Forensic Analysis of Telegram Messenger on Android Smartphones
http://ift.tt/2zcnATC
Submitted November 02, 2017 at 09:00PM by paFarb
via reddit http://ift.tt/2xQmUj0
http://ift.tt/2zcnATC
Submitted November 02, 2017 at 09:00PM by paFarb
via reddit http://ift.tt/2xQmUj0
Conversations With a Hacker
http://ift.tt/2h5lwGh
Submitted November 02, 2017 at 10:54PM by masonicRed
via reddit http://ift.tt/2gWk9WF
http://ift.tt/2h5lwGh
Submitted November 02, 2017 at 10:54PM by masonicRed
via reddit http://ift.tt/2gWk9WF
Medium
Conversations With a Hacker
It started around 9PM on Wednesday night. I was in the office sitting at my desk when I received a Twitter message from a friend, we’ll…
Disclosure: WordPress WPDB SQL Injection
http://ift.tt/2ygSKK9
Submitted November 02, 2017 at 11:03PM by speckz
via reddit http://ift.tt/2iVoduH
http://ift.tt/2ygSKK9
Submitted November 02, 2017 at 11:03PM by speckz
via reddit http://ift.tt/2iVoduH
ircmaxell's Blog
Disclosure: WordPress WPDB SQL Injection - Background
Today, a significant SQL-Injection vulnerability was fixed in WordPress 4.8.3. Before reading further, if you haven’t updated yet stop right now and update. The foundations of this vulnerability was r
Curve25519 and Curve448 to be approved by NIST for FIPS 140 use
http://ift.tt/2lyiWtU
Submitted November 03, 2017 at 12:42AM by bascule
via reddit http://ift.tt/2xRpoxE
http://ift.tt/2lyiWtU
Submitted November 03, 2017 at 12:42AM by bascule
via reddit http://ift.tt/2xRpoxE
csrc.nist.gov
Transition Plans for Key Establishment Schemes using Public Key | CSRC
News about NIST's cybersecurity projects, publications and events.
Firefox is getting a Tor-based security upgrade
http://ift.tt/2z5NvKB
Submitted November 03, 2017 at 12:45AM by dpgowan
via reddit http://ift.tt/2yqFoej
http://ift.tt/2z5NvKB
Submitted November 03, 2017 at 12:45AM by dpgowan
via reddit http://ift.tt/2yqFoej
The Next Web
Firefox is getting a Tor-based security upgrade
The developer community at Mozilla is preparing a Firefox release boasting privacy features straight out of the dark web browser Tor.
D-Link MEA Site Caught Running Cryptocurrency Mining Script
http://ift.tt/2h7SMfV
Submitted November 03, 2017 at 12:12AM by securitynewsIO
via reddit http://ift.tt/2h80A1v
http://ift.tt/2h7SMfV
Submitted November 03, 2017 at 12:12AM by securitynewsIO
via reddit http://ift.tt/2h80A1v
Security News iO
D-Link MEA Site Caught Running Cryptocurrency Mining Script | Security News iO
Security firm Seekurity reported that D-Link MEA site was caught running crypto currency mining noscript, Monero to be exact. The
University held ransom
http://ift.tt/2z9c3oc
Submitted November 03, 2017 at 01:16AM by pikachani
via reddit http://ift.tt/2h5KDsr
http://ift.tt/2z9c3oc
Submitted November 03, 2017 at 01:16AM by pikachani
via reddit http://ift.tt/2h5KDsr
Abbotsford News
UPDATE: Hacker threatens to release UFV student information if not paid ransom - Abbotsford News
Threats to release students’ personal information
Vulnerability Note VU#446847 - Savitech USB audio drivers install a new root CA certificate
http://ift.tt/2Ad1Chi
Submitted November 03, 2017 at 02:03AM by thefinn93
via reddit http://ift.tt/2zaAj9q
http://ift.tt/2Ad1Chi
Submitted November 03, 2017 at 02:03AM by thefinn93
via reddit http://ift.tt/2zaAj9q
www.kb.cert.org
Vulnerability Note VU#446847 - Savitech USB audio drivers install a new root CA certificate
Savitech provides USB audio drivers for a number of specialized audio products. Some versions of the Savitech driver package silently install a root CA certificate into the Windows trusted root certificate store.
