Submitted by Untrusted Network on 15. March 2016 - 20:35
ALEF NULA launched a new competition called ALEF Hacker Challenge last week. The intended aim is to compromise a specific system and gather data from it. Although not unique, it is an interesting competition and not only because the main price is 12 000 CZK.
Submitted by Untrusted Network on 11. November 2015 - 21:14
October was named European Month of Cyber Security and because of that, many events intended to raise cyber security awareness (such as Security Fest in Prague) were held during the 30 day period. Unfortunately, October has seen just as many new developments on the proverbial "dark side" of cyber security.
Submitted by Untrusted Network on 18. October 2015 - 18:43
Information concerning number of devices vulnerable to Heartbleed vulnerability has appeared in the news during September. Given that the existence of Heartbleed was made public almost a year and a half ago it may be surprising that the number of vulnerable devices exceeds 200.000.
Submitted by Untrusted Network on 8. September 2015 - 17:06
One of the most important information related to cyber security pertains to August release of a patch for the Stagefright vulnerability, to which almost all versions of the Android OS from versions 2.2 to version 5.1 are vulnerable. The existence of Stagefright had been made public at the end of July and it is estimated that vulnerable device number in hundreds of millions. The vulnerability enables the attacker to cause arbitrary code execution by sending a specially crafted MMS.
Submitted by Untrusted Network on 5. August 2015 - 10:27
The most important IT security-related news in July has definitely been the affair surrounding a theft of data from the Hacking Team – company, which develops commercial spyware intended for use by police departments and other security agencies.
Submitted by Untrusted Network on 18. July 2015 - 17:29
Probably the most interesting of security-related news in June has been an announcement by OPM (Office of Personnel Management of United States), organization which is responsible for HR services and administration of US federal employees, about an attack which exposed records for approximately four million current and past employees.
Submitted by Untrusted Network on 5. June 2015 - 0:00
May has been at least as rich on cybersecurity incidents and events as any of the previous months of the year. Some of the more important are described in the following text.
Submitted by Untrusted Network on 9. May 2015 - 20:51
During April, we have witnessed - among others - a discovery of an 18 years old "Redirect to SMB" vulnerability which can be used to attack all versions of Windows released since then. The vulnerability can be exploited in cases when attacker has some control over the network, enabling him to gain user login information by redirecting of network traffic to a malicious SMB (server message block) server.
Submitted by Untrusted Network on 1. April 2015 - 0:00
Looking back at March, probably the most important information security news has been discovery of a significant vulnerability (which could be exploited using a FREAK attack) in some TLS/SSL implementations, including the ones used by Windows operating systems.
Submitted by Untrusted Network on 10. March 2015 - 13:57
Researchers from Google's Project Zero have released information about a new attack based on flipping bits in DDR3 memory. The attack uses approach called Rowhammer which was devised last year by a team from Carnegie Mellon University and Intel Labs.