.
https://www.zerodayinitiative.com/blog/2019/1/14/pwn2own-vancouver-2019-tesla-vmware-microsoft-and-more

One of last surviving Navajo code talkers, Alfred Newman, has passed away at 94. Newman, with many others, developed during World War II an unbreakable code for military transmissions using the unwritten Navajo language.
https://eu.azcentral.com/story/news/local/arizona/2019/01/14/alfred-k-newman-among-last-navajo-code-talkers-has-died/2570535002/

Security researcher Troy Hunt updated his service Have I Been Pwn with 772,904,991 new email addresses and lots of passwords after finding 87GB of leaked passwords and email addresses by the MEGA cloud storage provider.
https://www.troyhunt.com/the-773-million-record-collection-1-data-reach/

There was a massive data breach at the Oklahoma Securities Commission with millions of files containing decades worth of confidential case file intelligence from the agency and sensitive FBI investigation source materials leaked.
https://www.newsweek.com/oklahoma-data-breach-may-expose-years-fbi-investigations-report-1293862

Hackers broke into an SEC database and made millions from inside info.
https://www.cnbc.com/2019/01/15/international-stock-trading-scheme-hacked-into-sec-database-justice-dept-says.html

Malicious former employee installed Raspberry Pi in the company network closet, but the Reddit crowd helped with the investigation.
https://blog.haschek.at/2018/the-curious-case-of-the-RasPi-in-our-network.html

Great blog post about the factors in authentication. The more factors to be used, the bigger headache from the enrollment procedures.
https://apenwarr.ca/log/20190114

Noise Protocol Framework Explorer created by Nadim Kobeissi now supports generating secure implementations in Go for any arbitrary Noise Handshake Pattern.
https://twitter.com/i/web/status/1085629955202011136

CERT Poland (CERT Polska) opens access to its malware database (MWDB).
https://www.cert.pl/en/news/single/mwdb-our-way-to-share-information-about-malicious-software/

Previous weeks & mailing list: malgregator.com (personal blog)

submitted by /u/undercomm
[link] [comments]
Newsbewertung

Weiterlesen

Windows Zero-Day Bug that Overwrites Files Gets Interim Fix

IT Security Nachrichten vom 18.01.2019 um 08:47 Uhr | Quelle bleepingcomputer.com
A micropatch has been released today for a vulnerability in Windows that allows overwriting files, even system one, with arbitrary data. [...]
Newsbewertung

Weiterlesen

Windows Zero-Day Bug that Overwrites Files Gets Interim Fix

IT Security Nachrichten vom 18.01.2019 um 08:47 Uhr | Quelle bleepingcomputer.com
A micropatch has been released today for a vulnerability in Windows that allows overwriting files, even system one, with arbitrary data. [...]
Newsbewertung

Weiterlesen

Gemini: Akku-Display für 160 Dollar erobert Kickstarter im Sturm

IT Security Nachrichten vom 18.01.2019 um 08:41 Uhr | Quelle winfuture.de
Display, Monitor, Gemini, Taihe Gemini ist ein 15,6-Zoll-Display mit Akku und Kickstand. Der Hersteller heißt Taihe und sucht auf der Crowdfunding-Plattform Kickstarter Interessenten, die mit Vorbestellungen für 159 Dollar die Aufnahme einer Massenproduktion ermöglichen. Und das scheint zu funktionieren: Innerhalb von zwei Stunden wurden Bestellungen im Wert von 70.000 Dollar aufgegeben. (Weiter lesen)
Newsbewertung

Weiterlesen

Germany Wants to Ban Huawei from Its 5G Networks Due to Spying Concerns

IT Security Nachrichten vom 18.01.2019 um 08:14 Uhr | Quelle news.softpedia.com
Germany is currently looking into a possible ban of Huawei from participating in the development of its 5G networks, once again due to concerns that the company might be spying for the Chinese government. While the country said in late 2018 that it found no evidence of cyberespionage, German authorities are now exploring several options that would eventually make it impossible for Huawei to be part of the 5G effort. A report from Reuters citing business daily Handelsblatt reveals that Chancellor Angela Merkel’s administration considered implementing stricter security requirements that Huawei wouldn’t meet as a way to leave the Chinese manufacturer out of the development of 5G networks. Furthermore, German authorities have discussed the idea of changes to the telecommunications law that would eventually lead to Huawei...
Newsbewertung

