Termination of the certificates business of StartCom
http://ift.tt/2zOkZ2x
Submitted November 17, 2017 at 11:54PM by grepnork
via reddit http://ift.tt/2A9eecw
http://ift.tt/2zOkZ2x
Submitted November 17, 2017 at 11:54PM by grepnork
via reddit http://ift.tt/2A9eecw
Google
Google Groups
Google Groups allows you to create and participate in online forums and email-based groups with a rich experience for community conversations.
There's phishing, spearphishing and now catphishing
http://ift.tt/2mCjDmn
Submitted November 18, 2017 at 12:46AM by nzwasp
via reddit http://ift.tt/2ir7HiR
http://ift.tt/2mCjDmn
Submitted November 18, 2017 at 12:46AM by nzwasp
via reddit http://ift.tt/2ir7HiR
Security Breach Online
There's phishing, spearphishing and now catphishing. - Security Breach Online
Phishing is duping an unsuspecting online user into clicking on a link in their browser or usually in their email inbox to download a piece of software or enter their banking credentials, spearphishing is the same type of attack but aimed at the top brass…
Orchestration Use Case: Automating Device Actions with GSuite
http://ift.tt/2jBdlSY
Submitted November 18, 2017 at 12:31AM by abhishekiyer
via reddit http://ift.tt/2hHj3lD
http://ift.tt/2jBdlSY
Submitted November 18, 2017 at 12:31AM by abhishekiyer
via reddit http://ift.tt/2hHj3lD
Demisto
Orchestration Walkthrough: Automating Device Actions with GSuite and Demisto
Security orchestration and automation walkthrough to automate device approval actions using Google Suite (admin-specific credentials) and Demisto Enterprise.
Parity Team Was Aware of Multsig Bug but Postponed Implementing Fix
http://ift.tt/2jDRSsI
Submitted November 18, 2017 at 12:53AM by Hemlck
via reddit http://ift.tt/2zLKcec
http://ift.tt/2jDRSsI
Submitted November 18, 2017 at 12:53AM by Hemlck
via reddit http://ift.tt/2zLKcec
The Merkle
Parity Team Was Aware of Multisig Bug but Postponed Implementing Fix
The Parity multisignature issue involving the freezing of Ethereum funds has taken yet another major plot twist. More specifically, the Parity team has acknowledged that they could have easily preven
Kismet now supports the DroneID UAV telemetry extensions
http://ift.tt/2zRE4Pn
Submitted November 18, 2017 at 12:26AM by sanjurjo
via reddit http://ift.tt/2jAqcoq
http://ift.tt/2zRE4Pn
Submitted November 18, 2017 at 12:26AM by sanjurjo
via reddit http://ift.tt/2jAqcoq
blog.kismetwireless.net
DJI UAV Drone ID
Working with Department13 , Kismet now supports the DroneID UAV telemetry extensions! What is DroneID? Drone ID is a set of records...
Dark Cloud: Inside The Pentagon's Leaked AWS Internet Surveillance Archive
http://ift.tt/2zQ1pAE
Submitted November 18, 2017 at 12:04AM by Orlin82
via reddit http://ift.tt/2hyXRum
http://ift.tt/2zQ1pAE
Submitted November 18, 2017 at 12:04AM by Orlin82
via reddit http://ift.tt/2hyXRum
Upguard
Dark Cloud: Inside The Pentagon's Leaked Internet Surveillance Archive
Unsecured AWS assets left a massive amount of gathered surveillance data open to the internet.
Did Microsoft Just Manually Patch Their Equation Editor Executable? Why Yes, Yes They Did. (CVE-2017-11882)
http://ift.tt/2yTgsbs
Submitted November 18, 2017 at 01:42AM by yuhong
via reddit http://ift.tt/2hCL4qF
http://ift.tt/2yTgsbs
Submitted November 18, 2017 at 01:42AM by yuhong
via reddit http://ift.tt/2hCL4qF
0patch.blogspot.co.uk
Did Microsoft Just Manually Patch Their Equation Editor Executable? Why Yes, Yes They Did. (CVE-2017-11882)
And They Did an Absolutely Stellar Job by Mitja Kolsek, the 0patch Team A Pretty Old Executable The recent Patch Tuesday brought, am...
Crypto-Gram Security Podcast : Crypto-Gram 15 October 2017
http://ift.tt/2zkX1JG
Submitted November 18, 2017 at 02:34AM by dmp1ce
via reddit http://ift.tt/2mDzEZm
http://ift.tt/2zkX1JG
Submitted November 18, 2017 at 02:34AM by dmp1ce
via reddit http://ift.tt/2mDzEZm
Analyzing 481 Flask Repos for Open-Redirects
http://ift.tt/2j4TAPU
Submitted November 18, 2017 at 04:26AM by KevinHock
via reddit http://ift.tt/2zOpIRz
http://ift.tt/2j4TAPU
Submitted November 18, 2017 at 04:26AM by KevinHock
via reddit http://ift.tt/2zOpIRz
reddit
Analyzing 481 Flask Repos for Open-Redirects • r/netsec
1 points and 0 comments so far on reddit
What is a salted password?
