Seite wählen

Nachrichtenarchiv

13.12.2023

Signal: Unsere Push-Benachrichtigungen zeigen Spionen nichts

Heise Security 12.12.2023 22:33
Geheimdienste sammeln Daten aus Push-Benachrichtigungen von Android und iPhone. Beim Signal-Messenger ist da wenig zu holen, sagt die Stiftung.​

Kyivstar: Hacker legen größten Mobilfunkanbieter der Ukraine lahm

Spiegel Online 12.12.2023 15:13
Eine »mächtige« Hackerattacke hat das Netz des größten ukrainischen Mobilfunkproviders Kyivstar kollabieren lassen, 24 Millionen Kunden sind betroffen. Es war nicht der einzige Cyberangriff des Tages.

New Windows/Linux Firmware Attack

Schneier on Security 12.12.2023 13:01
Interesting attack based on malicious pre-OS logo images:
LogoFAIL is a constellation of two dozen newly discovered vulnerabilities that have lurked for years, if not decades, in Unified Extensible Firmware Interfaces responsible for booting modern devices that run Windows or Linux….
The vulnerabilities are the subject of a coordinated mass disclosure released Wednesday. The participating companies comprise nearly the entirety of the x64 and ARM CPU ecosystem, starting with UEFI suppliers AMI, Insyde, and Phoenix (sometimes still called IBVs or independent BIOS vendors); device manufacturers such as Lenovo, Dell, and HP; and the makers of the CPUs that go inside the devices, usually Intel, AMD or designers of ARM CPUs……

07.02.2023

Nordkorea: Hacker für Kim Jong Un erbeuten Rekordsummen für Atomprogramm – Uno-Bericht

Spiegel Online 07.02.2023 4:02
73 Raketen feuerte Nordkorea im vergangenen Jahr ab – und droht immer unverhohlener mit Atomwaffen. Finanziert wird das vor allem durch Hackerangriffe. Ein Uno-Bericht gibt nun Einblick in Kim Jong Uns Cyberarmee.

How Cybercriminals Are Operationalizing Money Laundering and What to Do About It

Dark Reading 06.02.2023 16:00
It’s time to share threat intelligence and prioritize digital literacy and cyber hygiene to stem the rising money laundering tide.

Italien, USA, Frankreich: Großer Cyberangriff zielt auf zwei Jahre alte Lücke

Golem 06.02.2023 10:43
Eigentlich wurde die Lücke in VMWare ESXi schon Anfang 2021 behoben. Die Arbeit machten sich viele Firmen nicht. Nun haben sie Probleme. (Cybercrime, Virtualisierung)

04.02.2023

What CISOs Can Do About Brand Impersonation Scam Sites

Dark Reading 03.02.2023 23:04
Apply these nine tips to proactively fight fraudulent websites that use your brand to rip people off.

Das sollten Sie unbedingt lesen:

How the Cloud Is Shifting CISO Priorities

Dark Reading 03.02.2023 16:00
The greatly expanding attack surface created by the cloud needs to be protected.

Iranian OilRig Hackers Using New Backdoor to Exfiltrate Data from Govt. Organizations

The Hacker News 03.02.2023 13:12
The Iranian nation-state hacking group known as OilRig has continued to target government organizations in the Middle East as part of a cyber espionage campaign that leverages a new backdoor to exfiltrate data.
"The campaign abuses legitimate but compromised email accounts to send stolen data to external mail accounts controlled by the attackers," Trend Micro researchers Mohamed Fahmy, Sherif

Manipulating Weights in Face-Recognition AI Systems

Schneier on Security 03.02.2023 13:07
Interesting research: “Facial Misrecognition Systems: Simple Weight Manipulations Force DNNs to Err Only on Specific Persons“:
Abstract: In this paper we describe how to plant novel types of backdoors in any facial recognition model based on the popular architecture of deep Siamese neural networks, by mathematically changing a small fraction of its weights (i.e., without using any additional training or optimization). These backdoors force the system to err only on specific persons which are preselected by the attacker. For example, we show how such a backdoored system can take any two images of a particular person and decide that they represent different persons (an anonymity attack), or take any two images of a particular pair of persons and decide that they represent the same person (a confusion attack), with almost no effect on the correctness of its decisions for other persons. Uniquely, we show that multiple backdoors can be independently installed by multiple attackers who may not be aware of each other’s existence with almost no interference…

Legen wir heute los

Aufschieben ist manchmal eine Lösung. Lassen Sie uns eine bessere finden. Wir stellen Ihnen gerne unseren Ansatz für Ihre Herausforderungen vor – selbstverständlich kostenfrei. 

Lassen Sie uns jetzt über Ihr Anliegen sprechen