1. IT-Security >
  2. Cyber Security Nachrichten


ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese

Nachrichten


Suchen

News RSS Quellen: 82x
News Kategorien unterhalb von Nachrichten: 0x
News RSS Feeds dieser Nachrichten Kategorie: RSS Feed IT Security Nachrichten
Benutze Feedly zum Abonieren.Folge uns auf feedly
Download RSS Feed App für Windows 10 Store (Leider gibt es nicht mehr viele Extensions mit welchen Sie RSS-Feeds in einer Software abonieren können. Der Browser Support für RSS-Feeds wurde eingestellt (Firefox,Chrome).

Eigene IT Security Webseite / Blog / Quelle hinzufügen

Seitennavigation

Seite 12 von 4.406 Seiten (Bei Beitrag 385 - 420)
154.203x Beiträge in dieser Kategorie

Auf Seite 11 zurück | Nächste 13 Seite | Letzte Seite

[ 7 ] [ 8 ] [ 9 ] [ 10 ] [ 11 ] [12] [ 13 ] [ 14 ] [ 15 ] [ 16 ] [ 17 ] [ 18 ] [ 19 ] [ 20 ] [ 21 ] [ 22 ]

10. September: Neue iOS 13-Beta verrät iPhone 11 Keynote-Termin

Zur Kategorie wechselnIT Security Nachrichten vom | Quelle: winfuture.de Direktlink direkt öffnen

Betriebssystem, Apple, iOS, Dark Mode, Apple iOS, Dunkler Modus, iOS 13, Apple iOS 13 Apple hat eine neue Beta-Version für iOS 13 herausgegeben. Neben neuen Funktionen gab es dieses Mal vor allem etwas Interessantes zu entdecken: Apple hat einen Verweis mit dem Datum 10. September und "HoldForRelease" hinterlassen. (Weiter lesen)
News Bewertung

Weiterlesen Weiterlesen

KNOB-Angriff: 8-Bit-Verschlüsselung mit Bluetooth

Zur Kategorie wechselnIT Security Nachrichten vom | Quelle: golem.de Direktlink direkt öffnen

Die Verschlüsselung des Bluetooth-Protokolls lässt sich einfach aushebeln, ein Angreifer kann die Schlüssellänge kontrollieren und auf eine triviale Größe reduzieren. Abhilfe ist nicht in Sicht, die Bluetooth-Standardisierungsgruppe will die Schlüssellänge nur minimal erhöhen. (Bluetooth, Eingabegerät)
News Bewertung

Weiterlesen Weiterlesen

Microsoft: Keine "Streaming only" Xbox One-Konsole in Arbeit

Zur Kategorie wechselnIT Security Nachrichten vom | Quelle: winfuture.de Direktlink direkt öffnen

Microsoft, Konsole, Spielkonsole, Xbox, Xbox One, E3, Microsoft Xbox One, Xbox One S, E3 2016, Microsoft Xbox One S Xbox-Chef Phil Spencer sorgt in einem Interview für Klarheit. Microsoft hat derzeit keine Pläne, eine reine Streaming-Konsole vorzustellen. Anfang Juli verbreiteten sich Gerüchte über die Arbeiten an einer 100-Dollar-Xbox in Verbindung mit der Cloud-Gaming-Plattform xCloud. (Weiter lesen)
News Bewertung

Weiterlesen Weiterlesen

Datendiebstähle steigen auf Rekordhoch

Zur Kategorie wechselnIT Security Nachrichten vom | Quelle: google.com Direktlink direkt öffnen

Zu diesem Schluss kommen die Sicherheitsexperten von Risk Based Security in ihrem jüngsten Data-Breach-Report. Gemäss der Analyse wurden ...
News Bewertung

Weiterlesen Weiterlesen

Police costs for Gatwick drone fiasco double to nearly £900k – and still no one's been charged

Zur Kategorie wechselnIT Security Nachrichten vom | Quelle: go.theregister.com Direktlink direkt öffnen

Omnishambles just keeps on rolling and you're paying for it

Sussex Police's probe of the infamous London Gatwick airport drone fiasco of Christmas 2018 has doubled in cost to nearly £900,000 – and the bungling force still hasn't arrested the person or persons responsible.…


News Bewertung

Weiterlesen Weiterlesen

Apple bietet bis zu eine Million Dollar für Sicherheitslücken

Zur Kategorie wechselnIT Security Nachrichten vom | Quelle: security-insider.de Direktlink direkt öffnen

