24.05.2016 17:34:00 Quelle: https://packetstormsecurity.com/

Adobe Patches Connect Untrusted Search Path Vulnerability

24.05.2016 17:33:00 Quelle: http://www.chip.de/

4K-"Nano-Crystal"-TV im Amazon-Deal: Samsung-UHD-TV zum Spottpreis

Amazon verkauft Samsungs flachen UHD-Fernseher JU6850 im Blitzangebot vergünstigt. Am 10.08. gibt es gleich zwei Modelle zum Schnäppchenpreis, denn Interessenten können das Gerät mit 50 oder 55 Zoll Bilddiagonale kaufen.

    ext. Link anzeigen

25.05.2016 01:31:00 Quelle: http://www.eweek.com/

Microsoft Tackles Office Mobile Accessibility, Adds Excel Toolset

Microsoft announces upcoming accessibility enhancements for Office 365 Android and iOS apps and adds several new data transformation options to Excel.

    ext. Link anzeigen | ext. Link in deutsch (Testphase)

25.05.2016 03:53:00 Quelle: http://go.theregister.com/

iPhone Error 53 plaintiffs say Apple not giving reimbursements

Filing challenges the attempt to throw out class action suit

A class of iPhone owners say that Apple has not lived up to its promise to reimburse customers for bricked handsets.…

der Autor auf            ext. Link anzeigen | ext. Link in deutsch (Testphase)

17.05.2016 18:28:00 Quelle: http://www.networkworld.com/

Quaker Oats threatens to sue actual Quakers for trademark infringement

A gray hat replacing the Locky ransomware payload with a PSA, Windows 10 to double the number of ads after the Anniversary Update, and Quaker Oats threatening to sue actual Quakers for trademark infringement are some of the varied bits and bytes which caught my attention today.

New Locky ransomware PSA

The command and control servers for Locky ransomware were previously hacked to show a “Stupid Locky” message instead of locking a victim’s machine, but F-Secure researcher Sean Sullivan discovered “a similar grey hat hack” that delivers a PSA to would-be Locky victims.

To read this article in full or to leave a comment, please click here

der Autor auf            ext. Link anzeigen | ext. Link in deutsch (Testphase)

23.05.2016 18:23:00 Quelle: http://www.v3.co.uk/

Windows Phone looks dead and buried with under one per cent of Q1 smartphone sales

Windows Phone looks dead and buried with under one per cent of Q1 smartphone sales

BlackBerry fares even worse

    ext. Link anzeigen | ext. Link in deutsch (Testphase)

25.05.2016 01:55:00 Quelle: http://www.reddit.com/

Help finding password manager

Not sure if this is the right place, but do any of you know of a password manager to actually works with applications in Windows? Thinking save passwords for RDP, Excel/Word Spreadsheets, encrypted PDF's, then use a fingerprint swipe to authorize and auto-fill the password.

For context, there is a program from HP called Protect Tools Security Manager that seems to put all the other password managers to shame. This user has been on it for years. It is super simple and prompts the user for a fingerprint to autofill passwords for just about any app or website out there. I am moving a user away from HP and need to duplicate that functionality.

For example, Lastpass has "Last Pass for Applications" that runs in the system tray, but it has A LOT of problems and is essentially unusable. Before I go out and buy subscriptions to every password manager out there to test them, any suggestions?

submitted by /u/clearedstatic
[link] [comments]

    ext. Link anzeigen | ext. Link in deutsch (Testphase)

24.05.2016 19:47:00 Quelle: http://www.networkworld.com/

Disaster recovery in a DevOps world

According to a 2015 survey by IT Revolution Press in conjunction with Puppet Labs, organizations using DevOps deploy code 30 times faster than others, doing deployments multiple times per day. Moreover, change failure gets cut in half with DevOps and services are restored up to 168 times faster than they are at non-DevOps organizations.