Security Orchestration and EDR: Integrating CrowdStrike and Demisto
http://ift.tt/2zaTU7i
Submitted November 03, 2017 at 02:34AM by abhishekiyer
via reddit http://ift.tt/2iUwVJp
http://ift.tt/2zaTU7i
Submitted November 03, 2017 at 02:34AM by abhishekiyer
via reddit http://ift.tt/2iUwVJp
Demisto
Security Orchestration and EDR: Integrating CrowdStrike and Demisto
Learn how Demisto's security orchestration combines with CrowdStrike's EDR to automate a host of actions across products and reduce incident resolution time.
Bypassing Browser Security Warnings with Pseudo Password Fields
http://ift.tt/2ynwuOS
Submitted November 03, 2017 at 02:09AM by julian88888888
via reddit http://ift.tt/2h78p7r
http://ift.tt/2ynwuOS
Submitted November 03, 2017 at 02:09AM by julian88888888
via reddit http://ift.tt/2h78p7r
reddit
Bypassing Browser Security Warnings with Pseudo... • r/security
1 points and 0 comments so far on reddit
Tracing Fancy Bear’s paw prints
http://ift.tt/2ipiid9
Submitted November 03, 2017 at 02:21AM by campuscodi
via reddit http://ift.tt/2lIQJAv
http://ift.tt/2ipiid9
Submitted November 03, 2017 at 02:21AM by campuscodi
via reddit http://ift.tt/2lIQJAv
Medium
Tracing Fancy Bear’s paw prints
A lot has been written over the past 18 months about Fancy Bear and its role in the U.S. presidential election. The AP’s story, out today…
New Trojan 'Silence' Uses Stealth to Attack Banks - Security Boulevard
http://ift.tt/2gXeBLm
Submitted November 03, 2017 at 04:06AM by SecurityTrust
via reddit http://ift.tt/2AelJeT
http://ift.tt/2gXeBLm
Submitted November 03, 2017 at 04:06AM by SecurityTrust
via reddit http://ift.tt/2AelJeT
Security Boulevard
New Trojan 'Silence' Uses Stealth to Attack Banks - Security Boulevard
With Silence, hackers break in to networks and stay lurking for months to learn banks' internal procedures before starting to steal money.
Found that - routersecurity.org
http://ift.tt/2xP7Lmn
Submitted November 03, 2017 at 04:00AM by letanguy4
via reddit http://ift.tt/2h6mDp5
http://ift.tt/2xP7Lmn
Submitted November 03, 2017 at 04:00AM by letanguy4
via reddit http://ift.tt/2h6mDp5
reddit
Found that - routersecurity.org • r/netsec
2 points and 0 comments so far on reddit
How do I change my reddit user account email address?
Using my other reddit account, recently I saw a warning at the top of every page on reddit: "Uh oh! We have suspended your account due to suspicious activity. Not to worry. You can continue using Reddit by resetting your password."When I click the link to reset my password, it asks me to send a Password Reset email... but the email address that is pre-set (and not changeable in its text box) is not mine. It's a gmail account in the format of first.last@gmail.com with a Turkish man's name.I'm assuming my account was hacked and someone changed my email address but not my password.My username and password combo work just fine. I would just like to change my password without sending an email to a fraudulent email address I've never heard of, and I would not be able to answer anyway.
Submitted November 03, 2017 at 05:44AM by TheSimpsonsContext
via reddit http://ift.tt/2A3LsWm
Using my other reddit account, recently I saw a warning at the top of every page on reddit: "Uh oh! We have suspended your account due to suspicious activity. Not to worry. You can continue using Reddit by resetting your password."When I click the link to reset my password, it asks me to send a Password Reset email... but the email address that is pre-set (and not changeable in its text box) is not mine. It's a gmail account in the format of first.last@gmail.com with a Turkish man's name.I'm assuming my account was hacked and someone changed my email address but not my password.My username and password combo work just fine. I would just like to change my password without sending an email to a fraudulent email address I've never heard of, and I would not be able to answer anyway.