Für Apple ist die Datensicherheit seiner Geräte ein wichtiges Verkaufsargument. Deshalb sind speziell Zero-Day-Sicherheitslücken für die Apple-Betriebssysteme macOS und iOS, sowie für den Cloud-Service iCloud auf dem Schwarz­markt sehr viel Geld wert. Der Konzern aus Cuppertino zahlt jetzt höhere Prämien, damit die entdeckten Lücken bei ihm landen - und nicht bei Kriminellen oder Behörden.
News Bewertung

Weiterlesen Weiterlesen

Bluetana App Quickly Detects Hidden Bluetooth Card Skimmers at Gas Pumps

Zur Kategorie wechselnIT Security Nachrichten vom | Quelle: feedproxy.google.com Direktlink direkt öffnen

In recent years, gas stations have become one of the favorite targets for thieves who are stealing customers' credit and debit card information by installing a Bluetooth-enabled payment card skimmers at gas stations across the nation. The media has also reported several recent crimes surrounding credit card skimmers, including: Gas pump skimmer found at a 7-Eleven in Pinellas County Credit
News Bewertung

Weiterlesen Weiterlesen

Fitbit Versa 2 Has Amazon Alexa Integration and Always On Display, Leak Reveals

Zur Kategorie wechselnIT Security Nachrichten vom | Quelle: news.softpedia.com Direktlink direkt öffnen

A fresh leak revealed the features of Fitbit Versa 2 and a possible launch date, which is much closer than you think. Some details were already unveiled by a previous Fitbit Versa 2 leak, from a trustworthy source, but we knew very little about the actual product, except the fact that it would feature Amazon Alexa integration and slightly modified design. It looks like Fitbit is trying to capitalize on the good name and success of the original Versa, which put the company back into the public eye. It’s already an excellent fitness tracker, and it will be nice to see how much the company can improve upon a successful recipe. Fitbit Versa 2 launch is close The Fitbit Versa 2 detailed were revealed in an ad, on a website that deals, usually, with second-hand merchandise. Firstly, the Amazon Alexa integration was confirme...
News Bewertung

Weiterlesen Weiterlesen

Cyber-Sicherheit: Neues Lehrbuch vermittelt Wissen von der Basis bis zum Experten-Knowhow

Zur Kategorie wechselnIT Security Nachrichten vom | Quelle: google.com Direktlink direkt öffnen

Auch IT-Affine ohne Security Background finden in dem Lehrbuch zahlreiche Anwendungsbeispiele und Lösungen für Problemstellungen, die eine ...
News Bewertung

Weiterlesen Weiterlesen

Microsoft Warns of Phishing Attacks Using Custom 404 Pages

Zur Kategorie wechselnIT Security Nachrichten vom | Quelle: bleepingcomputer.com Direktlink direkt öffnen

Microsoft security researchers discovered an unusual phishing campaign which employs custom 404 error pages to trick potential victims into handing out their Microsoft credentials. [...]
News Bewertung

Weiterlesen Weiterlesen

Cyber-Sicherheit: Neues Lehrbuch vermittelt Wissen von der Basis bis zum Experten-Knowhow

Zur Kategorie wechselnIT Security Nachrichten vom | Quelle: all-about-security.de Direktlink direkt öffnen

Das Lehrbuch für Konzepte, Prinzipien, Mechanismen, Architekturen und Eigenschaften von Cyber-Sicherheitssystemen in der Digitalisierung + Die Digitalisierung verändert Geschäftsmodelle, Verwaltungsprozesse und viele weitere Lebensbereiche radikal. Dadurch eröffnet der digitale Wandel auf der einen Seite viele neue und interessante Möglichkeiten. Auf der anderen Seite sorgen Hacker mit Cyber-Angriffen immer wieder für Aufsehen. Die fortschreitende Digitalisierung bringt neben vielen Vorteilen auch weitere Gefahren. Für eine erfolgreiche Zukunft unserer Gesellschaft ist es daher entscheidend, eine sichere und vertrauenswürdige IT zu gestalten.
News Bewertung

Weiterlesen Weiterlesen

Congstar "Prepaid wie ich will" bekommt nun auch LTE 25-Option

Zur Kategorie wechselnIT Security Nachrichten vom | Quelle: winfuture.de Direktlink direkt öffnen

Mobilfunk, Lte, Tarif, Congstar Bei Congstar Prepaid startet in Kürze eine LTE-Option für den flexiblen "Prepaid wie ich will"-Tarif. Zum Start des neuen Angebots gibt es auch gleich noch eine Rabatt-Aktion, bei der Kunden ordentlich sparten können. (Weiter lesen)
News Bewertung

Weiterlesen Weiterlesen

Security? We've heard of it! But why be a party pooper when there's printing to be done

