Equifax stored all of it's data in plain text without any authentication and was warned about it months prior to being breached -- "All you had to do was put in a search term and get millions of results, just instantly—in clear text, through a web app"
http://ift.tt/2hdsF4h
Submitted October 27, 2017 at 01:17PM by dingoonline
via reddit http://ift.tt/2i98owi
http://ift.tt/2hdsF4h
Submitted October 27, 2017 at 01:17PM by dingoonline
via reddit http://ift.tt/2i98owi
Motherboard
Equifax Was Warned
Last year, a security researcher alerted Equifax that anyone could have stolen the personal data of all Americans. The company failed to heed the warning.
Lab for Java Deserialization Vulnerabilities
http://ift.tt/2zRXVNI
Submitted October 27, 2017 at 01:06PM by digicat
via reddit http://ift.tt/2zbIlPN
http://ift.tt/2zRXVNI
Submitted October 27, 2017 at 01:06PM by digicat
via reddit http://ift.tt/2zbIlPN
GitHub
joaomatosf/JavaDeserH2HC
JavaDeserH2HC - Sample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).
DMARC is not the solution to E-mail Fraud. Why aren't E-mail providers & clients offering easy to use PGP/GPG Signatures? Money.
http://ift.tt/2yPCVak
Submitted October 27, 2017 at 12:40PM by OriginalSimba
via reddit http://ift.tt/2yUdsi5
http://ift.tt/2yPCVak
Submitted October 27, 2017 at 12:40PM by OriginalSimba
via reddit http://ift.tt/2yUdsi5
tailpuff.net
DMARC is not the solution to E-mail Fraud.
In which I explain why DMARC is a lot of hot air and the real solution to E-mail fraud is being swept under the rug by corporations and governments.
Security Services | Security Companies Melbourne | Crownland Security
http://ift.tt/2iDiY2s
Submitted October 27, 2017 at 12:12PM by crownland
via reddit http://ift.tt/2zaVVDa
http://ift.tt/2iDiY2s
Submitted October 27, 2017 at 12:12PM by crownland
via reddit http://ift.tt/2zaVVDa
crownlandsecurity.com.au
Security Services | Security Companies Melbourne | Crownland Security
Crownland Security is one of the most reputed security companies in Melbourne providing reliable and trustworthy security services. To inquire, call 03 9306 4552
Digging the Middle East and North African cybercrime underground market
http://ift.tt/2yS4Jeb
Submitted October 27, 2017 at 01:54PM by MicheeLengronne
via reddit http://ift.tt/2y9TTTF
http://ift.tt/2yS4Jeb
Submitted October 27, 2017 at 01:54PM by MicheeLengronne
via reddit http://ift.tt/2y9TTTF
Security Affairs
Digging the Middle East and North African cybercrime underground market
Security experts from Trend Micro have published an interesting report on the Middle East and North African cybercrime underground market, enjoy it!
MyCrypNet: use alternative configurations
http://ift.tt/2gG29jb
Submitted October 27, 2017 at 02:50PM by MicheeLengronne
via reddit http://ift.tt/2gNza0K
http://ift.tt/2gG29jb
Submitted October 27, 2017 at 02:50PM by MicheeLengronne
via reddit http://ift.tt/2gNza0K
Limawi
MyCrypNet: use alternative configurations
MyCrypNet configurations offered on our website are suitable for the most common connection needs. But it is also possible to connect to MyCrypNet with alternative con...
