spraci.info

Search

Items tagged with: security

At long last, WireGuard VPN is on its way into Linux kernel 5.6


WireGuard works by securely encapsulates IP packets over UDP. It's authentication and interface design has more to do with Secure Shell (SSH) than other VPNs. You simply configure the WireGuard interface with your private key and your peers' public keys, and you're ready to securely talk.

When it arrives, I expect WireGuard to quickly become the new standard for Linux VPNs. With its tiny code-size, high-speed cryptographic primitives, and in-kernel design, it should be faster than all other existing VPN technologies. WireGuard's not just fast, it's secure as well, with its support of state-of-the-art cryptography technologies such as the Noise protocol framework, Curve25519, ChaCha20, Poly1305, BLAKE2, SipHash24, and HKD.

So this VPN service is not intended to be used for circumventing geoblocking services. Initially released for the Linux kernel, it is now cross-platform (Windows, macOS, BSD, iOS, Android) and widely deployable.

See... Show more...
 

Medizin: Updateprozess bei Ärztesoftware Quincy war ungeschützt - Golem.de


In einer Software für Arztpraxen ist der Updateprozess ungeschützt über eine Rsync-Verbindung erfolgt. Der Hersteller der Software versucht, Berichterstattung darüber zu
Medizin: Updateprozess bei Ärztesoftware Quincy war ungeschützt - Golem.de
#Medizin #Datensicherheit #Man-in-the-Middle #Sicherheitslücke #Unternehmenssoftware #Server #Applikationen #Security #Wirtschaft
 

Neuer Trick: Ransomware versteckt sich im Windows Safe Mode - Golem.de


Windows startet im abgesicherten Modus meist keine Antiviren- oder Endpoint-Protection-Software - diesen Umstand nutzt die Ransomware Snatch aus, um nicht entdeckt zu werden und
Neuer Trick: Ransomware versteckt sich im Windows Safe Mode - Golem.de
#Ransomware #BruteForce #Datensicherheit #Malware #Windows #Sophos #Server #Security
 

Datenschutz: 10 Millionen Euro Bußgeld gegen 1&1 verhängt - Golem.de


Der Telekomanbieter 1&1 hat nach Ansicht des Bundesdatenschutzbeauftragten seine Kundendaten nicht ausreichend geschützt. Das Unternehmen kritisiert nun die Bußgeldregelung der
Datenschutz: 10 Millionen Euro Bußgeld gegen 1&1 verhängt - Golem.de
#DSGVO #Berlin #Datenschutz #Datensicherheit #Internet #PolitikRecht #Security
 

- #unitoodailynews, #email, #security, #protonmail The 4 web browsers that really care about your privacy - ProtonMail Blog https://t.co/wsA98WGozp -

Image/photo

- #Unitoo - Where #human #creativity plots the #possibilities of #technology -

- #UnitooInc #News #Worldnews #tech #bot -


Unitoo on Twitter
These browsers actually protect your privacy

ProtonMail Blog: The 4 web browsers that really care about your privacy - ProtonMail Blog (Richie Koch)

 

VPN-Technik: Wireguard in Linux-Kernel eingepflegt - Golem.de


Nach der Aufnahme des angepassten Krypto-Codes ist auch die VPN-Technik Wireguard in einen wichtigen Entwicklungszweig des Linux-Kernels eingepflegt worden. Wireguard erscheint
VPN-Technik: Wireguard in Linux-Kernel eingepflegt - Golem.de
#Linux-Kernel #Datensicherheit #Linux #VPN #Applikationen #OpenSource #Security
 
#unitoodailynews, #email, #security, #protonmail The 4 web browsers that really care about your privacy - ProtonMail Blog https://t.co/wsA98WGozp
Unitoo on Twitter #unitoodailynews #unitoodailynews
These browsers actually protect your privacy

ProtonMail Blog: The 4 web browsers that really care about your privacy - ProtonMail Blog (Richie Koch)

 

Privacy and Security Comparison : Brave VS Other Browsers


A post spotted on the new WT.Social network highlights this communication from Brave to the US Senate and Congress which illustrates some security differences between popular browsers (I see Vivaldi is not included) but does seem to indicate that standard Chrome is being left behind in this regard. Another post reports that Brave has passed 10 million active monthly users, which is a 19% growth since the recent launch of version 1.0. Brave is Chromium based so most Chrome extensions should work on it.

See https://wt.social/post/technology/4cj76ho525260015121?trkeml=1soi2na5252605073888

#technology #browsers #security
... Show more...
 