Zur Kategorie wechselnIT Security Nachrichten vom | Quelle: go.theregister.com Direktlink direkt öffnen

The boss that went rogue and cocked a snook at the corporate policy he wrote

On Call  With the gateway to the weekend upon us, it is time to crack open the On Call files once again to enjoy a tale from one of those brave engineers at the front line of the tech world.…


News Bewertung

Weiterlesen Weiterlesen

Counterintuitive Physics Property Found To Be Widespread In Living Organisms

Zur Kategorie wechselnIT Security Nachrichten vom | Quelle: science.slashdot.org Direktlink direkt öffnen

Lisa Zyga, writing for Phys.Org: Ever since the late 19th century, physicists have known about a counterintuitive property of some electric circuits called negative resistance. Typically, increasing the voltage in a circuit causes the electric current to increase as well. But under some conditions, increasing the voltage can cause the current to decrease instead. This basically means that pushing harder on the electric charges actually slows them down. Due to the relationship between current, voltage, and resistance, in these situations the resistance produces power rather than consuming it, resulting in a "negative resistance." Today, negative resistance devices have a wide variety of applications, such as in fluorescent lights and Gunn diodes, which are used in radar guns and automatic door openers, among other devices. Most known examples of negative resistance occur in human-engineered devices rather than in nature. However, in a new study published in the New Journal of Physics, Gianmaria Falasco and coauthors from the University of Luxembourg have shown that an analogous property called negative differential response is actually a widespread phenomenon that is found in many biochemical reactions that occur in living organisms. They identify the property in several vital biochemical processes, such as enzyme activity, DNA replication, and ATP production. It seems that nature has used this property to optimize these processes and make living things operate more efficiently at the molecular scale. The researchers provided two examples of biological processes that have negative differential responses. The first example is substrate inhibition, which is a process used by enzymes to regulate their ability to catalyze chemical reactions: "When a single substrate molecule binds to an enzyme, the resulting enzyme-substrate complex decays into a product, generating a chemical current," writes Zyga. "On the other hand, when the substrate concentration is high, two substrate molecules may bind to an enzyme, and this double binding prevents the enzyme from producing more product. As an increase in substrate molecule concentration causes a decrease in the chemical current, this is a negative differential response." The second example has to do with autocatalytic reactions -- "self-catalyzing" reactions, or reactions that produce products that catalyze the reaction itself: "Autocatalytic reactions occur throughout the body, such as in DNA replication and ATP production during glycolysis," writes Zyga. "The researchers showed that negative differential responses can arise when two autocatalytic reactions occur simultaneously in the presence of two different chemical concentrations (reservoirs) in an out-of-equilibrium system."

Read more of this story at Slashdot.


News Bewertung

Weiterlesen Weiterlesen

Infinigate und Barracuda adressieren Managed Services im DACH-Markt

Zur Kategorie wechselnIT Security Nachrichten vom | Quelle: google.com Direktlink direkt öffnen

Ab 2002 hat sich Infinigate ausschließlich auf die Distribution von CyberSecurity Lösungen zum nachhaltigen Schutz von IT Netzwerken, Servern, ...
News Bewertung

Weiterlesen Weiterlesen

Das sind nicht die Guten: Apple verklagt Anbieter von iOS-Emulationen

Zur Kategorie wechselnIT Security Nachrichten vom | Quelle: winfuture.de Direktlink direkt öffnen

Betriebssystem, Apple, iOS, Dark Mode, Apple iOS, Dunkler Modus, iOS 13, Apple iOS 13 Apple fährt jetzt dem Software-Unternehmen Corellium in die Parade. Dieses bietet virtualisierte Umgebungen an, auf denen unter anderem auch iOS getestet werden kann, ohne dass man ein iPhone oder iPad benötigt. Der kalifornische Computerkonzern will das nun mit einer Urheberrechtsklage unterbinden. (Weiter lesen)
News Bewertung

Weiterlesen Weiterlesen

Zwei-Faktor-Authentisierung wird Pflicht beim Online-Banking

Zur Kategorie wechselnIT Security Nachrichten vom | Quelle: bsi-fuer-buerger.de Direktlink direkt öffnen


News Bewertung

Weiterlesen Weiterlesen

“KNOB” Security Flaw Exploits All Versions Of Bluetooth Devices

Zur Kategorie wechselnIT Security Nachrichten vom | Quelle: hackercombat.com Direktlink direkt öffnen

There are times when technology becomes too ubiquitous and too accessible by the public for its own good, it becomes a favorite target of cybercriminals. Discovery of vulnerability by security...

The post “KNOB” Security Flaw Exploits All Versions Of Bluetooth Devices appeared first on .