DevOps: Failing more quickly, and recovering faster

Let’s focus on those last two points for a moment. One thing is for certain: Embracing DevOps also pays off from a disaster recovery standpoint, because the tools and procedures that you use to move applications from development to testing to production and back to development again can also be applied to failing over and recovering from disasters and service interruptions. The same tools that automate the entire DevOps life cycle can also help you make the most use of the resources you already have for recovery purposes.

To read this article in full or to leave a comment, please click here

der Autor auf            ext. Link anzeigen | ext. Link in deutsch (Testphase)

25.05.2016 03:54:00 Quelle: http://www.reddit.com/

Duct Tape, WD-40, and Zip Ties: Squid Server

A volunteer organization is having a week-long exercise at a U.S. Army installation at one point soon. Unfortunately, the Army's unsecured network is slow as hell. I assume their QoS setting for said network rates somewhere between "Almost dial up speed" and "Want to see how many simultaneous psychotic breaks we can cause at once?" (seems to fluctuate between these two options, of course).

In past years, I've set up a small LAN consisting of a few APs and networked printers, with a pipe into the aforementioned network. This year (since I actually have some prep time) I want to set up a squid server for transparent caching.

My questions are:

  • Is it more resource efficient to run a Squid setup on pfsense or ubuntu server? I'm leaning towards pfsense for the fine-grain control in other areas (e.g. outbound load balancing), but have very limited hardware resources.
  • On the same note as above, how much of a performance hit would it be if pfsense was run inside esxi?
  • Will squid/pfsense create any STP issues (hooking into end-user network drops, so I'm hoping that bdpuguard or non-Cisco equivalents will not errdisable the Army's switchports)? If so, how can I mitigate this? I'm trying to pull some strings to chat with a sys/netadmin over there, but my real-life work interfaces with a completely different army/gov component, so no guarantees.

Thanks a million, and any other general tips/advice for this situation would be much appreciated.

Edit: Reddit formatting... interesting...

submitted by /u/poke-it_with_a_stick
[link] [comments]

    ext. Link anzeigen | ext. Link in deutsch (Testphase)

25.05.2016 01:34:00 Quelle: http://www.v3.co.uk/

Microsoft and Citrix expand partnership to power virtual Windows 10 with Azure cloud

Microsoft and Citrix expand partnership to power virtual Windows 10 with Azure cloud

Both companies look to empower enterprise digital transformation strategies

    ext. Link anzeigen | ext. Link in deutsch (Testphase)

16.03.2016 05:59:00 Quelle: http://www.reddit.com/

BAT runs fine on test machine but doesnt on target?

This bat simply makes a dated folder rand then copy's the backup to it. Runs fine on my test computer, but it doesn't create the dated folder just dumps the source right in there? I'm going bonkers here.

FOR /F "tokens=2-4 delims=/ " %%a in ('echo %date%') DO SET datevar=%%c%%b%%a robocopy C:\Users\josepi\Documents C:\backupnew\_%datevar% /E /S 
submitted by /u/Darknezz19
[link] [comments]

    ext. Link anzeigen | ext. Link in deutsch (Testphase)

24.05.2016 11:49:00 Quelle: https://www.debian.org/

DSA-3586 atheme-services

security update

der Autor auf            ext. Link anzeigen | ext. Link in deutsch (Testphase)

24.05.2016 23:54:00 Quelle: http://www.reddit.com/

The winner of my recent DNS cleanup...

...was a Dell Optiplex GX280 manufactured in 2004 and probably recycled four years later. Now I am off to write a strongly worded email to our network admin about DNS scavenging.

submitted by /u/DeliBoy
[link] [comments]

    ext. Link anzeigen | ext. Link in deutsch (Testphase)

