ROCA encryption #fail: Worse than thought (and way worse than KRACK)
http://ift.tt/2imnF0r
Submitted October 19, 2017 at 08:38PM by yourbasicgeek
via reddit http://ift.tt/2ytlnD3
http://ift.tt/2imnF0r
Submitted October 19, 2017 at 08:38PM by yourbasicgeek
via reddit http://ift.tt/2ytlnD3
TechBeacon
ROCA encryption #fail: Worse than thought (and way worse than KRACK)
Moral of the story: ROCA reminds us it's to get patching (again), and don’t forget your physical tokens.
Analysis of the ShadowBrokers 'envisioncollision' Exploit.
http://ift.tt/2gRtJdI
Submitted October 19, 2017 at 09:25PM by KasperskGB
via reddit http://ift.tt/2yUqk8B
http://ift.tt/2gRtJdI
Submitted October 19, 2017 at 09:25PM by KasperskGB
via reddit http://ift.tt/2yUqk8B
Steemit
Analysis of the ShadowBrokers "envisoncollision" Exploit — Steemit
As part of our ongoing work to provide analysis and categorization work for all of the exploits, implants, and… by shadoweye
Encryption chip flaw afflicts huge number of computers
http://ift.tt/2xOuHNu
Submitted October 19, 2017 at 09:47PM by lvoin
via reddit http://ift.tt/2yz8Prq
http://ift.tt/2xOuHNu
Submitted October 19, 2017 at 09:47PM by lvoin
via reddit http://ift.tt/2yz8Prq
Naked Security
Encryption chip flaw afflicts huge number of computers
A serious vulnerability exists in Infineon TPM cryptographic processors used by PCs, laptops, Chromebooks and other devices
Canada's 'super secret spy agency' is releasing a malware-fighting tool to the public
http://ift.tt/2yzglnK
Submitted October 19, 2017 at 09:22PM by RiSC1911
via reddit http://ift.tt/2yTX9CS
http://ift.tt/2yzglnK
Submitted October 19, 2017 at 09:22PM by RiSC1911
via reddit http://ift.tt/2yTX9CS
CBC News
Canada's 'super secret spy agency' is releasing a malware-fighting tool to the public
The Communications Security Establishment acknowledges it needs to do a better job of explaining to Canadians what it does.
Security Now 633 KRACKing WiFi | TWiT.TV
http://ift.tt/2zwGh1J
Submitted October 19, 2017 at 11:00PM by dmp1ce
via reddit http://ift.tt/2xRefMv
http://ift.tt/2zwGh1J
Submitted October 19, 2017 at 11:00PM by dmp1ce
via reddit http://ift.tt/2xRefMv
TWiT.tv
Security Now 633 KRACKing WiFi | TWiT.TV
This week, we examine ROCA's easily factorable public keys, the surprising prevalence of web-based cryptocurrency mining, some interesting work in iOS password dialog spoofing, Goo…
Assemblyline / Canada's CSE open sources malware detection and analysis tool
http://ift.tt/2zAp9rX
Submitted October 19, 2017 at 10:17PM by cartoon_nate
via reddit http://ift.tt/2hQ7p3L
http://ift.tt/2zAp9rX
Submitted October 19, 2017 at 10:17PM by cartoon_nate
via reddit http://ift.tt/2hQ7p3L
www.cse-cst.gc.ca
Assemblyline | Communications Security Establishment
*/ /*-->*/ Assemblyline is a malware detection and analysis tool developed by the CSE and released to the cybersecurity community in October 2017.
HAMR Time | TechSNAP 341 | Jupiter Broadcasting
http://ift.tt/2x8lAYD
Submitted October 19, 2017 at 11:28PM by dmp1ce
via reddit http://ift.tt/2gnXSRr
http://ift.tt/2x8lAYD
Submitted October 19, 2017 at 11:28PM by dmp1ce
via reddit http://ift.tt/2gnXSRr
Jupiterbroadcasting
HAMR Time | TechSNAP 341 | Jupiter Broadcasting
The KRACK hack takes the world, third party access to your personal information through some US mobile carriers, HAMR, MAMR, elliptic curve cryptography & more!
