Reptile: A LKM rootkit for evil purposes
http://ift.tt/2i2mjnV

Submitted November 01, 2017 at 09:15PM by fx97
via reddit http://ift.tt/2htGmfo

A New Catastrophic IoT Botnet Storm is Coming to Attack the Internet
http://ift.tt/2zpOkB1

Submitted November 01, 2017 at 10:29PM by acridfarms
via reddit http://ift.tt/2z5qcAt

Emailing... Multiple Domains Forward to Single Domain
Where I work, they have changed their domain name years ago and now we are talking about doing it again since we are rebranding. Instead of training people to send emails to the new domain, they've had email forwarding setup to send any emails from myName@oldDomain.com to myName@newDomain.com... if we change again, it will be both of those domains forwarding to the newest one. Beside being more susceptible to receiving spam, are there any security implications I should be aware of?

Submitted November 01, 2017 at 10:59PM by P3CbeygiU
via reddit http://ift.tt/2zoBZwJ

CredSniper: Framework for phishing credentials and 2FA tokens (bypass Google U2F)
http://ift.tt/2hsFSWU

Submitted November 02, 2017 at 02:05AM by ustayready
via reddit http://ift.tt/2A7FcOn

Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2 - slides
http://ift.tt/2hvn09N

Submitted November 02, 2017 at 01:18AM by sanderD
via reddit http://ift.tt/2gVtePk

Google Calendar Event Injection with MailSniper
http://ift.tt/2h4DlFt

Submitted November 02, 2017 at 02:09AM by dafthack
via reddit http://ift.tt/2zYShJ3

Week 43 in Information Security, 2017
Researchers from the Masaryk University finally published full paper of the practical cryptographic attack against the implementation of RSA in the widely used trusted platform modules / crypto tokens. "The Return of Coppersmith’s A‚ttack: Practical Factorization of Widely Used RSA Moduli"
http://ift.tt/2ihjyiAThose guys published an interesting paper about the secure cryptographic computation with the threat model without attackers based on Earth. They are proposing SpaceHSM hardware secure devices on the orbit. "SpaceTEE: Secure and Tamper-Proof Computing in Space using CubeSats"
http://ift.tt/2ylOdX0There is a small chance that the documents encrypted by Bad Rabbit ransomware could be recovered without paying ransom, if the shadow copies had been enabled in the Windows prior to infection. Victims can restore the original versions of the encrypted files using standard Windows backup mechanism. For technical analysis of the Bad Rabbit ransomware, see the second link.
http://ift.tt/2zzScLB
http://ift.tt/2gJGURgGoogle is going to deprecate the use of pinned public key certificates, public key pinning (PKP), from the Google Chrome browser.
http://ift.tt/2hgu4a2The British government has publicly attributed North Korean government hackers as a source behind the "WannaCry" malware epidemy.
http://ift.tt/2lFVF9dMultiple remote execution vulnerabilities (CVE-2017-13089, CVE-2017-13090) were patched in the popular software Wget. Update!
http://ift.tt/2hbuXkcThe source code of an AhMyth Android remote administration tool is available on GitHub. It can steal contact information, turn on camera, microphone, read SMS, and more.
http://ift.tt/2tWse3pMalscan is a robust and fully featured scanning platform for Linux servers built upon the ClamAV platform, providing all of the features of Clamscan with a host of new features and detection modes.
http://ift.tt/2yn2UZOThere is an update for the world's fastest and most advanced password recovery utility Hashcat.
http://ift.tt/2gSN7qzSource: http://ift.tt/2ynZF4b

Submitted November 02, 2017 at 03:43AM by undercomm
via reddit http://ift.tt/2h4WO90

Costs for a Cybersecurity Club
Hi everyone,I'm planning to create a general netsec/cybersecurity club at my high school this year. As for activities, I wanted to get the school involved in security education and training through CTFs, Red Team-Blue Team, Kali Linux, VMWare, and other activites related (thank you for this info on other posts).My only issue currently is how much it would cost to do these activities for 15-30 students at a time. I don't know many resources for these activities as I'm a beginner myself, and would really appreciate your advice.If you have any good resources for beginner-intermediate (and possibly advanced) activities or a general quote of how much you think the club would need to be maintained, please let me know.Thank you,vinnishi.

