ICT Security + Privacy + Piracy + Data Protection - Censorship - Des cours et infos gratuites sur la"Sécurité PC et Internet" pour usage non-commercial... (FR, EN+DE)...
Mit Chrome 66 und 70 im April und Oktober entzieht Google gut hunderttausend der wichtigsten Domains das Vertrauen, falls diese sich keine neuen SSL-Zertifikate besorgen. Das Ganze ist eine Bestrafungsaktion gegen den Zertifikatsaussteller Symantec.
Geht alles nach Plan, macht Google am 17. April mit Chrome 66 Ernst: Ab dann werden Nutzer gewarnt, wenn der Browser auf ein Symantec-Zertifikat trifft, das vor dem 1. Juni 2016 ausgestellt wurden. Chrome beschwert sich dann, dass die Verbindung nicht sicher sei und eventuell Daten von Dritten abgefangen werden könnten. Am 23. Oktober, wenn Chrome 70 erscheinen soll, wird es noch unangenehmer für die Besitzer von Seiten mit Symantec-Zertifikaten: Ab dann stuft Googles Browser alle Verbindungen, die Symantec-Zertifikate nutzen, als nicht vertrauenswürdig ein und warnt noch lauter. Ein Sicherheitstechniker der Firma Airbnb hat sich nun die Mühe gemacht, herauszufinden, wie viele Seiten genau betroffen sind.
Spiegel, Uni Hildesheim und Tesla mit betroffenen Zertifikaten
Das Skript, das Arkadiy Tetelman gebaut hat um eine Million der (laut Alexa-Ranking) meistbesuchten Seiten im Netz nach Symantec-Zertifikaten zu durchsuchen, lief elf Stunden und fand insgesamt 11.510 Domains, die im April Fehler produzieren werden. Weitere 91.627 Domains werden mit dem Chrome-Update im Oktober Warnmeldungen auslösen. Für Admins, die nachschauen wollen, ob die eigene Seite betroffen ist, hat Tetelman eine Textdatei zur Verfügung gestellt.
Unter anderem in der Liste:Das Bundesfinanzministerium, Spiegel Online, die Uni Hildesheim, wetter.de, die Stadt Nottingham und Elon Musks Elektroautohersteller Tesla.
Mit Chrome 66 und 70 im April und Oktober entzieht Google gut hunderttausend der wichtigsten Domains das Vertrauen, falls diese sich keine neuen SSL-Zertifikate besorgen. Das Ganze ist eine Bestrafungsaktion gegen den Zertifikatsaussteller Symantec.
Geht alles nach Plan, macht Google am 17. April mit Chrome 66 Ernst: Ab dann werden Nutzer gewarnt, wenn der Browser auf ein Symantec-Zertifikat trifft, das vor dem 1. Juni 2016 ausgestellt wurden. Chrome beschwert sich dann, dass die Verbindung nicht sicher sei und eventuell Daten von Dritten abgefangen werden könnten. Am 23. Oktober, wenn Chrome 70 erscheinen soll, wird es noch unangenehmer für die Besitzer von Seiten mit Symantec-Zertifikaten: Ab dann stuft Googles Browser alle Verbindungen, die Symantec-Zertifikate nutzen, als nicht vertrauenswürdig ein und warnt noch lauter. Ein Sicherheitstechniker der Firma Airbnb hat sich nun die Mühe gemacht, herauszufinden, wie viele Seiten genau betroffen sind.
Spiegel, Uni Hildesheim und Tesla mit betroffenen Zertifikaten
Das Skript, das Arkadiy Tetelman gebaut hat um eine Million der (laut Alexa-Ranking) meistbesuchten Seiten im Netz nach Symantec-Zertifikaten zu durchsuchen, lief elf Stunden und fand insgesamt 11.510 Domains, die im April Fehler produzieren werden. Weitere 91.627 Domains werden mit dem Chrome-Update im Oktober Warnmeldungen auslösen. Für Admins, die nachschauen wollen, ob die eigene Seite betroffen ist, hat Tetelman eine Textdatei zur Verfügung gestellt.
Unter anderem in der Liste:Das Bundesfinanzministerium, Spiegel Online, die Uni Hildesheim, wetter.de, die Stadt Nottingham und Elon Musks Elektroautohersteller Tesla.
The Internet of Things (IoT) market has begun to take off. Consumers can buy connected versions of nearly every household appliance available. However, despite its increasing acceptance by consumers, recent studies of IoT devices seem to agree that “security” is not a word that gets associated with this category of devices, leaving consumers potentially exposed.
To find out for ourselves how IoT devices fare when it comes to security, we analyzed 50 smart home devices that are available today. We found that none of the devices enforced strong passwords, used mutual authentication, or protected accounts against brute-force attacks. Almost two out of ten of the mobile apps used to control the tested IoT devices did not use Secure Sockets Layer (SSL) to encrypt communications to the cloud. The tested IoT technology also contained many common ulnerabilities.
