Secure Engineering Guidelines
http://ift.tt/2yZoBzu

Submitted November 14, 2017 at 10:01PM by HockeyInJune
via reddit http://ift.tt/2mpmvmC

New Facebook Exploit allows hacker to hold accounts ransom.
TL;DR: My Facebook account was taken over and I am completely locked out. I believe this is a new type of attack as I can't find any other instances of it happening online.All of this started roughly 6 months ago, but I haven't had any luck fixing the problem. I am now just trying to spread word that such an exploit exists in Facebook so be careful this doesn't happen to you.The initial Hack:A few months ago I needed emergency access to my Facebook account and didn't have access to my password manager. I decided to reset the password to something simple that I could remember.I got in, checked a few things and logged out. I figured I'd be fine and could change the password to something more secure when I got back home in a few days.Boy was I wrong.The next morning I awoke to a flood of e-mail claiming my password and email address had both been changed for my facebook account.I tried to reset my password, but it was going to the wrong email address.I tried the account recovery process and had my trusted contacts give me recovery codes. This seemed to work, but even after changing my password and email address Facebook wanted to send me and email confirming the changes.This email took forever to arrive and when it did it was encrypted with a GPG key (more on that later).This is where things get very bad.The Ransom Letter:The next morning I woke up to this ransom email.I blurred out my personal info, but the email address they changed my account to was just [myname]@protonmail.com.They also demanded 10 BTC to get access to the protonmail account.Facebook's Great FlawNow I admit that it was my fault for setting a weak password and not turning on 2-Factor. However, Facebook has a MAJOR flaw that allowed these hackers to take over my account and permanently lock me out.That flaw is a little known feature called "Encrypted Notifications".This feature uses your public GPG key to encrypt all emails from Facebook to you. Ensuring that any password recovery or email change forms are protected and can't be accessed by anyone else.Sounds great.Except when a hacker enables the feature on your account with a GPG key you DO NOT control.This is exactly what this hacker did. The GPG Key on my account is the one the belongs to the Protonmail account they set up and is not in my control.I have tried every password and account recovery form, I have tried finding a way to contact Facebook support, and I even tried having a family member use the "memorialize" function to contact facebook.NONE OF THESE OPTIONS WORK.Here is the email I get when trying to recover my account.I have no way to decrypt this. Short of having paid 10BTC, which is close to $80,000 today, I have no way to get back into my account.ConclusionAll a hacker needs to do to permanently lock you out of your account is change your email address and upload a GPG key.Once this is done it doesn't mater if you recover your account or change the email address back to one your control because all future emails (including the recovery confirmation email) are encrypted to a key you do not control.If this happens to you, you are pretty much out of luck as Facebook doesn't seem to have any way to contact them or actually get support.NOTE: If anyone does have a way to contact facebook directly, please let me know. I use this account to run a business and need to get in and turn off my Ad Campaigns.

Submitted November 14, 2017 at 10:51PM by megacats93
via reddit http://ift.tt/2hCCWu1

Screensaver Security on macOS 10.13 is broken
http://ift.tt/2joIVDd

Submitted November 14, 2017 at 10:38PM by gogroob
via reddit http://ift.tt/2ig8JxU

Building Secure Enclaves on AWS
http://ift.tt/2yA79gz

Submitted November 14, 2017 at 09:43PM by SecurityTrust
via reddit http://ift.tt/2yAJJrr

North Korean hackers ramp up malware attacks against Bitcoin Service Providers
http://ift.tt/2ACK51d

Submitted November 15, 2017 at 12:33AM by Nebikard
via reddit http://ift.tt/2AJiPyS

Adobe Releases Security Updates
http://ift.tt/2z05Qfb

Submitted November 15, 2017 at 01:06AM by bagaudin
via reddit http://ift.tt/2mqcZ2p

I've found a site that allows users to down Facebook videos... even videos that are set to "private".
http://ift.tt/2moTNSJ

Submitted November 15, 2017 at 12:47AM by Nebikard
via reddit http://ift.tt/2yZXi83

