Registar

User Tag List

Likes Likes:  0
Página 3 de 64 PrimeiroPrimeiro 123451353 ... ÚltimoÚltimo
Resultados 31 a 45 de 955
  1. #31
    Tech Membro Avatar de Sardo
    Registo
    Oct 2013
    Local
    Aveiro
    Posts
    1,282
    Likes (Dados)
    0
    Likes (Recebidos)
    0
    Avaliação
    1 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Já tinha lido uma notícia sobre algo semelhante a isto, mas não sei se visava a mesma empresa ou não. A velha máxima do "o que é barato muitas vezes sai caro".

  2. #32
    Tech Ubër-Dominus Avatar de Jorge-Vieira
    Registo
    Nov 2013
    Local
    City 17
    Posts
    30,121
    Likes (Dados)
    0
    Likes (Recebidos)
    2
    Avaliação
    1 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Vulnerability sees routers installed with RomPager open to hackers

    It almost seems like vulnerabilities in hardware and software is all that's hitting the news in the past few days. We've reported on multiple issues ranging from the "Grinch" Linux flaw to the vulnerability in SS7's mobile network towers rendering our text messages and phone calls open for all prying eyes.


    In recent news, a vulnerability in router software has opened up millions of devices to hacking. This is apparently achieved by the hacker "sending a specially crafted request to RomPager, an embedded Web server running on them" as according to PC World.

    Once access has been gained, the hacker then has full control over any in-home security, systems or devices connected to the network - meaning they can steal your data, alter your information or utilize your technology to launch attacks against other systems. It gives them the ability to strip SSL from secure connections and also hijack your DNS settings, listing dodgy websites as 'safe' for your personal computers - opening you up to more malicious attacks.

    This information was discovered by Check Point Software Technologies (CPST), being described as an issue located within RomPager. RomPager is used by many routers to host Web-based administration interfaces and listed as one of the most commonly seen globally.

    In their report, CPST claims that "attackers can send specially crafted HTTP cookies that exploit the vulnerability to corrupt memory and alter the application and system state. This, in effect, can trick the attacked device to treat the current session with administrative privileges -- to the misfortune of the device owner."

    Noticia:
    http://www.tweaktown.com/news/42114/...ers/index.html
    http://www.portugal-tech.pt/image.php?type=sigpic&userid=566&dateline=1384876765

  3. #33
    Tech Ubër-Dominus Avatar de Jorge-Vieira
    Registo
    Nov 2013
    Local
    City 17
    Posts
    30,121
    Likes (Dados)
    0
    Likes (Recebidos)
    2
    Avaliação
    1 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    SS7 security flaw enables hackers to read your text messages

    Signal System 7 (SS7) powers multiple phone carriers across the world including big names such as AT&T and Verizon - its global telecom network is used to route calls and text and in recent news, this technology has been reported to have some huge security issues associated inside. These issues come in the form of security holes that let hackers listen in to your calls and texts.


    ACLU's Cheif Technologist has informed Gizmodo that this flaw is so serious that people should consider no longer using their mobile phone for calls until the problems are fixed.

    SS7's outdated infrastructure is said to be the cause of this issue, with German research discovering this invasion of privacy, said to be publishing their full findings later this month at a conference in Hamburg (as according to the Washington Post).

    The Washington post reported that "the flaws discovered by the German researchers are actually functions built into SS7 for other purposes - such as keeping calls connected as users speed down highways, switching from cell tower to cell tower - that hackers can repurpose for surveillance because of the lax security on the network." Further mentioning that "those skilled at the myriad functions built into SS7 can locate callers anywhere in the world, listen to calls as they happen or record hundreds of encrypted calls and texts at a time for later decryption. There also is potential to defraud users and cellular carriers by using SS7 functions, the researchers say."

    Noticia completa:
    http://www.tweaktown.com/news/42110/...ges/index.html
    http://www.portugal-tech.pt/image.php?type=sigpic&userid=566&dateline=1384876765

  4. #34
    Tech Ubër-Dominus Avatar de Jorge-Vieira
    Registo
    Nov 2013
    Local
    City 17
    Posts
    30,121
    Likes (Dados)
    0
    Likes (Recebidos)
    2
    Avaliação
    1 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Survey: Company malware breaches not exactly uncommon these days

    A reported 51 percent of companies suffered some type of malware breach during the past 18 months, with phishing emails and social engineering attacks able to circumvent security filters, according to a survey published by the OPSWAT IT solutions provider.


    It's a frightening time for companies trying to keep their networks secure, especially as social engineering techniques - which rely on tricking employees to click fraudulent links or install the malware directly - prove difficult to defend against.

