The evolution of deception in computer security
http://ift.tt/2zZjsU8
Submitted November 02, 2017 at 07:31PM by Mr_CyberFish
via reddit http://ift.tt/2gYEJWd
http://ift.tt/2zZjsU8
Submitted November 02, 2017 at 07:31PM by Mr_CyberFish
via reddit http://ift.tt/2gYEJWd
Minerva-Labs
Reflections Upon Deception-Based Security Tactics
Deception as Part of Enterprise Security Architecture
Using the DDE attack with PowerShell Empire
http://ift.tt/2hz1r8h
Submitted November 02, 2017 at 07:18PM by maxxori
via reddit http://ift.tt/2zckwGO
http://ift.tt/2hz1r8h
Submitted November 02, 2017 at 07:18PM by maxxori
via reddit http://ift.tt/2zckwGO
1337red
Using the DDE attack with PowerShell Empire
Microsoft DDE Exploit Unless you’ve been living under a rock for the past few weeks, you’ll most certainly know about the Microsoft DDE exploit and how it can be abused to weaponise a W…
No Security Regulations on IoT Devices? How to Help with this Problem?
Currently there is no government regulations on security for IoT Devices. What are the steps for one to enforce stricter security regulation on IoT devices in a country such as USA? As the future pushes forward with IoT devices, consumers will need to have a sense of trust in order to embrace IoT devices to create a better, safer and convenient way of life. By having the feeling of higher security regulation on IoT devices, consumers will have a better feeling knowing they're are protected.Any suggestions or opinions are welcome.
Submitted November 02, 2017 at 09:42PM by dld008
via reddit http://ift.tt/2xQ52om
Currently there is no government regulations on security for IoT Devices. What are the steps for one to enforce stricter security regulation on IoT devices in a country such as USA? As the future pushes forward with IoT devices, consumers will need to have a sense of trust in order to embrace IoT devices to create a better, safer and convenient way of life. By having the feeling of higher security regulation on IoT devices, consumers will have a better feeling knowing they're are protected.Any suggestions or opinions are welcome.
Submitted November 02, 2017 at 09:42PM by dld008
via reddit http://ift.tt/2xQ52om
reddit
No Security Regulations on IoT Devices? How to Help... • r/security
Currently there is no government regulations on security for IoT Devices. What are the steps for one to enforce stricter security regulation on...
How does WhatsApp spam work?
I often get messages in whats app with a link to a purported deal or article. If I click on the link, the message would then be sent from my WhatsApp account to all my contacts. See this article for an example from a message I received today: http://ift.tt/2lIPLnNMy question is: How does this work? The link takes me to a webpage in safari, which then instructs WhatsApp to send messages. Is there a vulnerability in WhatsApp which allows this? Why would it ever be possible for WhatsApp to receive commands to send messages from safari?
Submitted November 02, 2017 at 09:13PM by TejasJShah
via reddit http://ift.tt/2ypLziE
I often get messages in whats app with a link to a purported deal or article. If I click on the link, the message would then be sent from my WhatsApp account to all my contacts. See this article for an example from a message I received today: http://ift.tt/2lIPLnNMy question is: How does this work? The link takes me to a webpage in safari, which then instructs WhatsApp to send messages. Is there a vulnerability in WhatsApp which allows this? Why would it ever be possible for WhatsApp to receive commands to send messages from safari?
Submitted November 02, 2017 at 09:13PM by TejasJShah
via reddit http://ift.tt/2ypLziE
GulfNews
Beware: Don’t fall for this Ikea scam
Dubai: If you think its too good to be true, then it probably is.
Forensic Analysis of Telegram Messenger on Android Smartphones
http://ift.tt/2zcnATC
Submitted November 02, 2017 at 09:00PM by paFarb
via reddit http://ift.tt/2xQmUj0
http://ift.tt/2zcnATC
Submitted November 02, 2017 at 09:00PM by paFarb
via reddit http://ift.tt/2xQmUj0
Conversations With a Hacker
http://ift.tt/2h5lwGh
Submitted November 02, 2017 at 10:54PM by masonicRed
via reddit http://ift.tt/2gWk9WF
http://ift.tt/2h5lwGh
Submitted November 02, 2017 at 10:54PM by masonicRed
via reddit http://ift.tt/2gWk9WF
Medium
Conversations With a Hacker
It started around 9PM on Wednesday night. I was in the office sitting at my desk when I received a Twitter message from a friend, we’ll…
Disclosure: WordPress WPDB SQL Injection
http://ift.tt/2ygSKK9
Submitted November 02, 2017 at 11:03PM by speckz
via reddit http://ift.tt/2iVoduH
http://ift.tt/2ygSKK9
Submitted November 02, 2017 at 11:03PM by speckz
via reddit http://ift.tt/2iVoduH
ircmaxell's Blog
Disclosure: WordPress WPDB SQL Injection - Background
Today, a significant SQL-Injection vulnerability was fixed in WordPress 4.8.3. Before reading further, if you haven’t updated yet stop right now and update. The foundations of this vulnerability was r
Curve25519 and Curve448 to be approved by NIST for FIPS 140 use
http://ift.tt/2lyiWtU
Submitted November 03, 2017 at 12:42AM by bascule
via reddit http://ift.tt/2xRpoxE
http://ift.tt/2lyiWtU
Submitted November 03, 2017 at 12:42AM by bascule
via reddit http://ift.tt/2xRpoxE
csrc.nist.gov
Transition Plans for Key Establishment Schemes using Public Key | CSRC
News about NIST's cybersecurity projects, publications and events.
