Why consumers are not afraid of identity theft

 
3r3-31.
Why consumers are not afraid of identity theft  
In 195? mathematician Leonard Savage published a paper on how people process information during decision making. The main axiom, which Savidge operated on, is the sure thing principle, the “principle of inevitability”. According to her, in the decision-making process, consumers consider many different inputs. They mentally evaluate and discard those data that are important, but not enough to change the already made decision.
 
 
As an example, Savage cited the desire to buy real estate. The potential buyer believes that prior deliberation will significantly affect the final result. However...
+ 0 -

USB devices - "sudden" threat

A new study from Honeywell found that removable USB drives "suddenly" pose a threat, described as "significant and deliberate", to protect industrial process control networks.
 3r3391.
USB devices - "sudden" threat
 3r3391.
In 3r314. report 3r3383. reported that 44% of the analyzed USB-drives were detected and blocked at least one file that threatened security. was published. study , made by Australian experts from the University of Adelaide. They tested more than 50 computers and external USB hubs and found that more than 90 percent of them transfer information to an external USB device that is not a direct destination for data ...
+ 0 -

Webinar Group-IB "Intelligence-driven SOC and is it possible to do without it?"

 
3r3-31. Webinar Group-IB "Intelligence-driven SOC and is it possible to do without it?"  
 
Specialists from the Group-IB incident monitoring and response department, an international company specializing in the prevention of cyber attacks, prepared a webinar on “Intelligence-driven SOC and can we do without it?”. The webinar will start r3r39. December 1? 2018 at 11:0? 3-33-310. (MSC) will hold it 3r339. Alexander Kalinin 3r3-10. , head of the CERT-GIB incident monitoring and response department.
 
 
3r3355. Why join the webinar?
 
At the webinar, you will learn how information security incidents of varying degrees of severity work. CERT-GIB is a 24-hour response center.
 
 
We ...
+ 0 -

Exploit Wednesday December 2018: for tests of time patches to spare - drove

Yesterday, on Tuesday, at about 10 p.m. Moscow, Microsoft rolled out patches for new vulnerabilities, thereby giving a start to the monthly race between security administrators and intruders. While the former are checking whether the installation of updates of critical business servers will drop into a blue screen, the latter will disassemble the code of the updated libraries and try to create working exploits for still vulnerable systems.
 3r3355.
 3r3355. For lovers of details - a short reference to the new vulnerabilities under the cut.
 3r3355.
 3r3355. Exploit Wednesday December 2018: for tests of time patches to spare - drove
 3r3355. ...
+ 0 -

PlayStation Classic hacked, now games can be run from a flash drive

+ 0 -

Dynamic testing of Android applications

Dynamic testing of Android applications  
Dynamic testing is conducted to identify vulnerabilities during the operation of the application. In this article I want to share several ways to test the application for Android. Also show how to configure and configure hardware. Who cares, welcome under cat.
 
Hacken apply to work. There is also a module for automated testing in the MobSF framework, but this requires a separate article. 3r33333.
! function (e) {function t (t, n) {if (! (n in e)) {for (var r, a = e.document, i = a.scripts, o = i.length; o-- ;) if (-1! == i[o].src.indexOf (t)) {r = i[o]; break} if (! r) {r = a.createElement ("script")...[/o][/o]
+ 0 -

Investigation of security incidents with StaffCop Enterprise 4.4

Investigation of security incidents with StaffCop Enterprise 4.4Hello! My name is Roman Frank, I am a specialist in information security. More recently, I worked in a large company in the security department (technical protection). I had 2 problems: there were no normal modern technical means of protection and money for security in the budget. But I had free time to study software solutions, about one of them - StaffCop Enterprise - I want to tell you in detail today.
 
 
Experience has shown me that 90% of the time I spent on identifying and investigating information leaks myself, with the program is solved in a few minutes. I was so absorbed in the technical ...
+ 0 -

Check Point for Check Point Security Settings

Check Point for Check Point Security Settings  
 
Relatively recently, we published an open-access mini-course "3r3-39. Check Point for a maximum of 3r3-3209.". There we tried briefly and with examples to consider the most frequent errors in the Check Point configuration from the point of view of information security. In fact, we told you what the default settings are bad for and how to tighten the screws. The course (unexpectedly for us) received pretty good reviews. After that, we received several requests for a brief “squeeze” of this material - 3r3144. security checklist [/b] . We decided that this is a good idea, and therefore we publish this ...
+ 0 -

Security Week 50: forecasts for 2019

Security Week 50: forecasts for 2019 At the end of the year, Kaspersky Lab releases a traditional set of reports, summing up the year and forecasting the development of cyber threats to the next. Today - a brief extract from documents, the full versions of which can be read on the links:
 
3r3125.  
 
Important events of 201? 3s3-3122.
 
Statistics for the year 2018 3r3122.
 
Forecast of cyber threats in 2019 3r3122.
 
3r3125.  
We highlight the main topics: the evolution of targeted attacks, the emergence of new APT-groups with a fairly simple (but effective) malicious arsenal; the use of IoT for targeted attacks, and for mass; reducing the number ..
.
+ 0 -

Unprivileged Linux users with UID> INT_MAX can execute any command.

Sit down, I have news that shocks you now
 
 
In Linux operating systems, there is an overt vulnerability that allows a user with low privileges to execute any systemctl command (and even become root - translator’s comment) if its UID is greater than 2147483647.
 
 
Unprivileged Linux users with UID> INT_MAX can execute any command.
 
proof-of-concept (PoC) to successfully demonstrate a vulnerability that requires a user with a UID of ?00?00?000. 3r3127.  
 
Red Hat recommends that system administrators not allow any negative UID or UID greater than 2147483646 to mitigate the problem before the patch is released.
 
 
[h3] Several methods of operation from the translator ...[/h]
+ 0 -