News Bewertung

Weiterlesen Weiterlesen

Preissenkung: 1 Jahr Amazon Prime jetzt für 54 Euro statt 69 Euro

Zur Kategorie wechselnIT Security Nachrichten vom | Quelle: winfuture.de Direktlink direkt öffnen

Amazon, Logo, Amazon Prime, Abo, Abonnement, Online-Shop, Mitgliedschaft Zum Start der Serie Inside Borussia Dortmund senkt Amazon den Jahres­preis des beliebten Prime-Abos von 69 Euro auf 54 Euro. Vom Rabatt pro­fi­tieren diesmal nicht nur Neukunden, sondern auch Prime-Mitglieder, die von der monatlichen auf die jährliche Zahlung wechseln. (Weiter lesen)
News Bewertung

Weiterlesen Weiterlesen

Listing registry keys in HKEY_LOCAL_MACHINE users can create symbolic links in

Zur Kategorie wechselnIT Security Nachrichten vom | Quelle: reddit.com Direktlink direkt öffnen

This is related to the recent privilege escalation case with Steam, which is supposedly now patched (Aug 13th, 2019). The symbolic link method used to for the escalation got me thinking if there are any other services or programs that have a similar vulnerability. So I made and put this tool on GitHub that checks Windows registry keys under HKEY_LOCAL_MACHINE if non-admins/regular users have permissions to create symbolic links there. Turns out there are quite a few. Now, that alone doesn't mean they are vulnerable, but it's still something that should be looked further in to. So I'm here to share some findings someone might be interested in.

Notably there are some registry keys where non-admins don't have direct write permissions to, but can still create symbolic links. This might be an issue if such key is used to store temporary subkeys that could be replaced by symbolic links for example. My guess is that the permissions on these keys are not set on purpose and are more likely mistakes caused by the obscurity of symlinks in general. I really don't see why someone would purposefully be allowed to create symlinks, but not write.

Here's a list of keys under HKLM from my own system non-admins can create symbolic links in, but not write

\SYSTEM\ControlSet001\Control\NetDiagFx (link only) \SYSTEM\ControlSet001\Services\DPS\Security (link only) \SYSTEM\ControlSet001\Services\gpsvc\Parameters (link only) \SYSTEM\ControlSet001\Services\gpsvc\Security (link only) \SYSTEM\ControlSet001\Services\gpsvc\TriggerInfo (link only) \SYSTEM\ControlSet001\Services\TrustedInstaller\Security (link only) \SYSTEM\ControlSet001\Services\WdiServiceHost\Security (link only) \SYSTEM\ControlSet001\Services\WdiSystemHost\Security (link only) <Many keys in \SOFTWARE\Classes\Installer\Assemblies\ > <Many keys in \SOFTWARE\Classes\Installer\Features\ > <Many keys in \SOFTWARE\Classes\Installer\Products\ > <Many keys in \SOFTWARE\Classes\Installer\UpgradeCodes\ > \SOFTWARE\Classes\Installer\Win32Assemblies\Global (link only) \SOFTWARE\Classes\MAPI/Attachment\ShellEx (link only) \SOFTWARE\Classes\MAPI/IPM.Activity\ShellEx (link only) \SOFTWARE\Classes\MAPI/IPM.Appointment\ShellEx (link only) \SOFTWARE\Classes\MAPI/IPM.Contact\ShellEx (link only) \SOFTWARE\Classes\MAPI/IPM.DistList\ShellEx (link only) \SOFTWARE\Classes\MAPI/IPM.Message\ShellEx (link only) \SOFTWARE\Classes\MAPI/IPM.Note\ShellEx (link only) \SOFTWARE\Classes\MAPI/IPM.Note.Read\ShellEx (link only) \SOFTWARE\Classes\MAPI/IPM.Post\ShellEx (link only) \SOFTWARE\Classes\MAPI/IPM.Post.Rss\ShellEx (link only) \SOFTWARE\Classes\MAPI/IPM.Schedule.Meeting\ShellEx (link only) \SOFTWARE\Classes\MAPI/IPM.StickyNote\ShellEx (link only) \SOFTWARE\Classes\MAPI/IPM.Task\ShellEx (link only) \SOFTWARE\Microsoft\Windows Search\Applications\Windows (link only) \SOFTWARE\Microsoft\Windows Search\Capabilities (link only) \SOFTWARE\Microsoft\Windows Search\CatalogList\Applications\Windows (link only) \SOFTWARE\Microsoft\Windows Search\CatalogNames\Windows\SystemIndex (link only) \SOFTWARE\Microsoft\Windows Search\CrawlScopeManager\Windows (link only) \SOFTWARE\Microsoft\Windows Search\FileChangeClientConfigs (link only) \SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls (link only) \SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Extensions (link only) \SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Mappings (link only) \SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Protocols\Csc (link only) \SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Protocols\File (link only) \SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Protocols\IEHistory (link only) \SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Protocols\IERSS (link only) \SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Protocols\Mapi (link only) \SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Protocols\WinRT (link only) \SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\Sites (link only) \SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\StartPages (link only) \SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex\StreamLog (link only) \SOFTWARE\Microsoft\Windows Search\Gathering Manager\Applications\Windows (link only) \SOFTWARE\Microsoft\Windows Search\PHSearchConnectors (link only) \SOFTWARE\Microsoft\Windows Search\UsnNotifier\Windows (link only) \SOFTWARE\Microsoft\Windows Search\VolumeInfoCache (link only) 

