Prima pagina Vizualizeaza site-ul in limba:   RO Romana

Abonare newsletter:

How Just Visiting A Site Could Have Hacked Your iPhone or MacBook Camera

If you use Apple iPhone or MacBook, here we have a piece of alarming news for you. Turns out merely visiting a website — not just malicious but also legitimate sites unknowingly loading malicious ads as well — using Safari browser could have let remote attackers secretly access your device's camera, microphone, or location, and in some cases, saved passwords as well.


Zoom issues lets hackers steal Windows credentials

Zoom issues fix for UNC vulnerability that lets hackers steal Windows credentials via chat. After this story and others went live April 1, Zoom CEO Eric Yuan addressed Zoom security and other issues in a blog post. Part of the blog post detailed a bug fix to be released, which would fix the UNC vulnerability described in our original story, among other things. The fix appears to be pushing out automatically to users. An unpatched vulnerability within Zoom allows an attacker to drop a malicious link into a chat window and use it to steal a Windows password, according to reports.


Hacked in Translation – from Subtitles to Complete Takeover

Check Point researchers revealed a new attack vector which threatens millions of users worldwide – attack by subtitles. By crafting malicious subtitle files, which are then downloaded by a victim’s media player, attackers can take complete control over any type of device via vulnerabilities found in many popular streaming platforms, including VLC, Kodi (XBMC), Popcorn-Time and strem.io. We estimate there are approximately 200 million video players and streamers that currently run the vulnerable software, making this one of the most widespread, easily accessed and zero-resistance vulnerability reported in recent years.


Migrating to McAfee Endpoint Security

End-Point Security 2017 March 14 

“When you move from a tiny apartment, it doesn’t take long and you can use a Honda Civic,” says Desktop Security Manager Mehdi Harandi, who oversees endpoint security at Fairfax County Public Schools, the 11th largest school district in the U.S. “But when you try to move from a five-bedroom house, it takes a lot more time and the Civic just won’t cut it anymore; you need an 18-wheeler.”


McAfee Endpoint Protection for SMB

McAfee Endpoint Protection for SMB provides superior security, specifically designed for small and medium-size businesses. It combines McAfee’s award-winning threat protection technologies with web and messaging security and data protection — all to secure your internal IT infrastructure — plus rigorous mobile security and mobile device management that provide controlled access to your corporate network.


Kerio Control UTM firewall

Kerio Control este un UTM Firewall premiat in industria IT, care raspunde perfect nevoilor de securitate ale companiilor de nivel mediu si small business.

Update-urile de securitate ale Kerio Control se efectueaza in mod automat, acesta auto-detectand si auto-prevenind posibile amenintari; pentru administratorii de retea


McAfee si Intel lanseaza DeepSAFE™

DeepSAFE este prima tehnologie dezvoltata de catre McAfee si Intel in colaborare.
Primul produs care va utiliza tehnologia DeepSAFE a fost anuntat la conferinta McAfee FOCUS 11, in Las Vegas in perioada 18 – 20 octombrie 2011.


IT Point Services reseller autorizat

  • Dell partnerdirect registered 2011 rgb
  • Int security i hrz rgb 3000
  • Keriopartner
home » Stiri » Zoom issues lets hackers steal Windows credentials « Inapoi la pagina anterioara

Zoom issues lets hackers steal Windows credentials

A hacker could use an attack called a UNC path injection to expose credentials, according to an attack posted on Twitter and subsequently followed up with an additional video. According to The Hacker News, that's because Windows exposes a user's login name and password to a remote server when attempting to connect to it and download a file. 

zoom hack imageHackerFantastic / Twitter

All an attacker needs to do is to send a link to another user and convince them to click it, for the attack to commence. Though the Windows password is still encrypted, the hack claims it can be easily decrypted by third-party tools if the password is a weak one. 

As Zoom gains in popularity, it's caught the eye of the security community, which is more closely examining the videoconferencing software for weaknesses. Last year, a flaw surfaced that potentially would allow remote users to join a Mac user to a call, then turn their camera on without permission. That flaw was patched. Zoom hasn't, however, announced a fix for the current bug. 

The Hacker News recommends either using the Windows security policy settings to turn off the automatic transmission of NTML credentials to a remote server, or else just use the Zoom client for the Web.

Articol source: https://bit.ly/2UU8M6B