Weiterlesen

Nadella: Privatnutzer fällt nicht hinten runter - neues Paket ist in Arbeit

IT Security Nachrichten vom 18.01.2019 um 08:08 Uhr | Quelle winfuture.de
Microsoft, Microsoft Corporation, Satya Nadella, Build Konferenz Schon seit geraumer Zeit steht der Vorwurf im Raum, Microsoft vernachlässige den riesigen Markt der Privatnutzer und alles drehe sich im Grunde um die lukrativen Business-Kunden. Dem hat Konzernchef Satya Nadella jetzt aber deutlich widersprochen und angekündigt, dass es bald ein neues Software-Paket für den normalen User geben wird. (Weiter lesen)
Newsbewertung

Weiterlesen

Bug in Twitter Android App Exposed Protected Tweets

IT Security Nachrichten vom 18.01.2019 um 08:01 Uhr | Quelle feedproxy.google.com

Twitter revealed on Thursday that users of its Android application may have had their supposedly protected tweets made public due to a bug.

read more


Newsbewertung

Weiterlesen

Netflix Says It Has 10 Percent of All TV Time In the US

IT Security Nachrichten vom 18.01.2019 um 08:00 Uhr | Quelle news.slashdot.org
In its fourth-quarter 2018 earnings report, Netflix disclosed some of its viewership numbers for hits such as "Bird Box." "Overall, Netflix said it serves about 100 million hours of video per day, earning an estimated 10 percent of all time spent in front of the TV in the U.S.," reports CNBC. The company also said "Bird Box" reached 80 million member households in its first four weeks on the streaming service. Unfortunately, it still didn't show exactly how many people have viewed the content. From the report: By way of comparison, during the week of Jan. 7, the top TV show was an NFL playoff game between the New Orleans Saints and Dallas Cowboys on Sunday, Jan. 13, which drew 33 million viewers, according to Nielsen. The top scripted show, "The Big Bang Theory," drew over 13 million. But Netflix does not view TV as its only competition. In its earnings note, it also said games such as Fortnite compete for attention. Fortnite reportedly draws 200 million players per week. The company also highlighted several of its international projects. Netflix said its original from Spain, "Elite," was watched by over 20 million member households worldwide in the first four weeks. "Bodyguard," co-produced with BBC One; "Baby," an original series from Italy, and "Protector," an original series from Turkey, all reached more than 10 million member households in their first four weeks, the company said. There was still one notable hit that Netflix didn't disclose numbers for: "Black Mirror: Bandersnatch." Instead, the company discussed in its earnings letter that the technology used to create the movie, its first interactive choose-your-own-adventure-style flick, will be used for interactive projects in the future.

Read more of this story at Slashdot.


Newsbewertung

Weiterlesen

A Twitter Bug Left Android Users' Private Tweets Exposed For 4 Years

IT Security Nachrichten vom 18.01.2019 um 07:39 Uhr | Quelle feedproxy.google.com
Twitter just admitted that the social network accidentally revealed some Android users' protected tweets to the public for more than 4 years — a kind of privacy blunder that you'd typically expect from Facebook. When you sign up for Twitter, all your Tweets are public by default, allowing anyone to view and interact with your Tweets. Fortunately, Twitter also gives you control of your

Newsbewertung

Weiterlesen

Microsoft Begins Refining the Dark Mode in Windows 10 Mail App

IT Security Nachrichten vom 18.01.2019 um 07:39 Uhr | Quelle news.softpedia.com
Microsoft is now experimenting with a series of visual changes for the Windows 10 Mail and Calendar apps, as the company wants to refine the dark mode offered to users. First and foremost, the dark visual style will be applied to more parts of the application, including to the message body and the new mail screen. As Windows 10 users know by now, the dark theme is far from providing a consistent experience in the Mail app, and it’s this consistency the one that Microsoft is aiming for with these improvements. The software giant wants to provide the same dark mode across the entire application, though as it turns out, it takes a painful amount of time for the company to achieve this goal. The dark theme will also be expanded to more menus in the calendar, so switching from the list of emails to your appointments screen should be more seamless after the update. New theme toggle Microsoft is also trying to provide users with a more convenient metho...
Newsbewertung