All of the potential weaknesses that could afflict IoT systems, such as authentication and traffic encryption, are already well known to the security industry, but despite this, known mitigation techniques are often neglected on these devices. IoT vendors need to do a better job on security before their devices become ubiquitous in every home, leaving millions of people at risk of cyberattacks.
The Internet of Things (IoT) market has begun to take off. Consumers can buy connected versions of nearly every household appliance available. However, despite its increasing acceptance by consumers, recent studies of IoT devices seem to agree that “security” is not a word that gets associated with this category of devices, leaving consumers potentially exposed.
To find out for ourselves how IoT devices fare when it comes to security, we analyzed 50 smart home devices that are available today. We found that none of the devices enforced strong passwords, used mutual authentication, or protected accounts against brute-force attacks. Almost two out of ten of the mobile apps used to control the tested IoT devices did not use Secure Sockets Layer (SSL) to encrypt communications to the cloud. The tested IoT technology also contained many common ulnerabilities.
All of the potential weaknesses that could afflict IoT systems, such as authentication and traffic encryption, are already well known to the security industry, but despite this, known mitigation techniques are often neglected on these devices. IoT vendors need to do a better job on security before their devices become ubiquitous in every home, leaving millions of people at risk of cyberattacks.
Sicherheitsexperten haben eine Malware entdeckt, die sich offenbar schon seit mindestens fünf Jahren auf bestimmten Computersystemen befindet. Die perfekte Tarnung der Schadsoftware spricht für eine staatlich sanktionierte Entwicklung auf höchstem Niveau. Auch nach der Entdeckung bleiben Virenscanner dabei praktisch machtlos.
Sowohl Kaspersky Lab als auch Symantec haben Berichte zu der Malware veröffentlicht, schreibt t3n. Bei Kaspersky läuft die Software unter der Bezeichnung Project-Sauron und bei der Konkurrenz von Symantec hat man ihr den Namen Remsec gegeben, anderswo wird auch Strider verwendet. Der Supertrojaner verbreitet sich über USB-Sticks und umgeht dabei sogar Schutzmechanismen — und bleibt dank eines raffinierten modularen Aufbaus auf dem Zielsystem unerkannt.
Sicherheitsexperten haben eine Malware entdeckt, die sich offenbar schon seit mindestens fünf Jahren auf bestimmten Computersystemen befindet. Die perfekte Tarnung der Schadsoftware spricht für eine staatlich sanktionierte Entwicklung auf höchstem Niveau. Auch nach der Entdeckung bleiben Virenscanner dabei praktisch machtlos.
Sowohl Kaspersky Lab als auch Symantec haben Berichte zu der Malware veröffentlicht, schreibt t3n. Bei Kaspersky läuft die Software unter der Bezeichnung Project-Sauron und bei der Konkurrenz von Symantec hat man ihr den Namen Remsec gegeben, anderswo wird auch Strider verwendet. Der Supertrojaner verbreitet sich über USB-Sticks und umgeht dabei sogar Schutzmechanismen — und bleibt dank eines raffinierten modularen Aufbaus auf dem Zielsystem unerkannt.
An advanced piece of malware, known as Regin, has been used in systematic spying campaigns against a range of international targets since at least 2008. A back door-type Trojan, Regin is a complex piece of malware whose structure displays a degree of technical competence rarely seen. Customizable with an extensive range of capabilities depending on the target, it provides its controllers with a powerful framework for mass surveillance and has been used in spying operations against government organizations, infrastructure operators, businesses, researchers, and private individuals.
It is likely that its development took months, if not years, to complete and its authors have gone to great lengths to cover its tracks. Its capabilities and the level of resources behind Regin indicate that it is one of the main cyberespionage tools used by a nation state.
As outlined in a new technical whitepaper from Symantec, Backdoor.Regin is a multi-staged threat and each stage is hidden and encrypted, with the exception of the first stage. Executing the first stage starts a domino chain of decryption and loading of each subsequent stage for a total of five stages. Each individual stage provides little information on the complete package. Only by acquiring all five stages is it possible to analyze and understand the threat.
An advanced piece of malware, known as Regin, has been used in systematic spying campaigns against a range of international targets since at least 2008. A back door-type Trojan, Regin is a complex piece of malware whose structure displays a degree of technical competence rarely seen. Customizable with an extensive range of capabilities depending on the target, it provides its controllers with a powerful framework for mass surveillance and has been used in spying operations against government organizations, infrastructure operators, businesses, researchers, and private individuals.