Escalating Privileges in Linux using Voltage Fault Injection
http://ift.tt/2hM3Hfu
Submitted October 27, 2017 at 05:54PM by maxxori
via reddit http://ift.tt/2i9ejS1
http://ift.tt/2hM3Hfu
Submitted October 27, 2017 at 05:54PM by maxxori
via reddit http://ift.tt/2i9ejS1
Security In 5: Episode 99 - Tips, Tricks and Tools - SpyBot
http://ift.tt/2zaDVJc
Submitted October 27, 2017 at 06:37PM by BinaryBlog
via reddit http://ift.tt/2i8QSs0
http://ift.tt/2zaDVJc
Submitted October 27, 2017 at 06:37PM by BinaryBlog
via reddit http://ift.tt/2i8QSs0
Libsyn
Security In Five Podcast: Episode 99 - Tips, Tricks and Tools - SpyBot
This week's TTT Episode covers a great malware scanner for your Windows computers. SpyBot - Search & Destroy is a tool I have been using for over 10 years. It's a deep, easy to use malware scanner to help identify unwanted installations and remove any malicious…
FBI Director is bummed that encryption works
http://ift.tt/2y102Sk
Submitted October 27, 2017 at 06:51PM by TheFilipinoFire
via reddit http://ift.tt/2i8xgUY
http://ift.tt/2y102Sk
Submitted October 27, 2017 at 06:51PM by TheFilipinoFire
via reddit http://ift.tt/2i8xgUY
Ars Technica
FBI director: Unbreakable encryption is a “huge, huge problem”
“I get it, there’s a balance that needs to be struck,” Christopher Wray said.
How to pick a BLE smart lock and cause cancer using just a mobile phone
http://ift.tt/2y8DBdU
Submitted October 27, 2017 at 07:19PM by slawekj
via reddit http://ift.tt/2yOOIIz
http://ift.tt/2y8DBdU
Submitted October 27, 2017 at 07:19PM by slawekj
via reddit http://ift.tt/2yOOIIz
Smartlockpicking
How to pick a BLE smart lock and cause cancer using just a mobile phone
Behold The Smart Lock! In case anyone would doubt its smartness, it is literally imprinted.
Fitted with an enormously loud speaker - advertised as a feature to raise a solid anti-thief alarm. Using the same speaker for a normal unlock notification, thus enforcing…
Fitted with an enormously loud speaker - advertised as a feature to raise a solid anti-thief alarm. Using the same speaker for a normal unlock notification, thus enforcing…
Don't Fear The Reaper: "the TCP sequence number was the exact same as the IP target address, [...] a very distinct value for identifying this particular scanning bot"
http://ift.tt/2zS84di
Submitted October 27, 2017 at 06:39PM by skeeto
via reddit http://ift.tt/2he7jne
http://ift.tt/2zS84di
Submitted October 27, 2017 at 06:39PM by skeeto
via reddit http://ift.tt/2he7jne
reddit
Don't Fear The Reaper: "the TCP sequence number was the... • r/netsec
1 points and 0 comments so far on reddit
Hack the Gibson! - When security researchers decide to prove without a doubt that a conference is a fraud
http://ift.tt/2iEN2eb
Submitted October 27, 2017 at 06:14PM by patcheudor
via reddit http://ift.tt/2y9rMUQ
http://ift.tt/2iEN2eb
Submitted October 27, 2017 at 06:14PM by patcheudor
via reddit http://ift.tt/2y9rMUQ
waset.org
Abstracts
Conferences
I have a technical phone interview for a network security job next week, with an emphasis on, "attack cycle" and networking, etc. I am going to spend the weekend making cheat sheet posters for my office. What would you recommend I make sure and make sheets of?
Looking for resources on acronyms, OSI models, protocols, concepts, work flows, governing entities, software, hardware ... attack cycle?Thanks much.
Submitted October 27, 2017 at 07:45PM by the_caller
via reddit http://ift.tt/2iHvqyo
Looking for resources on acronyms, OSI models, protocols, concepts, work flows, governing entities, software, hardware ... attack cycle?Thanks much.
Submitted October 27, 2017 at 07:45PM by the_caller
via reddit http://ift.tt/2iHvqyo
reddit
I have a technical phone interview for a network... • r/security
Looking for resources on acronyms, OSI models, protocols, concepts, work flows, governing entities, software, hardware ... attack cycle? Thanks much.