There are also some keys regular users have full access to, which seems deliberate, as it is with Steam. These should be checked if they are used by any privileged processes and see if they can be of use.

I do realize the list below contains some apps I have installed on my computer, but this is fine. You may also note Steam is also still listed here and that's because it still falls under the category. The fix Steam issued stopped the background service from updating privileges to the keys on startup, which seems like an appropriate fix. It stops access being granted to symbolic link target keys by actions regular users can do (restarting the background service). My guess is these privileges are now only set when Steam is first installed, which requires admin privileges and thus is safe. It should be checked that this is the case with other keys listed here aswell.

\SOFTWARE\Blizzard Entertainment (writeable) \SOFTWARE\Epic Games (writeable) \SOFTWARE\EpicGames\Unreal Engine\4.0 (writeable) \SOFTWARE\Microsoft\DRM (writeable) \SOFTWARE\Microsoft\Speech_OneCore\AudioPolicy (writeable) \SOFTWARE\Microsoft\Speech_OneCore\CloudPolicy\OneSettings (writeable) \SOFTWARE\Microsoft\Speech_OneCore\CloudSettings (writeable) \SOFTWARE\Microsoft\Speech_OneCore\Settings\OnlineSpeechPrivacy (writeable) <Many keys in\SOFTWARE\Microsoft\Tracing\ > \SOFTWARE\Microsoft\WBEM\Tracing (link only) \SOFTWARE\Microsoft\Windows\CurrentVersion\PlayReady\FixMe\DisableHWDRMDaysONLY (writeable) <Many keys in \SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ > \SOFTWARE\Microsoft\Windows\UpdateApi (writeable) \SOFTWARE\Microsoft\Windows Media Foundation\PlayReady\LSRD (writeable) \SOFTWARE\Microsoft\Windows Portable Devices\Devices (writeable) \SOFTWARE\Realtek\Audio\VbCmdMonitor (writeable) \SOFTWARE\Valve\Steam (writeable) \SOFTWARE\Classes\.sc2map (writeable) \SOFTWARE\Classes\.sc2replay (writeable) \SOFTWARE\Classes\.sc2save (writeable) \SOFTWARE\Classes\.StormReplay (writeable) \SOFTWARE\Classes\battlenet (writeable) \SOFTWARE\Classes\blizzard (writeable) \SOFTWARE\Classes\Blizzard.SC2Map (writeable) \SOFTWARE\Classes\Blizzard.SC2Replay (writeable) \SOFTWARE\Classes\Blizzard.SC2Save (writeable) \SOFTWARE\Classes\Blizzard.StormReplay (writeable) \SOFTWARE\Classes\Blizzard.URI.Battlenet (writeable) \SOFTWARE\Classes\Blizzard.URI.Blizzard (writeable) \SOFTWARE\Classes\Blizzard.URI.Heroes (writeable) \SOFTWARE\Classes\Blizzard.URI.SC2 (writeable) \SOFTWARE\Classes\com.epicgames.launcher (writeable) \SOFTWARE\Classes\heroes (writeable) \SOFTWARE\Classes\starcraft (writeable) 

For further investigation SysInternals ProcMon can be used to live monitor if a privileged service or program edits permissions to a registry key, like the ones listed here. Just add an event filter to ProcMon with options: "Operation", "is", "RegSetKeySecurity". That makes it only display events where registry permissions are edited. Then leave it there for some results or try restarting services and programs to trigger an event. In any case if the action that causes permissions to be edited can be initiated as a regular user or runs periodically on it's own, the service/program is likely vulnerable to privilege escalation.

