ZK-snarks as a general class have not been defeated. If they were this would have big implications for the wider world, not just crypto. The particular implementation of zk-snarks in the Zcash project has been a little sketchy in the past :
https://cyware.com/news/zcash-team-fixes-serious-vulnerability-that-allowed-counterfeiting-f4c2cbbd
I wouldn't say it's impossible that there is an issue that needs to be fixed in Zcash. But the underlying algorithm is not known to be flawed as far as I know.
[UPDATE]
https://twitter.com/moneyknowledge0
Twitter user explains issue - I think OP is being disingenuous not posting this.
Apart from this being just one example, another one here, the fact that some measure fails to do what it claims doesn't mean I don't understand it.
99% that no, there are some very sophisticated attacks on airgapped computers, it's very unlikely that it will be used against you.
https://en.wikipedia.org/wiki/Air-gap_malware
https://threatpost.com/air-gap-attack-turns-memory-wifi/162358/
https://cyware.com/news/military-grade-air-gapped-networks-under-attack-96d6525b/
Friendly reminder that 2FA using SMS is not secure. If you are well known enough to be a target, you need to be using physical security keys.
https://cyware.com/news/understanding-sim-swapping-and-cloning-attack-techniques-230934eb
This is my favorite: https://cyware.com/cyber-security-news-articles
But there are quite a few posts in this subreddit with large selections of sources.
I mean it's more critical for domains / businesses / groups of PCs than for individual home users, but pick any 10 articles and then think about not updating
They're one of the apps (along with DuoLingo, Yelp & the rest on that list that was published awhile back that report all your data & then some to Facebook, regardless if you have an account of not.
Sorry for sounding pessimistic, but nothing is safe online! We are seriously living in the times where we created network systems that can withstand nuclear attacks but are vulnerable to toasters. There are measure we can take to protect our own accounts and keep ourselves safe from phishing attacks but what are going to do when the system itself is vulnerable? Avoid putting your social media accounts at risk by implementing these five simple tips: Be selective with third-party applications; Use strong passwords; Install antivirus software; Enable two-factor authentication; Move passwords to a management program.
For example, just by a quick search for Android 7, a 6-year-old version of Android:
CVE-2019-2107, see also here.
There are loads of remote code execution vulnerabilities in older (and even recent) Android versions. That’s the main reason that there are regular security updates. Just search CVE Details or other CVE archive sites.
Thanks for you reply. Yes, I just found a website warning about it:
https://cyware.com/news/new-click-fraud-scam-uses-fake-checkra1n-ios-jailbreak-d853acf2
They say: " this site urges users to download a malicious “mobileconfig” profile which allows the scammer to conduct click fraud."
The good news is I figured out how to remove the profile.
Do you think this should be enough, or do I really need to delete my phone and start over?
It took me hours to transfer all the data from my old phone to my new one - so I'm dreading doing it again!
0patch provides security updates for Windows 7 through Windows 10. They patch more competently than Microsoft patches do. In fact, 0patch offers free zero day patches that work, or fix broken ones put out by Microsoft. Here's the most recent one. https://cyware.com/news/0patch-releases-unofficial-patches-for-cve-2021-24084-windows-10-zero-day-12ee6b49/
Katanya cara hacker dapat akses karena engineer yang gak sengaja taruh credentials secara public. Biasanya token di bash_profiles yang ikutan terupload ke github.
https://cyware.com/news/deciphering-shinyhunters-data-breach-tactics-57277468
Your submission has been removed because this link has been posted on the subreddit recently.
OP: /u/Notelbaxy
Date: 2021-07-07 11:06:08
Duplicates:
N | User | Date | Posted... | URL | Title |
---|---|---|---|---|---|
1 | /u/ruthsoi | 2021-07-07 10:15:06 | 51 minutes before | url | Attackers Accelerating Ransomware Attacks on ICS Networks |
I am a bot. If you believe this was sent in error, reply to this comment and a moderator will review your post. Do not delete your post or moderators won't be able to review it.
Do you mean symmetric and asymmetric? If so this link explains it fairly well and should be easy enough to follow.
May surprise you to know that they are the only 4.3% of hacking attacks originate from Russia. First is China, second is the US and third is Turkey. News isn't interested in reporting about hacks that aren't from Russia or (to a lesser extent) China.
Puede sonar arriesgado, pero se me ocurren ciertas opciones:
El problema es que (como dijo una persona arriba en los comentarios que compartió este link de <em>cyware.com</em>) el rut sigue siendo de conocimiento público y en Chile se utiliza demasiado para realizar trámites o movimientos bancarios. No sé como sentirme al respecto.
They don't, but they have lots of hackers. https://cyware.com/news/top-10-countries-with-most-hackers-in-the-world-42e1c94e
Yeah I’m sure it works fine, but it’s still a wide open back door that people have broken before and will break again. It’s security theater, all cloud-based security is. It’s impossible to create a totally secure system if it’s phoning home to some corporation. They will never be ahead of the game. The best home security is closed circuit, or at least a home brew solution.
Also their ad straight up plays into peoples fears. It’s disgusting and I don’t get why the boys can play the ad and turn around and talk about Fox News doing the same thing.
> 3) The cryptocurrency most profitable to mine on the average Joes PC infected by a botnet is Monero especially now that it's CPU based.
Like other people here I would absolutely love to get hold of some good estimates how much Monero mining is done by botnets right now. Quite in general it has been somewhat quiet on the botnet front lately, whether Monero-related or not, as far as I can tell. That bots could mine Monero is undisputed, but it's not clear whether they actually do right now, and to what extent.