Weiterlesen

Latest Hacking News Podcast #204

IT Security Nachrichten vom 18.01.2019 um 07:31 Uhr | Quelle latesthackingnews.com

Twitter bug exposed protected tweets of some Android users, ES File Explorer potentially exposes data of 100 million users, and Microsoft launched Azure DevOps bug bounty program on episode 204 of our daily cybersecurity podcast.

Latest Hacking News Podcast #204 on Latest Hacking News.


Newsbewertung

Weiterlesen

FastTube 1.0.1.0 Denial Of Service

IT Security Tools vom 18.01.2019 um 07:22 Uhr | Quelle packetstormsecurity.com
FastTube version 1.0.1.0 suffers from a denial of service vulnerability.
Newsbewertung

Weiterlesen

Microsoft blue biz bug bounty bonanza beckons

IT Security Nachrichten vom 18.01.2019 um 07:22 Uhr | Quelle go.theregister.com

Azure DevOps Services invites hackers to test its limits

There's more money to be made from bug hunting in Microsoft code after Redmond announced its 10th active bug hunting reward scheme, the Azure DevOps Bounty Program.…


Newsbewertung

Weiterlesen

hacker is a 30-year-old portuguese man. police haven't released his name, but several news outlets claim he's named rui pinto, a man they've identified and have been tracking for years.

IT Security Nachrichten vom 18.01.2019 um 07:21 Uhr | Quelle reddit.com
hacker is a 30-year-old portuguese man. police haven't released his name, but several news outlets claim he's named rui pinto, a man they've identified and have been tracking for years. submitted by /u/RonaldvanderMeer
[link] [comments]

Newsbewertung

Weiterlesen

Microsoft: SwiftKey Much Faster than Google’s GBoard on Android

IT Security Nachrichten vom 18.01.2019 um 07:15 Uhr | Quelle news.softpedia.com
SwiftKey continues to be one of the top keyboards for both Android and iOS, but now that 2018 is over, Microsoft decided to take a look at the whole year and brag about the app with some in-house stats. In a laudatory blog post rolled out this week, the SwiftKey team explains that their keyboard app is loading no less than 20 percent faster than the best competitor, while when it comes to the first load after a phone restart, it’s even twice as fast. The data is based on internal testing conducted by Microsoft, and the company says that it put SwiftKey against a series of other popular keyboard apps like GBoard, TouchPal...
Newsbewertung

Weiterlesen

Portuguese Hacker Linked to 'Football Leaks' Held in Hungary

IT Security Nachrichten vom 18.01.2019 um 07:07 Uhr | Quelle feedproxy.google.com

A Portuguese hacker said by his lawyers to have played a pivotal role in the Football Leaks whistleblower website was fighting extradition from Hungary to Portugal on Thursday on charges of extortion.

Rui Pinto, 30, was arrested on Wednesday.

read more


Newsbewertung

Weiterlesen

Canada’s Coast Capital Savings becomes a victim of Cyber Attack

IT Security Nachrichten vom 18.01.2019 um 07:04 Uhr | Quelle cybersecurity-insiders.com

Surrey-based Coast Capital Savings was subjected to a cyber attack recently and news is out that the hackers managed to siphon thousands of dollars from accounts of more than 140 members in between November and December last year. Though the total amount stolen is yet to be known, highly placed sources say that each member […]

The post Canada’s Coast Capital Savings becomes a victim of Cyber Attack appeared first on Cybersecurity Insiders.