24.05.2016 13:57:00 Quelle: http://feedproxy.google.com/

iPhone 6 Prototyp taucht bei eBay auf – aktuelles Gebot bei 4.999 Dollar

In regelmäßigen Abständen tauchen immer mal wieder Apple Prototypen bei eBay auf. Geräte, die Apple intern genutzt werden und einen Seltenheitswert besitzen, schaffen es auf welchen Weg auch immer auf die Handelsplattform. Aktuell steht ein iPhone 6 Prototyp bei eBay zum Verkauf. iPhone 6 Prototyp bei eBay iPhone 6 Prototypen sind außerhalb des Apple Campus […]

    ext. Link anzeigen

18.05.2016 20:18:00 Quelle: http://www.silicon.de/

Neuer Managed Service von F-Secure erkennt Datenschutzverletzungen

Der "Rapid Detection Service" genannte Dienst kombiniert maschinelle und menschliche Analysemethoden, um Kunden in unter 30 Minuten Sicherheitsvorfälle mitzuteilen. Überdies helfen Experten Firmen bei der Bewältigung - auf Wunsch auch vor Ort. Der Service soll sich nahtlos in bestehende Netzwerksysteme einbinden lassen.

der Autor auf            ext. Link anzeigen

25.05.2016 03:53:00 Quelle: http://go.theregister.com/

Facebook adds new names to Telecom Infra Project

TIP is the iceberg

Facebook's Telecom Infra Project (TIP) has signed up a bunch of carriers and vendors.…

der Autor auf            ext. Link anzeigen | ext. Link in deutsch (Testphase)

25.05.2016 01:55:00 Quelle: http://feedproxy.google.com/

Snort Subscriber Rule Set Update for 05/24/2016

Just released:
Snort Subscriber Rule Set Update for 05/24/2016


We welcome the introduction of the newest rule release from Talos. In this release we introduced 88 new rules and made modifications to 15 additional rules.

There were no changes made to the snort.conf in this release.

Talos would like to thank the following individuals for their contributions, their rules are included in the Community Ruleset:

James Lay
38993


Talos's rule release:
Talos has added and modified multiple rules in the blacklist, browser-plugins, exploit-kit, file-executable, file-flash, file-image, file-office, file-other, file-pdf, malware-cnc, malware-tools, server-other and sql rule sets to provide coverage for emerging threats from these technologies.


In order to subscribe now to Talos's newest rule detection functionality, you can subscribe for as low as $29 US dollars a year for personal users, be sure and see our business pricing as well at https://www.snort.org/products. Make sure and stay up to date to catch the most emerging threats!

    ext. Link anzeigen | ext. Link in deutsch (Testphase)

25.05.2016 03:54:00 Quelle: http://www.reddit.com/

Duct Tape, WD-40, and Zip Ties: Squid Server

A volunteer organization is having a week-long exercise at a U.S. Army installation at one point soon. Unfortunately, the Army's unsecured network is slow as hell. I assume their QoS setting for said network rates somewhere between "Almost dial up speed" and "Want to see how many simultaneous psychotic breaks we can cause at once?" (seems to fluctuate between these two options, of course).

In past years, I've set up a small LAN consisting of a few APs and networked printers, with a pipe into the aforementioned network. This year (since I actually have some prep time) I want to set up a squid server for transparent caching.

My questions are:

  • Is it more resource efficient to run a Squid setup on pfsense or ubuntu server? I'm leaning towards pfsense for the fine-grain control in other areas (e.g. outbound load balancing), but have very limited hardware resources.
  • On the same note as above, how much of a performance hit would it be if pfsense was run inside esxi?
  • Will squid/pfsense create any STP issues (hooking into end-user network drops, so I'm hoping that bdpuguard or non-Cisco equivalents will not errdisable the Army's switchports)? If so, how can I mitigate this? I'm trying to pull some strings to chat with a sys/netadmin over there, but my real-life work interfaces with a completely different army/gov component, so no guarantees.

Thanks a million, and any other general tips/advice for this situation would be much appreciated.