Shared my phone numbers with some random gamers
I have been playing in an online gaming community for about 2 months. In these days I have made quite a good amount of friends. Today one of them said that they have a whatsapp group on the game, can u share your whatsapp number? I simply shared it and now I am in that group. They seem pretty legit, but still I am in doubt..... was it a safe thing to do? and what are the risks might be. NB. They are not from my country.(CORRECTION: ITS NUMBER, NOT NUMBERS; ERROR TYPING THE TITLE)
Submitted October 20, 2017 at 12:09AM by CrazyDoc4
via reddit http://ift.tt/2yysjwg
I have been playing in an online gaming community for about 2 months. In these days I have made quite a good amount of friends. Today one of them said that they have a whatsapp group on the game, can u share your whatsapp number? I simply shared it and now I am in that group. They seem pretty legit, but still I am in doubt..... was it a safe thing to do? and what are the risks might be. NB. They are not from my country.(CORRECTION: ITS NUMBER, NOT NUMBERS; ERROR TYPING THE TITLE)
Submitted October 20, 2017 at 12:09AM by CrazyDoc4
via reddit http://ift.tt/2yysjwg
reddit
Shared my phone numbers with some random gamers • r/security
I have been playing in an online gaming community for about 2 months. In these days I have made quite a good amount of friends. Today one of them...
Denuvoâs DRM now being cracked within hours of release
http://ift.tt/2xQyom2
Submitted October 20, 2017 at 12:39AM by NISMO1968
via reddit http://ift.tt/2gvat9c
http://ift.tt/2xQyom2
Submitted October 20, 2017 at 12:39AM by NISMO1968
via reddit http://ift.tt/2gvat9c
Ars Technica
Denuvo’s DRM now being cracked within hours of release
Best-in-class service can't even provide a full day of protection these days.
EternalBlue - Everything there is to know
http://ift.tt/2ytahy5
Submitted October 20, 2017 at 12:37AM by nadavgr
via reddit http://ift.tt/2yzbcdY
http://ift.tt/2ytahy5
Submitted October 20, 2017 at 12:37AM by nadavgr
via reddit http://ift.tt/2yzbcdY
Check Point Research
EternalBlue - Everything there is to know - Check Point Research
Introduction Since the revelation of the EternalBlue exploit, allegedly developed by the NSA, and the malicious uses that followed with WannaCry, it went under thorough scrutiny by the security community. While many details were researched and published,…
IRS chief: assume your identity has been stolen
http://ift.tt/2yzSPFD
Submitted October 20, 2017 at 01:25AM by volci
via reddit http://ift.tt/2x8RunA
http://ift.tt/2yzSPFD
Submitted October 20, 2017 at 01:25AM by volci
via reddit http://ift.tt/2x8RunA
Naked Security
IRS chief: assume your identity has been stolen
American’s should “assume their data is already in the hands of criminals and ‘act accordingly.’”
A Curious Tale of Remote Code Execution, The TP-Link Story - RCE Walkthrough
http://ift.tt/2yCaPRM
Submitted October 20, 2017 at 02:30AM by kurtisebear
via reddit http://ift.tt/2hQt3Fo
http://ift.tt/2yCaPRM
Submitted October 20, 2017 at 02:30AM by kurtisebear
via reddit http://ift.tt/2hQt3Fo
Fidus InfoSecurity | Cyber Security, Penetration Testing, Red Teaming
A Curious Tale of Remote Code Execution, The TP-Link Story - CVE-2017-13772
Remote Code Execution (CVE-2017-13772) on a TP-Link router with step by step walkthrough on discovery and exploitation.
Malshare yearly free sticker campaign
http://ift.tt/2x8p8tN
Submitted October 20, 2017 at 03:09AM by tacobellsupport
via reddit http://ift.tt/2xRhALJ
http://ift.tt/2x8p8tN
Submitted October 20, 2017 at 03:09AM by tacobellsupport
via reddit http://ift.tt/2xRhALJ
Hey America (and World) GDPR Applies to You Too
http://ift.tt/2yAESZz:
Submitted October 20, 2017 at 05:03AM by volci
via reddit http://ift.tt/2xRu1Hp
http://ift.tt/2yAESZz:
Submitted October 20, 2017 at 05:03AM by volci
via reddit http://ift.tt/2xRu1Hp
securingthehuman.sans.org
Security Awareness Blog | Hey America (and World) GDPR Applies to You Too
Security Awareness Blog blog pertaining to Hey America (and World) GDPR Applies to You Too
What does the EU's General Data Protection Regulation mean to me as a DBA supporting databases holding PII, PHI, and FTI?
http://www.eugdpr.org/http://ift.tt/1krgNIrSorry if this isn't the right place to post this. I'm trying to understand how this new regulation might affect my work and responsibilities.The company I work for, Company X, is a multinational company with holdings in the EU and US. I'm trying to stay ahead of the curve (and workload) by trying to understand what the EU's GDPR going into effect May 25 2018 might mean for me.I think I understand some of the implications such as reporting data breaches, but TBH I can't say I really understand how directly this affects me (a DBA - database administrator) and those in similar roles.There is a security team at my workplace, but I'm hesitant to start fires under people and freak out management without understanding more about this.Can anyone help me understand what this means for someone in my or a similar role?