DR Congo: Several hacked to death in suspected rebel attacks


Mantumbi village of Mbau region in DR Congo's east was reportedly targeted by Allied Democratic Forces armed group.
DR Congo: Several hacked to death in suspected rebel attacks
#Africa #DemocraticRepublicoftheCongo #Security
 
#unitoodailynews, #email, #security, #protonmail Lifetime Account auction is back for 2019 - ProtonMail Blog https://t.co/wyKVr8V8Oj
Unitoo on Twitter #unitoodailynews #unitoodailynews
The Lifetime Account auction is back! Help us decide who to support

ProtonMail Blog: Lifetime Account auction is back for 2019 - ProtonMail Blog (Ben Wolford)

 

- #unitoodailynews, #email, #security, #protonmail Lifetime Account auction is back for 2019 - ProtonMail Blog https://t.co/wyKVr8V8Oj -

Image/photo

- #Unitoo - Where #human #creativity plots the #possibilities of #technology -

- #UnitooInc #News #Worldnews #tech #bot -


Unitoo on Twitter
The Lifetime Account auction is back! Help us decide who to support

ProtonMail Blog: Lifetime Account auction is back for 2019 - ProtonMail Blog (Ben Wolford)

 
Digitalcourage e.V. - 2019-12-06 23:02:01 GMT
All I want for christmas is... your data, denken sich große Suchmaschinen wie Google. Umgehen Sie die Datenkrake und probieren Sie die Alternativen im #Adventskalender aus!

https://www.digitalcourage.de/adventskalender/7

#DigitaleSelbstverteidigung #Adventskalender2019
Image/photo
 

Unix-artige Systeme: Sicherheitslücke ermöglicht Übernahme von VPN-Verbindung - Golem.de


Durch eine gezielte Analyse und Manipulation von TCP-Paketen könnten Angreifer eigene Daten in VPN-Verbindungen einschleusen und diese so übernehmen. Betroffen sind fast alle
Unix-artige Systeme: Sicherheitslücke ermöglicht Übernahme von VPN-Verbindung - Golem.de
#Security #Datensicherheit #Sicherheitslücke #TCP #VPN #Server
 

- #unitoodailynews, #email, #security, #protonmail How secure is ProtonCalendar? - ProtonMail Blog https://t.co/vNlq7quJgI -

Image/photo

- #Unitoo - Where #human #creativity plots the #possibilities of #technology -

- #UnitooInc #News #Worldnews #tech #bot -


Unitoo on Twitter
The ProtonCalendar security model

ProtonMail Blog: How secure is ProtonCalendar? - ProtonMail Blog (Admin)

 
#unitoodailynews, #email, #security, #protonmail How secure is ProtonCalendar? - ProtonMail Blog https://t.co/vNlq7quJgI
Unitoo on Twitter #unitoodailynews #unitoodailynews
The ProtonCalendar security model

ProtonMail Blog: How secure is ProtonCalendar? - ProtonMail Blog (Admin)

 

Überwachung: Niederlande subventionieren Cloud-Kameras mit Polizeizugriff - Golem.de


Mit bis zu 250 Euro werden in einer niederländischen Gemeinde WLAN-Überwachungskameras gefördert - sofern sie mit der Cloud verbunden sind und bei der Polizei registriert
Überwachung: Niederlande subventionieren Cloud-Kameras mit Polizeizugriff - Golem.de
#Videoüberwachung #Datensicherheit #Polizei #Sicherheitslücke #WLAN #Security
 

Security: Authentifizierung in OpenBSD aus der Ferne umgehbar - Golem.de


Das auf Sicherheit fokussierte Betriebssystem OpenBSD hat eine Sicherheitslücke geschlossen, mit der sich die Authentifizierung auch aus der Ferne umgehen lässt.
Security: Authentifizierung in OpenBSD aus der Ferne umgehbar - Golem.de
#OpenBSD #Datensicherheit #Sicherheitslücke #Yubikey #Applikationen #OpenSource #Security
 

Tracking: TK arbeitet nicht mehr mit Ada zusammen - Golem.de


Die Gesundheitsapp Ada hat Nutzereingaben an Facebook und Aplitude übermittelt. Die Techniker Krankenkasse konnte dies nicht ausräumen und stellt nun ihre Kooperation mit Ada
Tracking: TK arbeitet nicht mehr mit Ada zusammen - Golem.de
#Medizin #Datenschutz #Datensicherheit #E-Commerce #Tracking #Security #Wirtschaft
 

Spotting drivers on their phone is just the tip of the iceberg for AI-enabled cameras - Automated surveillance starts simple, but who knows where it will end


It also demonstrates the slow creep of artificial intelligence into state and corporate surveillance — a trend that experts say could lead to some dark places: chilling civil rights, automating prejudices and biases, and pushing society slowly towards authoritarianism.

