News Kategorien unterhalb von Nachrichten: 0x
News RSS Feeds dieser Nachrichten Kategorie: IT Security Nachrichten
Benutze Feedly zum Abonieren.
Download RSS Feed App für Windows 10 Store (Leider gibt es nicht mehr viele Extensions mit welchen Sie RSS-Feeds in einer Software abonieren können. Der Browser Support für RSS-Feeds wurde eingestellt (Firefox,Chrome).
Eigene IT Security Webseite / Blog / Quelle hinzufügen
I want to post, but what if ...?
Welcome to the DEF CON forums! Q: How do you know if your post will be well received, or people will complain? A: You don't. Nobody knows! Part of being a hacker is trying new things. "What if I posted something and... ?" You can spend a lot of time thinking about all the possible events...
Huawei Says Hongmeng OS Isn't Designed as an Android Replacement
Huawei reportedly wants to keep using Google's Android operating system in its phones instead of jumping to its self-developed Hongmeng system. From a report: Company senior vice president Catherine Chen told reporters in Brussels this week that the Hongmeng OS isn't even designed for phones, according to Chinese state news agency Xinhua. Chen apparently said Hongmeng is for industrial use, noting that it contains far fewer lines of code than a phone OS, and has much lower latency than a phone, meaning it can process a very high volume of data messages with little delay. Latest episode in a confusing narrative about what Huawei even intends to do. The company's executives have previously said on record that its homegrown operating system is designed to replace Android on its handsets. One executive said the operating system would be released by last month -- a target that Huawei has missed.
Read more of this story at Slashdot.
Israel's NSO Group: Our malware? Slurp your cloud backups plus phone data? They've misunderstood
After report claimed its sales pitches boasted of doing that
Israeli spyware firm NSO Group has denied it developed malware that can steal user data from cloud services run by Amazon, Apple, Facebook, Google and Microsoft.…
Kazakhstan decrypting citizens' Internet traffic for "security" (and censorship) - makes users less secure, not just against their own government, but against other criminals as well
The Growing Threat of Targeted Ransomware
Ransomware targeting organizations is a growing threat. The extent of that threat is not always obvious. Except for the healthcare sector, disclosure of a ransomware attack is not generally required -- so victims will not necessarily report an incident. This is exacerbated by those victims who simply pay up and recover their files without the problem becoming obvious.
Neue winSIM-Aktion: LTE All-Tarif jetzt mit 12 GB für 22,99 im Monat
Author of Dryad and Rubella Macro Builders Arrested
DataSpii: the catastrophic data leak via browser extensions
Finaler Trailer zu 'Es 2': Clown Pennywise lehrt uns das Fürchten
Die Neuverfilmung von Stephen Kings Horrorroman "Es" war 2017 einer der erfolgreichsten Kinofilme des Jahres. Kommenden September muss sich dann der Klub der Verlierer ein weiteres Mal zusammenfinden, denn der unheimliche Clown Pennywise treibt anscheinend erneut in der Kleinstadt Derry sein Unwesen. Vorab wurde nun ein neuer und zugleich auch letzter Trailer vor dem Kinostart gezeigt. (Weiter lesen)
Roll20 brings pen-and-paper gameplay to your browser with features that save time and enhance your favorite parts of tabletop games.
Why Incident Response Must Adopt a Kill Chain Perspective
Even as incident response (IR) has evolved, it has struggled to see beyond individual events and create a more complete perspective. IR tools are still very effective, particularly as advances in orchestration and automation technology have turned many IR tools into SOAR tools, but they are limited by this narrow focus.
Israel Spyware Firm Can Mine Data From Social Media: FT
AVM verbessert Access Point Steering für den FritzRepeater 3000
Tech Unemployment Hits 19-Year Low
New submitter SpaceForceCommander writes: Tech unemployment hasn't been this low since the turn of the century, according to U.S. Bureau of Labor Statistics (BLS) data crunched by CompTIA. As of May, tech's unemployment rate sat at 1.3 percent. "There is now the very real prospect of tech worker shortages affecting industry growth," Tim Herbert, executive vice president for research and market intelligence at CompTIA, wrote in a statement accompanying the data. "Firms seeking to expand into new areas such as the Internet of Things, robotic process automation or artificial intelligence may be inhibited by a lack of workers with these advanced skills, not to mention shortages in the complementary areas of technology infrastructure and cybersecurity." Tech's unemployment rate previously hit 1.4 percent, in April 2007 and March 2018. (The BLS began measuring occupation-level employment data in January 2000.) However, not all segments within tech are adding jobs at the same rate; although custom software development and computer systems design gained 8,400 new positions in May, for example, both information services and telecommunications saw modest losses. Meanwhile, new data from PayScale suggests that wages within the tech industry grew 2.3 percent year-over-year in the second quarter of 2019. That's an indicator that the low unemployment rate is forcing employers to pay more in order to secure the talent they need.
Read more of this story at Slashdot.
