Sicherheitsinfos

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
Heise Sicherheits NewsAngreifer könnten verschiedene NUC-Systeme und Software von Intel ins Visier nehmen und sich etwa höhere Nutzerrechte erschleichen. Patches sind verfügbar....
Zugriffe: 2

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
Heise Sicherheits NewsEin Sicherheitsupdate schließt zwei Lücken im Passwortmanager von Trend Micro. Keine der Schwachstellen gilt als kritisch....
Zugriffe: 2

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
Heise Sicherheits News33 Geräte von 25 Herstellern lassen sich kapern. Angreifer können spionieren, andere Systeme angreifen oder die Organisation durch einen Totalausfall schwächen....
Zugriffe: 2

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
TheHackersNewsA series of critical vulnerabilities have been discovered in Qualcomm chipsets that could allow hackers to compromise Android devices remotely just by sending malicious packets over-the-air with no user interaction. Discovered by security researchers from Tencent's Blade team, the vulnerabilities, collectively known as QualPwn, reside in the WLAN and modem firmware of Qualcomm chipsets that...
Zugriffe: 4

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
TheHackersNewsUnited States federal government has charged a Pakistani national for bribing employees at AT&T telecommunication company over a period of five years to help unlock more than 2 million phones and plant malware on the company's network. Muhammad Fahd, a 34-year-old man from Pakistan, was arrested in Hong Kong last year in February at the request of the U.S. government and just extradited to the...
Zugriffe: 4

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
TheHackersNewsA new variant of the Spectre (Variant 1) side-channel vulnerability has been discovered that affects all modern Intel CPUs, and probably some AMD processors as well, which leverage speculative execution for high performance, Microsoft and Red Hat warned. Identified as CVE-2019-1125, the vulnerability could allow unprivileged local attackers to access sensitive information stored in the...
Zugriffe: 4

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
TheHackersNewsMalta-based cryptocurrency exchange Binance has become a victim of a ransom demand from a scammer who claimed to have hacked the KYC (Know Your Customer) data of thousands of its customers. The unknown attacker threatened the world's largest cryptocurrency exchange by volume to release KYC information of 10,000 users if the company did not pay 300 Bitcoins—that's equivalent to almost $3.5...
Zugriffe: 4

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
TheHackersNewsRemember the Reverse RDP Attack? Earlier this year, researchers disclosed clipboard hijacking and path-traversal issues in Microsoft's Windows built-in RDP client that could allow a malicious RDP server to compromise a client computer, reversely. (You can find details and a video demonstration for this security vulnerability, along with dozens of critical flaws in other third-party RDP...
Zugriffe: 3

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
TheHackersNewsIf you are running a KDE desktop environment on your Linux operating system, you need to be extra careful and avoid downloading any ".desktop" or ".directory" file for a while. A cybersecurity researcher has disclosed an unpatched zero-day vulnerability in the KDE software framework that could allow maliciously crafted .desktop and .directory files to silently run arbitrary code on a user's...
Zugriffe: 4

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
TheHackersNewsFacebook has filed a lawsuit against two shady Android app developers accused of making illegal money by hijacking users' smartphones to fraudulently click on Facebook ads. According to Facebook, Hong Kong-based 'LionMobi' and Singapore-based 'JediMobi' app developers were distributing malicious Android apps via the official Google Play Store that exploit a technique known as "click injection...
Zugriffe: 4

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
TheHackersNewsApple has just updated the rules of its bug bounty program by announcing a few major changes during a briefing at the annual Black Hat security conference yesterday. One of the most attractive updates is… Apple has enormously increased the maximum reward for its bug bounty program from $200,000 to $1 million—that's by far the biggest bug bounty offered by any major tech company for reporting...
Zugriffe: 4

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
TheHackersNewsIf you own a device, or a hardware component, manufactured by ASUS, Toshiba, Intel, NVIDIA, Huawei, or other 15 other vendors listed below, you're probably screwed. A team of security researchers has discovered high-risk security vulnerabilities in more than 40 drivers from at least 20 different vendors that could allow attackers to gain most privileged permission on the system and hide malware...
Zugriffe: 3

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
TheHackersNewsThe threat of ransomware is becoming more prevalent and severe as attackers' focus has now moved beyond computers to smartphones and other Internet-connected smart devices. In its latest research, security researchers at cybersecurity firm CheckPoint demonstrated how easy it is for hackers to remotely infect a digital DSLR camera with ransomware and hold private photos and videos hostage...
Zugriffe: 4

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
TheHackersNewsWith the migration of governments and enterprises towards controller-based architectures, the role of a core network engineer has become more important than ever. Today, majority of interconnected wide area networks (WANs) and local area networks (LANs) in the world run on Cisco routers and other Cisco networking equipment, and therefore most organizations need network engineers to maintain...
Zugriffe: 4

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
TheHackersNewsIf you're using Chrome on Android, you can now sign-in to your Google account and some of the other Google services by simply using your fingerprint, instead of typing in your password every time. Google is rolling out a new feature, called "local user verification," that allows you to log in to both native applications and web services by registering your fingerprint or any other method...
Zugriffe: 4

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
TheHackersNewsEpic Games, the creator of the popular 'Fortnite' video game, is facing a class-action lawsuit from gamers over hacked Fortnite accounts, accusing the company of failing to maintain adequate security measures and notify users of the security breach in a timely manner. The lawsuit, filed by 'Franklin D. Azar and Associates' in the United States District Court in North Carolina on behalf of...
Zugriffe: 4

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
TheHackersNewsWAF (Web Application Firewall) has been the first line of defence when it comes to application security for a while now. Many organizations have adopted WAF in one form or the other and most cases, compliance has been the driver for adoption. But unfortunately, when it comes to the efficacy of WAF in thwarting attacks, it has not lived up to the expectations. In most organizations, WAF has...
Zugriffe: 4

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
TheHackersNewsA Google security researcher has just disclosed details of a 20-year-old unpatched high-severity vulnerability affecting all versions of Microsoft Windows, back from Windows XP to the latest Windows 10. The vulnerability resides in the way MSCTF clients and server communicate with each other, allowing even a low privileged or a sandboxed application to read and write data to a higher...
Zugriffe: 4

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
TheHackersNewsIf you are using any supported version of the Windows operating system, stop everything and install the latest security updates from Microsoft immediately. Windows operating system contains four new critical wormable, remote code execution vulnerabilities in Remote Desktop Services, similar to the recently patched 'BlueKeep' RDP vulnerability. Discovered by Microsoft's security team itself, all...
Zugriffe: 4

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
TheHackersNewsVarious implementations of HTTP/2, the latest version of the HTTP network protocol, have been found vulnerable to multiple security vulnerabilities affecting the most popular web server software, including Apache, Microsoft's IIS, and NGINX. Launched in May 2015, HTTP/2 has been designed for better security and improved online experience by speeding up page loads. Today, over hundreds of...
Zugriffe: 4

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
TheHackersNewsAfter a few popular Android Trojans like Anubis, Red Alert 2.0, GM bot, and Exobot, quit their malware-as-a-service businesses, a new player has emerged on the Internet with similar capabilities to fill the gap, offering Android bot rental service to the masses. Dubbed "Cerberus," the new remote access Trojan allows remote attackers to take total control over the infected Android devices and...
Zugriffe: 4

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
securitymagazine.comActing DHS Secretary Kevin K. McAleenan announced final allocations of $350 million for six Fiscal Year (FY) 2019 DHS competitive preparedness grant programs. ...
Zugriffe: 4