The 6-Step "Happy Path" to HTTPS
http://ift.tt/2yqXzzM
Submitted October 27, 2017 at 07:32PM by speckz
via reddit http://ift.tt/2iGggJv
http://ift.tt/2yqXzzM
Submitted October 27, 2017 at 07:32PM by speckz
via reddit http://ift.tt/2iGggJv
Troy Hunt
The 6-Step "Happy Path" to HTTPS
It's finally time: it's time the pendulum swings further towards the "secure by default" end of the scale than what it ever has before. At least insofar as securing web traffic goes because as of this week's Chrome 62's launch, any website with an input box…
Hacker Wants $50K From Hacker Forum or He'll Share Stolen Database With the Feds
http://ift.tt/2zbq59w
Submitted October 27, 2017 at 08:30PM by DJRWolf
via reddit http://ift.tt/2hg5JRE
http://ift.tt/2zbq59w
Submitted October 27, 2017 at 08:30PM by DJRWolf
via reddit http://ift.tt/2hg5JRE
BleepingComputer
Hacker Wants $50K From Hacker Forum or He'll Share Stolen Database With the Feds
Extortion can also be funny when it happens to the bad guys, and there's one extortion attempt going on right now that will put a big smile on your face.
Analyzing a Safari exploit and patch from Pwn2Own 2017
http://ift.tt/2iC3SKt
Submitted October 27, 2017 at 09:45PM by RedmondSecGnome
via reddit http://ift.tt/2hgtuJr
http://ift.tt/2iC3SKt
Submitted October 27, 2017 at 09:45PM by RedmondSecGnome
via reddit http://ift.tt/2hgtuJr
Is that True? WordPress is at Risk!
https://twitter.com/ircmaxell/status/923662170092638208
Submitted October 27, 2017 at 09:29PM by Redictive
via reddit http://ift.tt/2hg7SNh
https://twitter.com/ircmaxell/status/923662170092638208
Submitted October 27, 2017 at 09:29PM by Redictive
via reddit http://ift.tt/2hg7SNh
Twitter
Anthony Ferrara
IMPORTANT: I will be disclosing a massive WP SQLi vulnerability soon. I have no confidence WP will fix correctly and hence no choice but FD
TLS-N - Securely share TLS-based content
https://tls-n.org
Submitted October 27, 2017 at 11:32PM by modelop
via reddit http://ift.tt/2lju6CB
https://tls-n.org
Submitted October 27, 2017 at 11:32PM by modelop
via reddit http://ift.tt/2lju6CB
reddit
TLS-N - Securely share TLS-based content • r/security
1 points and 0 comments so far on reddit
CEO cybersecurity 101: Improve your security hygiene
http://ift.tt/2ib04wb
Submitted October 27, 2017 at 11:06PM by CrankyBear
via reddit http://ift.tt/2gJuIwi
http://ift.tt/2ib04wb
Submitted October 27, 2017 at 11:06PM by CrankyBear
via reddit http://ift.tt/2gJuIwi
HPE
CEO cybersecurity 101: Improve your security hygiene | HPE
Executives must be exemplary users of corporate security. It's time to ditch easy-to-guess passwords and incorporate multifactor authentication methods.
Is there a list of USB device vendors, which implement code-signing protections on their devices?
The context of the question is "BadUSB" - USB devices firmware can be infected with malware.Let's assume I would use USB device (USB dongle for wireless mouse and keyboard, USB flash drive) on infected computer.Where to buy USB device, which is resistant to reinstalling the firmware?
Submitted October 27, 2017 at 10:43PM by vstoykov
via reddit http://ift.tt/2ib1giP
The context of the question is "BadUSB" - USB devices firmware can be infected with malware.Let's assume I would use USB device (USB dongle for wireless mouse and keyboard, USB flash drive) on infected computer.Where to buy USB device, which is resistant to reinstalling the firmware?
Submitted October 27, 2017 at 10:43PM by vstoykov
via reddit http://ift.tt/2ib1giP
reddit
Is there a list of USB device vendors, which... • r/security
The context of the question is "BadUSB" - USB devices firmware can be infected with malware. Let's assume I would use USB device (USB dongle for...
What security sites / feeds do you follow daily?
No text found
Submitted October 27, 2017 at 10:41PM by the_caller
via reddit http://ift.tt/2xvuXl5
No text found
Submitted October 27, 2017 at 10:41PM by the_caller
via reddit http://ift.tt/2xvuXl5
reddit
What security sites / feeds do you follow daily? • r/security
2 points and 0 comments so far on reddit