Edit: Reddit formatting... interesting...

submitted by /u/poke-it_with_a_stick
[link] [comments]

    ext. Link anzeigen | ext. Link in deutsch (Testphase)

24.05.2016 23:32:00 Quelle: http://www.eweek.com/

Apple Works to Fix iOS Update That Bricked iPad Pro 9.7 Tablets

iOS update causes new bricking problem, this time with iPad Pro 9.7; Microsoft sets the stage for IoT-enabled CRM; IBM, AMD, ARM, others look to unite CPUs, accelerators; and there's more.

    ext. Link anzeigen | ext. Link in deutsch (Testphase)

25.05.2016 01:33:00 Quelle: http://www.kommune21.de/

Hamburg: Fortschritte in der Smart City

Die Freie und Hansestadt Hamburg hat sich vor zwei Jahren auf den Weg zur Smart City gemacht. Jetzt wurde eine erste Zwischenbilanz gezogen. Umgesetzt wurden neben Projekten im Bereich intelligente Straße auch eine App für Touristen sowie ein virtueller Klassenraum am Universitätsklinikum Hamburg, der erkrankten Kindern die Teilnahme am Unterricht ermöglicht.

der Autor auf            ext. Link anzeigen

24.05.2016 11:41:00 Quelle: http://www.lanline.de/

VPN-Clients unterstützen Android 6.0

NCP stellt Version 3.0 seiner „Secure VPN Clients für Android“ vor

+++ Produkt-Ticker +++ Die „NCP Secure VPN Clients“ sind in der neuen Version 3.0 nach Aussage des Herstellers für mobile Endgeräte mit dem Betriebssystem Android 6.0 (Marshmallow) optimiert. Die IPSec-VPN-Clients seien kompatibel zu allen gängigen VPN-Gateways wie Cisco, Juniper, Lancom, Bintec Elmeg, Dell Sonicwall, Microsoft Server 2012 R2, Sophos oder AVM Fritzbox. Die „NCP Secure Android Clients“ umfassen vier Varianten, angepasst an die Bedürfnisse unterschiedlicher Anwendergruppen, so der Hersteller.

Die Clients unterstützten nun „Challange Response“ beim Einsatz von starker Authentifizierung (Zwei-Faktor-Authentifizierung). Zudem seine neue Konfigurationsmöglichkeiten für den professionellen Betrieb eingebaut worden. Dies betreffe IKE- und IPSec-Richtlinien sowie die Konfiguration primärer und sekundärer DNS-Server.

 

Weiterlesen

    ext. Link anzeigen

24.05.2016 21:55:00 Quelle: http://www.reddit.com/

Configuration Management (Puppet/Chef/SaltStack) for heavy Windows Environment

My company is starting to talk to a few of the configuration management vendors (Puppet, Chef, SaltStack). Currently, everything is done manual. Our environment is 2,000 servers with 75% Windows and 25% Linux. We are increasing at about 10% a year. I have read many articles comparing Puppet/Chef/SaltStack and very few talk about how they work with Windows. Puppet has the largest community/mindshare and I saw Microsoft and Chef has formed a partnership. I do not see much on SaltStack and Windows. Does anyone has experience running any of these tools in a large Windows environment? Any information on how they work with Windows would be helpful. Anything to ask the vendors as we talk to them, would also be appreciated. Thanks

submitted by /u/bsdoiron
[link] [comments]

    ext. Link anzeigen | ext. Link in deutsch (Testphase)

25.05.2016 03:53:00 Quelle: http://go.theregister.com/

Microsoft bans common passwords that appear in breach lists

Azure Active Directory no longer allows the likes of 'M!cr0$0ft' to gain entry

With LinkedIn providing yet more fodder for attackers' rainbow tables and login bots, Microsoft has decided to start blocking too-common passwords.…

der Autor auf            ext. Link anzeigen | ext. Link in deutsch (Testphase)

23.05.2016 16:56:00 Quelle: http://www.reddit.com/

Maybe Im not a sysadmin? I havent yet "scripted" anything or "automated" anything with powershell.