The latest major news about botnets I currently recall is Microsoft taking down a very large one, even called "the world's largest". It seems there was indeed a Monero mining "plugin" for the Necurs bot.
This may not be a reliable source. The purpose of the website in question is to sell a product. Please resubmit your post with a link to an internationally recognized news organization or an recognized institution.
If you believe we made a mistake, please let us know.
It's very funny to be dowvoted when you present facts. Here is an other explanation that might be easier to understand. I hope you will read it instead of downvoting just for your pleasure:
Do you not have IT Security where you're from?
Because IT security is supposed to block all websites that are not related to work and they're supposed to disable USB ports.
the problem is even antivirus installed could not block some new forms ransomeware https://cyware.com/news/undetectable-c-based-ransomware-discovered-4d876bf9 , the only good option is to use windows sandbox to open susceptible files or use some remote scanning solutions as a sandbox.
Why not have optional arguments then? It's just an unnecessarily easy way to make mistakes for no good reason. Why not use C all the time, if stupidity is the only reason mistakes are made? It's faster at least, and you don't lose too much expressiveness since you can just cast anything to a void *
or use varargs.
If you're saying the only reason npm
is bad is because someone is too stupid to read docs, you are implying anyone who uses Purescript is an idiot
Sure dude, we're still living in 1995 https://cyware.com/news/new-mac-malware-lamepyre-can-spy-on-you-and-run-a-backdoor-7938b695
You can very well learn by yourself (although you cannot expertise the field), there are a lot of reading material available online. To begin with, you should be flair with a handful of languages including C, Java, PHP, Perl and Python. Apart from these basic languages you also need to arm yourself with thorough knowledge of markup based languages which include HTML, XML, and data formats such as Protobuf and Json. Also learn OS and Network Systems. If you need any ethical hacking tools, to check the security apparatus of their organization’s networks and look out for any vulnerabilities and loop-holes; try with MetaSpoilt. There are more tools to suit your needs - check here
I understand that we need a system to store all passwords we cannot remember. A password manager makes good security as easy as possible. But, aren't password manager sites equally vulnerable. I mean, what if your LastPass account gets hacked?
I agree with this article, but let's not forget upcoming technological advancements like AI and machine learning. Although billions of dollars are spent on cybersecurity, the number of reported cyber attacks and the magnitude of breaches keep rising. There are many frontiers where harnessing the predictive power of AI might give the upper hand to security vendors — and to us all, including individuals and businesses.
On the contrary, people have started spending a lot on cybersecurity field. Cost of handling cyberattacks is expected to rise to $2.1 trillion by 2019. Companies are very active in hiring and retaining talent. So, you need not worry.
The future of ransomware is IoT . As more devices are getting connected to internet, it is becoming easy for hackers to find vulnerabilities and exploit it through ransomware.
I generally prefer Avast over other antivirus. Avast allows users to maintain top notch security levels in their computer. With just a single click, the user can get a detailed report citing vulnerabilities, risky browser add-ons, weak passwords and the malicious software it has just removed from your PC. Though antivirus with similar features are also available in the market, what distinguishes Avast Free Antivirus is its performance. It does not slow down your computer.
The measures undertaken in this law form an integral part of the sweeping push that President Xi Jinping is giving to further consolidate control over the internet in China. Some salient features of the new law: Imposes mandatory testing and certification of computer equipment; Requires companies to give government investigators full access to their data if wrong-doing is suspected; Makes censorship a matter of cybersecurity, threatening to punish companies that allow unapproved information to circulate online.
The election will go on, even if hackers attack. With cybersecurity researchers raising the specter of a cyber attack on Election Day state and local officials are doubling down on a different message: no matter what, the final vote will be legitimate.
Swiss Railway Ticket Machines are also getting ready to sell Bitcoin. From 11 November, customers will be able to trade Swiss francs for Bitcoins using ticket machines. Transactions will be capped at 500 Swiss Francs (£415 / $500) each. One Bitcoin currently equals around 708.64 Swiss Francs - https://cyware.com/news/swiss-railway-ticket-machines-to-sell-bitcoin-digital-currency-77548295
Cisco Systems is making a play for the fundamental process of putting IoT devices online, promising greater ease of use and security as enterprises prepare to deploy potentially millions of connected objects. They’ve gone into DNA (Digital Network Architecture), Cisco’s blueprint for building automated and virtualized networks. https://cyware.com/news/cisco-says-itll-make-iot-safe-as-it-owns-the-network-d4cd36d4
Make sure you look up if you are eligible to take these certifications. Most of these courses have eligibility criteria. Apart from CCNA, I suggest you to look up Certified Information Security Manager (CISM)It also includes material on broader issues such as how to govern information security as well as on practical issues such as developing and managing an information security program and managing incidents.
The point of view in the certification is that of widely accepted cross-industry best practices, where information security gets its justification from business needs. The implementation includes information security as an autonomous function inside wider corporate governance. You can find more info about the course here - https://cyware.com/journal/top-five-cybersecurity-certifications/
Hope this helps!
There are many certification courses you can look for and learn some basic online tools which will help you. Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Ethical Hacker, Certified Information Systems Security Professional (CISSP) these are some certification courses you can take up. Also start learning and using tools like MetaSploit, Nmap etc. I would suggest starting with Nmap, as it is available for all major OS. Nmap was basically designed for scanning large networks however it works fine on small networks as well. You can look up various other options you have at https://cyware.com/journal/top-5-ethical-hacking-tools-2016/