Travis CI - encrypted environment variables uses a RSA encryption mode known to be vulnerable since 1998
http://ift.tt/2zbW88K
Submitted November 03, 2017 at 12:49AM by sarciszewski
via reddit http://ift.tt/2hbNOPh
http://ift.tt/2zbW88K
Submitted November 03, 2017 at 12:49AM by sarciszewski
via reddit http://ift.tt/2hbNOPh
GitHub
Encrypted environment variables shouldn't use PKCS1v15 padding · Issue #5394 · travis-ci/travis-ci
Currently when environment variables are encrypted, they use RSA keys with PKCS1v15 padding: https://github.com/travis-ci/travis.rb/blob/master/lib/travis/client/repository.rb#L15-L18 (it's the def...
It's Time To End The Social Security Number
http://ift.tt/2is10fF
Submitted November 04, 2017 at 06:48AM by WinglessIndependence
via reddit http://ift.tt/2h2Clhh
http://ift.tt/2is10fF
Submitted November 04, 2017 at 06:48AM by WinglessIndependence
via reddit http://ift.tt/2h2Clhh
TheStreet
It's Time To End The Social Security Number
Social Security numbers create convenience at the expense of enormous risk. It's time for them to go.
Estonia:760000 ID-cards vulnerable
http://ift.tt/2xRhOTD
Submitted November 04, 2017 at 04:51AM by bleahbloh
via reddit http://ift.tt/2h2YRGL
http://ift.tt/2xRhOTD
Submitted November 04, 2017 at 04:51AM by bleahbloh
via reddit http://ift.tt/2h2YRGL
Yahoo
Estonia blocks electronic ID cards over identity-theft risk
Cyber-savvy Estonia said on Thursday it would suspend security certificates for up to 760,000 state-issued electronic ID-cards with faulty chips as of Friday midnight to mitigate the risk of identity theft. Dubbed E-stonia for being one of the world's most…
Best Tips For Mobile Application Security
http://ift.tt/2ytt4Kv
Submitted November 04, 2017 at 10:18AM by Skytecher
via reddit http://ift.tt/2lP0q0m
http://ift.tt/2ytt4Kv
Submitted November 04, 2017 at 10:18AM by Skytecher
via reddit http://ift.tt/2lP0q0m
TheExtremeTech
Best Tips For Mobile Application Security
We all know and also are afraid of all those shitty apps that result to the outbreak of our Tips for Mobile, Application Security but when...
Best hacking reference and learning resource I’ve seen yet. Anyone can learn required skills here to become cybersecurity experts; it will take work...
http://ift.tt/2zjE8Je
Submitted November 04, 2017 at 12:23PM by PowerPuffSoldier
via reddit http://ift.tt/2Ak2oJu
http://ift.tt/2zjE8Je
Submitted November 04, 2017 at 12:23PM by PowerPuffSoldier
via reddit http://ift.tt/2Ak2oJu
GitHub
misterch0c/Awesome-Hacking
Awesome-Hacking - A collection of various awesome lists for hackers, pentesters and security researchers
Brihaspathi Technologies- CCTV Cameras Client Feedback
http://ift.tt/2y0Cn0d
Submitted November 04, 2017 at 05:39PM by cctvcamera3
via reddit http://ift.tt/2zesyNs
http://ift.tt/2y0Cn0d
Submitted November 04, 2017 at 05:39PM by cctvcamera3
via reddit http://ift.tt/2zesyNs
Hackers Exploit Weak Remote Desktop Protocol Credentials
http://ift.tt/2A5C1ps
Submitted November 04, 2017 at 06:06PM by snbt
via reddit http://ift.tt/2iv4SMW
http://ift.tt/2A5C1ps
Submitted November 04, 2017 at 06:06PM by snbt
via reddit http://ift.tt/2iv4SMW
Bankinfosecurity
Hackers Exploit Weak Remote Desktop Protocol Credentials
Many enterprises use remote desktop protocol to remotely administer their PCs and mobile devices. But security experts warn that weak RDP credentials are in wide
Best Android Security App!
https://youtu.be/bVii6Pd6fjA
Submitted November 04, 2017 at 06:32PM by heyanubhav
via reddit http://ift.tt/2xZBkxx
https://youtu.be/bVii6Pd6fjA
Submitted November 04, 2017 at 06:32PM by heyanubhav
via reddit http://ift.tt/2xZBkxx
YouTube
Best Android Security App!
In This Video I Have Described The Best Application For Android Security i.e. Applock Link To Install Applock: https://goo.gl/8HRAB3 We lock our phones with ...
Critical Tor flaw leaks users’ real IP address—update now
http://ift.tt/2A6Z5o6
Submitted November 04, 2017 at 07:55PM by DerBootsMann
via reddit http://ift.tt/2lQzHAs
http://ift.tt/2A6Z5o6
Submitted November 04, 2017 at 07:55PM by DerBootsMann
via reddit http://ift.tt/2lQzHAs
Ars Technica
Critical Tor flaw leaks users’ real IP address—update now
TorMoil threatens Mac and Linux versions of Tor browser; Windows and Tails not affected.