i have completed 75+ projects over the past 4 years though.. involving netapp, emc, esxi, windows, all of the ms products, sccm, cisco phones, 365, veeam, pretty much everything. what am I missing? I'd like to know what people are automating so much and how they're scripting their jobs. i wish i could script or automate upgrading esx 4.1 to 5 to 5.1 to 5.5 to 6. or updating servers or installing a million new products for the first time. what is it you guys are doing? just curious

submitted by /u/MrClavicus
[link] [comments]

    ext. Link anzeigen | ext. Link in deutsch (Testphase)

25.05.2016 01:53:00 Quelle: http://www.bleepingcomputer.com/

CryptXXX updated to version 3.0, Decryptors no longer Work

CryptXXX has been updated to version 3.0 and Kaspersky's decryptor no longer works. Unfortunately, this upgrade also appears to have broken the malware developers own decryptor based on multiple reports from paid victims. [...]

    ext. Link anzeigen | ext. Link in deutsch (Testphase)

23.05.2016 16:51:00 Quelle: http://feedproxy.google.com/

Philips Hue: Weißlichtlampen ab sofort im Handel – App erhält Update

Noch keinen Monat ist es her, dass Philips seine neue Hue-App im App Store veröffentlicht hat. Sowohl in Sachen Design als auch bei der Bedienung der App hat sich einiges verbessert. Einen Monat später stellt Philips das erste größere Update von „Philips Hue gen 2“ bzw. Philips Hue“, wie die App ab sofort heißt, bereit. […]

    ext. Link anzeigen

24.05.2016 23:32:00 Quelle: http://www.eweek.com/

Samsungs Rumored Galaxy S7 Active Could Launch With AT&T on June 10

Reports have been circulating for months that a ruggedized version of the Galaxy S7 is on the way. A new report says it will happen soon.

    ext. Link anzeigen | ext. Link in deutsch (Testphase)

24.05.2016 17:51:00 Quelle: http://www.itiko.de/

Malware-Infektionsraten weltweit

Eine jüngst veröffentlichte Studie von Sophos hat einen Blick auf Angriffsziele Cyberkrimineller weltweit geworfen. Demnach sind erwartungsgemäß die Industrienationen die beliebtesten Angriffsziele. Die höchsten Malware-Infektionsraten zeigen sich indes in anderen Teilen der Welt. Sophos veröffentlicht heute hierzu einige Zahlen. Für die Studie wurden zwischen dem 1. Januar und dem 8. April 2016 Informationen von Millionen […]

der Autor auf            ext. Link anzeigen

24.05.2016 13:50:00 Quelle: http://www.scmagazineuk.com/

Surrey teenager charged under Computer Misuse Act over Mumsnet hack

A teenager from Surrey has been charged with a cyber-attack on Mumsnet, forcing the parenting website to reset the passwords of its 7.7 million members.

    ext. Link anzeigen | ext. Link in deutsch (Testphase)

25.05.2016 03:37:00 Quelle: http://www.symantec.com/

Trojan.Huntpos!g1

Risk Level: Very Low. Type: Trojan.

    ext. Link anzeigen | ext. Link in deutsch (Testphase)

24.05.2016 19:52:00 Quelle: http://feedproxy.google.com/

Telekom Online Vorteil: Rabatt + verlängertes Widerrufsrecht + Zubehör-Coupon kostenlos

Die Deutsche Telekom hat eine neue Rabatt-Aktion aufgelegt, die wir euch kurz vorstellen möchten. Ab dem heutigen 23.05. und bis zum 30.06.2016 gibt es den neuen Telekom Online-Vorteil. Kunden profitieren jetzt gleich 5-fach bei Abschluss eines Mobilfunkneuvertrags. Der neue Telekom Online Vorteil Die Telekom startet den neuen Telekom Online-Vorteil, bei dem Kunden gleich 5-fach profitieren. […]

    ext. Link anzeigen

24.05.2016 15:49:00 Quelle: http://www.networkworld.com/

How to avoid phishing attacks

der Autor auf            ext. Link anzeigen | ext. Link in deutsch (Testphase)

23.04.2016 10:26:00 Quelle: http://www.pc-max.de/

be quiet! Pure Power 9 CM 600 Watt Netzteil

Der deutsche Hersteller be quiet! hat sein Netzteil Line-Up nun auf sieben Serien erweitert. Die neue Pure Power 9 CM-Serie besteht aus vier Varianten die 55 bis 92 Euro kosten. Alle Netzteile aus dieser Serie haben das 80Plus Titanium Rating Silber.

