How Data Breaches happen and why Secure by Default software is the future
https://ift.tt/3Ea5dNr
Submitted December 01, 2021 at 05:19AM by breadchris
via reddit https://ift.tt/3EcgtJg
https://ift.tt/3Ea5dNr
Submitted December 01, 2021 at 05:19AM by breadchris
via reddit https://ift.tt/3EcgtJg
www.lunasec.io
How Data Breaches happen and why Secure by Default software is the future | LunaSec
Your software delivery model is broken, but it's not your fault. Delivering on time while also protecting yourself from data breaches is a herculean task. It doesn't have to be though, and we'll show you why!
An Illustrated Guide to Elliptic Curve Cryptography Validation
https://ift.tt/3wXjLgT
Submitted December 01, 2021 at 12:28PM by Gallus
via reddit https://ift.tt/3rocEx7
https://ift.tt/3wXjLgT
Submitted December 01, 2021 at 12:28PM by Gallus
via reddit https://ift.tt/3rocEx7
NCC Group Research Blog
An Illustrated Guide to Elliptic Curve Cryptography Validation
Elliptic Curve Cryptography (ECC) has become the de facto standard for protecting modern communications. ECC is widely used to perform asymmetric cryptography operations, such as to establish share…
Tracking a P2P network related to TA505
https://ift.tt/31lo1L6
Submitted December 01, 2021 at 03:24PM by digicat
via reddit https://ift.tt/31l6nHp
https://ift.tt/31lo1L6
Submitted December 01, 2021 at 03:24PM by digicat
via reddit https://ift.tt/31l6nHp
Nccgroup
Cyber Security Research
Cutting-edge cyber security research from NCC Group. Find public reports, technical advisories, analyses, & other novel insights from our global experts.
Active NFT marketplace cryptoscam used to steal victim's funds.
https://ift.tt/3I9qRDY
Submitted December 01, 2021 at 06:34PM by Seaerkin2
via reddit https://ift.tt/3rpkoyV
https://ift.tt/3I9qRDY
Submitted December 01, 2021 at 06:34PM by Seaerkin2
via reddit https://ift.tt/3rpkoyV
Guardyourdomain
NFT Support Scam, NFTishing | DomainGuard | Guard your Domain with Proactive Phishing and Fraud protection.
We guard your domain, so you have pace of mind. Domain Monitoring and Proactive Phishing Protection.
SonarSource's Code Security Advent Calendar starts today!
https://ift.tt/3xHJha5
Submitted December 01, 2021 at 07:41PM by monoimpact
via reddit https://ift.tt/3IcOqvA
https://ift.tt/3xHJha5
Submitted December 01, 2021 at 07:41PM by monoimpact
via reddit https://ift.tt/3IcOqvA
Sonarsource
Code Security Advent Calendar 2021
Our code security advent calendar is back for the sixth consecutive year. We will release daily challenges until December 24th, get ready to fill your bag of tricks!
The Re-Emergence of Emotet
https://ift.tt/3G2yOsM
Submitted November 30, 2021 at 10:05PM by ron_by
via reddit https://ift.tt/31i0zyG
https://ift.tt/3G2yOsM
Submitted November 30, 2021 at 10:05PM by ron_by
via reddit https://ift.tt/31i0zyG
Deep Instinct
The Re-Emergence of Emotet | Deep Instinct
Emotet, the malware botnet, has resurfaced after almost 10 months. The operation was originally taken down by multiple international law enforcement agencies this past January. These agencies took control of the infrastructure and scheduled an un-installation…
Unpacking and decryption tools for the Emotet malware
https://ift.tt/3xGCuO7
Submitted November 30, 2021 at 10:06PM by ron_by
via reddit https://ift.tt/3peninz
https://ift.tt/3xGCuO7
Submitted November 30, 2021 at 10:06PM by ron_by
via reddit https://ift.tt/3peninz
What does APT Activity Look Like on MacOS?
https://ift.tt/3rqf6mF
Submitted November 30, 2021 at 02:35AM by MiguelHzBz
via reddit https://ift.tt/3d6fmir
https://ift.tt/3rqf6mF
Submitted November 30, 2021 at 02:35AM by MiguelHzBz
via reddit https://ift.tt/3d6fmir
pip-audit: a tool for identifying Python packages with known vulnerabilities
https://ift.tt/3loAxRe
Submitted December 02, 2021 at 12:01AM by yossarian_flew_away
via reddit https://ift.tt/3GaQvqp
https://ift.tt/3loAxRe
Submitted December 02, 2021 at 12:01AM by yossarian_flew_away
via reddit https://ift.tt/3GaQvqp
Reverse engineering REST APIs/network communication in a process (12 part series)
https://ift.tt/3xLLhyo
Submitted December 02, 2021 at 02:38AM by cr0_
via reddit https://ift.tt/31nU5hQ
https://ift.tt/3xLLhyo
Submitted December 02, 2021 at 02:38AM by cr0_
via reddit https://ift.tt/31nU5hQ
This shouldn't have happened: A vulnerability postmortem
https://ift.tt/3lruxr4
Submitted December 02, 2021 at 05:33AM by DrinkMoreCodeMore
via reddit https://ift.tt/3G6W49b
https://ift.tt/3lruxr4
Submitted December 02, 2021 at 05:33AM by DrinkMoreCodeMore
via reddit https://ift.tt/3G6W49b
Blogspot
This shouldn't have happened: A vulnerability postmortem
Posted by Tavis Ormandy, Project Zero Introduction This is an unusual blog post. I normally write posts to highlight some hidden att...