submitted by /u/Dankirk
[link] [comments]
News Bewertung

Weiterlesen Weiterlesen

Many Apache Struts Security Advisories Updated Following Review

Zur Kategorie wechselnIT Security Nachrichten vom | Quelle: feedproxy.google.com Direktlink direkt öffnen

Two dozen security advisories for the Apache Struts open source development framework have been updated after researchers determined that they contained incorrect information regarding which versions of the software were impacted by a vulnerability.

read more


News Bewertung

Weiterlesen Weiterlesen

Apple Files Lawsuit Against Corellium For iOS Emulation

Zur Kategorie wechselnIT Security Nachrichten vom | Quelle: apple.slashdot.org Direktlink direkt öffnen

Apple has filed a lawsuit against Corellium, accusing the software company of illegally selling virtual copies of iOS under the guise of helping discover security flaws. "Apple said the software company Corellium has copied the operating system, graphical user interface and other aspects of the devices without permission, and wants a federal judge to stop the violations," reports Bloomberg. From the report: Apple said it supports "good-faith security research," offering a $1 million "bug bounty" for anyone who discovers flaws in its system and gives custom versions of the iPhone to "legitimate" researchers. Corellium, the iPhone maker said, goes further than that. "Although Corellium paints itself as providing a research tool for those trying to discover security vulnerabilities and other flaws in Apple's software, Corellium's true goal is profiting off its blatant infringement," Apple said in the complaint. "Far from assisting in fixing vulnerabilities, Corellium encourages its users to sell any discovered information on the open market to the highest bidder." Corellium creates copies of the Apple iOS, and says that it's all to help white-hat hackers discover security flaws. Instead, according to Apple, any information is sold to people who can then exploit those flaws. Corellium, in a posting dated July 4 on its website, said it "respects the intellectual property rights of others and expects its users to do the same." Corellium's products allow the creation of a virtual Apple device, according to the suit. It copies new versions of Apple works as soon as they are announced, and doesn't require users to disclose flaws to Apple, the Cupertino, California-based company said in the complaint. Apple also wants a court order forcing Corellium to notify its customers that they are in violation of Apple's rights, destruction of any products using Apple copyrights, and cash compensation.

Read more of this story at Slashdot.


News Bewertung

Weiterlesen Weiterlesen

Grays Harbor Community Hospital in Washington and NCH Florida hit by Ransomware

Zur Kategorie wechselnIT Security Nachrichten vom | Quelle: cybersecurity-insiders.com Direktlink direkt öffnen

Officials at the Grays Harbor Community Hospital in Washington have confirmed that their IT infrastructure was hit by a ransomware attack in June this year and data including patient health info was affected. According to the latest update given by the Aberdeen based healthcare providers’ spokesperson Nancy Long, hackers were demanding a payment of $1 […]

The post Grays Harbor Community Hospital in Washington and NCH Florida hit by Ransomware appeared first on Cybersecurity Insiders.


News Bewertung

Weiterlesen Weiterlesen

Issue #64 - Volume XXI - SANS Newsbites - August 16th, 2019

Zur Kategorie wechselnIT Security Nachrichten vom | Quelle: sans.org Direktlink direkt öffnen


News Bewertung

Weiterlesen Weiterlesen

Huawei data scandal in South Africa  

Zur Kategorie wechselnIT Security Nachrichten vom | Quelle: cybersecurity-insiders.com Direktlink direkt öffnen

A news post published in the Wall Street Journal (WSJ) states that Huawei with the help of Chinese intelligence has helped two South African politicians to spy on their opponents to steal their campaign’s data secrets and whereabouts. Officials from Huawei have rejected the claims made by the WSJ and said that it was the […]

The post Huawei data scandal in South Africa   appeared first on Cybersecurity Insiders.


News Bewertung

Weiterlesen Weiterlesen

Die Ausbildung zum Informatiker

Zur Kategorie wechselnIT Security Nachrichten vom | Quelle: google.com Direktlink direkt öffnen

Fachinformatiker sind in IT-Abteilungen unterschiedlicher Branchen tätig ... Die IT-Security-Spezialisten gehören zu den gefragtesten IT-Experten in ...
News Bewertung

Weiterlesen Weiterlesen

Scientists Discover New Pain-Sensing Organ

Zur Kategorie wechselnIT Security Nachrichten vom | Quelle: science.slashdot.org Direktlink direkt öffnen