Submitted November 03, 2017 at 05:44AM by TheSimpsonsContext
via reddit http://ift.tt/2A3LsWm
reddit
How do I change my reddit user account email address? • r/security
Using my other reddit account, recently I saw a warning at the top of every page on reddit: "Uh oh! We have suspended your account due to...
Safe and Convenient Password Management
http://ift.tt/2A3zGvw
Submitted November 03, 2017 at 10:40AM by randian_lurker
via reddit http://ift.tt/2hyfgUq
http://ift.tt/2A3zGvw
Submitted November 03, 2017 at 10:40AM by randian_lurker
via reddit http://ift.tt/2hyfgUq
reddit
Safe and Convenient Password Management • r/security
1 points and 0 comments so far on reddit
FaceID and depth camera security issues
A lot of people are concerned about how secure your face data is on the new iPhone X, I have some answers but I ain’t 100% sure, when setting up faceID for the first time it is then saved and encrypted on the Secure Enclave (SEP) and is left there, no apps can see these details except for some instances that I’ll explain in a bit. When apps ask you to unlock with your faceID then it is safe as it is an API that is linked to the system that uses the normal FaceID scan process and then it tells the app if it is really you or it failed to authorize your face, this is completely safe but If you use an app that can see your pictures (in other words is allowed to go through your pictures) then you are screwed as starting from iOS 11 apple added depth information in photos taken as portrait mode that exists only on the iPhone 7+,8+ and X. So if you took a portrait selfie of yourself then it will create a depth information in that picture and that app can read it, but you don’t need to worry as this won’t help them to unlock your device.(If you have anything question then feel free to ask me)
Submitted November 03, 2017 at 11:40AM by pierre949
via reddit http://ift.tt/2ztikeW
A lot of people are concerned about how secure your face data is on the new iPhone X, I have some answers but I ain’t 100% sure, when setting up faceID for the first time it is then saved and encrypted on the Secure Enclave (SEP) and is left there, no apps can see these details except for some instances that I’ll explain in a bit. When apps ask you to unlock with your faceID then it is safe as it is an API that is linked to the system that uses the normal FaceID scan process and then it tells the app if it is really you or it failed to authorize your face, this is completely safe but If you use an app that can see your pictures (in other words is allowed to go through your pictures) then you are screwed as starting from iOS 11 apple added depth information in photos taken as portrait mode that exists only on the iPhone 7+,8+ and X. So if you took a portrait selfie of yourself then it will create a depth information in that picture and that app can read it, but you don’t need to worry as this won’t help them to unlock your device.(If you have anything question then feel free to ask me)
Submitted November 03, 2017 at 11:40AM by pierre949
via reddit http://ift.tt/2ztikeW
reddit
FaceID and depth camera security issues • r/security
A lot of people are concerned about how secure your face data is on the new iPhone X, I have some answers but I ain’t 100% sure, when setting up...
5 Practical Questions to ask from client before penetration testing engagement
http://ift.tt/2zpvVEg
Submitted November 03, 2017 at 02:12PM by InformationSecurity
via reddit http://ift.tt/2zejiuN
http://ift.tt/2zpvVEg
Submitted November 03, 2017 at 02:12PM by InformationSecurity
via reddit http://ift.tt/2zejiuN
Haider Mahmood Infosec Blog
5 Questions to ask from client before penetration testing engagement
Questions to ask from client before penetration testing engagement , penetration testing client, questions from penetration testers
‘Tis the Season: Gift Card Fraud Rampant on the Dark Web
http://ift.tt/2xMre2F
Submitted November 03, 2017 at 02:48PM by imr2017
via reddit http://ift.tt/2h8zual
http://ift.tt/2xMre2F
Submitted November 03, 2017 at 02:48PM by imr2017
via reddit http://ift.tt/2h8zual
SurfWatch Labs, Inc.