It is likely that its development took months, if not years, to complete and its authors have gone to great lengths to cover its tracks. Its capabilities and the level of resources behind Regin indicate that it is one of the main cyberespionage tools used by a nation state.
As outlined in a new technical whitepaper from Symantec, Backdoor.Regin is a multi-staged threat and each stage is hidden and encrypted, with the exception of the first stage. Executing the first stage starts a domino chain of decryption and loading of each subsequent stage for a total of five stages. Each individual stage provides little information on the complete package. Only by acquiring all five stages is it possible to analyze and understand the threat.
Norton interviews with Internet Security expert Marian Merritt on the steps we can take to ensure that our mobile devices - our tablets and smartphones - are...
Today's evolved malware requires more than antivirus on the endpoint. Proactive protection involves a layered defense that includes Network Threat Protection...
Tune in to watch Security Spotlight's second episode, on Web-Based Attacks, also known as drive-by--downloads. Web-Based Attacks occur when cyber-criminals e...
Tune in to watch Security Spotlight's third episode, on Mobile Malware. In 2012, we saw a 58% increase in mobile malware, and it continues to grow. Cybercrim...
Sicherheitsexperten analysieren derzeit die Cyberattacken auf Südkorea und liefern die ersten Ergebnisse. Demnach wurde unter anderem eine Malware eingesetzt, die das Ziel hat, Linux-Rechner auszuschalten.
Microsoft annonce avoir fermé un nouveau botnet en collaboration avec Symantec et affectant les requêtes des internautes sur les moteurs de recherche.
Sur l'un de ses blogs officiels, Microsoft explique que le botnet en question, Bamital, était constitué d'environ huit millions d'ordinateurs zombies. Ces derniers étaient infectés d'un malware modifiant les liens cibles au sein des moteurs de recherche. Ce click jacking était opéré sur Google, Bing et Yahoo! ainsi que sur leurs plateformes publicitaires.
Gust MEES's insight:
Microsoft et Symantec ferment un botnet touchant 8 millions de PC
In a blog post on Wednesday, Symantec security researchers wrote they had discovered at least eight Google Play Store apps that functioned as fronts for a “new and highly prevalent type of Android malware” called Android.Sockbot. The apps in question presented themselves as skins for player characters in popular app Minecraft: Pocket Edition and boasted “an install base ranging from 600,000 to 2.6 million devices.”
In a blog post on Wednesday, Symantec security researchers wrote they had discovered at least eight Google Play Store apps that functioned as fronts for a “new and highly prevalent type of Android malware” called Android.Sockbot. The apps in question presented themselves as skins for player characters in popular app Minecraft: Pocket Edition and boasted “an install base ranging from 600,000 to 2.6 million devices.”
Researchers have unearthed highly advanced malware they believe was developed by a wealthy nation-state to spy on a wide range of international targets in diverse industries, including hospitality, energy, airline, and research.
Backdoor Regin, as researchers at security firm Symantec are referring to the trojan, bears some resemblance to previously discovered state-sponsored malware, including the espionage trojans known as Flame and Duqu, as well as Stuxnet, the computer worm and trojan that was programmed to disrupt Iran's nuclear program. Regin likely required months or years to be completed and contains dozens of individual modules that allowed its operators to tailor the malware to individual targets.
To remain stealthy, the malware is organized into five stages, each of which is encrypted except for the first one. Executing the first stage triggers a domino chain in which the second stage is decrypted and executed, and that in turn decrypts the third stage, and so on. Analyzing and understanding the malware requires researchers to acquire all five stages. Regin contains dozens of payloads, including code for capturing screenshots, seizing control of an infected computer's mouse, stealing passwords, monitoring network traffic, and recovering deleted files. Other modules appear to be tailored to specific targets. One such payload included code for monitoring the traffic of a Microsoft IIS server. Another sniffed the traffic of mobile telephone base station controllers.
Researchers have unearthed highly advanced malware they believe was developed by a wealthy nation-state to spy on a wide range of international targets in diverse industries, including hospitality, energy, airline, and research.
Backdoor Regin, as researchers at security firm Symantec are referring to the trojan, bears some resemblance to previously discovered state-sponsored malware, including the espionage trojans known as Flame and Duqu, as well as Stuxnet, the computer worm and trojan that was programmed to disrupt Iran's nuclear program. Regin likely required months or years to be completed and contains dozens of individual modules that allowed its operators to tailor the malware to individual targets.
To remain stealthy, the malware is organized into five stages, each of which is encrypted except for the first one. Executing the first stage triggers a domino chain in which the second stage is decrypted and executed, and that in turn decrypts the third stage, and so on. Analyzing and understanding the malware requires researchers to acquire all five stages. Regin contains dozens of payloads, including code for capturing screenshots, seizing control of an infected computer's mouse, stealing passwords, monitoring network traffic, and recovering deleted files. Other modules appear to be tailored to specific targets. One such payload included code for monitoring the traffic of a Microsoft IIS server. Another sniffed the traffic of mobile telephone base station controllers.
