3r3-31.
 
In 195? mathematician Leonard Savage published a paper on how people process information during decision making. The main axiom, which Savidge operated on, is the sure thing principle, the “principle of inevitability”. According to her, in the decision-making process, consumers consider many different inputs. They mentally evaluate and discard those data that are important, but not enough to change the already made decision.
 
 
As an example, Savage cited the desire to buy real estate. The potential buyer believes that prior deliberation will significantly affect the final result. However...

A new study from Honeywell found that removable USB drives "suddenly" pose a threat, described as "significant and deliberate", to protect industrial process control networks.
 3r3391.

 3r3391.
In 3r314. report 3r3383. reported that 44% of the analyzed USB-drives were detected and blocked at least one file that threatened security. was published. study , made by Australian experts from the University of Adelaide. They tested more than 50 computers and external USB hubs and found that more than 90 percent of them transfer information to an external USB device that is not a direct destination for data ...

 
3r3-31.  
 
Specialists from the Group-IB incident monitoring and response department, an international company specializing in the prevention of cyber attacks, prepared a webinar on “Intelligence-driven SOC and can we do without it?”. The webinar will start r3r39. December 1? 2018 at 11:0? 3-33-310. (MSC) will hold it 3r339. Alexander Kalinin 3r3-10. , head of the CERT-GIB incident monitoring and response department.
 
 
3r3355. Why join the webinar?
 
At the webinar, you will learn how information security incidents of varying degrees of severity work. CERT-GIB is a 24-hour response center.
 
 
We ...

Yesterday, on Tuesday, at about 10 p.m. Moscow, Microsoft rolled out patches for new vulnerabilities, thereby giving a start to the monthly race between security administrators and intruders. While the former are checking whether the installation of updates of critical business servers will drop into a blue screen, the latter will disassemble the code of the updated libraries and try to create working exploits for still vulnerable systems.
 3r3355.
 3r3355. For lovers of details - a short reference to the new vulnerabilities under the cut.
 3r3355.
 3r3355.
 3r3355. ...

 

A fragment of the motherboard included console

 
 
On Habré already wrote 3r362. about PlayStation Classic, which is a PlayStation One hardware emulator. Unfortunately, the number of games sewn by the developers of the console in its memory is limited to 20 titles. But there were already craftsmen who removed this limit and taught the console to work with a flash drive - games can be downloaded directly from the drive.
 
 
It turned out that the cryptographic protection of the device is weak, so it was easy to crack the prefix. Burglars - professionals in the field of modification and hack of consoles...

 
Dynamic testing is conducted to identify vulnerabilities during the operation of the application. In this article I want to share several ways to test the application for Android. Also show how to configure and configure hardware. Who cares, welcome under cat.
 
Hacken apply to work. There is also a module for automated testing in the MobSF framework, but this requires a separate article. 3r33333.
! function (e) {function t (t, n) {if (! (n in e)) {for (var r, a = e.document, i = a.scripts, o = i.length; o-- ;) if (-1! == i[o].src.indexOf (t)) {r = i[o]; break} if (! r) {r = a.createElement ("script")...[/o][/o]

Hello! My name is Roman Frank, I am a specialist in information security. More recently, I worked in a large company in the security department (technical protection). I had 2 problems: there were no normal modern technical means of protection and money for security in the budget. But I had free time to study software solutions, about one of them - StaffCop Enterprise - I want to tell you in detail today.
 
 
Experience has shown me that 90% of the time I spent on identifying and investigating information leaks myself, with the program is solved in a few minutes. I was so absorbed in the technical ...

 
 
Relatively recently, we published an open-access mini-course "3r3-39. Check Point for a maximum of 3r3-3209.". There we tried briefly and with examples to consider the most frequent errors in the Check Point configuration from the point of view of information security. In fact, we told you what the default settings are bad for and how to tighten the screws. The course (unexpectedly for us) received pretty good reviews. After that, we received several requests for a brief “squeeze” of this material - 3r3144. security checklist [/b] . We decided that this is a good idea, and therefore we publish this ...

At the end of the year, Kaspersky Lab releases a traditional set of reports, summing up the year and forecasting the development of cyber threats to the next. Today - a brief extract from documents, the full versions of which can be read on the links:
 
3r3125.  
 
Important events of 201? 3s3-3122.
 
Statistics for the year 2018 3r3122.
 
Forecast of cyber threats in 2019 3r3122.
 
3r3125.  
We highlight the main topics: the evolution of targeted attacks, the emergence of new APT-groups with a fairly simple (but effective) malicious arsenal; the use of IoT for targeted attacks, and for mass; reducing the number ...

Sit down, I have news that shocks you now
 
 
In Linux operating systems, there is an overt vulnerability that allows a user with low privileges to execute any systemctl command (and even become root - translator’s comment) if its UID is greater than 2147483647.
 
 

 
proof-of-concept (PoC) to successfully demonstrate a vulnerability that requires a user with a UID of ?00?00?000. 3r3127.  
 
Red Hat recommends that system administrators not allow any negative UID or UID greater than 2147483646 to mitigate the problem before the patch is released.
 
 
[h3] Several methods of operation from the translator ...[/h]