Newsbewertung

Weiterlesen

Chinese Crypto Mining Malware found uninstalling Cloud Security tools

IT Security Nachrichten vom 18.01.2019 um 07:01 Uhr | Quelle cybersecurity-insiders.com

Palo Alto Networks Unit 42 researchers have found a new variant of malware which has the ability to uninstall cloud security tools to take full control of Linux servers to mine bitcoins. Rocke, a Chinese hacking group being funded by APT10 is said to have devised the new malware variant which has already publicly targeted […]

The post Chinese Crypto Mining Malware found uninstalling Cloud Security tools appeared first on Cybersecurity Insiders.


Newsbewertung

Weiterlesen

Ob Hacking oder Doxing: Datensicherheit muss gewährleistet werden

Hacking vom 18.01.2019 um 06:40 Uhr | Quelle google.com
Der anfangs als Hacking eingestufte Angriff stellte sich später als sogenanntes Doxing heraus. Was können Unternehmen aus dem Vorfall für ihre ...
Newsbewertung

Weiterlesen

Ob Hacking oder Doxing: Datensicherheit muss gewährleistet werden

Hacking vom 18.01.2019 um 06:40 Uhr | Quelle google.com
Der anfangs als Hacking eingestufte Angriff stellte sich später als sogenanntes Doxing heraus. Was können Unternehmen aus dem Vorfall für ihre ...
Newsbewertung

Weiterlesen

Ob Hacking oder Doxing: Datensicherheit muss gewährleistet werden

IT Security Nachrichten vom 18.01.2019 um 06:30 Uhr | Quelle it-daily.net

Die Veröffentlichung vertraulicher Informationen von Politikern und Personen des öffentlichen Lebens hat in den vergangenen Wochen für Aufruhr gesorgt. Der anfangs als Hacking eingestufte Angriff stellte sich später als sogenanntes Doxing heraus. Was können Unternehmen aus dem Vorfall für ihre Datensicherheit lernen?


Newsbewertung

Weiterlesen

Microsoft Releases Windows 10 Cumulative Update KB4480977 (Version 1607)

IT Security Nachrichten vom 18.01.2019 um 06:29 Uhr | Quelle news.softpedia.com
Microsoft has released a new cumulative update for Windows 10 Anniversary Update (version 1607), which no longer receives support unless devices are enrolled in the LTSC branch. Windows 10 cumulative update KB4480977 bumps the OS build number to 14393.2759, and it comes with a total of 14 fixes, all of them resolving bugs in the operating system – you can check out the full release notes embedded in the box after the jump. One of the most important fixes concerns a File Explorer issue that causes the file manager to stop working without self-recovery after several days of uptime, as Microsoft explains in the changelog. Many of the refinements that are part of this cumulative update are aimed at IT pros and system administrators, as it’s the case of a fix for the PowerShell Desired State Configuration pull server. Microsoft explains: “Addresses an issue that causes the PowerShell Desired State Configur...
Newsbewertung

Weiterlesen

I've never seen discussion for http://www.masterpasswordapp.com. Is it a good password manager?

IT Security Nachrichten vom 18.01.2019 um 06:13 Uhr | Quelle reddit.com

From what I can tell it seems pretty solid as all you need to do is fabricate one strong password you remember and then from that point forward you can locally generate passwords for everything else. The added bonus is that you never interface with any service ever either which removes the possibility of having a service be down or getting hacked.

submitted by /u/naylord
[link] [comments]
Newsbewertung

Weiterlesen

What steps would one take to transition into a security career?

IT Security Nachrichten vom 18.01.2019 um 06:10 Uhr | Quelle reddit.com

I'm deep into a career in an entirely different industry, but really find no joy in it. I've been beginning to study penetration testing and ethical hacking and am absolutely in love with it.

What steps would one take to begin exploring a new career in security? I don't have a particular path that I am aware of or anything to that extent, but I do learn well and am more than happy to spend however long it takes to obtain the right training/certifications.