Eine chinesische Hacker-Gruppe soll laut Symantec Kundenaufträge für Cyber-Attacken rund um den Globus ausgeführt haben. Die Gruppe soll hauptsächlich US-amerikanische Organisationen angreifen, um Informationen zu stehlen.
Gust MEES's insight:
Die USA sind das primäre Ziel von Hidden Lynx: amerikanische Organisationen machen rund 53 Prozent der Angriffsopfer ausmachen. Mit weitem Abstand folgen Taiwan und China mit 16 beziehungsweise 9 Prozent.
Deutschland steht mit 2,2 Prozent auf Platz 7 der bevorzugt angegriffenen Länder – und damit noch vor Russland mit 1,7 Prozent. Besonders häufig sind die Finanzbranche, Luftfahrt, Rüstungsindustrie, Energiewirtschaft sowie Technologiefirmen betroffen. Aber auch Regierungsbehörden werden attackiert.
Security Spotlight is a program highlighting threat trends in online protection. Our topic this week is Ransomware. This is the first of 5 top security trend...
Tune in to watch Security Spotlight's fourth episode on Zero-based Vulnerabilities. These vulnerabilities are simply a pathway cybercriminals find to infiltr...
Symantec helps consumers and organizations secure and manage their information-driven world.
The ISTR, which covers the major threat trends observed by Symantec in 2012, reveals that cybercriminals view SMBs as a prime target for stealing information. In fact, the largest growth area for targeted attacks in 2012 was businesses with fewer than 250 employees; 31 percent of all attacks targeted them, representing a threefold increase from 2011.
Getting a clear understanding of the dangers is an important step in improving security, and this year’s report is a wake-up call that SMBs are now being specifically targeted by cybercriminals.
===> Mark your calendars to join #SMBchat and learn how to protect your small business from attackers. <===
Gust MEES's insight:
===> Mark your calendars to join #SMBchat and learn how to protect your small business from attackers. <===
Download the Report with a lot of infographics and WAKE UP!!! Get informed about the growing number of web based malware! When using e-Learning, m-Learning and "BYOD" (Bring Your Own Device) YOU should understand NOW that there is a MUST of having good PROTECTION on any device connecting to the Internet!!!
Gust MEES's insight:
Download the Report with a lot of infographics and WAKE UP!!! Get informed about the growing number of web based malware! When using e-Learning, m-Learning and "BYOD" (Bring Your Own Device) YOU should understand NOW that there is a MUST of having good PROTECTION on any device connecting to the Internet!!!
Download the Report with a lot of infographics and WAKE UP!!! Get informed about the growing number of web based malware! When using e-Learning, m-Learning and "BYOD" (Bring Your Own Device) YOU should understand NOW that there is a MUST of having good PROTECTION on any device connecting to the Internet!!!
Symantec Corp.’s (Nasdaq: SYMC) Internet Security Threat Report, Volume 18 (ISTR) today revealed a 42 percent surge during 2012 in targeted attacks compared to the prior year.
Designed to steal intellectual property, these targeted cyberespionage attacks are increasingly hitting the manufacturing sector as well as small businesses, which are the target of 31 percent of these attacks.
Small businesses are attractive targets themselves and a way in to ultimately reach larger companies via “watering hole” techniques.
===> In addition, consumers remain vulnerable to ransomware and mobile threats, particularly on the Android platform. <===
Gust MEES's insight:
===> In addition, consumers remain vulnerable to ransomware and mobile threats, particularly on the Android platform. <===
To get content containing either thought or leadership enter:
To get content containing both thought and leadership enter:
To get content containing the expression thought leadership enter:
You can enter several keywords and you can refine them whenever you want. Our suggestion engine uses more signals but entering a few keywords here will rapidly give you great content to curate.
Das Skript, das Arkadiy Tetelman gebaut hat um eine Million der (laut Alexa-Ranking) meistbesuchten Seiten im Netz nach Symantec-Zertifikaten zu durchsuchen, lief elf Stunden und fand insgesamt 11.510 Domains, die im April Fehler produzieren werden. Weitere 91.627 Domains werden mit dem Chrome-Update im Oktober Warnmeldungen auslösen. Für Admins, die nachschauen wollen, ob die eigene Seite betroffen ist, hat Tetelman eine Textdatei zur Verfügung gestellt.
Unter anderem in der Liste: Das Bundesfinanzministerium, Spiegel Online, die Uni Hildesheim, wetter.de, die Stadt Nottingham und Elon Musks Elektroautohersteller Tesla.
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/securite-pc-et-internet/?&tag=HTTPS