US Govt Warns Critical Industries After Ransomware Hits Gas Pipeline Facility
https://thehackernews.com/2020/02/critical-infrastructure-ransomware-attack.html
🧬 @Phantasm_Lab
The U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) earlier today issued a warning to all industries operating critical infrastructures about a new ransomware threat that if left unaddressed could have severe consequences.https://thehackernews.com/2020/02/critical-infrastructure-ransomware-attack.html
🧬 @Phantasm_Lab
Forwarded from The Hacker News
⭐Google recommends Android developers to encrypt app data on the users' devices, especially when they use external storage that's prone to hijacking, man-in-the-disk, & other side-channel attacks.
Also, considering that there are not many reference frameworks available for the same, Google also offered an open-source crypto library—called JetSec—that lets developers easily read and write encrypted files by following best security practices.
Read details ➤ https://thehackernews.com/2020/02/android-app-data-encryption.html
Also, considering that there are not many reference frameworks available for the same, Google also offered an open-source crypto library—called JetSec—that lets developers easily read and write encrypted files by following best security practices.
Read details ➤ https://thehackernews.com/2020/02/android-app-data-encryption.html
“Shark Tank” TV star loses almost $400,000 in Business Email Compromise scam – HOTforSecurity
https://hotforsecurity.bitdefender.com/blog/shark-tank-tv-star-loses-almost-400000-in-business-email-compromise-scam-22386.html
https://hotforsecurity.bitdefender.com/blog/shark-tank-tv-star-loses-almost-400000-in-business-email-compromise-scam-22386.html
HOTforSecurity
“Shark Tank” TV star loses almost $400,000 in Business Email...
Barbara Corcoran, one of the business moguls who head up the judging team on US TV's "Shark Tank" investment show, has lost nearly $400,000 to an... #Attacker #businessemailcompromise #SharkTank
Forwarded from Guia Dev
@GuiaDev
🎉👨👩👧👧 JavaScript Visualized: Prototypal Inheritance
https://dev.to/lydiahallie/javanoscript-visualized-prototypal-inheritance-47co
🎉👨👩👧👧 JavaScript Visualized: Prototypal Inheritance
https://dev.to/lydiahallie/javanoscript-visualized-prototypal-inheritance-47co
Security Misconfiguration
https://www.youtube.com/watch?v=iSYD7vOlSJs
@Phantasm_Lab
In this module, we’ll be looking at Security Misconfiguration. We’ll explain what a Security Misconfiguration is, its causes and preventions and, some potential hazards.https://www.youtube.com/watch?v=iSYD7vOlSJs
@Phantasm_Lab
YouTube
Security Misconfiguration | Owasp Top 10 Explainer Video | Secure Code Warrior
In this Explainer video from Secure Code Warrior, we'll be looking at Security Misconfiguration, A6 in the OWASP Top 10. We’ll explain what a Security Misconfiguration attack is, its causes and preventions, and some potential hazards.