Microsoft Launches Bug Bounty Program for Dynamics 365
Google Increase Chrome OS Bounty Program Up-to $150,000
Google security increase their rewards for Bug Bounty Hunters up to $30000 and for chrome OS $150,000. Google also increase rewards for fuzz testing,...
The post Google Increase Chrome OS Bounty Program Up-to $150,000 appeared first on HackersOnlineClub.
TLS-Zertifikat: Gesamter Internetverkehr in Kasachstan kann überwacht werden
RYUK Ransomware debuts in China
Hackers spreading RYUK Ransomware in the United States have now shifted their base to China. Well, this update was given by the Tencent Yujian Threat Intelligence Center which adds that the virus spreading gangs have already targeted 7 Logistics companies and 2 technology companies along with a few municipalities so far demanding 11 Bitcoins as […]
Marvel Ultimate Alliance 3: Superhelden-Crossover im Launch-Trailer
Ab heute ist Marvel Ultimate Alliance 3: The Black Order exklusiv für die Nintendo Switch erhältlich. Passend dazu hat Nintendo den offiziellen Veröffentlichungstrailer freigegeben, der Ausschnitte aus dem actionreichen Marvel-Crossover zeigt. In Marvel Ultimate Alliance 3: The Black Order stellen Spieler ihr eigenes Superhelden-Team zusammen, um dieses anschließend in den Kampf gegen Thanos zu schicken. Wer möchte, kann dabei auf bewährte Teams wie die X-Men oder Avengers setzen oder beliebig ... (Weiter lesen)
Chrome/Firefox itself are leaking Data!
Hey sec community,
a quick update about my last post, you can find it on my profile,
I find out that chrome and Firefox itself are leaking data, but the shocking news is for whom those browsers are leaking data!!!
upvote this thread, maybe Google Devs will notice ;)
Diesmal mit Plan: Chinesische Raumstation wurde zum Absturz gebracht
Die chinesische Raumstation Tiangong-2 ist in die Erdatmosphäre gestürzt. Im Gegensatz zum Vorgänger war das Ende der Raumstation diesmal aber ganz gezielt eingeleitet worden. Der Großteil des Weltraum-Labors ist beim Wiedereintritt verglüht, einige Teile sind aber in den Pazifik gestürzt. (Weiter lesen)
Researchers Easily Trick Security Firm Cylance's AI-Based Antivirus Into Thinking Programs Like WannaCry and Other Malware Are Benign
By taking strings from an online gaming program and appending them to malicious files, researchers were able to trick Cylance's AI-based antivirus engine into thinking programs like WannaCry and other malware are benign. From a report: AI has been touted by some in the security community as the silver bullet in malware detection. Its proponents say it's superior to traditional antivirus since it can catch new variants and never-before-seen malware -- think zero-day exploits -- that are the Achilles heel of antivirus. One of its biggest proponents is the security firm BlackBerry Cylance, which has staked its business model on the artificial intelligence engine in its endpoint PROTECT detection system, which the company says has the ability to detect new malicious files two years before their authors even create them. But researchers in Australia say they've found a way to subvert the machine-learning algorithm in PROTECT and cause it to falsely tag already known malware as "goodware." The method doesn't involve altering the malicious code, as hackers generally do to evade detection. Instead, the researchers developed a "global bypass" method that works with almost any malware to fool the Cylance engine. It involves simply taking strings from a non-malicious file and appending them to a malicious one, tricking the system into thinking the malicious file is benign. The benign strings they used came from an online gaming program, which they have declined to name publicly so that Cylance will have a chance to fix the problem before hackers exploit it. "As far as I know, this is a world-first, proven global attack on the ML [machine learning] mechanism of a security company," says Adi Ashkenazy, CEO of the Sydney-based company Skylight Cyber, who conducted the research with CTO Shahar Zini. "After around four years of super hype [about AI], I think this is a humbling example of how the approach provides a new attack surface that was not possible with legacy [antivirus software]."
Read more of this story at Slashdot.
Weary Eyes And Fictitious Faces: Why Fingerprints Are Best For Biometric Authentication
Biometric technology is already revolutionising both physical and cyber-security in the UK. While the latest breakthroughs are impressive, we’re only just touching the tip of the iceberg. Regardless of which method we’re using – whether it is fingerprint, facial, retinal or voice recognition solutions – there is no escaping the fact that biometric developments have been incorporated …
The ISBuzz Post: This Post Weary Eyes And Fictitious Faces: Why Fingerprints Are Best For Biometric Authentication appeared first on Information Security Buzz.
Kazakhstan Government Filtering Civilian Internet Browsing
North Korea, China, and Iran, just three countries that we can easily remember as having government regimes that seriously censor the Internet. These territories implement state-level Internet traffic filtering that...
The post Kazakhstan Government Filtering Civilian Internet Browsing appeared first on .
Ex-NSA Contractor to Be Sentenced in Stolen Documents Case
Recommended Online Masters Programs?
I am looking for an online masters program in Cybersecurity or related discipline. Does anyone have any first hand recommendations?
