social.stefan-muenz.de

Search

Items tagged with: security

New Windows 10 vulnerability allows anyone to get admin privileges https://www.bleepingcomputer.com/news/microsoft/new-windows-10-vulnerability-allows-anyone-to-get-admin-privileges/

SeriousSAM Kudos whoever used that name!
#Windows #security
 
Can someone inform Freddy that he can check his infected #smartphone with this #tool?

-> https://github.com/mvt-project/mvt

It's for #iPhone and #Android. His xmpp account isn't working anymore since he is infected :(

#security #software #surveillance #check #mobile #privacy #nso #pegasus #malware #news #infection
 
Can someone inform Freddy that he can check his infected #smartphone with this #tool?

-> https://github.com/mvt-project/mvt

It's for #iPhone and #Android. His xmpp account isn't working anymore since he is infected :(

#security #software #surveillance #check #mobile #privacy #nso #pegasus #malware #news #infection
 

Manuel Atug auf Twitter: "Rural German district declares disaster after cyberattack "Anhalt-Bitterfeld says it has been "paralyzed" by hackers and could be offline for a week or more. Declaring #disaster gives it access to federal aid to..." /1 #Ransomware https://t.co/AkmPrrvQTF" / Twitter


Meanwhile in #Germany #security A disaster waiting to happen.

https://twitter.com/HonkHase/status/1415017330984341504
 

#Kaspersky #Password Manager: All your passwords are belong to us


source: https://donjon.ledger.com/kaspersky-password-manager/
So the #seed used to generate every password is the current system time, in seconds. It means every instance of Kaspersky Password Manager in the world will generate the exact same password at a given second.
Bild/Foto

#security #news #hacker #software #fail #problem #omg #wtf
 

#Kaspersky #Password Manager: All your passwords are belong to us


source: https://donjon.ledger.com/kaspersky-password-manager/
So the #seed used to generate every password is the current system time, in seconds. It means every instance of Kaspersky Password Manager in the world will generate the exact same password at a given second.
Bild/Foto

#security #news #hacker #software #fail #problem #omg #wtf
 

Fax! (wieder mal)

Bereite grad 'nen Pentest vor und fülle den Fragebogen des durchführenden Dienstleisters zum Untersuchungsobjekt aus.

Entweder sicher elektronisch übermitteln oder #Fax! Das Unternehmen ist vom BSI zertifiziert. Bestimmt haben die ein #Hochsicherheitsfax.

Screenshot - Entweder sicher elektronisch übermitteln oder Fax
#Security
Bild/Foto
No more ransom

Law enforcement and IT Security companies have joined forces to disrupt cybercriminal businesses with ransomware connections.

The “No More Ransom” website is an initiative by the National High Tech Crime Unit of the Netherlands’ police, Europol’s European Cybercrime Centre, Kaspersky and McAfee with the goal to help victims of ransomware retrieve their encrypted data without having to pay the criminals.

#cryptolocker #ransomware #decryption #tools #virus #pc #it #security

Picture from Pexels
 
Bild/Foto
No more ransom

Law enforcement and IT Security companies have joined forces to disrupt cybercriminal businesses with ransomware connections.

The “No More Ransom” website is an initiative by the National High Tech Crime Unit of the Netherlands’ police, Europol’s European Cybercrime Centre, Kaspersky and McAfee with the goal to help victims of ransomware retrieve their encrypted data without having to pay the criminals.

#cryptolocker #ransomware #decryption #tools #virus #pc #it #security

Picture from Pexels
 
Bild/Foto
No more ransom

Law enforcement and IT Security companies have joined forces to disrupt cybercriminal businesses with ransomware connections.

The “No More Ransom” website is an initiative by the National High Tech Crime Unit of the Netherlands’ police, Europol’s European Cybercrime Centre, Kaspersky and McAfee with the goal to help victims of ransomware retrieve their encrypted data without having to pay the criminals.