‘Tis the Season: Gift Card Fraud Rampant on the Dark Web
The holiday shopping season is right around the corner, and gift cards are expected to remain as the most requested holiday gift for the tenth year in a row. It should come as no surprise then that…
Why ransomware is a real threat regardless the industry
http://ift.tt/2gXox7N
Submitted November 03, 2017 at 05:06PM by NISMO1968
via reddit http://ift.tt/2hAaG86
http://ift.tt/2gXox7N
Submitted November 03, 2017 at 05:06PM by NISMO1968
via reddit http://ift.tt/2hAaG86
Veeam Software Official Blog
Why ransomware is a real threat regardless the industry
Learn more on how ransomware can impact any industry without discrimination, and what to do to avoid beeing attacked from our Solution Briefs.
Security vs. convenience? IoT requires another level of thinking about risk
http://ift.tt/2iXNCUl
Submitted November 03, 2017 at 05:06PM by NISMO1968
via reddit http://ift.tt/2A39G3j
http://ift.tt/2iXNCUl
Submitted November 03, 2017 at 05:06PM by NISMO1968
via reddit http://ift.tt/2A39G3j
Ars Technica
Security vs. convenience? IoT requires another level of thinking about risk
Op-ed: Devices like Amazon Key put too much risk assessment on users; bad decisions follow.
Let’s Talk About SSH Configuration Hardening...
The ProblemA lot of administrators install the SSH service and assume its in top shape. What they don't realize is that system packages tend to be optimized for compatibility, not security. While a lot of systems include defaults that are fine for most cases, there is still a lot of room for improvement--especially for high-security environments.Depending on how old the package for your distribution is, the default configuration may have the following problems:Small host keys: 1024-bit RSA or DSA.Weak key exchanges: Diffie-Hellman groups using small 1024-bit moduli, or exchanges using deprecated hash algorithms like SHA-1.Vulnerable ciphers: 3DES, RC4, and SWEET32-vulnerable ciphers like Blowfish and CAST.MACs based on weak hash algorithms: MD5 or SHA-1.As long as your users have reasonably modern SSH clients, you can fix all of the problems above without interoperability issues. And for those users who are lagging behind, well... chances are their client software has unpatched security problems anyway (note that 4 vulnerabilities have been fixed in PuTTY so far in 2017).Ubuntu and RHEL DefaultsLet's take a look at a fully-patched Ubuntu 16.04 LTS server. Its default config comes with a good selection of ciphers (chacha20-poly1305 is the default with backups using AES in CTR & GCM modes), but it supports some SHA-1 based algorithms for MACs and key exchange. Furthermore, its default RSA key is 2048-bit, which is equivalent to 112-bits of brute-force strength; to get 128-bits of security, this needs to be re-generated with a 3072-bit key. [1]Things are much worse for RHEL/CentOS 6 (which is supported until 2024). Its default config supports 1024-bit Diffie-Hellman key exchanges (this is believed to be breakable by state-level adversaries! [2]), along with the weak RC4 cipher, Blowfish & CAST (both affected by the SWEET32 attack), as well as several MACs based on MD5 and SHA-1! Unless you take specific steps after installation, the RHEL/CentOS 6 SSH service is pretty abysmal.Scanning ToolsThe excellent (and open-source) ssh-audit tool will help you find problematic options enabled in your SSH service. But since not all admins are comfortable with command-line tools, I've gone ahead and written a web front-end to it for convenience, which also includes a comprehensive list of references for all discovered problems. You can find it here: http://ift.tt/2ysa1zWHardening GuidesStribik András wrote this excellent, general-purpose hardening guide in early 2015. While it does a great job in breaking down the different options available, it is slowly becoming out of date, and doesn't take specific versions of OpenSSH into consideration (for example, newer versions of OpenSSH support DH Groups 16 & 18 from RFC3526, but a fully patched Ubuntu 16.04 LTS system uses a slightly older version that doesn’t include them). To compensate, I've written a set of guides specific to OS releases that optimize security for each platform.You can find the improved hardening guides here: http://ift.tt/2yqMuj9References[1] U.S. Department of Commerce, National Institute of Standards and Technology, "Special Publication 800-57, Part 1, Revision 4, Recommendation for Key Management, Part 1: General", http://ift.tt/1P17KJc, Jan. 2016, pg. 53.[2] Adrian, D., Bhargavan, K., Durumeric, Z., Gaudry, P., Green, M., Halderman, J., Heninger, N., Springall, D., Thomé, E., Valenta, L., VanderSloot, B., Wustrow, E., Zanella-Béguelin, S., and Zimmermann, P., "Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice", http://ift.tt/1RbPYEP, Oct. 2015.