    "With the sheer number of new viruses introduced every day, it is not surprising that 51% of the respondents experienced a malware breach, particularly since 39% only utilized one anti-malware solution," said Tony Berning, OPSWAT Metascan product manager. "By using only one or two anti-virus engines, companies are exposing themselves to malware threats, since no anti-virus engine can be accurate 100% of the time."

    Noticia:
    http://www.tweaktown.com/news/42120/...ays/index.html
    http://www.portugal-tech.pt/image.php?type=sigpic&userid=566&dateline=1384876765

  5. #35
    Tech Ubër-Dominus Avatar de Jorge-Vieira
    Registo
    Nov 2013
    Local
    City 17
    Posts
    30,121
    Likes (Dados)
    0
    Likes (Recebidos)
    2
    Avaliação
    1 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Cellular Network Vulnerability Discovered Leaves Your Phone Calls Ripe For Snooping

    Another day, another security revelation. This time, it comes from researchers in Germany, who've exposed some serious vulnerabilities in the SS7 set of protocols that cellular carriers use to perform many basic functions. At the core, SS7 (or signaling system #7) is used to keep people connected, moving them from tower to tower when necessary, but it's also used for services like call forwarding and SMS.

    After the NSA's dastardly deeds were exposed last summer by Edward Snowden, Germany has been at the top of its game to keep track of how communications are handled, and monitored. You see, it doesn't matter that a mobile carrier can promise to keep our communications secure - when those communications are required to go through a highly vulnerable hand-shaking network, it's akin to locking your front door but leaving the back door unlocked, says one of the researchers, Tobias Engel.

    Flickr: Carl Lender
    It might be easy to brush these vulnerabilities off as minor, but they're really not. At the very least, anyone exploiting SS7 could read your text messages, or go a bit further and set up a forward without you knowing about it. That in effect means that whenever you take a call, it could be forwarded elsewhere for eavesdropping purposes. If that wasn't enough, someone could even record entire conversations, then save them locally for later decryption.
    In the event that a network does offer decent encryption for calls or texts, it's noted that one other SS7 command could be used to request that the network release the temporary encryption key. After researchers went to Vodafone with their findings, the company immediately began blocking that particular command from working.

    Signaling System 7 Diagram
    Here’s another scary thought: an alternative snooping scheme would involve you planting yourself in the middle of a busy area and then make use of a radio antenna to grab anything and everything from the air. If needed, you could issue SS7 commands on-the-fly, gaining access quickly to the communications of those around you. Researchers stress that these breaches of security are not difficult to pull off; it's as simple as pushing a button.
    To prove just how severe the issue is, the researchers proved the SMS vulnerability to one German senator. He said that after the revelations that stemmed from Snowden, such a weakness comes as no surprise. He does have one immediate solution, though: "When I really need a confidential conversation, I use a fixed-line."
    But, even that is not bulletproof. Perhaps the safest method of communication anyone can have today is through end-to-end encrypted VOIP. Of course, that's not always an option. Given the vast scope of the issues, these SS7 issues likely won't be dealt with right away. In time, the entire system will be overhauled, but until then, many of the vulnerabilities will remain.


    Noticia:
    http://hothardware.com/news/cellular...BpWFs2Pj8pg.99
    http://www.portugal-tech.pt/image.php?type=sigpic&userid=566&dateline=1384876765

  6. #36
    Tech Ubër-Dominus Avatar de Jorge-Vieira
    Registo
    Nov 2013
    Local
    City 17
    Posts
    30,121
    Likes (Dados)
    0
    Likes (Recebidos)
    2
    Avaliação
    1 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    ISIS allies reportedly stepping up cyberattacks against media, rivals

    Cybercriminals with alleged ties to ISIS recently tried to spread malware onto a Syrian citizen media group after posing as Syrian-Canadian citizens, according to a report from Citizen Lab. The social engineering attack took place in late November, and shows the group is continually putting more effort into its cybercriminal abilities. The attempted malware attack was targeted to the Raqqah is Being Slaughtered Silently (RSS) group, and the email was worded in a manner to trick organization members.


    "This bears little resemblance to anything we've seen from the usual suspects," said John Scott-Railton, the report's co-author, noted in a statement given to CBC. "That, combined with who they are targeting... gives us pause and makes us think that maybe we're looking at ISIS malware."