But as the roadside cameras of New South Wales show, identifying people is just the start of AI surveillance: the real power — and threat — is identifying actions. This means creating cameras that don’t just tell you who people are, but what they’re doing. Is that person moving things about? Could they be stealing something? Are they just loitering in a way you don’t like?

Governments are going to give all sorts of reasons why AI will be positive (make you as a citizen safer when crime is proactively identified and neutralised) but at what cost to freedoms? We could then just as well have a spy camera i... Show more...
 

RSA-240: Faktorisierungserfolg gefährdet RSA nicht - Golem.de


Forscher haben auf einem Rechencluster eine 795 Bit große Zahl faktorisiert. Das RSA-Verschlüsselungs- und Signaturverfahren basiert darauf, dass Faktorisierung schwierig ist.
RSA-240: Faktorisierungserfolg gefährdet RSA nicht - Golem.de
#Wissenschaft #Datensicherheit #RSASecurity #Sicherheitslücke #Verschlüsselung #Technologie #Applikationen #Security
 

Apple: iPhone 11 Pro greift im Hintergrund auf Standort zu - Golem.de


Das iPhone 11 Pro erlaubt es Nutzern, für jede App und jeden Systemdienst explizit die Standortlokalisierung zu deaktivieren. Ganz ausschalten lässt sich diese aber nicht: Apple
Apple: iPhone 11 Pro greift im Hintergrund auf Standort zu - Golem.de
#iPhone11 #BrianKrebs #Datenschutz #Datensicherheit #Apple #Internet #Security
 
#hardware #RootOfTrust #Security
 

Strandhogg: Sicherheitslücke in Android wird aktiv ausgenutzt - Golem.de


Unter Android können sich Schad-Apps als legitime Apps tarnen und weitere Berechtigungen anfordern. Die Strandhogg genannte Sicherheitslücke wird bereits aktiv ausgenutzt und
Strandhogg: Sicherheitslücke in Android wird aktiv ausgenutzt - Golem.de
#Android #Datensicherheit #GooglePlay #Malware #SMS #Sicherheitslücke #Telekommunikation #Trojaner #Google #Security
 
#password #security #ghl
 

Microsoft Warns of Spear Phishing Attacks, Shares Tips to Dodge Them


#security #microsoft #bleeping computer #bleepingcomputer #computers #technology #news #education #updates #tech
generated by pod_feeder_v2
 

Your Own WiFi Signals Are Revealing Your Location


With the abundance of connected devices making their ways into our homes, increasing levels of data may allow for more accurate methods for remote surveillance. By measuring the strength of ambient signals emitted from devices, a site can be remotely monitored for movement. That is to say, WiFi signals may soon pose a physical security vulnerability.

In a
... Show more...
 
Digitalcourage e.V. - 2019-12-01 23:05:56 GMT
Verschicken Sie Ihre Weihnachtsfotos dieses Jahr doch einmal über einen #Messenger, der keiner #Datenkrake gehört! Welche das sind, erfahren Sie heute, am 2. Tag unseres #Adventskalender⁠s für #DigitaleSelbstverteidigung.

https://digitalcourage.de/adventskalender/2
Image/photo
 

Over 30,500 Online Piracy Sites Shut Down in Global Operation


#security #bleeping computer #bleepingcomputer #computers #technology #news #education #updates #tech
generated by pod_feeder_v2
 
19 Popular Android apps, including Facebook and Messenger, contain severe security vulnerabilities that have been public for years

Check Point Research looked at three remote code execution vulnerabilities from 2014, 2015 & 2016. These vulnerabilities are in native libraries that app developers use to build their apps. Sometimes libraries end up not being well maintained, other times app developers don't make sure they are using the latest version of a library.