So I have to write a program in which I have to salt come passwords but my proffesor notes define salt as a random number (set of bits) that the system associates with a user. I wrote a program in which a random number is created and appended to the password but I notice that everytime I run the program the salted password will be different so can somebody explain what they mean with random number?
Submitted November 18, 2017 at 04:57AM by blue_dust66
via reddit http://ift.tt/2zMjemQ
So I have to write a program in which I have to salt come passwords but my proffesor notes define salt as a random number (set of bits) that the system associates with a user. I wrote a program in which a random number is created and appended to the password but I notice that everytime I run the program the salted password will be different so can somebody explain what they mean with random number?
Submitted November 18, 2017 at 04:57AM by blue_dust66
via reddit http://ift.tt/2zMjemQ
reddit
What is a salted password? • r/security
So I have to write a program in which I have to salt come passwords but my proffesor notes define salt as a random number (set of...
U.S. Flagged Russian Firm Kaspersky as Potential Threat as Early as 2004
http://ift.tt/2mCOIq4
Submitted November 18, 2017 at 04:42AM by SuccessfulOperation
via reddit http://ift.tt/2mB0D7W
http://ift.tt/2mCOIq4
Submitted November 18, 2017 at 04:42AM by SuccessfulOperation
via reddit http://ift.tt/2mB0D7W
WSJ
U.S. Flagged Russian Firm Kaspersky as Potential Threat as Early as 2004
A Russian cybersecurity firm whose products current and former U.S. officials suspect Moscow has used as a tool for spying was flagged by U.S. military intelligence as a potential security threat as early as 2004.
Expert Construction Site Security In london
http://ift.tt/2zOzUcI
Submitted November 18, 2017 at 05:45AM by birthface51
via reddit http://ift.tt/2hBaa9I
http://ift.tt/2zOzUcI
Submitted November 18, 2017 at 05:45AM by birthface51
via reddit http://ift.tt/2hBaa9I
reddit
Expert Construction Site Security In london • r/security
0 points and 0 comments so far on reddit
Recipe for a Breach - Employee edition
http://ift.tt/2AXvA9t
Submitted November 18, 2017 at 11:08AM by nzwasp
via reddit http://ift.tt/2yUmb0Q
http://ift.tt/2AXvA9t
Submitted November 18, 2017 at 11:08AM by nzwasp
via reddit http://ift.tt/2yUmb0Q
Security Breach Online
Recipe for a Breach - Employee edition - Security Breach Online
A new study by security firm Preempt.com has found some startling security habits that could cause IT security breach’s to occur. The following is a list of things employees are most likely doing at your company that are compromising your security practices:…
Dell Secureworks released two open-source tools: #Flowsynth and #Dalton to easily create and test network packet captures against IDS engines such as Suricata and Snort
http://ift.tt/2zI6ai0
Submitted November 17, 2017 at 01:48PM by 2xyo
via reddit http://ift.tt/2zRHPnO
http://ift.tt/2zI6ai0
Submitted November 17, 2017 at 01:48PM by 2xyo
via reddit http://ift.tt/2zRHPnO
Secureworks
New Open-Source IDS Tools
The CTU research team publicly released packet capture tools for intrusion detection systems.
Skype faces fine after refusing to allow eavesdropping – Naked Security
http://ift.tt/2zO1iIe: nakedsecurity (Naked Security - Sophos)&
Submitted November 18, 2017 at 12:46PM by chalbersma
via reddit http://ift.tt/2Ab19PR
http://ift.tt/2zO1iIe: nakedsecurity (Naked Security - Sophos)&
Submitted November 18, 2017 at 12:46PM by chalbersma
via reddit http://ift.tt/2Ab19PR
Naked Security
Skype faces fine after refusing to allow eavesdropping
The trouble began when authorities came knocking, wanting to listen in on organised crime
Chaining Web Bugs to get RCE
http://ift.tt/2zSYszr
Submitted November 18, 2017 at 07:49PM by ZephrX112
via reddit http://ift.tt/2j48ENu
http://ift.tt/2zSYszr
Submitted November 18, 2017 at 07:49PM by ZephrX112
via reddit http://ift.tt/2j48ENu
Adventures In Information Security
Leading the Blind to Light! - A Chain to RCE
Chaining a few bugs to gain remote code execution, via hard work & recon.