An anonymous reader quotes a report from The Guardian: A new organ involved in the sensation of pain has been discovered by scientists, raising hopes that it could lead to the development of new painkilling drugs. Researchers say they have discovered that the special cells that surround the pain-sensing nerve cells that extend into the outer layer of skin appear to be involved in sensing pain. The scientists say the finding offers new insight into pain and could help answer longstanding conundrums. Writing in the journal Science, the researchers reveal how they examined the nature of cells in the skin that, they say, have largely been overlooked. These are a type of Schwann cell, which wrap around and engulf nerve cells and help to keep them alive. The study has revealed these Schwann cells have an octopus-like shape. After examining tissues, the team found the body of the cells sits below the outer layer of the skin, but that the cells have long extensions that wrap around the ends of pain-sensing nerve cells that extend up into the epidermis, the outer layer of the skin. The scientists were surprised at the findings because it has long been believed that the endings of nerve cells in the epidermis were bare or unwrapped. With the special Schwann cells and the nerves they engulf forming a mesh-like network, the researchers say they have essentially discovered a new pain-sensing organ. "It is a two-cell receptor organ: the nerve and Schwann cell together," Prof Patrik Ernfors, a co-author of the research from the Karolinska Institute in Sweden, said.

Read more of this story at Slashdot.


News Bewertung

Weiterlesen Weiterlesen

IoT Devices — Why Risk Assessment is Critical to Cybersecurity

Zur Kategorie wechselnIT Security Nachrichten vom | Quelle: tripwire.com Direktlink direkt öffnen

The IoT Threat Landscape As technology continues to pervade modern-day society, security and trust have become significant concerns. This is particularly due to the plethora of cyber attacks that target organizations, governments and society. The traditional approach to address such challenges has been to conduct cybersecurity risk assessments that seek to identify critical assets, the […]… Read More

The post IoT Devices — Why Risk Assessment is Critical to Cybersecurity appeared first on The State of Security.


News Bewertung

Weiterlesen Weiterlesen

President Trump Is Reportedly Considering Buying Greenland

Zur Kategorie wechselnIT Security Nachrichten vom | Quelle: news.slashdot.org Direktlink direkt öffnen

According to The Wall Street Journal, President Trump has -- with varying degrees of seriousness -- floated the idea of the U.S. buying the autonomous Danish territory of Greenland. From the report: In meetings, at dinners and in passing conversations, Mr. Trump has asked advisers whether the U.S. can acquire Greenland, listened with interest when they discuss its abundant resources and geopolitical importance and, according to two of the people, has asked his White House counsel to look into the idea. Some of his advisers have supported the concept, saying it was a good economic play, two of the people said, while others dismissed it as a fleeting fascination that will never come to fruition. It is also unclear how the U.S. would go about acquiring Greenland even if the effort were serious. U.S. officials view Greenland as important to American national-security interests. A decades-old defense treaty between Denmark and the U.S. gives the U.S. military virtually unlimited rights in Greenland at America's northernmost base, Thule Air Base. Located 750 miles north of the Arctic Circle, it includes a radar station that is part of a U.S. ballistic missile early-warning system. The base is also used by the U.S. Air Force Space Command and the North American Aerospace Defense Command. People outside the White House have described purchasing Greenland as an Alaska-type acquisition for Mr. Trump's legacy, advisers said. The few current and former White House officials who had heard of the notion described it with a mix of anticipation and apprehension, since it remains unknown how far the president might push the idea. It generated a cascade of questions among his advisers, such as whether the U.S. could use Greenland to establish a stronger military presence in the Arctic, and what kind of research opportunities it might present. The report says that Trump told associates he had been advised to look into buying Greenland because Denmark faced financial trouble from supporting the territory. The person who told the Journal about Trump's comments said they seemed like more of a joke about his power than a serious inquiry. According to U.S. and Danish government statistics, Greenland relies on $591 million of subsidies from Denmark annually, which make up about 60% of its annual budget.

Read more of this story at Slashdot.


News Bewertung

Weiterlesen Weiterlesen

Good bitlocker alternatives that don’t need admin privileges?

Zur Kategorie wechselnIT Security Nachrichten vom | Quelle: reddit.com Direktlink direkt öffnen

I have a partition on a drive that I want to encrypt to use on pretty much any windows computer. I don’t have enterprise so I can’t setup a bitlocker encryption. I would use veracrypt but that requires admin privileges to run, which I don’t have on the pcs I want to use this drive on. I have a different unencrypted partition that I can store the encryption program on if need be. Anyone know a good program to use?

submitted by /u/popcornondemand
[link] [comments]
News Bewertung

Weiterlesen Weiterlesen

Disney Fights Streaming Account Sharing With Help From Cable Industry

Zur Kategorie wechselnIT Security Nachrichten vom | Quelle: entertainment.slashdot.org Direktlink direkt öffnen