The following apps were found to be using vulnerable libraries-
LiveXLive app
Moto Voice BETA app
Yahoo! Transit app
Yahoo! Browser app
Yahoo! MAP app
Yahoo! Car navigation
Facebook
Messenger
SHAREit
Mobile Legends : Bang Bang
Smule
JOOX Music
WeChat
AliExpress
Video MP3 Converter
Lazada
VivaVideo
Retrica
TuneIn

It would be safest to remove these apps from your devices. Some services can be accessed through the browser on your mobile device.
https://research.checkpoint.com/2019/long-known-vulnerabilities-in-high-profile-android-applications/
#Android #security
 

You Can Still Upgrade to Windows 10 For Free, Here's How


#microsoft #software #bleeping computer #bleepingcomputer #computers #security #technology #news #education #updates #tech
generated by pod_feeder_v2
 
#OpenSource #Security Podcast: Episode 172 - The security of planned obsolescence
 

Wie erklärt man IT-Security


Es gibt viele kleine und mittelständische Firmen mit keiner oder nur schlechten IT-Security.
Wie erklärt man die Vorteile von IT-Secruity für die IT-Landschaft kurz und prägnant?
Ich habe es einfach mal mit einer Animation aus zwei Bildern versucht.

Was haltet Ihr von dieser Animation und wie versteht Ihr diese?




#it-security #cybersecurity #internet #netzwerk #it-sicherheit #computer #security #it #frage
 

Getting Malicious #Office Documents to Fire with Protected View Enabled


Source: https://medium.com/@curtbraz/getting-malicious-office-documents-to-fire-with-protected-view-4de18668c386
Protected View simply does not apply when previewing it in File #Explorer!
...
“Our engineering team(s) determined that a fix for this issue does not meet our criteria for immediate security servicing. However it is a candidate for consideration for potential improvements in a future version of this product or service. At this time, we will not be providing ongoing updates of the status, or if there will be a fix for this issue, and we have closed this case.
Your report is not acknowledged as a security #
... Show more...
 

World-first #mobile phone #detection cameras rolled out in #Australia


Source: https://www.theguardian.com/world/2019/dec/01/world-first-mobile-phone-detection-cameras-rolled-out-in-australia
The world-first mobile phone detection cameras, according to Transport for NSW, which manages the state’s transport services, operate day and night in all weather conditions to determine if a driver is handling a mobile phone.
I don't like it when you get cashed automatically. What if you're stuck in a traffic jam and then you're bored and take your mobile? Can the camera recognize that?

#ai #security #traffic #news #camera #cctv #surveillance
 

#Mixcloud data #breach exposes over 20 million user records


Source: https://techcrunch.com/2019/11/29/mixcloud-data-breach/
The data contained usernames, #email addresses, and #passwords that appear to be scrambled with the SHA-2 algorithm, making the passwords near impossible to unscramble. The data also contained account sign-up dates and the last-login date. It also included the country from which the user signed up, their internet (IP) address, and links to profile photos.
#leak #security #privacy #internet #darknet #news
Mixcloud data breach exposes over 20 million user records
 
#wire man(agement) speaks of issues; from what I can gather, they are likely to have compromised both #privacy and #security lately (still under investigation)
 
Image/photoAndroid Privacy and Security (AP) wrote the following post Sun, 01 Dec 2019 03:45:02 -0600

Image/photo

App security company Checkmarx found vulnerabilities that enabled them to take pictures and videos, at any time, using the Google and Samsung camera apps. In order to be able to do this they needed to get a rogue app onto the device and get the phone user to grant that app storage permission. Checkmarx created a weather app which had the necessary functions to allow them to use this exploit and uploaded it to the Google Play Store.

Checkmarx could record calls, and if the camera app had location permission, locate the phone.

This has been fixed in recent android security updates, and updates to the camera apps. Phone users are advised to make sure their phones and software are regularly updated.

https://www.checkmarx.com/blog/how-attackers-could-hijack-your-android-camera#

#Android #security #privacy #camera #samsung #pixel
 
Image/photo

App security company Checkmarx found vulnerabilities that enabled them to take pictures and videos, at any time, using the Google and Samsung camera apps. In order to be able to do this they needed to get a rogue app onto the device and get the phone user to grant that app storage permission. Checkmarx created a weather app which had the necessary functions to allow them to use this exploit and uploaded it to the Google Play Store.

Checkmarx could record calls, and if the camera app had location permission, locate the phone.

This has been fixed in recent android security updates, and updates to the camera apps. Phone users are advised to make sure their phones and software are regularly updated.

https://www.checkmarx.com/blog/how-attackers-could-hijack-your-android-camera#

#Android #security #privacy #camera #samsung #pixel
 
Later posts Earlier posts