#cryptolocker #ransomware #decryption #tools #virus #pc #it #security

Picture from Pexels
 

New #LinkedIn Data #Leak Leaves 700 Million Users Exposed

On June 22nd, a user of a popular #hacker advertised data from 700 Million LinkedIn users for sale. The user of the forum posted up a sample of the data that includes 1 million LinkedIn users. We examined the sample and found it to contain the following information:
  • Email Addresses
  • Full names
  • Phone numbers
  • Physical addresses
  • Geolocation records
  • LinkedIn username and profile URL
  • Personal and professional experience/background
  • Genders
  • Other social media accounts and usernames
The user claims that the complete #database contains the personal #information of 700 Million LinkedIn users. Since LinkedIn has 756 million users, according to its website, this would mean that almost 93% of all LinkedIn users can be found through these records.
Source: https://restoreprivacy.com/linkedin-data-leak-700-million-users/

#cloud #news #security #privacy #bigdata #economy #hack #job #work #internet #cyberwarfare
New LinkedIn Data Leak Leaves 700 Million Users Exposed
 

New #LinkedIn Data #Leak Leaves 700 Million Users Exposed

On June 22nd, a user of a popular #hacker advertised data from 700 Million LinkedIn users for sale. The user of the forum posted up a sample of the data that includes 1 million LinkedIn users. We examined the sample and found it to contain the following information:
  • Email Addresses
  • Full names
  • Phone numbers
  • Physical addresses
  • Geolocation records
  • LinkedIn username and profile URL
  • Personal and professional experience/background
  • Genders
  • Other social media accounts and usernames
The user claims that the complete #database contains the personal #information of 700 Million LinkedIn users. Since LinkedIn has 756 million users, according to its website, this would mean that almost 93% of all LinkedIn users can be found through these records.
Source: https://restoreprivacy.com/linkedin-data-leak-700-million-users/

#cloud #news #security #privacy #bigdata #economy #hack #job #work #internet #cyberwarfare
New LinkedIn Data Leak Leaves 700 Million Users Exposed
 
Ein weiterer Tiefpunkt in der Überwachungspolitik von #NieMehrCDU und #NoSPD - auf in den totalitären Staat. Frontalangriff auf #Privatsphäre und #Bürgerrechte.

#Staatstrojaner #Freiheitsrechte #Security #Überwachung #NoLaschet #CCC #Chaos

Offener Brief: Alle gegen noch mehr Staatstrojaner


In einem offenen Brief wendet sich eine denkbar breite Allianz gegen die Gesetzesvorhaben der Bundesregierung, mit der die Erlaubnis zur Nutzung von Staatstrojanern stark ausgeweitet und zugleich Verschlüsselungsmaßnahmen geschwächt würden.
https://www.ccc.de/de/updates/2021/offener-brief-alle-gegen-noch-mehr-staatstrojaner
Foto: picture alliance / SULUPRESS.DE | Torsten Sukrow/SULUPRESS.DE

NFC flaws let researchers hack an ATM by waving a phone | Ars Technica


Jackpot! Ding ding ding!
#nfc #security #atm
 

The #Lazarus #heist: How North #Korea almost pulled off a billion-dollar #hack


Source: https://www.bbc.com/news/stories-57520169
"The transactions… were held up at the #Fed because the address used in one of the orders included the word 'Jupiter', which is also the name of a sanctioned Iranian shipping vessel," says Carolyn Maloney.

Just the mention of the word "Jupiter" was enough to set alarm bells ringing in the Fed's automated computer systems.
#swift #bank #history #news #security #cybercrime #malware #hacker
 

The #Lazarus #heist: How North #Korea almost pulled off a billion-dollar #hack


Source: https://www.bbc.com/news/stories-57520169
"The transactions… were held up at the #Fed because the address used in one of the orders included the word 'Jupiter', which is also the name of a sanctioned Iranian shipping vessel," says Carolyn Maloney.

Just the mention of the word "Jupiter" was enough to set alarm bells ringing in the Fed's automated computer systems.
#swift #bank #history #news #security #cybercrime #malware #hacker
 

ADATA Suffers 700 GB Data Leak In Ragnar Locker Ransomware Attack


#security #news #technology
 

ADATA Suffers 700 GB Data Leak In Ragnar Locker Ransomware Attack


#security #news #technology
 

How Hackers Used #Slack to Break into #EA #Games

A representative for the hackers told Motherboard in an online chat that the process started by purchasing stolen cookies being sold online for $10 and using those to gain access to a Slack channel used by EA.
...
The hackers then requested a multifactor #authentication token from EA IT support to gain access to EA's corporate #network. The representative said this was successful two times.

Once inside EA's network, the hackers found a service for EA developers for compiling games. They successfully logged in and created a virtual machine giving them more visibility into the network, and then accessed one more service and downloaded #game #source #code.
more here: https://www.vice.com/en/article/7kvkqb/how-ea-games-was-hacked-slack

#security #hack #hacker #news #details #story #cookie #login
 

How Hackers Used #Slack to Break into #EA #Games

A representative for the hackers told Motherboard in an online chat that the process started by purchasing stolen cookies being sold online for $10 and using those to gain access to a Slack channel used by EA.
...
The hackers then requested a multifactor #authentication token from EA IT support to gain access to EA's corporate #network. The representative said this was successful two times.