To learn more about…
To learn more about…
Startups, Ninjas e Marketplaces – Hipsters #10
https://hipsters.tech/startups-ninjas-e-marketplaces-hipsters-10/
@Phantasm_Lab
Um dos desafios para uma startup começar a se provar é a monetização. Como teremos receita? Em um marketplace tudo fica um pouco mais complicado: quais são os desafios de encontrar um modelo que funcione bem para as duas pontas, tanto para os compradores quanto para os vendedores? Nosso host Paulo Silveira bate um papo com o CEO e com o CTO do GetNinjas, uma startup de marketplace de serviços que provou o seu modelo depois de muita experimentação e testes. Conversamos sobre os desafios da startup, de como encontrar o modelo adequado e o que há de tecnologia por trás do sistema.https://hipsters.tech/startups-ninjas-e-marketplaces-hipsters-10/
@Phantasm_Lab
Hipsters Ponto Tech
Startups, Ninjas e Marketplaces - Hipsters #10 - Hipsters Ponto Tech
…
Exfiltration and Uploading DATA by DNS Traffic (AAAA Records)
https://eforensicsmag.com/exfiltration-and-uploading-data-by-dns-traffic-aaaa-records-by-damon-mohammadbagher/
@Phatasm_Lab
In this chapter, I want to explain how to Send DATA to Attacker Server by DNS AAAA records and IPv6 Addresses, so this is one way for DATA Exfiltration.https://eforensicsmag.com/exfiltration-and-uploading-data-by-dns-traffic-aaaa-records-by-damon-mohammadbagher/
@Phatasm_Lab
eForensics
Exfiltration and Uploading DATA by DNS Traffic (AAAA Records) | By Damon Mohammadbagher - eForensics
Exfiltration and Uploading DATA by DNS Traffic (AAAA Records) Understanding this method In this chapter, I want to explain how …
Top Interview Tips for Cybersecurity Professionals 2020
https://gbhackers.com/top-interview-tips-for-cybersecurity-professionals-2020/
@Phantasm_Lab
When you interview for the profile of a cybersecurity professional the interviewer will get into the technical bits to establish your level of expertise once they finish asking you about your professional experience, educational details, and more such obligatory questions.Now, how technical they can get depends on the position of the job profile you are applying for as a cybersecurity professional. But in any way as a cybersecurity professional, you are expected to be well versed in your field of work.https://gbhackers.com/top-interview-tips-for-cybersecurity-professionals-2020/
@Phantasm_Lab
GBHackers On Security
Cybersecurity interview Tips for Securiity Professionals 2020
When you interview for the profile of a cybersecurity professional the interviewer will get into the technical bits to establish your level of expertise once they finish asking you about your professional experience, educational details, and more such obligatory…
Forwarded from The Hacker News
Researchers claim the CIA hackers were behind an 11-year-long hacking and cyber-espionage campaign against several critical Chinese industries (aviation, petroleum, and more) and government agencies.
Read more: https://thehackernews.com/2020/03/china-cia-hackers.html
Read more: https://thehackernews.com/2020/03/china-cia-hackers.html
Forwarded from Roadsec
Isabela Abrantes da Silveira palestrou no Roadsec São Paulo 2019 sobre UX e acessibilidade: Incluindo a inclusão nos processos de Design. Professora de UX/UI na Ironhack, sua palestra foi uma das cinco melhores avaliadas pelo público. Confira em nosso canal do Youtube! https://www.youtube.com/watch?v=fIVrqdtJ23M&feature=youtu.be
YouTube
UX e Acessibilidade: Inclusão nos processos de Design | Isabela Abrantes
Palestra apresentada no Roadsec São Paulo 2019.
Idioma: Português
Isabela Abrantes - Especialista em UX e Produto, com mais de 12 de anos de experiência, tendo trabalhado para empresas como ESPN, Ambev, Roche, Abril, HSBC, GetNinjas, Oi, Claro, Leroy Merlin…
Idioma: Português
Isabela Abrantes - Especialista em UX e Produto, com mais de 12 de anos de experiência, tendo trabalhado para empresas como ESPN, Ambev, Roche, Abril, HSBC, GetNinjas, Oi, Claro, Leroy Merlin…
Criminals on CCTV: Scammers caught red-handed!
https://www.linkedin.com/posts/jason-murrell-melbourne_cyberaware-scammers-cybersecurity-ugcPost-6640735602474090496-zlNr
@Phantasm_Lab
Way too many people fall victim to scams around the world every day. Many are run from criminal call centres abroad, where teams of fraudsters operate around the clock.One man in the UK, who goes by the name "Jim Browning", decided to do something about it. He hacked into a call centre in India from where scammers target their victims.Jim gained access to the recorded scam phone calls as well as CCTV footage exposing the scammers at work.What Jim did was illegal - but he says he wants to stop the fraudsters, and he passed his footage on to BBC Panorama.https://www.linkedin.com/posts/jason-murrell-melbourne_cyberaware-scammers-cybersecurity-ugcPost-6640735602474090496-zlNr
@Phantasm_Lab
Linkedin
Jason Murrell on LinkedIn: #cyberaware #scammers #cybersecurity #computersandtheinternet | 1,016 comments
Criminals on CCTV: Scammers caught red-handed!