Firefox is getting a Tor-based security upgrade
http://ift.tt/2z5NvKB
Submitted November 03, 2017 at 12:45AM by dpgowan
via reddit http://ift.tt/2yqFoej
http://ift.tt/2z5NvKB
Submitted November 03, 2017 at 12:45AM by dpgowan
via reddit http://ift.tt/2yqFoej
The Next Web
Firefox is getting a Tor-based security upgrade
The developer community at Mozilla is preparing a Firefox release boasting privacy features straight out of the dark web browser Tor.
D-Link MEA Site Caught Running Cryptocurrency Mining Script
http://ift.tt/2h7SMfV
Submitted November 03, 2017 at 12:12AM by securitynewsIO
via reddit http://ift.tt/2h80A1v
http://ift.tt/2h7SMfV
Submitted November 03, 2017 at 12:12AM by securitynewsIO
via reddit http://ift.tt/2h80A1v
Security News iO
D-Link MEA Site Caught Running Cryptocurrency Mining Script | Security News iO
Security firm Seekurity reported that D-Link MEA site was caught running crypto currency mining noscript, Monero to be exact. The
University held ransom
http://ift.tt/2z9c3oc
Submitted November 03, 2017 at 01:16AM by pikachani
via reddit http://ift.tt/2h5KDsr
http://ift.tt/2z9c3oc
Submitted November 03, 2017 at 01:16AM by pikachani
via reddit http://ift.tt/2h5KDsr
Abbotsford News
UPDATE: Hacker threatens to release UFV student information if not paid ransom - Abbotsford News
Threats to release students’ personal information
Vulnerability Note VU#446847 - Savitech USB audio drivers install a new root CA certificate
http://ift.tt/2Ad1Chi
Submitted November 03, 2017 at 02:03AM by thefinn93
via reddit http://ift.tt/2zaAj9q
http://ift.tt/2Ad1Chi
Submitted November 03, 2017 at 02:03AM by thefinn93
via reddit http://ift.tt/2zaAj9q
www.kb.cert.org
Vulnerability Note VU#446847 - Savitech USB audio drivers install a new root CA certificate
Savitech provides USB audio drivers for a number of specialized audio products. Some versions of the Savitech driver package silently install a root CA certificate into the Windows trusted root certificate store.
Security Orchestration and EDR: Integrating CrowdStrike and Demisto
http://ift.tt/2zaTU7i
Submitted November 03, 2017 at 02:34AM by abhishekiyer
via reddit http://ift.tt/2iUwVJp
http://ift.tt/2zaTU7i
Submitted November 03, 2017 at 02:34AM by abhishekiyer
via reddit http://ift.tt/2iUwVJp
Demisto
Security Orchestration and EDR: Integrating CrowdStrike and Demisto
Learn how Demisto's security orchestration combines with CrowdStrike's EDR to automate a host of actions across products and reduce incident resolution time.
Bypassing Browser Security Warnings with Pseudo Password Fields
http://ift.tt/2ynwuOS
Submitted November 03, 2017 at 02:09AM by julian88888888
via reddit http://ift.tt/2h78p7r
http://ift.tt/2ynwuOS
Submitted November 03, 2017 at 02:09AM by julian88888888
via reddit http://ift.tt/2h78p7r
reddit
Bypassing Browser Security Warnings with Pseudo... • r/security
1 points and 0 comments so far on reddit
Tracing Fancy Bear’s paw prints
http://ift.tt/2ipiid9
Submitted November 03, 2017 at 02:21AM by campuscodi
via reddit http://ift.tt/2lIQJAv
http://ift.tt/2ipiid9
Submitted November 03, 2017 at 02:21AM by campuscodi
via reddit http://ift.tt/2lIQJAv
Medium
Tracing Fancy Bear’s paw prints
A lot has been written over the past 18 months about Fancy Bear and its role in the U.S. presidential election. The AP’s story, out today…
New Trojan 'Silence' Uses Stealth to Attack Banks - Security Boulevard
http://ift.tt/2gXeBLm
Submitted November 03, 2017 at 04:06AM by SecurityTrust
via reddit http://ift.tt/2AelJeT
http://ift.tt/2gXeBLm
Submitted November 03, 2017 at 04:06AM by SecurityTrust
via reddit http://ift.tt/2AelJeT
Security Boulevard
New Trojan 'Silence' Uses Stealth to Attack Banks - Security Boulevard
With Silence, hackers break in to networks and stay lurking for months to learn banks' internal procedures before starting to steal money.