Is it remotely feasible for somebody to transition mid-career and obtain the right credentials to start making at least around $50K?

submitted by /u/poptarts27
[link] [comments]
Newsbewertung

Weiterlesen

Two Hackers Arrested Linked to DDoS Attacks Face Jail up to Six Years

Hacking vom 18.01.2019 um 06:07 Uhr | Quelle gbhackers.com
Two young hackers

Two young hackers arrested for launching DDoS attacks on several critical Ukraine sources including the city of Mariupol and several other educational institutions. The DDoS attacks aims in exhausting the resource of a network, application or service that leads an organization to face the various technical impacts. Ukraine police arrested two young hackers 21- and […]

The post Two Hackers Arrested Linked to DDoS Attacks Face Jail up to Six Years appeared first on GBHackers On Security.


Newsbewertung

Weiterlesen

Two Hackers Arrested Linked to DDoS Attacks Face Jail up to Six Years

Hacking vom 18.01.2019 um 06:07 Uhr | Quelle gbhackers.com
Two young hackers

Two young hackers arrested for launching DDoS attacks on several critical Ukraine sources including the city of Mariupol and several other educational institutions. The DDoS attacks aims in exhausting the resource of a network, application or service that leads an organization to face the various technical impacts. Ukraine police arrested two young hackers 21- and […]

The post Two Hackers Arrested Linked to DDoS Attacks Face Jail up to Six Years appeared first on GBHackers On Security.


Newsbewertung

Weiterlesen

Lessons Learned: Sechs Kriterien für Webshop-Customization

IT Security Nachrichten vom 18.01.2019 um 06:01 Uhr | Quelle it-daily.net

Bei B2B-Webshop-Projekten stehen Unternehmen häufig vor der Frage, welche individuellen Anpassungen und Zusatzfuktionen für die eigene Organisation sowie ihre Kunden tatsächlich sinnvoll sind. Schließlich ist die Customization von E-Commerce-Systemen stets mit einem Mehraufwand verbunden, den es gegen den Nutzen abzuwägen gilt.


Newsbewertung

Weiterlesen

Issue #5 - Volume XXI - SANS Newsbites - January 18th, 2019

IT Security Nachrichten vom 18.01.2019 um 06:00 Uhr | Quelle sans.org

Newsbewertung

Weiterlesen

What We Need To Learn From The World’s Largest Data Leak?

IT Security Nachrichten vom 18.01.2019 um 05:59 Uhr | Quelle hackercombat.com

Troy Hunt, a prolific cybersecurity researcher has probably assembled one of the largest data leak collection in the world at the time of this writing. A collection of aggregate massive...

The post What We Need To Learn From The World’s Largest Data Leak? appeared first on .


Newsbewertung

Weiterlesen

Eco Search 1.0.2.0 Denial Of Service

IT Security Tools vom 18.01.2019 um 05:44 Uhr | Quelle packetstormsecurity.com
Eco Search version 1.0.2.0 suffers from a denial of service vulnerability.
Newsbewertung

Weiterlesen

One Search 1.1.0.0 Denial Of Service

IT Security Tools vom 18.01.2019 um 05:22 Uhr | Quelle packetstormsecurity.com
One Search version 1.1.0.0 suffers from a denial of service vulnerability.
Newsbewertung

Weiterlesen

What is Amazon GovCloud?

IT Security Nachrichten vom 18.01.2019 um 05:00 Uhr | Quelle tripwire.com

Amazon GovCloud is an isolated Amazon Web Service (AWS) designed to allow customers and the U.S government agencies to move their confidential data into the cloud to address their compliance and specific regulatory requirements. It runs under ITAR, the U.S. International Traffic in Arms Regulations. With this cloud service, US citizens can run workloads that […]… Read More

The post What is Amazon GovCloud? appeared first on The State of Security.


Newsbewertung

Weiterlesen

Seitennavigation

Seite 11 von 4.772 Seiten (Bei Beitrag 350 - 385)
167.006x Beiträge in dieser Kategorie

Auf Seite 10 zurück | Nächste 12 Seite | Letzte Seite
[ 6 ] [ 7 ] [ 8 ] [ 9 ] [ 10 ] [11] [ 12 ] [ 13 ] [ 14 ] [ 15 ] [ 16 ] [ 17 ] [ 18 ] [ 19 ] [ 20 ] [ 21 ]