    Noticia completa:
    http://www.tweaktown.com/news/42127/...als/index.html
    http://www.portugal-tech.pt/image.php?type=sigpic&userid=566&dateline=1384876765

  7. #37
    Tech Ubër-Dominus Avatar de Jorge-Vieira
    Registo
    Nov 2013
    Local
    City 17
    Posts
    30,121
    Likes (Dados)
    0
    Likes (Recebidos)
    2
    Avaliação
    1 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    McAfee says cyber espionage attacks will only increase in 2015

    Cyber espionage is a growing underworld business, with small nation states and foreign terror groups continuing to launch cyberattacks against enemies, according to a report released by McAfee Labs. Everything from distributed denial of service (DDoS) attacks to malware being delivered via social engineering techniques are being added to cyber arsenals, used by increasingly sophisticated groups.


    Established nations with cyber warfare programs will look for stealthier methods to gather intelligence and cripple political and military rivals - and developing cyber espionage programs remain dedicated to stealing finances and causing disruptions.

    "Of particular note, McAfee Labs now sees sophisticated Eastern European cybercriminals shifting from quick, direct attacks on financial-institution customer credentials (leading to financial theft) to a more sophisticated advanced persistent threat (APT) approach in which they collect intelligence that they can either sell or use at a later date," according to the McAfee report.

    Noticia completa:
    http://www.tweaktown.com/news/42134/...015/index.html
    http://www.portugal-tech.pt/image.php?type=sigpic&userid=566&dateline=1384876765

  8. #38
    Tech Ubër-Dominus Avatar de Jorge-Vieira
    Registo
    Nov 2013
    Local
    City 17
    Posts
    30,121
    Likes (Dados)
    0
    Likes (Recebidos)
    2
    Avaliação
    1 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Staples Latest Victim Of Security Breach, 1.16 Million Customers Could Be Exposed

    It's been a busy year for hackers, who collectively have been infiltrating various retail chains at a fierce pace. That includes office supply chain Staples, which on Friday revealed that around 1.6 million payment cards may have been affected by a recent "security incident" in which hackers deployed malware to a "small percentage" of point-of-sale systems. How small? Staples said the malware affected 115 of its more than 1,400 U.S. retail stores.

    The revelation into the number of potentially affected customers is an update to an incident that occurred back in September. Staples said it took immediate action to rid its systems of the malware and beef up its security, though the full extent the damage apparently wasn't known until now.


    "Staples also retained outside data security experts to investigate the incident and has worked closely with payment card companies and law enforcement on this matter. Based on its investigation, Staples believes that malware may have allowed access to some transaction data at affected stores, including cardholder names, payment card numbers, expiration dates, and card verification codes," the office supply chain said.

    The malware did most of its damage from August 10, 2014, through September 16, 2014, though it may have also allowed access to customer data from purchases made as early as July 20, 2014 in at least two Staples locations.

    Noticia completa:
    http://hothardware.com/news/staples-...P5bFU5Lm40T.99
    http://www.portugal-tech.pt/image.php?type=sigpic&userid=566&dateline=1384876765

  9. #39
    Tech Ubër-Dominus Avatar de Jorge-Vieira
    Registo
    Nov 2013
    Local
    City 17
    Posts
    30,121
    Likes (Dados)
    0
    Likes (Recebidos)
    2
    Avaliação
    1 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Poiltitian claims Twitter hack after 'following' pornstar Belle Knox

    Steve Bellone jumped quickly to his own defense after his Twitter account was seen 'following' pornstar Belle Knox - claiming the account was hacked. This County Executive claimed that Mrs. Knox made his shortlist of only 267 people 'followed' through a hijack of his professional account, not by his own means.


    Possibly worried about his election campaign Bellone, a father of three, is up for re-election in 2015 and has made clear that this news is solely due to a Twitter hijack of the controversial Knox - who has been seen in headlines recently due to being exposed thanks to a fellow Duke University student shedding some light some extra-curricular activities relating to her employment.

    Bellone's spokeswoman, Vanessa Baird-Streeter, publicly stated that "County Executive Bellone's Twitter account, which is operated by his staff, has been hacked and an obscene Twitter account was subsequently followed," further mentioning that "a formal complaint has been filed with Twitter and to the third-party software used to assist in managing the account. His staff has instituted stricter security protocols to ensure an incident like this does not happen in the future."

    Either way there's no real evidence that it was Bellone or a hacker at this stage, however it has been claimed that "law-enforcement authorities have been notified and the Suffolk County Police Department is currently investigating."