Found that - routersecurity.org
http://ift.tt/2xP7Lmn
Submitted November 03, 2017 at 04:00AM by letanguy4
via reddit http://ift.tt/2h6mDp5
http://ift.tt/2xP7Lmn
Submitted November 03, 2017 at 04:00AM by letanguy4
via reddit http://ift.tt/2h6mDp5
reddit
Found that - routersecurity.org • r/netsec
2 points and 0 comments so far on reddit
How do I change my reddit user account email address?
Using my other reddit account, recently I saw a warning at the top of every page on reddit: "Uh oh! We have suspended your account due to suspicious activity. Not to worry. You can continue using Reddit by resetting your password."When I click the link to reset my password, it asks me to send a Password Reset email... but the email address that is pre-set (and not changeable in its text box) is not mine. It's a gmail account in the format of first.last@gmail.com with a Turkish man's name.I'm assuming my account was hacked and someone changed my email address but not my password.My username and password combo work just fine. I would just like to change my password without sending an email to a fraudulent email address I've never heard of, and I would not be able to answer anyway.
Submitted November 03, 2017 at 05:44AM by TheSimpsonsContext
via reddit http://ift.tt/2A3LsWm
Using my other reddit account, recently I saw a warning at the top of every page on reddit: "Uh oh! We have suspended your account due to suspicious activity. Not to worry. You can continue using Reddit by resetting your password."When I click the link to reset my password, it asks me to send a Password Reset email... but the email address that is pre-set (and not changeable in its text box) is not mine. It's a gmail account in the format of first.last@gmail.com with a Turkish man's name.I'm assuming my account was hacked and someone changed my email address but not my password.My username and password combo work just fine. I would just like to change my password without sending an email to a fraudulent email address I've never heard of, and I would not be able to answer anyway.
Submitted November 03, 2017 at 05:44AM by TheSimpsonsContext
via reddit http://ift.tt/2A3LsWm
reddit
How do I change my reddit user account email address? • r/security
Using my other reddit account, recently I saw a warning at the top of every page on reddit: "Uh oh! We have suspended your account due to...
Safe and Convenient Password Management
http://ift.tt/2A3zGvw
Submitted November 03, 2017 at 10:40AM by randian_lurker
via reddit http://ift.tt/2hyfgUq
http://ift.tt/2A3zGvw
Submitted November 03, 2017 at 10:40AM by randian_lurker
via reddit http://ift.tt/2hyfgUq
reddit
Safe and Convenient Password Management • r/security
1 points and 0 comments so far on reddit
FaceID and depth camera security issues
A lot of people are concerned about how secure your face data is on the new iPhone X, I have some answers but I ain’t 100% sure, when setting up faceID for the first time it is then saved and encrypted on the Secure Enclave (SEP) and is left there, no apps can see these details except for some instances that I’ll explain in a bit. When apps ask you to unlock with your faceID then it is safe as it is an API that is linked to the system that uses the normal FaceID scan process and then it tells the app if it is really you or it failed to authorize your face, this is completely safe but If you use an app that can see your pictures (in other words is allowed to go through your pictures) then you are screwed as starting from iOS 11 apple added depth information in photos taken as portrait mode that exists only on the iPhone 7+,8+ and X. So if you took a portrait selfie of yourself then it will create a depth information in that picture and that app can read it, but you don’t need to worry as this won’t help them to unlock your device.(If you have anything question then feel free to ask me)
Submitted November 03, 2017 at 11:40AM by pierre949
via reddit http://ift.tt/2ztikeW
A lot of people are concerned about how secure your face data is on the new iPhone X, I have some answers but I ain’t 100% sure, when setting up faceID for the first time it is then saved and encrypted on the Secure Enclave (SEP) and is left there, no apps can see these details except for some instances that I’ll explain in a bit. When apps ask you to unlock with your faceID then it is safe as it is an API that is linked to the system that uses the normal FaceID scan process and then it tells the app if it is really you or it failed to authorize your face, this is completely safe but If you use an app that can see your pictures (in other words is allowed to go through your pictures) then you are screwed as starting from iOS 11 apple added depth information in photos taken as portrait mode that exists only on the iPhone 7+,8+ and X. So if you took a portrait selfie of yourself then it will create a depth information in that picture and that app can read it, but you don’t need to worry as this won’t help them to unlock your device.(If you have anything question then feel free to ask me)
Submitted November 03, 2017 at 11:40AM by pierre949
via reddit http://ift.tt/2ztikeW
reddit
FaceID and depth camera security issues • r/security
A lot of people are concerned about how secure your face data is on the new iPhone X, I have some answers but I ain’t 100% sure, when setting up...
5 Practical Questions to ask from client before penetration testing engagement
http://ift.tt/2zpvVEg
Submitted November 03, 2017 at 02:12PM by InformationSecurity
via reddit http://ift.tt/2zejiuN
http://ift.tt/2zpvVEg
Submitted November 03, 2017 at 02:12PM by InformationSecurity
via reddit http://ift.tt/2zejiuN
Haider Mahmood Infosec Blog
5 Questions to ask from client before penetration testing engagement
Questions to ask from client before penetration testing engagement , penetration testing client, questions from penetration testers