Disney and Charter Communications are teaming up to fight account sharing in an attempt to prevent multiple people from using a single account to access streaming video services. Ars Technica reports: The battle against account sharing was announced as Disney and the nation's second-biggest cable company struck a new distribution agreement involving Disney's Hulu, ESPN+, and the forthcoming Disney+. Customers could still buy those online services directly from Disney, but the new deal would also let them make those purchases through Charter's Spectrum TV service. If you buy a Disney service through Charter, be aware that the companies will work together to prevent you from sharing a login with friends. Disney and Charter said in their announcement yesterday that they have "agreed to work together on piracy mitigation. The two companies will work together to implement business rules and techniques to address such issues as unauthorized access and password sharing." The crackdown could target people who use Charter TV account logins to sign into Disney services online. Charter CEO Tom Rutledge has complained about account sharing several times over the past few years while criticizing TV networks for not fully locking down their content. "There's lots of extra streams, there's lots of extra passwords, there's lots of people who could get free service," Rutledge said at an industry conference in 2017. He argues that password sharing has helped people avoid buying cable TV. ESPN has also complained about account sharing, calling it piracy. Another possibility is that Charter could monitor usage of its broadband network to help Disney fight account sharing. For example, Disney could track the IP addresses of users signing in to its services, and Charter could match those IP addresses to those of its broadband customers.

Read more of this story at Slashdot.


News Bewertung

Weiterlesen Weiterlesen

PCI SAAS

Zur Kategorie wechselnIT Security Nachrichten vom | Quelle: reddit.com Direktlink direkt öffnen

Anyone use any good SAAS that does a majority or all of the monitoring required by PCI? AV Logging File integrity Patching

submitted by /u/businessmask
[link] [comments]
News Bewertung

Weiterlesen Weiterlesen

AI Startup Claims To Automate App Making But Actually Just Uses Humans

Zur Kategorie wechselnIT Security Nachrichten vom | Quelle: tech.slashdot.org Direktlink direkt öffnen

Engineer.ai, an Indian startup claiming to have built an artificial intelligence-assisted app development platform, is not in fact using AI to literally build apps, according to a report from The Wall Street Journal. Instead, the company, which has attracted nearly $30 million in funding from a SoftBank-owned firm and others, is reportedly relying mostly on human engineers, while using hype around AI to attract customers and investment that will last it until it can actually get its automation platform off the ground. The Verge reports: The company claims its AI tools are "human-assisted," and that it provides a service that will help a customer make more than 80 percent of a mobile app from scratch in about an hour, according to claims Engineer.ai founder Sachin Dev Duggal, who also says his other title is "Chief Wizard," made onstage at a conference last year. However, the WSJ reports that Engineer.ai does not use AI to assemble the code, and instead uses human engineers in India and elsewhere to put together the app. When pressed on how the company actually employs machine learning and other AI training techniques, the company told the WSJ it uses natural language processing to estimate pricing and timelines of requested features, and that it relies on a "decision tree" to assign tasks to engineers. Neither of those really qualify as the type of modern AI that powers cutting-edge machine translation or image recognition, and it does not appear that any kind of AI agent or software of any kind is actually compiling code.

Read more of this story at Slashdot.


News Bewertung

Weiterlesen Weiterlesen

Google Has Started Removing FTP Support From Chrome

Zur Kategorie wechselnIT Security Nachrichten vom | Quelle: bleepingcomputer.com Direktlink direkt öffnen

Google developers have wanted to remove FTP support from the Chrome browser for quite some time and have been slowly whittling away at its support. In a series of proposed code changes and an "Intent to Remove", the end is near for the FTP protocol in Chrome. [...]
News Bewertung

Weiterlesen Weiterlesen

GCU, Lana Sweeten-Shults, DEF CON 27: GCU students log in to hacker summer camp

Zur Kategorie wechselnIT Security Nachrichten vom | Quelle: forum.defcon.org Direktlink direkt öffnen

URL1=https://news.gcu.edu/2019/08/gcu-students-log-in-to-hacker-summer-camp/ Their Title 1: GCU students log in to ‘hacker summer camp’ Students of GCU visit DEF CON and report on their observations and interactions.
News Bewertung

Weiterlesen Weiterlesen

Seitennavigation

Seite 12 von 4.406 Seiten (Bei Beitrag 385 - 420)
154.203x Beiträge in dieser Kategorie

Auf Seite 11 zurück | Nächste 13 Seite | Letzte Seite

[ 7 ] [ 8 ] [ 9 ] [ 10 ] [ 11 ] [12] [ 13 ] [ 14 ] [ 15 ] [ 16 ] [ 17 ] [ 18 ] [ 19 ] [ 20 ] [ 21 ] [ 22 ]