Once inside EA's network, the hackers found a service for EA developers for compiling games. They successfully logged in and created a virtual machine giving them more visibility into the network, and then accessed one more service and downloaded #game #source #code.
more here: https://www.vice.com/en/article/7kvkqb/how-ea-games-was-hacked-slack

#security #hack #hacker #news #details #story #cookie #login
 
Digitalcourage e.V. - 2021-06-10 15:42:46 GMT
Der Bundestag hat heute den Einsatz von #Staatstrojaner.n ausgeweitet bzw. nachträglich legalisiert.

Weil dafür #Sicherheitslücken offen gehalten werden, macht das *alle* Computer unsicherer.

Und der #Richtervorbehalt ist in der Praxis sowieso unwirksam: https://digitalcourage.de/blog/2016/fakten-gegen-die-vorratsdatenspeicherung#richtervorbehalt
 
Digitalcourage e.V. - 2021-06-10 15:42:46 GMT
Der Bundestag hat heute den Einsatz von #Staatstrojaner.n ausgeweitet bzw. nachträglich legalisiert.

Weil dafür #Sicherheitslücken offen gehalten werden, macht das *alle* Computer unsicherer.

Und der #Richtervorbehalt ist in der Praxis sowieso unwirksam: https://digitalcourage.de/blog/2016/fakten-gegen-die-vorratsdatenspeicherung#richtervorbehalt
 

SCOTUS limits core anti-hacking law in Van Buren decision


Source: https://www.protocol.com/supreme-court-van-buren
In a narrow interpretation of the law, the #court essentially interpreted the #CFAA as a prohibition on breaking into a #computer system, whether that's as an outside #hacker or as an authorized user breaking into some gated part of that system.

"This provision covers those who obtain information from particular areas in the computer—such as files, folders, or databases—to which their computer access does not extend," the majority opinion reads. "It does not cover those who, like #VanBuren, have improper motives for obtaining information that is otherwise available to them."
Now remember the case of #AaronSchwartz. He downloaded the files with his normal access rights and did not commit any #crime according to the decision above. Nevertheless, he was investigated, which led to his suicide. Unfortunately, this will probably have no #consequences for the #prosecution.

#justice #usa #law #technology #information #news #security #access #police
 

#Antivirus that mines #Ethereum sounds a bit wrong, right? #Norton has started selling it


Source: https://www.theregister.com/2021/06/03/norton_crypto/
#NortonLifeLock is now dangling a product that promises better #security and that it might eventually pay for itself. And not just pay for itself but also pay handsomely in the long run: the value of Ethereum has risen almost 1,000 percent in the past twelve months, and more than 10 per cent in the past 24 hours alone.
#internet #news #fail #business #software #money #finance #miner #cryptocurrency
 

#Antivirus that mines #Ethereum sounds a bit wrong, right? #Norton has started selling it


Source: https://www.theregister.com/2021/06/03/norton_crypto/
#NortonLifeLock is now dangling a product that promises better #security and that it might eventually pay for itself. And not just pay for itself but also pay handsomely in the long run: the value of Ethereum has risen almost 1,000 percent in the past twelve months, and more than 10 per cent in the past 24 hours alone.
#internet #news #fail #business #software #money #finance #miner #cryptocurrency
 
Join Us for #EFF At Home: Fighting Stalkerware!

https://supporters.eff.org/civicrm/event/register?reset=1&id=301

We’re in the middle of a global fight to stop #stalkerware, and we’re winning. Learn more about the work we're doing this Friday, May 28th, at 1PM (Pacific Time), in an online discussion with EFF's Director of #Cybersecurity, Eva Galperin, and experts from the Freedom of the Press Foundation, #Kaspersky, and #Malwarebytes.

Stalkerware apps are sold commercially for the purpose of covertly spying on another person’s device. They can be blatantly marketed as tools for “catching a cheating spouse” or they may euphemistically describe themselves as tools for tracking your children or employees’ devices. The key defining feature of stalkerware is that it is designed to operate covertly, to trick the user into believing that they are not being monitored.

For the last several years, we've been working alongside the #security community and organizations which combat domestic violence to eradicate this insidious technology.