Weiterlesen

    ext. Link anzeigen | ext. Link in deutsch (Testphase)

25.05.2016 03:31:00 Quelle: https://packetstormsecurity.com/

2.5k Twitter Accounts Hacked To Spread Links To Adult Content

24.05.2016 19:46:00 Quelle: http://feedproxy.google.com/

Beware of Fake USB Chargers that Wirelessly Record Everything You Type, FBI warns

Last year, a white hat hacker developed a cheap Arduino-based device that looked and functioned just like a generic USB mobile charger, but covertly logged, decrypted and reported back all keystrokes from Microsoft wireless keyboards. Dubbed KeySweeper, the device included a web-based tool for live keystroke monitoring and was capable of sending SMS alerts for typed keystrokes, usernames, or

der Autor auf            ext. Link anzeigen | ext. Link in deutsch (Testphase)

24.05.2016 23:28:00 Quelle: http://www.heise.de/

Störungsmeldung vom 24.05.2016 22:00

Neue Störungsmeldung für Provider Vodafone

Details

Beginn
24.05.2016 22:00
Region
Marl (02365)
Provider
Vodafone
Zugangsart
GPRS

Alle Details zur Störungsmeldung ansehen Eigene Internetstörung melden

    ext. Link anzeigen

24.05.2016 23:54:00 Quelle: http://www.reddit.com/

Creating a basic "terminal server" for some admin applications - are Remote Desktop Services required, or can I just increase the RDP session limit?

Basically, my boss asked me to spin up a little "IT terminal server" so that us handful of admins can use it for a lot of our apps like Cisco ASDM, Putty, VMWare desktop client, etc. Right now, everything is installed on one of the DCs (which we know is terrible) so we're trying to move off of it.

I spun up a new server and while trying to enable the Remote Desktop Services, I keep getting this Powershell error. I've been troubleshooting it for about two hours, with no resolution in sight.

Then I saw on some forums, people simply edit the group policy to allow more than 2 sessions, and leave it at that.

So basically I'm trying to learn, what do I lose by not adding Remote Desktop Services? We aren't trying to publish remote apps, we just want a server that admins can remote into and have their tools installed there, everyone with their own desktop. Is increasing the count good enough?

Thanks in advance!

submitted by /u/FubsyGamr
[link] [comments]

    ext. Link anzeigen | ext. Link in deutsch (Testphase)

24.05.2016 19:56:00 Quelle: http://www.reddit.com/

New Firewall / Router Recommendation?

We have a old Juniper SRX100B that has served us well but we are in need of a replacement. I have a invoice on my desk for a Watchguard T-50 but i'm not sure that is the best option.

Possible Options: WatchGuard Meraki Pfsense

Needs: Regular router / firewall needs plus vpn connections for 50 concurrent users. Price less than $2,000 all in.

submitted by /u/slyoldfox
[link] [comments]

    ext. Link anzeigen | ext. Link in deutsch (Testphase)

23.05.2016 12:45:00 Quelle: https://www.debian.org/

DSA-3585 wireshark

security update

der Autor auf            ext. Link anzeigen | ext. Link in deutsch (Testphase)

24.05.2016 08:22:00 Quelle: http://web.nvd.nist.gov/

CVE-2015-5714 (wordpress)

Cross-site scripting (XSS) vulnerability in WordPress before 4.3.1 allows remote attackers to inject arbitrary web script or HTML by leveraging the mishandling of unclosed HTML elements during processing of shortcode tags.

der Autor auf            ext. Link anzeigen | ext. Link in deutsch (Testphase)