Encryption Does Not Equal Invisibility – Detecting Anomalous TLS Certificates with the Half-Space-Trees Algorithm
https://ift.tt/3DaRYe9
Submitted December 02, 2021 at 03:31PM by digicat
via reddit https://ift.tt/3xSCgU3
https://ift.tt/3DaRYe9
Submitted December 02, 2021 at 03:31PM by digicat
via reddit https://ift.tt/3xSCgU3
Nccgroup
Cyber Security Research
Cutting-edge cyber security research from NCC Group. Find public reports, technical advisories, analyses, & other novel insights from our global experts.
Intel switches to Intigriti from HackerOne as their bug bounty platform
https://ift.tt/3ltu1ZK
Submitted December 02, 2021 at 08:49PM by intigriti
via reddit https://ift.tt/3xNhdSH
https://ift.tt/3ltu1ZK
Submitted December 02, 2021 at 08:49PM by intigriti
via reddit https://ift.tt/3xNhdSH
Cross-Account Access Vulnerability on AWS SageMaker Jupyter Notebook Instance
https://ift.tt/3xP0Ftu
Submitted December 02, 2021 at 10:40PM by gafnita
via reddit https://ift.tt/3Ie4uxc
https://ift.tt/3xP0Ftu
Submitted December 02, 2021 at 10:40PM by gafnita
via reddit https://ift.tt/3Ie4uxc
So many SCA tools.. all with different results
https://ift.tt/3beQcgA
Submitted December 02, 2021 at 10:58PM by Jazzlike-Vegetable69
via reddit https://ift.tt/3ppcym6
https://ift.tt/3beQcgA
Submitted December 02, 2021 at 10:58PM by Jazzlike-Vegetable69
via reddit https://ift.tt/3ppcym6
Jumping the air gap: 15 years of nation‑state effort
https://ift.tt/3rkVsbU
Submitted December 03, 2021 at 12:25PM by 0xdea
via reddit https://ift.tt/3xWnITp
https://ift.tt/3rkVsbU
Submitted December 03, 2021 at 12:25PM by 0xdea
via reddit https://ift.tt/3xWnITp
WeLiveSecurity
Jumping the air gap: 15 years of nation‑state effort
ESET research releases a comparison of the most important TTPs used by all known malicious frameworks that have been used to attack air-gapped networks.
Hi guys! How do you keep your assets secure against attacks? I created a content on automated vulnerability scanning, because we keep our assets automatically scanned through and get alerts when a possible risk occurs. Please let me know what else do you do to guide us be more secure. Thanks!
https://ift.tt/3pqF2Mo
Submitted December 03, 2021 at 12:07PM by bige-b
via reddit https://ift.tt/3IjLBcc
https://ift.tt/3pqF2Mo
Submitted December 03, 2021 at 12:07PM by bige-b
via reddit https://ift.tt/3IjLBcc
Bypassing Box’s Time-based One-Time Password MFA
https://ift.tt/2ZLUJ8a
Submitted December 02, 2021 at 08:57PM by VaronisThreatLabs
via reddit https://ift.tt/3Dmob2a
https://ift.tt/2ZLUJ8a
Submitted December 02, 2021 at 08:57PM by VaronisThreatLabs
via reddit https://ift.tt/3Dmob2a
Varonis
Bypassing Box's Time-based One-Time Password MFA
The Varonis research team discovered a way to bypass Box's Time-based One-Time Password MFA for Box accounts that use authenticator applications.
Mobile banking fraud: BRATA strikes again | Cleafy Labs
https://ift.tt/3Di4bxF
Submitted December 03, 2021 at 04:04PM by f3d_0x0
via reddit https://ift.tt/3GaEGQV
https://ift.tt/3Di4bxF
Submitted December 03, 2021 at 04:04PM by f3d_0x0
via reddit https://ift.tt/3GaEGQV
Cleafy
Mobile banking fraud: BRATA strikes again | Cleafy Labs
The mobile banking malware BRATA strikes again, and it is slowly spreading all over Europe. Read here the new Technical Report, which explains in detail how it works and how to prevent it.
Just another analysis of the njRAT malware – A step-by-step approach
https://ift.tt/3rmKi6p
Submitted December 04, 2021 at 03:56PM by CyberMasterV
via reddit https://ift.tt/3EqksC6
https://ift.tt/3rmKi6p
Submitted December 04, 2021 at 03:56PM by CyberMasterV
via reddit https://ift.tt/3EqksC6
reddit
Just another analysis of the njRAT malware – A step-by-step approach
Posted in r/netsec by u/CyberMasterV • 1 point and 0 comments
[CVE-2021-40859] Auerswald COMpact 5500R Multiple Backdoors
https://ift.tt/3Il8ZpT
Submitted December 06, 2021 at 02:43PM by RedTeamPentesting
via reddit https://ift.tt/3dlHLBe
https://ift.tt/3Il8ZpT
Submitted December 06, 2021 at 02:43PM by RedTeamPentesting
via reddit https://ift.tt/3dlHLBe
www.redteam-pentesting.de
Auerswald COMpact Multiple Backdoors
RedTeam Pentesting discovered several backdoors in the firmware for the Auerswald COMpact 5500R PBX. These backdoors allow attackers who are able to access the web-based management application full administrative access to the device.