Submitted November 02, 2017 at 04:13AM by vinnishi
via reddit http://ift.tt/2iUmUfj

Will I get terminated?
my work computer got hacked and sent out company-wide emails with phishing content.I have no idea what happened but I promptly notified the security team.

Submitted November 02, 2017 at 05:51AM by pkrishnaq
via reddit http://ift.tt/2zZlS50

In response to how nation states such as Russia, China, Iran & North Korea are weaponizing cyberspace in order to inject their influence operations on Americans & Europeans, ICIT has introduced the Center for Cyber-Influence Operations Studies (CCIOS).
http://ift.tt/2zZ4gGn

Submitted November 02, 2017 at 05:43AM by bloc_hack
via reddit http://ift.tt/2hxr5KL

More must be done to protect America's nuclear power plants from cyberattacks
http://ift.tt/2A1lKCO

Submitted November 02, 2017 at 04:57AM by WinglessIndependence
via reddit http://ift.tt/2zoXqOi

Security Advice for the Rest of the World
http://ift.tt/2zZypFu

Submitted November 02, 2017 at 07:53AM by hpo1n7
via reddit http://ift.tt/2gW8dnE

Security Researchers Breach iOS 11.1 at Hacking Contest
http://ift.tt/2h6jzt4

Submitted November 02, 2017 at 09:35AM by nzwasp
via reddit http://ift.tt/2gWk0m7

Signal >> Blog >> Standalone Signal Desktop
http://ift.tt/2z1sMK8

Submitted November 02, 2017 at 10:57AM by dpgowan
via reddit http://ift.tt/2z7bYPo

Silence of the Moles: Linking the Silence Trojan & Mole Ransomware
http://ift.tt/2inVj2h

Submitted November 02, 2017 at 12:08PM by 0xbaadf00dsec
via reddit http://ift.tt/2iV5ak9

Moving news comments from the quiet giant Disqus ( to Mozilla/Coral Talk?) after their data breach
http://ift.tt/2z6Ee4Q

Submitted November 02, 2017 at 02:54PM by nkrva
via reddit http://ift.tt/2iTXcrx

Intrusion Detection System (IDS / IPS) for Linux home users?
Can an Intrusion Detection System or Intrusion Prevention System (IDS / IPS) increase the security of home users using Linux?Or is an IDS / IPS even less useful than antivirus for Linux?Is an IDS / IPS more useful in company networks and so forth?

Submitted November 02, 2017 at 04:02PM by musterhausen
via reddit http://ift.tt/2gUqe5T

Paul Manafort Might Have Used "bond007" As Online Password
http://ift.tt/2ik0HDq

Submitted November 02, 2017 at 04:42PM by GemmaJ123
via reddit http://ift.tt/2h6eOjk

[x-post r/business] Facebook crushes Q3 earnings but warns that future profit will slow, impacted by investment in security
http://ift.tt/2xLK5eg

Submitted November 02, 2017 at 04:32PM by GemmaJ123
via reddit http://ift.tt/2iXpTnv

CPSA resources?
Hey all,Just done my QSTM accreditation and I’m getting booked up for the CPSA.I found during my studies for QSTM that the material they give really lacks a directive and can become saturated with irrelevant information.Has anyone taken the CPSA recently and if so could you point me in the direction of good resources to go over?I’ve been going over some of the information outlined by the syllabus and over the RTFM.Thank you.

Submitted November 02, 2017 at 06:43PM by freshkidj
via reddit http://ift.tt/2zqFGSv

Security In 5: Episode 103 - Top 10 Security Tips For Your Network - 1 - Use Strong Authentication
http://ift.tt/2zbA0uN

Submitted November 02, 2017 at 06:34PM by BinaryBlog
via reddit http://ift.tt/2zrnokf