[DNS Hierarchy] How do tech giants maintain their domain and route webpage content?
I know this question is unimportant with things like ssl certificates and browser key pinning but I'm trying to get an understanding here... obviously websites like google.com and twitter.com don't have godaddy accounts where their domains fall under the godaddy nameserver.What kind of special treatment do really giant websites get in terms of dns records so their websites aren't spoofed? Furthermore to what extent are dns records and queries to these sites regional? And do most companies use in-house solutions for this? And in cases like google and youtube, is the ip that the hostname resolves to the address that delivers the webpage content (besides cdn stuff)? Or is there yet another layer that further specifies the source of the webpage content?
Submitted November 04, 2017 at 08:48PM by mrmatthew2k
via reddit http://ift.tt/2h5aWeL
I know this question is unimportant with things like ssl certificates and browser key pinning but I'm trying to get an understanding here... obviously websites like google.com and twitter.com don't have godaddy accounts where their domains fall under the godaddy nameserver.What kind of special treatment do really giant websites get in terms of dns records so their websites aren't spoofed? Furthermore to what extent are dns records and queries to these sites regional? And do most companies use in-house solutions for this? And in cases like google and youtube, is the ip that the hostname resolves to the address that delivers the webpage content (besides cdn stuff)? Or is there yet another layer that further specifies the source of the webpage content?
Submitted November 04, 2017 at 08:48PM by mrmatthew2k
via reddit http://ift.tt/2h5aWeL
reddit
[DNS Hierarchy] How do tech giants maintain their... • r/security
I know this question is unimportant with things like ssl certificates and browser key pinning but I'm trying to get an understanding here......
My current notes on the malware recently used in the CrunchyRoll hack.
http://ift.tt/2AjMMFK
Submitted November 04, 2017 at 10:19PM by Codefuser
via reddit http://ift.tt/2j10k4A
http://ift.tt/2AjMMFK
Submitted November 04, 2017 at 10:19PM by Codefuser
via reddit http://ift.tt/2j10k4A
I can not add myself as owner of folder - Access denied
Hello, i have an old HDD that was corrupted by Viruses and now with my new computer, i am able to access it's files through USB connection. But heres the problem: I go into the drive nice and smoothly, and when i get to the Owner tab, (where all the pictures are), i get denied access. I tried to change owner permissions/adding users with full control through the advanced tab. I even tried this a) Press “Windows Key + Q” to open Charms Bar. b) Type “cmd” without quotes in the search box. c) On the left pane, right click on the “cmd” option and select “Run as Administrator”. d) Type “TAKEOWN /F c:\windows\winsxs” without quotes press enter. Note: Here c:\windows\winsxs is the file location. e) Type “ICACLS c:\windows\winsxs /grant administrators:F” without quotes and press enter. Note: Here c:\windows\winsxs is the file locationThis command gives you the permission. Which still did not work. What else can i do?
Submitted November 04, 2017 at 09:10PM by Dmitriyx
via reddit http://ift.tt/2h51eJk
Hello, i have an old HDD that was corrupted by Viruses and now with my new computer, i am able to access it's files through USB connection. But heres the problem: I go into the drive nice and smoothly, and when i get to the Owner tab, (where all the pictures are), i get denied access. I tried to change owner permissions/adding users with full control through the advanced tab. I even tried this a) Press “Windows Key + Q” to open Charms Bar. b) Type “cmd” without quotes in the search box. c) On the left pane, right click on the “cmd” option and select “Run as Administrator”. d) Type “TAKEOWN /F c:\windows\winsxs” without quotes press enter. Note: Here c:\windows\winsxs is the file location. e) Type “ICACLS c:\windows\winsxs /grant administrators:F” without quotes and press enter. Note: Here c:\windows\winsxs is the file locationThis command gives you the permission. Which still did not work. What else can i do?
Submitted November 04, 2017 at 09:10PM by Dmitriyx
via reddit http://ift.tt/2h51eJk
reddit
I can not add myself as owner of folder - Access denied • r/security
Hello, i have an old HDD that was corrupted by Viruses and now with my new computer, i am able to access it's files through USB connection. But...
Tips on rolling out corporate security awareness programme
https://www.youtube.com/watch?v=Dh-wtQK3Y64
Submitted November 05, 2017 at 12:16AM by dbalut
via reddit http://ift.tt/2hcl4pw
https://www.youtube.com/watch?v=Dh-wtQK3Y64
Submitted November 05, 2017 at 12:16AM by dbalut
via reddit http://ift.tt/2hcl4pw
YouTube
Keep your security training practical by making them relevant and brief | Dawid Bałut Podcast
Make sure that security training is periodic so people don't forget to use that knowledge in day to day operations. Try to keep audience entertained by your ...
