Multiple Vulnerabilities on Airtame Device (Before Version 3)
http://ift.tt/2ykXpaR

Submitted October 14, 2017 at 09:13PM by utku1337
via reddit http://ift.tt/2ibFfnO

TrustedID sends new password cleartext in email
It was bad enough that Equifax's poor security compromised so much sensitive data. Then, TrustedID took nearly two weeks to fix their website so that I could complete the registration process. Now on top of all those errors, when my spouse could not create a new password in the TrustedID website, and asked support for help, they sent a new password cleartext with her username in an email message! I'm incredulous. I would think that they would be so sensitive to computer security that they would take breaches seriously.

Submitted October 14, 2017 at 11:33PM by lsitongia
via reddit http://ift.tt/2gF6W4M

ISO dotcom era "It's safe" TV commercial
In thate late 1990's there was a TV commercial (possibly from IBM? not sure) about online security.It was in a coffee shop. A middle-aged white guy was in line, and a younger black guy in glasses was sitting down with a laptop. Both guys wearing suits. The 1st guy asks the 2nd guy what he's doing, the 2nd guy says he's buying something online. The 1st guy makes a remark like "Isn't that dangerous?" and the 2nd guy smiles and confidently says "It's safe." The 1st guy shrugs and the 2nd guy smiles and repeats "It's safe."Anybody else remember more about that commercial, or have a copy of it? It's hilarious considering how everyone was using SSL v2/v3 back then.

Submitted October 15, 2017 at 01:15AM by satyenshah
via reddit http://ift.tt/2wVTQGp

OS discussion on the assumption of the highest threat model.
many who come here in sought for the "best or most" secure OS. some options involve options like kail, qubes os, subgraph, LFS, heads, tails, parrot, openbsd etc. we know that this is subjective and contains many variables.the question that follows this is usually what is your threat model, and that this depends on your opposed threat.i come here barring that same question from those before me. lets assume that the threat is as high as they come. sure they will find and get you regardless. the question to this would be, what is better? tails so that you have a machine that contains nothing and can be a throw-away, or subgraph or qubes that is limited but does keep data? maybe LPS from DOD back, which i believe has been rebranded.the goal is to have a machine that contains no data. i have NO desire to save any information on the machine. if the time ever came, it would be thrown away and no trace of the data should be contained on the machine. that means nothing in ram like a freeze etc.i would like to also have a checkin where by if i do not login within a specified time, the machine wipes.does this leave tails as the only option?

Submitted October 15, 2017 at 08:04AM by fallen1011
via reddit http://ift.tt/2xGpmYp

Using Elliptic Curve Cryptography with TPM2
http://ift.tt/2hH5HSu

Submitted October 15, 2017 at 03:57PM by CrankyBear
via reddit http://ift.tt/2xGASDr

Spy Tapes | TechSNAP 340 | Jupiter Broadcasting
http://ift.tt/2yndZH0

Submitted October 15, 2017 at 05:22PM by dmp1ce
via reddit http://ift.tt/2ypDDMW

what privacy/secure laptops do you know that soder ram to stop cold boot attacks? purism laptops dont soder ram. (Security Analysis PDF included)
http://ift.tt/2ypV8Nii understand that purism is a company that leans to be privacy and secure focused. that being said, they do not soder the ram and there is a possibility of a cold boot attack.what laptop options do you know are limited intel ME and priv and security focused that soder ram? would using epoxie on the ram maybe be an option?

Submitted October 15, 2017 at 07:55PM by fallen1011
via reddit http://ift.tt/2ypJAtc

Predicting, Decrypting, and Abusing WPA2/802.11 Group Keys
http://ift.tt/2ieFyhI

Submitted October 15, 2017 at 08:08PM by akendo
via reddit http://ift.tt/2yqPBGs

Offensive Security Certified Professional (OSCP) Review - This review explains how you too can pass the OSCP!
http://ift.tt/2tAqvRd

Submitted October 16, 2017 at 12:08AM by InfoSecJim
via reddit http://ift.tt/2hIIBKX

WDigest: Clear-Text Passwords in Memory - Is WDigest enabled on your Windows Servers? (2008-2012 is enabled by default) If you don't know, you might want to check...
http://ift.tt/2yqaOA6

Submitted October 16, 2017 at 02:21AM by InfoSecJim
via reddit http://ift.tt/2zqzhni

Anti-Fraud measures coming up!
http://ift.tt/2gkOamb

Submitted October 16, 2017 at 02:57AM by securitynewsIO
via reddit http://ift.tt/2yjXGxd

What is the difference between Image based authentication and Captcha?
I have been searching for the difference between the two but couldn’t find any good info. Any insights would be appreciated :)

Submitted October 16, 2017 at 01:59AM by siddhartharao17
via reddit http://ift.tt/2yje9BA

This is a core protocol-level flaw in WPA2 wi-fi and it looks bad. Possible impact: wi-fi decrypt, connection hijacking, content injection.
http://ift.tt/2yqHqKq

Submitted October 16, 2017 at 04:25AM by nadroj_r
via reddit http://ift.tt/2ykdFLx

New Android Ransomware.. Do you have common sense?
http://ift.tt/2zqIThE

Submitted October 16, 2017 at 09:07AM by securitynewsIO
via reddit http://ift.tt/2ymBYG9

[OpenSource] iOS app blackbox assessment tool with web ui, powered by frida.re and vuejs
http://ift.tt/2gF4MlB

Submitted October 16, 2017 at 08:52AM by CodeColorist
via reddit http://ift.tt/2yqGlle

Pizza Hut was Hacked and Late Notification Was Sent
http://ift.tt/2zqEewk

Submitted October 16, 2017 at 09:36AM by securitynewsIO
via reddit http://ift.tt/2zcqzI7

Paranormal activity
Hi all. Seems that the "Computer Misuse Act" in the UK does not contain any provision for people affecting computers by mere proximity due to telekinetic activity. This is an interesting theoretical defense as it would require the courts to admit that said ability exists in order to prosecute someone for "interfering with a computer or its programs".As I verifiably have this ability and also seem to be able to scramble storage devices, its an interesting problem and very hard to defend against. It appears that devices with specific components are more vulnerable than others (eg GL827) and on one occasion was able to crash three machines just by walking past them (2*BSOD, one lockup) Haven't dared try this experiment again, was tinkering with things I shouldn't have been without better safety precautions.

Submitted October 16, 2017 at 10:04AM by Conundrum1859
via reddit http://ift.tt/2xJGu4M

What's wrong with WPA2 security and how to fix it - WPA3 Proposal
http://ift.tt/2hIvOs5

Submitted October 16, 2017 at 10:40AM by _RME_
via reddit http://ift.tt/2yk4vP3

Cyber Security Industry Trends and Growth - Cyware
http://ift.tt/2yk4QBn

Submitted October 16, 2017 at 10:49AM by cywarelabs
via reddit http://ift.tt/2geDmTg

The KRACK attack info will be available here after 5am PST
http://ift.tt/2kR33OH

Submitted October 16, 2017 at 11:50AM by Sephr
via reddit http://ift.tt/2ylOjNu

Framework for collecting events (process creation, network connections, Window Event Logs, etc.) from a client machine (Windows 7) and performing CAR analytics to detect potential adversary activity.
http://ift.tt/2wY2YKD

Submitted October 16, 2017 at 01:21PM by 2xyo
via reddit http://ift.tt/2hIHdIh