Submitted October 20, 2017 at 04:40AM by penguindba
via reddit http://ift.tt/2gnU5mT
http://www.eugdpr.org/http://ift.tt/1krgNIrSorry if this isn't the right place to post this. I'm trying to understand how this new regulation might affect my work and responsibilities.The company I work for, Company X, is a multinational company with holdings in the EU and US. I'm trying to stay ahead of the curve (and workload) by trying to understand what the EU's GDPR going into effect May 25 2018 might mean for me.I think I understand some of the implications such as reporting data breaches, but TBH I can't say I really understand how directly this affects me (a DBA - database administrator) and those in similar roles.There is a security team at my workplace, but I'm hesitant to start fires under people and freak out management without understanding more about this.Can anyone help me understand what this means for someone in my or a similar role?
Submitted October 20, 2017 at 04:40AM by penguindba
via reddit http://ift.tt/2gnU5mT
Spear Phishing with Go phish Framework
http://ift.tt/2yAV9Ot
Submitted October 20, 2017 at 04:16AM by ju1i3k
via reddit http://ift.tt/2xRn48Z
http://ift.tt/2yAV9Ot
Submitted October 20, 2017 at 04:16AM by ju1i3k
via reddit http://ift.tt/2xRn48Z
Cobalt.io
Spear Phishing with Go phish Framework
What is Spear Phishing?
Facebook is struggling to meet the burden of securing itself, security chief says
http://ift.tt/2yywJDn
Submitted October 20, 2017 at 06:55AM by RandomCollection
via reddit http://ift.tt/2x9wzku
http://ift.tt/2yywJDn
Submitted October 20, 2017 at 06:55AM by RandomCollection
via reddit http://ift.tt/2x9wzku
Ars Technica
Facebook is failing to meet the burden of securing itself, security chief says
Chief Security Officer described security report as a “very painful process.”
Facebook's initiative to protect the Canadian elections
http://ift.tt/2zn8XcO
Submitted October 20, 2017 at 08:17AM by securitynewsIO
via reddit http://ift.tt/2gw2Ija
http://ift.tt/2zn8XcO
Submitted October 20, 2017 at 08:17AM by securitynewsIO
via reddit http://ift.tt/2gw2Ija
Security News iO
Facebook initiative to Protect Canadian Politics | Security News iO
The Facebook initiative builds on lessons learned from the 2016 U.S. elections, and they are working on protecting the 2019 Canadian elections.
A butt plug could be controlled remotely
http://ift.tt/2ipnm4R
Submitted October 20, 2017 at 09:13AM by securitynewsIO
via reddit http://ift.tt/2gvTCTD
http://ift.tt/2ipnm4R
Submitted October 20, 2017 at 09:13AM by securitynewsIO
via reddit http://ift.tt/2gvTCTD
Security News iO
Hack A Butt Plug: Device Could be Controlled Remotely | Security News iO
An Italian researcher found a security flaw in a Bluetooth controlled sex toy that would allow someone to hack a butt plug.
ATT&CK Matrix: Persistence - .bashrc / .bash_profile
http://ift.tt/2inZgYy
Submitted October 20, 2017 at 07:28AM by tmsteen
via reddit http://ift.tt/2guiVFt
http://ift.tt/2inZgYy
Submitted October 20, 2017 at 07:28AM by tmsteen
via reddit http://ift.tt/2guiVFt
The Random Adventure That Is Life (RATIL)
ATT&CK Matrix: Persistence - .bashrc / .bash_profile
This is the first in a series that is centered on the MITRE ATT&CK Matrix. This seemed like a good way to give myself some content to write about and to learn about all the different ways attackers work. Each post will focus on a specific technique going
WordPress DNS servers are actually a man in the middle
http://ift.tt/2yBubpW
Submitted October 20, 2017 at 01:12PM by mr-gaiasoul
via reddit http://ift.tt/2xS2cyD
http://ift.tt/2yBubpW
Submitted October 20, 2017 at 01:12PM by mr-gaiasoul
via reddit http://ift.tt/2xS2cyD
Gaiasoul
The autobiography that WordPress and the Norwegian Secret Police broke the law to read
I have just published my autobiography. Generally, most people would probably find this fact pretty boring, if it hadn’t been for the extremely well planned out cyber attack, I found out abou…