Way too many people fall victim to scams around the world every day. Many are run from criminal call centres… | 1,016 comments on LinkedIn
Way too many people fall victim to scams around the world every day. Many are run from criminal call centres… | 1,016 comments on LinkedIn
Inside An Indian Scam Call Center!
https://www.youtube.com/watch?v=RMY7zAHd770
In this video i will show you guys the inside of a scam call center. We got access into their CCTV and you can see every single camera in the entire building. This story starts of with jim browning contacting me with this, and accesing the scammers webcam.We will demonstrate what call flooding does and see in person how the entire call centre scammers react when being call flooded!We had a look and pulled off some scambaits at this call centre to get the evidence we need! Big shoutout to jim browning!https://www.youtube.com/watch?v=RMY7zAHd770
YouTube
Inside An Indian Scam Call Center! (Spying On The Scammers)
Spying on the scammers!
In this video i will show you guys the inside of a scam call center. We got access into their CCTV and you can see every single camera in the entire building. This story starts of with jim browning contacting me with this, and accesing…
In this video i will show you guys the inside of a scam call center. We got access into their CCTV and you can see every single camera in the entire building. This story starts of with jim browning contacting me with this, and accesing…
Funcionário do TCE-AM executa noscript errado no SQL e apaga 16,5 mil processos
http://suporteninja.com/funcionario-do-tce-am-executa-noscript-errado-no-sql-e-apaga-165-mil-processos/
@Phatansm_Lab
Depois de ter 16,5 mil processos apagados do banco de dados PostgreSQL, o Tribunal de Contas do Estado do Amazonas (TCE-AM) anunciou que até a próxima semana todos os processos deverão ser recuperados. A garantia foi dada pelo conselheiro-presidente do TCE-AM, Ari Moutinho Júnior, que lembrou que os dados do TCE possuem backup.http://suporteninja.com/funcionario-do-tce-am-executa-noscript-errado-no-sql-e-apaga-165-mil-processos/
@Phatansm_Lab
Security Learns to Sprint: DevSecOps by TanyaJanca
https://www.youtube.com/watch?v=9P-DzQwb1iQ
@Phantasm_Lab
https://www.youtube.com/watch?v=9P-DzQwb1iQ
@Phantasm_Lab
YouTube
[2019-Keynote] Security Learns to Sprint: DevSecOps by TanyaJanca
This talk will argue that DevOps could be the best thing to happen to application security since OWASP, if developers and operations teams are enabled to make security a part of their everyday work. With a ratio of 100/10/1 for Development, Operations, and…
Fixing Mobile AppSec by Sven Schleier
https://youtu.be/Jm_i6I5B1HM
@Phantasm_Lab
There are numerous ways of developing mobile apps today, but how do you ensure that security is part of the development process?https://youtu.be/Jm_i6I5B1HM
@Phantasm_Lab
YouTube
[2019] Fixing Mobile AppSec by Sven Schleier
There are numerous ways of developing mobile apps today, but how do you ensure that security is part of the development process? What are the attacks I should be concerned about and what can I do to avoid being an easy target? The Mobile Security Testing…
HTTP Desync Attacks: Smashing Into The Cell Next Door
https://www.youtube.com/watch?v=upEMlJeU_Ik
@Phantasm_Lab
https://www.youtube.com/watch?v=upEMlJeU_Ik
@Phantasm_Lab
YouTube
HTTP Desync Attacks: Smashing Into The Cell Next Door - James Kettle
https://ams.globalappsec.org/
-
Managed by the official OWASP Media Project https://www.owasp.org/index.php/OWASP_Media_Project
-
Managed by the official OWASP Media Project https://www.owasp.org/index.php/OWASP_Media_Project
Startup security: Starting a security program at a startup - Evan Johnson
https://www.youtube.com/watch?v=6iNpqTZrwjE
@Phantasm_Lab
https://www.youtube.com/watch?v=6iNpqTZrwjE
@Phantasm_Lab
YouTube
AppSecCali 2019 - Startup security: Starting a security program at a startup - Evan Johnson
There's no blueprint for how to be successful at a small startup. Startups are quirky, ambiguous, and full of challenges and broken processes. Startups also have a high risk tolerance and rarely introduce security from the beginning. This talk will discuss…