2024
16.05

Urgent: Secret Backdoor Found in XZ Utils Library, Impacts Major Linux Distros

In Advisory ,Linux

RedHat released an “urgent security alert” warning that two versions of a popular data compression library called XZ Utils (previously LZMA Utils) have been backdoored with malicious code designed to allow unauthorized remote access.

Source ->

Comments Off on Urgent: Secret Backdoor Found in XZ Utils Library, Impacts Major Linux Distros
2024
15.05

Gestohlener Azure-Master-Key: Microsofts Sicherheitsversagen ist jetzt amtlich

In Gouverment ,Microsoft

Das Cyber Safety Review Board der US-amerikanischen Cybersecurity and Infrastructure Security Agency (CISA) hat seinen Bericht zu dem Diebstahl eines Master-Key für Azure im Sommer letzten Jahres veröffentlicht. Und der hat es in sich: Die US-Regierungsbehörde für Cybersecurity wirft Microsoft vielfaches Versagen bei der Cybersicherheit vor und empfiehlt, die Entwicklung neuer Features für die Cloud zurückzustellen, bis substanzielle Sicherheitsverbesserungen gemacht sind.

Source ->

Comments Off on Gestohlener Azure-Master-Key: Microsofts Sicherheitsversagen ist jetzt amtlich
2024
14.05

The Incognito Mode Myth Has Fully Unraveled

In Big Brother ,Internet

If you still hold any notion that Google Chrome’s “Incognito mode” is a good way to protect your privacy online, now’s a good time to stop.

Google has agreed to delete “billions of data records” the company collected while users browsed the web using Incognito mode, according to documents filed in federal court in San Francisco on Monday. The agreement, part of a settlement in a class action lawsuit filed in 2020, caps off years of disclosures about Google’s practices that shed light on how much data the tech giant siphons from its users—even when they’re in private-browsing mode.

Source ->

Comments Off on The Incognito Mode Myth Has Fully Unraveled
2024
13.05

What we know about the xz Utils backdoor that almost infected the world

In Hacker ,Linux ,Microsoft

A lone Microsoft developer rocked the world when he revealed a backdoor had been intentionally planted in xz Utils, an open source data compression utility available on almost all installations of Linux and other Unix-like operating systems. The person or people behind this project likely spent years on it. They were likely very close to seeing the backdoor update merged into Debian and Red Hat, the two biggest distributions of Linux, when an eagle-eyed software developer spotted something fishy.

Source ->

Comments Off on What we know about the xz Utils backdoor that almost infected the world
2024
12.05

Neuartige Phishing-Plattform macht Betrügern leichtes Spiel

In Hacker ,Internet

Die Welt der Cyberkriminalität wird um eine Bedrohung reicher: Darcula heißt die Phaas-Plattform (Phishing as a Service), die es auf einfache Weise ermöglicht, Phishing-Kampagnen zu starten. Die Plattform hat bereits über 20.000 Phishing-Domains aufgebaut, wobei täglich durchschnittlich 120 neue hinzukommen.

Source ->

Comments Off on Neuartige Phishing-Plattform macht Betrügern leichtes Spiel