Submitted November 01, 2017 at 08:36PM by therealjoetesta
via reddit http://ift.tt/2irX92j
The ProblemA lot of administrators install the SSH service and assume its in top shape. What they don't realize is that system packages tend to be optimized for compatibility, not security. While a lot of systems include defaults that are fine for most cases, there is still a lot of room for improvement--especially for high-security environments.Depending on how old the package for your distribution is, the default configuration may have the following problems:Small host keys: 1024-bit RSA or DSA.Weak key exchanges: Diffie-Hellman groups using small 1024-bit moduli, or exchanges using deprecated hash algorithms like SHA-1.Vulnerable ciphers: 3DES, RC4, and SWEET32-vulnerable ciphers like Blowfish and CAST.MACs based on weak hash algorithms: MD5 or SHA-1.As long as your users have reasonably modern SSH clients, you can fix all of the problems above without interoperability issues. And for those users who are lagging behind, well... chances are their client software has unpatched security problems anyway (note that 4 vulnerabilities have been fixed in PuTTY so far in 2017).Ubuntu and RHEL DefaultsLet's take a look at a fully-patched Ubuntu 16.04 LTS server. Its default config comes with a good selection of ciphers (chacha20-poly1305 is the default with backups using AES in CTR & GCM modes), but it supports some SHA-1 based algorithms for MACs and key exchange. Furthermore, its default RSA key is 2048-bit, which is equivalent to 112-bits of brute-force strength; to get 128-bits of security, this needs to be re-generated with a 3072-bit key. [1]Things are much worse for RHEL/CentOS 6 (which is supported until 2024). Its default config supports 1024-bit Diffie-Hellman key exchanges (this is believed to be breakable by state-level adversaries! [2]), along with the weak RC4 cipher, Blowfish & CAST (both affected by the SWEET32 attack), as well as several MACs based on MD5 and SHA-1! Unless you take specific steps after installation, the RHEL/CentOS 6 SSH service is pretty abysmal.Scanning ToolsThe excellent (and open-source) ssh-audit tool will help you find problematic options enabled in your SSH service. But since not all admins are comfortable with command-line tools, I've gone ahead and written a web front-end to it for convenience, which also includes a comprehensive list of references for all discovered problems. You can find it here: http://ift.tt/2ysa1zWHardening GuidesStribik András wrote this excellent, general-purpose hardening guide in early 2015. While it does a great job in breaking down the different options available, it is slowly becoming out of date, and doesn't take specific versions of OpenSSH into consideration (for example, newer versions of OpenSSH support DH Groups 16 & 18 from RFC3526, but a fully patched Ubuntu 16.04 LTS system uses a slightly older version that doesn’t include them). To compensate, I've written a set of guides specific to OS releases that optimize security for each platform.You can find the improved hardening guides here: http://ift.tt/2yqMuj9References[1] U.S. Department of Commerce, National Institute of Standards and Technology, "Special Publication 800-57, Part 1, Revision 4, Recommendation for Key Management, Part 1: General", http://ift.tt/1P17KJc, Jan. 2016, pg. 53.[2] Adrian, D., Bhargavan, K., Durumeric, Z., Gaudry, P., Green, M., Halderman, J., Heninger, N., Springall, D., Thomé, E., Valenta, L., VanderSloot, B., Wustrow, E., Zanella-Béguelin, S., and Zimmermann, P., "Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice", http://ift.tt/1RbPYEP, Oct. 2015.
Submitted November 01, 2017 at 08:36PM by therealjoetesta
via reddit http://ift.tt/2irX92j
GitHub
arthepsy/ssh-audit
ssh-audit - SSH server auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)