• It chevron_right

    V Česku stále dominují útoky na uživatelská hesla / itbiz · Friday, 15 May - 10:42 edit

Za celou čtvrtinou detekcí stál v dubnu malware Spy.Agent.AES. Během velikonočních svátků byli Češi cílem významné spamové kampaně. Během ní útočníci šířili malware s cílem získat uživatelská hesla. Vyplývá to z pravidelného přehledu nejčastějších hrozeb v Česku, který připravuje společnost ESET. Nejčastější hrozbou byl v dubnu v ČR malware Spy.Agent.AES a to navzdory tomu, že […]
  • It chevron_right

    Práce z domova vyžaduje zabezpečení softwarově definovaných sítí WAN / itbiz · Thursday, 14 May - 12:05 edit

Aktuální situace zvýšila podíl lidí pracujících z domova a s tím samozřejmě i poptávku po souvisejících technologiích. Vzdálená práce, respektive přístup k datům a aplikacím kdykoliv a odkudkoliv, představují navíc obecné trendy, které pandemie koronaviru pouze urychlila. Jaké zásady a doporučené postupy (best practices) by podniky měly používat, aby se při opatřeních zajišťujících kontinuitu podnikání […]
  • Ar chevron_right

    Riot turns on ability to turn off kernel-level anti-cheat tool / ArsTechnica · Tuesday, 28 April - 14:00

Riot Games announced last night that a new update to the Vanguard anti-cheat system used in Valorant will let users disable and/or easily uninstall the kernel-level security driver via a system tray icon.

That doesn't mean cheaters can just turn off the anti-cheat tool and do whatever they want, though—Vanguard still needs to be installed and running to actually play Valorant . If you shut off the service from the system tray, you'll have to restart your entire system before loading up Valorant . And if you uninstall Vanguard altogether, it will automatically be re-installed when you launch the game, requiring another restart.

The system tray tool will also notify users when Vanguard blocks certain third-party apps from running on your system. Users can disable Vanguard at that point and run the suspect app normally.

Read 5 remaining paragraphs | Comments

I2P Browser is for anyone who wants to protect their privacy either for preference or safety. It enables netizens to defend themselves from tracking, surveillance, spyware and in some cases it will help to circumvent censorship.
Like other browsers, I2P Browser enables you to browse and search the internet. I2P Browser however, is very focused on the privacy rights of the user and does not monetize data in trade of your privacy.

#i2p #browser #privacy #security

Invisible Internet Protocol:
Network without borders

We are building network which helps people to communicate and share information without restrictions.

Free from censorship. Free from privacy violations.

i2pd (I2P Daemon) is a full-featured C++ implementation of I2P client

I2P (Invisible Internet Protocol) is a universal anonymous network layer. All communications over I2P are anonymous and end-to-end encrypted, participants don't reveal their real IP addresses.

I2P client is a software used for building and using anonymous I2P networks. Such networks are commonly used for anonymous peer-to-peer applications (filesharing, cryptocurrencies) and anonymous client-server applications (websites, instant messengers, chat-servers).

I2P allows people from all around the world to communicate and share information without restrictions.

#i2p #browser #privacy #security
  • Ar chevron_right

    SBA says data breach may have affected almost 8,000 loan applicants / ArsTechnica · Wednesday, 22 April - 01:46

Three people stand by a podium in front of the White House logo.

Enlarge / Small Business Administrator Jovita Carranza is flanked by Donald Trump and Secretary of Treasury Steve Mnuchin on April 2, 2020. (credit: Win McNamee/Getty Images )

Almost 8,000 business owners who applied for a loan from the Small Business Administration may have had their personal information exposed to other applicants, the SBA admitted on Tuesday.

The breach relates to a long-standing SBA program called Economic Injury Disaster Loans (EIDL). It has traditionally been used to aid owners whose businesses are disrupted by hurricanes, tornadoes, or other disasters. It was recently expanded by Congress in the $2.2 trillion CARES Act. In addition to loans, the law authorized grants of up to $10,000 that don't need to be paid back.

The EIDL program is separate from the larger Paycheck Protection Program that was also part of the CARES Act. The SBA says that PPP applicants were not affected by the breach.

Read 7 remaining paragraphs | Comments

  • Ar chevron_right

    Riot addresses “kernel-level driver” concerns with expanded bug bounties / ArsTechnica · Monday, 20 April - 15:05 · 1 minute


Enlarge / Artist's conception of hackers lining up for these new bug bounties.

Last week, we took a look at the new Vanguard anti-cheat system being used in Riot's Valorant and the potential security risks of the kernel-level driver it utilizes. Now, in an effort to allow "players to continue to play our games with peace of mind," Riot says it is "putting our money where our mouth is" with an expanded bug bounty program , offering more money for the discovery of Vanguard vulnerabilities.

Bug bounties aren't new to the gaming industry or even to Riot Games, which says it has paid out nearly $2 million in such rewards since launching its bounty program in 2016 . But Riot is now offering "even higher bounties" of up to $100,000 specifically for the discovery of "high quality reports that demonstrate practical exploits leveraging the Vanguard kernel driver."

The largest bounties in Riot's newly expanded program are available to attacks that are able to exploit the Vanguard driver to run unauthorized code at the kernel level—something of a nightmare scenario that could give an attacker full, low-level access to a machine—but exploits that merely provide "unauthorized access to sensitive data" will also be rewarded. The bounties apply to network-based attacks that need no user interaction, vulnerabilities that require user action (like clicking on a malicious link), and exploits that require "guest user" access to the system itself, in declining order of potential reward.

Read 6 remaining paragraphs | Comments

  • Ar chevron_right

    US Senate tells members not to use Zoom / ArsTechnica · Thursday, 9 April - 14:17

Photograph of US Capitol building.

Enlarge / The Senate's IT security team can't protect senators' and staffers' own devices and accounts. Sen. Ron Wyden (D-Ore.) wants to change that. (credit: Martin Falbisoner / Wikimedia Commons )

The US Senate has become the latest organization to tell its members not to use Zoom because of concerns about data security on the video conferencing platform that has boomed in popularity during the coronavirus crisis.

The Senate sergeant at arms has warned all senators against using the service, according to three people briefed on the advice.

One person who had seen the Senate warning said it told each senator’s office to find an alternative platform to use for remote working while many parts of the US remain in lockdown. But the person added it had stopped short of officially banning the company’s products.

Read 13 remaining paragraphs | Comments