Join us to learn more about how these tools work, and how we can detect and destroy them. We will also go over what the fight against stalkerware has already accomplished, and where we go from here.

This event will be broadcast live on #Twitch https://twitch.tv/efflive , #Facebook https://www.facebook.com/eff , and #YouTube https://www.youtube.com/user/EFForg .
 
#UK: No 10 ‘tried to block’ data on spread of new #Covid variant in English #schools

Source: https://www.theguardian.com/world/2021/may/22/no-10-tried-to-block-data-on-spread-of-new-covid-variant-in-english-schools
The focus of their anger concerns the pre-print of a #PHE report that included a page of data on the spread of the #India #Covid-19 variant in schools. But when the report was published on Thursday 13 May, the page had been removed.
#censorship #pandemic #health #education #children #news #fail #politics #coronavirus #Corona #security
 
#UK: No 10 ‘tried to block’ data on spread of new #Covid variant in English #schools

Source: https://www.theguardian.com/world/2021/may/22/no-10-tried-to-block-data-on-spread-of-new-covid-variant-in-english-schools
The focus of their anger concerns the pre-print of a #PHE report that included a page of data on the spread of the #India #Covid-19 variant in schools. But when the report was published on Thursday 13 May, the page had been removed.
#censorship #pandemic #health #education #children #news #fail #politics #coronavirus #Corona #security
 

328 Weaknesses Found By WA Auditor-General In 50 Local Government Systems


#security #news #technology
 

328 Weaknesses Found By WA Auditor-General In 50 Local Government Systems


#security #news #technology
 
Gorillas: Special offer - unicorn slices, 150g 🦍❤️ - zerforschung https://zerforschung.org/posts/gorillas-en/

Gorilla is a startup delivery company with massive security holes
#security #startup
 
#Zerforschung found some #security issues with #Gorilla, the largest supermarked delivery service in #Germany, also active in other countries.
 
Please be aware that the current stable version of HedgeDoc contains a CVE: https://github.com/hedgedoc/hedgedoc/security/advisories/GHSA-p528-555r-pf87

It's already fixed in HedgeDoc 1.8.0-rc1, which should become a stable version very soon.

#HedgeDoc #infosec #security
 

The Incredible Rise of #NorthKorea’s #Hacking #Army


source: https://www.newyorker.com/magazine/2021/04/26/the-incredible-rise-of-north-koreas-hacking-army

#news #security #hack #internet #cyberwarfare
 

The Incredible Rise of #NorthKorea’s #Hacking #Army


source: https://www.newyorker.com/magazine/2021/04/26/the-incredible-rise-of-north-koreas-hacking-army

#news #security #hack #internet #cyberwarfare
 

#Linux bans #University of #Minnesota for committing malicious #code


source: https://www.bleepingcomputer.com/news/security/linux-bans-university-of-minnesota-for-committing-malicious-code/
The move comes after a group of UMN researchers were caught submitting a series of malicious code commits, or #patches that deliberately introduced #security vulnerabilities in the official Linux #codebase, as a part of their #research activities.
These days I often have the feeling that everyone is going #crazy and has reached the end of their intellectual capacity. :(

Bild/Foto

#Fail #science #bug #exploration #software #source #opensource #floss #freedom #news
 

#Linux bans #University of #Minnesota for committing malicious #code


source: https://www.bleepingcomputer.com/news/security/linux-bans-university-of-minnesota-for-committing-malicious-code/
The move comes after a group of UMN researchers were caught submitting a series of malicious code commits, or #patches that deliberately introduced #security vulnerabilities in the official Linux #codebase, as a part of their #research activities.
These days I often have the feeling that everyone is going #crazy and has reached the end of their intellectual capacity. :(

Bild/Foto

#Fail #science #bug #exploration #software #source #opensource #floss #freedom #news
 
ProtonMail offer a very valuable suite of free services including email and VPN to enable safe, secure communications without disclosing personal data.

A recent blog posting sets out some of the benefits of using their services.

Best Gmail alternative for #privacy and #security
https://protonmail.com/blog/gmail-alternative/

Why should you trust ProtonMail?
https://protonmail.com/blog/is-protonmail-trustworthy/

I have had a free account with ProtonMail for some time. It's very difficult to get others to get one to allow end-to-end #encryption.
Bild/Foto
Bild/Foto
Bild/Foto
Bild/Foto
 

John Opdenakker auf Twitter: "My email password has been hacked again. That's the third time I've had to rename the cat." / Twitter


#security #passwords #humor
 
Later posts Earlier posts