Electronic Data Processing POLAND
Ethical Hacking, Pentest, Computer Forensics, Security

Najnowsze wpisy


Update now! Microsoft’s April 2018 Patch Tuesday – 65 vulns, 24 critical

With the Windows 10 1803 Spring Creators Update delayed at the eleventh hour for unknown reasons, admins and end users will still receive plenty of updates in the April 2018 Patch Tuesday. The big picture is 65 security fixes assigned CVE numbers, 23 of which (plus a separate Adobe Flash…

Uso defensivo y ofensivo de Open Source Intelligence (OSINT).

Open Source Intelligence (OSINT), o más precisamente, el uso de fuentes de inteligencia de código abierto para perfilar la exposición en Internet de las organizaciones es decir, footprinting, es una área un muy interesante dentro de la seguridad de la información, particularmente porque es más o menos abierta, lo que…

Logs in High Sierra (10.13) Show Plaintext Password

Uh Oh! Unified Logs in High Sierra (10.13) Show Plaintext Password for APFS Encrypted External Volumes via Disk Utility.app Read more: https://www.mac4n6.com/blog/2018/3/21/uh-oh-unified-logs-in-high-sierra-1013-show-plaintext-password-for-apfs-encrypted-external-volumes-via-disk-utilityapp

New Cloudflare DNS service filtered in Turkey on day of launch

An investigation by Turkey Blocks has found that Turkey’s DNS blocking measures are already actively filtering a new DNS service launched by Cloudflare and APNIC on 1 April 2018. Addresses for Wikipedia and Dutch national broadcaster NOS among several other sites known to be withheld in the country are failing…

Chrome Is Scanning Files on Your Computer, and People Are Freaking Out

Some cybersecurity experts and regular users were surprised to learn about a Chrome tool that scans Windows computers for malware. But there’s no reason to freak out about it. Read more: https://motherboard.vice.com/en_us/article/wj7x9w/google-chrome-scans-files-on-your-windows-computer-chrome-cleanup-tool

OpenBSD 6.3 RELEASED

We are pleased to announce the official release of OpenBSD 6.3. This is our 44th release. We remain proud of OpenBSD’s record of more than twenty years with only two remote holes in the default install. Read more: https://marc.info/?l=openbsd-announce&m=152267725618055

Ever Record a Video on Facebook? Facebook Still Has It.

Have you downloaded your Facebook data archive yet? Facebook makes it easy to obtain a ZIP file of all the data it has on you: your status updates, your friend list, your messages … and, as I and several people I spoke with were surprised to discover, every video you…

Wyciek danych użytkowników popularnej aplikacji MyFitnessPal

Zdrowe odżywianie, choć bardzo dobre dla zdrowia, może okazać się nie tak dobre dla bezpieczeństwa Waszych haseł. Z tego powodu warto także zadbać o zdrowe nawyki w obszarze bezpieczeństwa i prywatności.   Czytaj więcej: Wyciek danych użytkowników popularnej aplikacji MyFitnessPal

Facebook and Cambridge Analytica

In the wake of the Cambridge Analytica scandal, news articles and commentators have focused on what Facebook knows about us. A lot, it turns out. It collects data from our posts, our likes, our photos, things we type and delete without posting, and things we do while not on Facebook…

The FBI Used Classified Hacking Tools in Ordinary Criminal Investigations

The FBI’s Remote Operations Unit has hacking tools typically reserved for protecting national security. But an overlooked section of a new report says ROU has used these secret techniques in criminal cases. Read more: https://motherboard.vice.com/en_us/article/7xdxg9/fbi-hacking-investigations-classified-remote-operations-unit

Intel CPUs Vulnerable to New ‚BranchScope’ Attack

Researchers have discovered a new side-channel attack method that can be launched against devices with Intel processors, and the patches released in response to the Spectre and Meltdown vulnerabilities might not prevent these types of attacks. Read more: https://www.securityweek.com/intel-cpus-vulnerable-new-branchscope-attack

Drupal core – Highly critical – Remote Code Execution – SA-CORE-2018-002

A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being completely compromised.   Read more: https://www.drupal.org/sa-core-2018-002