Calculating Asset Value in Risk
http://ift.tt/2zCKDHF

Submitted November 15, 2017 at 02:05AM by Uminekoshi
via reddit http://ift.tt/2zEbmn6

Staying safe on public wifi
What steps can one take to remain addequately safe when using public wifi connections? I spend a lot of time at cafes and need to access my personal accounts. I also would rather that my traffic not be logged or that they not know what websites I'm looking at ( for instance, I want to be able to log into crypto exchanges and do some trading). I just want to try to cover my ass but I don't want to be overboard/anal about it so I'm looking for some tips on how to start to be more safe online but I don't want to operate in a bubble. Any basic tips would be awesome, thanks.

Submitted November 15, 2017 at 01:29AM by kid_cisco
via reddit http://ift.tt/2zF91rI

Honeypot Hacker Hunt Fake Service :)
http://ift.tt/2yDfArC

Submitted November 15, 2017 at 02:08AM by berkdusunurx
via reddit http://ift.tt/2zIOrVi

Chrome and Safari UXSS (translation from Russian)
http://ift.tt/2mqawFd

Submitted November 15, 2017 at 02:54AM by shark0der
via reddit http://ift.tt/2zFcpTy

HIDDEN COBRA – North Korean Remote Administration Tool: FALLCHILL
http://ift.tt/2hzN9Yi

Submitted November 15, 2017 at 02:54AM by senatorkevin
via reddit http://ift.tt/2hu77jD

How-to: Scanning a PCAP with an open IDS ruleset
http://ift.tt/2hxQCXj

Submitted November 15, 2017 at 02:51AM by log_bender
via reddit http://ift.tt/2jrm8GU

Check our my latest blog post, Showing the concepts of Integer overflow causing a stack overrun, controllable threads race conditions allowing to manipulate unprotected shared structures leading to information leak allowing full RCE.
http://ift.tt/2yBQlG6

Submitted November 15, 2017 at 02:24AM by ta1s0n
via reddit http://ift.tt/2hxM4Ad

Fashion retailer Forever 21 reports payment card security breach
http://ift.tt/2yCZuOq

Submitted November 15, 2017 at 04:44AM by SecurityTrust
via reddit http://ift.tt/2AKriSs

How to exploit BlueBorne RCE on Nexus5 Android 6.0.1 (CVE-2017-0781)
http://ift.tt/2AHzQci

Submitted November 15, 2017 at 05:08AM by h3ku
via reddit http://ift.tt/2hxjPl6

Accidentally left a server open with semi-default password. How can I ensure I wasn't hacked?
For about 18 hours you could log in as root over the internet to my server using the credentials root and test -- I unfortunately forgot I left root login enabled. I promptly disabled root login, changed the password, and looked through the SSH logs. As usual, I saw a bunch of failed attempts to login from the normal bots, but checking last root didn't show any logins out of the ordinary.What else should I do to see if it's compromised? Or is there no way to be sure? What do you all recommend?

Submitted November 15, 2017 at 05:36AM by steelcowboy1
via reddit http://ift.tt/2jsN09F

NTP Amplification DDoS Attack
http://ift.tt/2zGUVpK

Submitted November 15, 2017 at 06:08AM by berkdusunurx
via reddit http://ift.tt/2ij5DcP

Remote Code Execution in CouchDB (and Privilege Escalation in the npm Registry)
http://ift.tt/2hqXIcm

Submitted November 15, 2017 at 06:03AM by justicz
via reddit http://ift.tt/2AH1ypo

Skeleton in the closet. MS Office vulnerability you didn’t know about
http://ift.tt/2iUpkaj

Submitted November 15, 2017 at 05:50AM by campuscodi
via reddit http://ift.tt/2mvoJ3Z

Travis CI vulnerability (fixed)
http://ift.tt/2yCJEn4

Submitted November 15, 2017 at 06:53AM by CashWilliams
via reddit http://ift.tt/2ieQJnI