BlackBerry CEO Promises To Try To Break Customers' Encryption If The US Gov't Asks Him To
http://ift.tt/2zgPXAE

Submitted November 01, 2017 at 04:00AM by RandomCollection
via reddit http://ift.tt/2gRYoY2

D-Link Middle East “DLink-MEA” website is secretly mining cryptocurrencies
http://ift.tt/2iRDDzL

Submitted November 01, 2017 at 05:39AM by SymbianSyMoh
via reddit http://ift.tt/2zmP8GI

Privilege Escalation on LegalRobot through Type Confusion
http://ift.tt/2hrFacq

Submitted November 01, 2017 at 07:58AM by samczsun
via reddit http://ift.tt/2lBVJH2

Latest WannaCry Attack Stresses Healthcare's Need to Fortify Defenses
http://ift.tt/2gSwlYD

Submitted November 01, 2017 at 07:26AM by chull2058
via reddit http://ift.tt/2h14I3k

Got this unexpected notification on my Android Phone: "Find My Device located this device" notification on my phone, what do I do?
I know this happens when one uses the Google Find My Device (http://ift.tt/2rlu2Ve) to locate my phone but the thing is that this time I did NOT try to locate my phone. I always have two-factor authentication enabled on my account. I immediately changed my password but I am extremely worried now if there was unauthorized access to my account. What can I do? How can I find out which device/location made that 'Find my Phone' request?

Submitted November 01, 2017 at 06:28AM by iloveicecreamtoomuch
via reddit http://ift.tt/2z8Xl0k

Fooling Neural Networks in the Physical World with 3D Adversarial Objects
http://ift.tt/2z1dq8s

Submitted November 01, 2017 at 06:20AM by anishathalye
via reddit http://ift.tt/2iQ7KYw

Ransomware history — brief guide
http://ift.tt/2kSrE5N

Submitted November 01, 2017 at 09:44AM by DerBootsMann
via reddit http://ift.tt/2z32www

10 Things to Consider when Securing Docker
http://ift.tt/2iPunw7

Submitted November 01, 2017 at 05:05PM by nanooonanooo
via reddit http://ift.tt/2z4HkGm

Smash the Stack for Fun & Profit in PDF/TEX.
http://ift.tt/2ikdhmd

Submitted November 01, 2017 at 05:28PM by avicoder
via reddit http://ift.tt/2z2TpvZ

Security In 5: Episode 102 - OWASP Top 10 - A3 - Cross Site Scripting
http://ift.tt/2hvWBZi

Submitted November 01, 2017 at 06:41PM by BinaryBlog
via reddit http://ift.tt/2zXRPe0

Exploiting and Protecting Against Race Conditions
http://ift.tt/2zX8Epe

Submitted November 01, 2017 at 07:14PM by cablej
via reddit http://ift.tt/2ylyCGO

Domino's Pizza Blames Supplier For Data Breach: Hackers Are Probing Third-Party Weaknesses
http://ift.tt/2iRxjsb

Submitted November 01, 2017 at 08:09PM by SecurityTrust
via reddit http://ift.tt/2z6pCCE

Reptile: A LKM rootkit for evil purposes
http://ift.tt/2i2mjnV

Submitted November 01, 2017 at 09:15PM by fx97
via reddit http://ift.tt/2htGmfo

A New Catastrophic IoT Botnet Storm is Coming to Attack the Internet
http://ift.tt/2zpOkB1

Submitted November 01, 2017 at 10:29PM by acridfarms
via reddit http://ift.tt/2z5qcAt

Emailing... Multiple Domains Forward to Single Domain
Where I work, they have changed their domain name years ago and now we are talking about doing it again since we are rebranding. Instead of training people to send emails to the new domain, they've had email forwarding setup to send any emails from myName@oldDomain.com to myName@newDomain.com... if we change again, it will be both of those domains forwarding to the newest one. Beside being more susceptible to receiving spam, are there any security implications I should be aware of?

Submitted November 01, 2017 at 10:59PM by P3CbeygiU
via reddit http://ift.tt/2zoBZwJ

CredSniper: Framework for phishing credentials and 2FA tokens (bypass Google U2F)
http://ift.tt/2hsFSWU

Submitted November 02, 2017 at 02:05AM by ustayready
via reddit http://ift.tt/2A7FcOn

Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2 - slides
http://ift.tt/2hvn09N

Submitted November 02, 2017 at 01:18AM by sanderD
via reddit http://ift.tt/2gVtePk

Google Calendar Event Injection with MailSniper
http://ift.tt/2h4DlFt

Submitted November 02, 2017 at 02:09AM by dafthack
via reddit http://ift.tt/2zYShJ3

Week 43 in Information Security, 2017
Researchers from the Masaryk University finally published full paper of the practical cryptographic attack against the implementation of RSA in the widely used trusted platform modules / crypto tokens. "The Return of Coppersmith’s A‚ttack: Practical Factorization of Widely Used RSA Moduli"
http://ift.tt/2ihjyiAThose guys published an interesting paper about the secure cryptographic computation with the threat model without attackers based on Earth. They are proposing SpaceHSM hardware secure devices on the orbit. "SpaceTEE: Secure and Tamper-Proof Computing in Space using CubeSats"
http://ift.tt/2ylOdX0There is a small chance that the documents encrypted by Bad Rabbit ransomware could be recovered without paying ransom, if the shadow copies had been enabled in the Windows prior to infection. Victims can restore the original versions of the encrypted files using standard Windows backup mechanism. For technical analysis of the Bad Rabbit ransomware, see the second link.
http://ift.tt/2zzScLB
http://ift.tt/2gJGURgGoogle is going to deprecate the use of pinned public key certificates, public key pinning (PKP), from the Google Chrome browser.
http://ift.tt/2hgu4a2The British government has publicly attributed North Korean government hackers as a source behind the "WannaCry" malware epidemy.
http://ift.tt/2lFVF9dMultiple remote execution vulnerabilities (CVE-2017-13089, CVE-2017-13090) were patched in the popular software Wget. Update!
http://ift.tt/2hbuXkcThe source code of an AhMyth Android remote administration tool is available on GitHub. It can steal contact information, turn on camera, microphone, read SMS, and more.
http://ift.tt/2tWse3pMalscan is a robust and fully featured scanning platform for Linux servers built upon the ClamAV platform, providing all of the features of Clamscan with a host of new features and detection modes.
http://ift.tt/2yn2UZOThere is an update for the world's fastest and most advanced password recovery utility Hashcat.
http://ift.tt/2gSN7qzSource: http://ift.tt/2ynZF4b

Submitted November 02, 2017 at 03:43AM by undercomm
via reddit http://ift.tt/2h4WO90

Costs for a Cybersecurity Club
Hi everyone,I'm planning to create a general netsec/cybersecurity club at my high school this year. As for activities, I wanted to get the school involved in security education and training through CTFs, Red Team-Blue Team, Kali Linux, VMWare, and other activites related (thank you for this info on other posts).My only issue currently is how much it would cost to do these activities for 15-30 students at a time. I don't know many resources for these activities as I'm a beginner myself, and would really appreciate your advice.If you have any good resources for beginner-intermediate (and possibly advanced) activities or a general quote of how much you think the club would need to be maintained, please let me know.Thank you,vinnishi.

Submitted November 02, 2017 at 04:13AM by vinnishi
via reddit http://ift.tt/2iUmUfj

Will I get terminated?
my work computer got hacked and sent out company-wide emails with phishing content.I have no idea what happened but I promptly notified the security team.

Submitted November 02, 2017 at 05:51AM by pkrishnaq
via reddit http://ift.tt/2zZlS50