    Noticia completa:
    http://www.tweaktown.com/news/42157/...nox/index.html
    http://www.portugal-tech.pt/image.php?type=sigpic&userid=566&dateline=1384876765

  10. #40
    Tech Ubër-Dominus Avatar de Jorge-Vieira
    Registo
    Nov 2013
    Local
    City 17
    Posts
    30,121
    Likes (Dados)
    0
    Likes (Recebidos)
    2
    Avaliação
    1 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    North Korea Threatens The White House, Acknowledges Cyber Warfare

    Made with Flare More Info'>
    North Korea has delivered a threat to the United States over its accusations that it was behind the Sony Pictures hack. They’ve warned that they will attack the White House and “the whole US mainland, that cesspool of terrorism”.
    They accused the US government of being behind the “vicious and dastardly” plot of ‘The Interview’.
    “Our toughest counteraction will be boldly taken against the White House, the Pentagon and the whole US mainland, the cesspool of terrorism, by far surpassing the ‘symmetric counteraction’ declared by Obama.”
    They said that they also plan to take down “US citadels” using their armed forces and, rather interestingly, cyber warfare – their first public acknowledgement of their intention to use the internet to attack other countries.
    “Our target all the citadels of the US imperialists who earned the bitterest grudge of all Koreans, the army and people of the DPRK are fully ready to stand in confrontation with the US in all war spaces, including cyber warfare to blow up those citadels,”
    North Korea is no stranger to delivering heavy handed statements like this, but most of the time they never transpire to anything major. However, now they’ve publicly acknowledged “cyber warfare”, it’ll be interesting to see whether there are any more hacks on the horizon.
    Noticia:
    http://www.eteknix.com/north-korea-t...cyber-warfare/
    http://www.portugal-tech.pt/image.php?type=sigpic&userid=566&dateline=1384876765

  11. #41
    Tech Ubër-Dominus Avatar de Jorge-Vieira
    Registo
    Nov 2013
    Local
    City 17
    Posts
    30,121
    Likes (Dados)
    0
    Likes (Recebidos)
    2
    Avaliação
    1 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    The Pirate Bay returns… with popups

    Last week one of the world’s most iconic torrent search sites, The Pirate Bay, was downed by Swedish authorities in a raid on a server farm located in the side of a mountain, along with several other prominent sites. Since then its future has been uncertain, with the admins speculating about whether it was necessary, but late last night the URL that previously led to nothing, began displaying a pirate flag. However, those that visit are being hit with popups and spam adverts.

    Visiting TPB right now just shows you a video of this, plus nasty looking ads
    TorrentFreak did some digging when the site first appeared back online and found that the video of the wavering pirate flag was being hosted using Isohunt’s Open Bay platform, which allows anyone to host clones of the original Pirate Bay. However, Isohunt has now stated publicly that it has nothing to do with the comeback, “they simply included the video from our domain. And right now we have no idea what the TPB crew want to say by this,” it said.
    Noticia completa:
    http://www.kitguru.net/channel/jon-m...s-with-popups/
    http://www.portugal-tech.pt/image.php?type=sigpic&userid=566&dateline=1384876765

  12. #42
    Tech Ubër-Dominus Avatar de Jorge-Vieira
    Registo
    Nov 2013
    Local
    City 17
    Posts
    30,121
    Likes (Dados)
    0
    Likes (Recebidos)
    2
    Avaliação
    1 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    South Korean nuclear operator conducts drills after cyber attack

    Following a data breach and threats of further cyber-attacks, South Korea's nuclear plant operator will be conducting a series of large-scale security drills at four of its power plants on Monday and Tuesday. It is testing its ability to withstand further hack attacks, reports Reuters.

    Manuals, blueprints and other documents relating to plant equipment, owned by South Korea's Korea Hydro and Nuclear Power Co (KHNP) nuclear plant operator, were posted online last week. It is thought that these documents were obtained via hacker activity focussed upon these nuclear facilities.
    A Twitter account belonging to the "president of the anti-nuclear reactor group", threatened that unless three reactors were shut down by Christmas, people should "stay away" from them. KHNP and the government said that the leaked data did not undermine the safety of the nuclear reactors, as only "non-critical" data was stolen by the hackers. The data leaked so far has included the nuclear plants' air conditioning and cooling system specifications, a radiation exposure report and employees' personal information. The source of the attack was tracked to an IP address in provincial Seoul.