The big handle gamble · x64dbg
http://ift.tt/2Aj7Uff
Submitted November 05, 2017 at 01:34AM by mrexodia
via reddit http://ift.tt/2lR7cTk
http://ift.tt/2Aj7Uff
Submitted November 05, 2017 at 01:34AM by mrexodia
via reddit http://ift.tt/2lR7cTk
X64Dbg
The big handle gamble · x64dbg
Official x64dbg blog!
There is no security in Social Security Numbers as ID
http://ift.tt/2zxvZBJ
Submitted November 05, 2017 at 02:29AM by Ricmerrifield
via reddit http://ift.tt/2zkpYYb
http://ift.tt/2zxvZBJ
Submitted November 05, 2017 at 02:29AM by Ricmerrifield
via reddit http://ift.tt/2zkpYYb
AuthenticID
Social Security Numbers among the walking dead because of the selfie | AuthenticID
These days when you are in a grocery store or a retail shop, you often have to “sign” on the pad to complete your purchase. It’s a joke. Most of us just drag a line with the pen and it doesn’t look anything like a signature. Using a social security number…
Equifax Investigation Clears Execs Who Dumped Stock Before Hack Announcement
http://ift.tt/2hCosHu
Submitted November 05, 2017 at 02:01AM by RandomCollection
via reddit http://ift.tt/2hGcgp5
http://ift.tt/2hCosHu
Submitted November 05, 2017 at 02:01AM by RandomCollection
via reddit http://ift.tt/2hGcgp5
Gizmodo
Equifax Investigation Clears Execs Who Dumped Stock Before Hack Announcement
Equifax discovered on July 29th that it had been hacked, losing the Social Security numbers and other personal information of 143 million Americans—and then just a few days later, several of its executives sold stock worth a total of nearly $1.8 million.…
Security Now 635 Reaper Redux | TWiT.TV
http://ift.tt/2z3sPFu
Submitted November 05, 2017 at 01:59AM by dmp1ce
via reddit http://ift.tt/2A8FnrN
http://ift.tt/2z3sPFu
Submitted November 05, 2017 at 01:59AM by dmp1ce
via reddit http://ift.tt/2A8FnrN
TWiT.tv
Security Now 635 Reaper Redux | TWiT.TV
This week we examine the source of WannaCry, a new privacy feature for Firefox, Google's planned removal of HPKP, the idea of visual objects as a second factor, an iOS camera priva…
Alfa AWUS036NH vs 036NHA vs 051NH
I can buy one of these Alfa wireless cards, but i don't know which one i choose. I'm gonna basically use on a Raspberry Pi.Which one do you guys think is better?
Submitted November 05, 2017 at 01:08AM by Losdersoul
via reddit http://ift.tt/2hFlQZg
I can buy one of these Alfa wireless cards, but i don't know which one i choose. I'm gonna basically use on a Raspberry Pi.Which one do you guys think is better?
Submitted November 05, 2017 at 01:08AM by Losdersoul
via reddit http://ift.tt/2hFlQZg
reddit
Alfa AWUS036NH vs 036NHA vs 051NH • r/security
I can buy one of these Alfa wireless cards, but i don't know which one i choose. I'm gonna basically use on a Raspberry Pi. Which one do you guys...
Noise Plug-and-play Implementation in Golang
http://ift.tt/2hGGKr1
Submitted November 05, 2017 at 08:09AM by werrett
via reddit http://ift.tt/2y0Gucp
http://ift.tt/2hGGKr1
Submitted November 05, 2017 at 08:09AM by werrett
via reddit http://ift.tt/2y0Gucp
www.cryptologie.net
Noise Plug-and-play Implementation in Golang
I wrote an implementation of Noise in Go. I've already talked about it here but I've made some progress towards a more usable library.
It is now a real protocol built from the Noise protocol framework!
Noise doesn't work right off-the-bat because it does…
It is now a real protocol built from the Noise protocol framework!
Noise doesn't work right off-the-bat because it does…
Google Search SEO Poisoning: New Level for Banking Trojans
http://ift.tt/2y3cr3Q
Submitted November 05, 2017 at 10:06AM by securitynewsIO
via reddit http://ift.tt/2yvXGuI
http://ift.tt/2y3cr3Q
Submitted November 05, 2017 at 10:06AM by securitynewsIO
via reddit http://ift.tt/2yvXGuI
Security News iO
Google Search SEO Poisoning: New Level for Banking Trojans
Hackers are using SEO poisoning as a novel approach for spreading banking malware and trojans instead of relying on old-school techniques.
MINIX OS in every Intel chip
http://ift.tt/2xRN2tW
Submitted November 05, 2017 at 11:32AM by chalbersma
via reddit http://ift.tt/2AkM3nx
http://ift.tt/2xRN2tW
Submitted November 05, 2017 at 11:32AM by chalbersma
via reddit http://ift.tt/2AkM3nx
Network World
MINIX — The most popular OS in the world, thanks to Intel
You might not know it, but inside your Intel system, you have an operating system running in addition to your main OS, MINIX. And it’s raising eyebrows and concerns.