I have a non-technical Bachelors degree but working in the field now. I am not looking to become an engineer or drastically change careers. I am just looking to understand Cybersecurity more, maybe more more towards government work in the future, and/or obtain a management role.
Some of the programs I have been looking at are: Virginia Tech Masters Information Technology, Liberty MS Cybersecurity, Penn Masters Computer and Information Technology, George Washington M.eng. Cybersecurity Policy & Compliance, Syracuse MS Cybersecurity, Georgia Tech MS Cybersecurity.
Google Increases Bug Bounty Program Rewards
Gamer enttäuscht: Google Stadia soll kein "Netflix für Spiele" sein
Auf Reddit beantwortete Google viele Fragen zu seinem kommenden Cloud-Gaming-Dienst Stadia. Dabei räumte man mit den Gerüchten auf, welche besagt hatten, die Streaming-Plattform werde ein Abo-Service in der Art eines "Netflix für Spiele". Dem soll nämlich nicht so sein. (Weiter lesen)
China's Tech Giants Have a Second Job: Helping Beijing Spy on Its People
Tencent and Alibaba are among the firms that assist authorities in hunting down criminal suspects, silencing dissent and creating surveillance cities. From a report: Alibaba Group's sprawling campus has collegial workspaces, laid-back coffee bars and, on the landscaped grounds, a police outpost. Employees use the office to report suspected crimes to the police, according to people familiar with the operation. Police also use it to request data from Alibaba for their own investigations, these people said, tapping into the trove of information the tech giant collects through its e-commerce and financial-payment networks. In one case, the police wanted to find out who had posted content related to terrorism, said a former Alibaba employee. "They came to me and asked me for the user ID and information," he recalled. He turned it over. The Chinese government is building one of the world's most sophisticated, high-tech systems to keep watch over its citizens, including surveillance cameras, facial-recognition technology and vast computers systems that comb through terabytes of data. Central to its efforts are the country's biggest technology companies, which are openly acting as the government's eyes and ears in cyberspace. Companies including Alibaba Group Holding, Tencent Holdings and Baidu, are required to help China's government hunt down criminal suspects and silence political dissent. Their technology is also being used to create cities wired for surveillance.
Read more of this story at Slashdot.
Any suspisous activities (hacking/spamming) in the last few days?
I hope you're doing well and secure at most
I just wanna ask if anyone has detected suspicious activity in the last past days? especially for those who use Chrome Browser, and for those who had used FaceApp itself
most of my friends are hacked or had experienced that...especially their Gmail accounts or Facebook's
any idea about those attacks?
please upvote this thread to get the most of this case...
Thanks, and Have a nice day :)
ARP poisioning from different interfaces?
(I also asked it in /r/networking, not sure where this belongs more)
So I know generally how ARP spoofing works, but I'm not sure about one thing. Let's say we have 3 computers:
Computer A: 1 network interface with ip: 18.104.22.168
and Computer C: 1 network interface with ip 22.214.171.124
A is connected to B1, and C is connected to B2.
B wants to talk to A, so it sends an ARP packet with B1 to get A's MAC address.
Lets assume C is quicker then A and knows when B sends this packet (edit: I know naturally it wouldn't know this, that is why added this as an assumption, lets say for example, B sends this packet at exactly 5 o'clock, every day, and C knows it.).
So before A sends his answer to B, C will send an ARP response to B2, claiming to own the ip address 126.96.36.199. Will this work even though B2 is on subnet 2.2.2.x? In other words, C will be able to see what B planned to send to A, right?
Another question: Is there any easy way to model this situation (and similar situations) with VMs or something?
Windows 10: Samsung hat neues ARM-Gerät in Arbeit - Laptop oder VR?
Samsung arbeitet an neuer Hardware auf Basis von Windows 10 für ARM-Prozessoren. In einer Benchmark-Datenbank ist kürzlich ein neues Gerät der Koreaner aufgetaucht, das den Namen Samsung Galaxy Space trägt und mit der ARM-Variante von Windows läuft. Angesichts des Namens ist vollkommen unklar, um was für ein Produkt es sich handeln könnte. (Weiter lesen)
Presidential Abuse of Power Should Be Focus of Mueller Questioning
Instead of focusing on criminal conduct, the House must consider whether as president, Donald Trump abused his power or violated his oath of office.
The post Presidential Abuse of Power Should Be Focus of Mueller Questioning appeared first on Just Security.
Vorsicht: Kritische Schwachstelle in aktueller Version des VLC Media Player
Das VLC-Team werkelt derzeit an der Behebung einer kritischen, aus der Ferne ausnutzbaren Schwachstelle in der freien Mediaplayer-Software.
Kazakhstan MITM Attacks Can be Prevented with Decentralized PKI
SeitennavigationSeite 1 von 4.265 Seiten (Bei Beitrag 1 - 35)
149.260x Beiträge in dieser Kategorie
Nächste 2 Seite | Letzte Seite
[ 2 ] [ 3 ] [ 4 ] [ 5 ] [ 6 ] [ 7 ] [ 8 ] [ 9 ] [ 10 ] [ 11 ]