    North Korea link?
    This latest hacking news follows several days of hacking headlines dominated by Sony Pictures and North Korea. Last week, the FBI formally accused North Korea of perpetrating the Sony hack, which forced the film studio to cancel the release of the movie 'The Interview', a comedy about a plot to assassinate North Korean leader Kim Jong-un.
    The South Korean government has not said who it suspects may be behind this nuclear reactor facilities hack, as its investigation goes on. Therefore it is still not known if this attack is in any way related to the Sony Pictures incident or has any North Korean connection. However, South Korea has blamed North Korea for hacks on banks, government websites and broadcasters in the past.
    "No risk whatsoever"
    South Korea's energy ministry voiced his confidence in the nuclear plants to block any infiltration by cyber attackers that could compromise the safety of the reactors. "It's our judgment that the control system itself is designed in such a way and there is no risk whatsoever," asserted Chung Yang-ho, deputy energy minister.
    Noticia:
    http://hexus.net/tech/news/software/...-cyber-attack/
    http://www.portugal-tech.pt/image.php?type=sigpic&userid=566&dateline=1384876765

  13. #43
    Tech Ubër-Dominus Avatar de Jorge-Vieira
    Registo
    Nov 2013
    Local
    City 17
    Posts
    30,121
    Likes (Dados)
    0
    Likes (Recebidos)
    2
    Avaliação
    1 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Staples announces 1.6 million cards affected in previous data breach

    Office retailer Staples recently issued an update to a data breach investigation that took place earlier in the year, targeting its retail point-of-sale (PoS) systems. The company said 115 of its stores nationwide were targeted, with 1.16 million customers affected, providing cybercriminals potential "access to some transaction data at affected stores, including cardholder names, payment card numbers, expiration dates, and card verification codes."


    Retailers remain under fire from foreign cybercriminals targeting their PoS systems - and the problem likely won't suddenly go away anytime soon. Despite Staples' data breach much smaller than Target (40 million compromised) and Home Depot (56 million compromised), shows that major problems still exist.

    Noticia:
    http://www.tweaktown.com/news/42164/...ach/index.html
    http://www.portugal-tech.pt/image.php?type=sigpic&userid=566&dateline=1384876765

  14. #44
    Tech Ubër-Dominus Avatar de Jorge-Vieira
    Registo
    Nov 2013
    Local
    City 17
    Posts
    30,121
    Likes (Dados)
    0
    Likes (Recebidos)
    2
    Avaliação
    1 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Anonymous could release 'The Interview' for Internet users

    The Anonymous hacker collective has criticized Sony Pictures for bowing down to the Guardians of Peace hacker group - and while Sony weighs its options to release "The Interview" - it appears Anonymous might be willing to do it for the company.


    Anonymous released the following message (via Twitter): "You're gonna let Kim Junk Uno and his minions boss you, a multimillion dollar corporation responsible for billions of dollars in revenue? We're not with either side, we just want to watch the movie too... and soon you too will be joining us. Sorry, @sonypictures."

    The hacker group also mentioned that it previously breached Sony Pictures' networks, and were surprised the company didn't work to improve its cybersecurity defenses.

    Noticia:
    http://www.tweaktown.com/news/42185/...ers/index.html
    http://www.portugal-tech.pt/image.php?type=sigpic&userid=566&dateline=1384876765

  15. #45
    Tech Ubër-Dominus Avatar de Jorge-Vieira
    Registo
    Nov 2013
    Local
    City 17
    Posts
    30,121
    Likes (Dados)
    0
    Likes (Recebidos)
    2
    Avaliação
    1 (100%)
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Internet in North Korea bounced offline due to suspected DDoS

    North Korea is having Internet problems, as the country - which has limited and restricted Internet access - with problems dating back a few days, though the nation's infrastructure took a severe beating over the past few days.


    "Their networks are under duress," said Doug Madory, Dyn Research Internet analysis director, in a published statement. "I haven't seen such a steady beat of routing instability and outages in KP before. Usually there are isolated blips, not continuous connectivity problems. I wouldn't be surprised if they are absorbing some sort of attack presently."

    Internet access in North Korea typically is reserved for government and military users, and it's unknown who is behind the attack. Internet outages wouldn't impact normal citizens of the country, but could set a dangerous precedent if the United States is responsible for the attack.

    The North Korean government offered this statement over the weekend: "The Army and people of the DPRK are fully ready to stand in confrontation with the U.S. in all war spaces including cyber warfare space to blow up those citadels."

    Noticia:
    http://www.tweaktown.com/news/42192/...dos/index.html
    http://www.portugal-tech.pt/image.php?type=sigpic&userid=566&dateline=1384876765

 

 
Página 3 de 64 PrimeiroPrimeiro 123451353 ... ÚltimoÚltimo

Informação da Thread

Users Browsing this Thread

Estão neste momento 1 users a ver esta thread. (0 membros e 1 visitantes)

Bookmarks

Regras

  • Você Não Poderá criar novos Tópicos
  • Você Não Poderá colocar Respostas
  • Você Não Poderá colocar Anexos
  • Você Não Pode Editar os seus Posts
  •