with security there is no „done“

there is just constant iterations of the question: „is my system safe? Did i leave any doors (too wide) open? Am i allowing any unsafe programs/services? How can i protect users and data?“

„what services are save to use? from what device? and what services are NO-GOs!“

Open Source and Closed-Source software… both got flaws that can be exploited to extract money and or bitcoins from victims or halt infrastructure for quiet a significant amount of time (also hospitals can get virus infections… not funny!).

Let yourself be educated by security researches – to estimate – what is possible today – and maybe in the future – and do your best to stay safe.

Update yourself! Update your software! (maybe on a test-system first… to see what the fix breaks)

backup the backup! X-D

Events to attend:

https://www.startpage.com/do/dsearch?query=2019+Cybersecurity+Innovation+Forum+&cat=web&pl=opensearch&language=english

https://csrc.nist.gov/Events/2019

https://csrc.nist.gov/Events/2018

Germany:

https://www.it-defense.de/it-defense-2019/programm

https://www.heise-events.de/konferenzen/konferenzen_security

https://hacktoberfest.digitalocean.com/

Very General:

very general: https://www.akamai.com/de/de/about/our-thinking/state-of-the-internet-report/

https://www.akamai.com/de/de/about/our-thinking/state-of-the-internet-report/web-attack-visualization.jsp

https://www.bsi.bund.de/EN/Publications/SecuritySituation/SecuritySituation_node.html

live map:

https://vizsec.org/

it security Blogs / Blogger / Mailing Lists / Newsletters:

English:

blog: https://krebsonsecurity.com/

newsletter: https://krebsonsecurity.com/subscribe/

https://blog.checkpoint.com/

https://onlinedegrees.sandiego.edu/top-cyber-security-blogs-websites/
German:

blog: https://www.heise.de/security/

https://www.kuketz-blog.de/

newsletter: https://www.heise.de/newsletter/manage/heisec-summary

Databases of IT Vulnerabilities: CVE: Common Vulnerabilities Exposures

https://cve.mitre.org/

https://kb.cert.org/vuls/

https://kb.cert.org/vuls/bypublished/desc/

https://www.metasploit.com/

https://www.cvedetails.com/

by vendor: https://www.cvedetails.com/vendor.php

nice to look at: https://nvd.nist.gov/

search/browse by product: https://nvd.nist.gov/vuln/search/results?form_type=Advanced&results_type=overview&search_type=all&cpe_product=cpe%3A%2F%3A%3Aandroid

https://nvd.nist.gov/ncp/repository

https://seclists.org/fulldisclosure/2018/Dec/

https://dwaves.org/category/hacking/

https://dwaves.org/category/sicherheit-security/

https://dwaves.org/category/cybercrime/

https://dwaves.org/category/cyberwar/

in German: https://www.cert-bund.de/overview/AdvisoryShort

Linux specific news and updates:

https://lwn.net/

PenTesting Service providers:

so you think you did all you can do? have yourself tested!

https://www.cirosec.de/unternehmen/wir-ueber-uns

what if your SmartPhone gets hacked and dials expensive numbers?

also checkout: „StealthCalls

congratulations to Google: The made Android the Number #1 – much to the horror of Microsoft – that tries to counter with increased lobbying. The problem of a market leader: how to stay secure – you have just become a major target that is attractive to be attacked. Android with Linux Kernel… how long will you be save?

heise: „Google fixes critical security holes“ – most of them reside in Closed-Source-components of Qualcomm – that’s why there is no further detail.

videos:

https://vimeopro.com/vgtcommunity/vizsec2017

https://media.ccc.de

HP FIRMWARE HACK VIA FAX! 🙈 HP YOU MUST BE KIDDING US ALL! https://mirror-1.server.selfnet.de/CCC/congress/2018/h264-hd/35c3-9462-eng-What_The_Fax.mp4

not sure if this is real or scam: https://www.simpliv.com/search/sub-category/cybersecurity

„GREAT“ – thanks to all involved!

Qualcomm but also Cisco are all US based manufacturers known to implement backdoors ON PURPOSE probably for gov agencies to spy and collect data on you – the citizen – that they are so afraid of.

“We are also having tough times with GPS: all the GPS chips found in the Android phones we support implement a secret and non-documented protocol that we just cannot figure out.” (src)

it is called: is it a bug or a feature?

deliberate security holes – now also in the Intel Management Engine

src: http://gs.statcounter.com/os-market-share#monthly-201712-201811-bar

i thought it’s a thing of the past, but now, „expensive numbers“ is back!

Google and FSB, CAN YOU FIX THIS HOLE? IT ANNOYS EUROPE! THANKS 🙂

Weihnachtsabzocke Christmas Scam Teure Nummer aus dem Ausland Kazachstan Russland 0079 +79 +79 40 76 9 30 53 – nicht bestellt und doch geliefert Amazon Pakete

tweets / twitter:

admin