Steve Harvey and his crowd's naive view on patching/phone updates
https://youtu.be/H0oF3fAiqI4
Submitted November 18, 2017 at 07:13PM by kizzzzurt
via reddit http://ift.tt/2AYqlGz
https://youtu.be/H0oF3fAiqI4
Submitted November 18, 2017 at 07:13PM by kizzzzurt
via reddit http://ift.tt/2AYqlGz
YouTube
Steve Harvey and his crowd's naive view on patching/phone updates
November 17th I was at my mom's place and had the misfortune of hearing this ignorance on the TV. Pretty good visualization as to why updates and patching ar...
What is the most secure option for storing passwords?
I searched and didn't see a recent discussion on this topic. My question is what would be the most secure option for storing passwords? I've been considering the following:Chrome password manager - from what I've seen, chrome password manager is considered secure now that passwords are no longer stored in plaintext. Also, Google has to be one of the most well secured cloud service that exists, certainly more so than Lastpass, correct?Lastpass - Passwords are sitting on a server somewhere, probably a less secure server than Google.Keepass - Seems the most ideal solution, cloud sync is optional but not required. Very secure application and protocol, open source so that code is combed for vulnerabilities. The ONLY thing stopping me from using Keepass is the reliance on third party Android apps required to access passwords from mobile. I "trust" Keepass to be safe, but I find it almost impossible to trust third party android apps to be safe. Even if they are open source, I doubt the code is really looked at by anyone so much as Keepass is. What's to stop an app from intercepting the copy / paste function and sending my login details somewhere? (malicious or non-malicious)Paper and Pen - removes hackers from the equation, relying on one's own physical security. I've seen some security experts recommend this as the only secure password manager.I'm interested in opinions, and what people are doing for their own passwords. I guess Keepass would work if I simply stop using my mobile phone to acccess sites where security is important. Some don't recommend doing anything sensitive on a wireless devices anyways. I'm probably overanalyzing things a bit here, but just wondering what others think as well.
Submitted November 19, 2017 at 12:52AM by Berardi1111
via reddit http://ift.tt/2AaouBl
I searched and didn't see a recent discussion on this topic. My question is what would be the most secure option for storing passwords? I've been considering the following:Chrome password manager - from what I've seen, chrome password manager is considered secure now that passwords are no longer stored in plaintext. Also, Google has to be one of the most well secured cloud service that exists, certainly more so than Lastpass, correct?Lastpass - Passwords are sitting on a server somewhere, probably a less secure server than Google.Keepass - Seems the most ideal solution, cloud sync is optional but not required. Very secure application and protocol, open source so that code is combed for vulnerabilities. The ONLY thing stopping me from using Keepass is the reliance on third party Android apps required to access passwords from mobile. I "trust" Keepass to be safe, but I find it almost impossible to trust third party android apps to be safe. Even if they are open source, I doubt the code is really looked at by anyone so much as Keepass is. What's to stop an app from intercepting the copy / paste function and sending my login details somewhere? (malicious or non-malicious)Paper and Pen - removes hackers from the equation, relying on one's own physical security. I've seen some security experts recommend this as the only secure password manager.I'm interested in opinions, and what people are doing for their own passwords. I guess Keepass would work if I simply stop using my mobile phone to acccess sites where security is important. Some don't recommend doing anything sensitive on a wireless devices anyways. I'm probably overanalyzing things a bit here, but just wondering what others think as well.
Submitted November 19, 2017 at 12:52AM by Berardi1111
via reddit http://ift.tt/2AaouBl
reddit
What is the most secure option for storing passwords? • r/security
I searched and didn't see a recent discussion on this topic. My question is what would be the most secure option for storing passwords? I've been...
Security Kit for parents
http://ift.tt/2AZ78nW
Submitted November 19, 2017 at 01:44AM by nitrobass24
via reddit http://ift.tt/2zeW8pt
http://ift.tt/2AZ78nW
Submitted November 19, 2017 at 01:44AM by nitrobass24
via reddit http://ift.tt/2zeW8pt
reddit
Security Kit for parents • r/homelab
My parents are getting older and the other day I went over for dinner where my dad told me that Microsoft called to tell him he had a virus. They...
Scammers Steal S$80K from Woman Using Fake Police Website
http://ift.tt/2A8yTxg
Submitted November 19, 2017 at 02:55AM by aafrn
via reddit http://ift.tt/2j5SMKi
http://ift.tt/2A8yTxg
Submitted November 19, 2017 at 02:55AM by aafrn
via reddit http://ift.tt/2j5SMKi
The State of Security
Scammers Steal S$80K from Woman Using Fake Police Website
Scammers stole S$80,000 from a woman by tricking her into visiting a fake phishing website for the Singapore Police Force (SPF).
Really Quick Question
Hi, sorry I didn't know where to put thisIf I were to download malware accidentally, would it immediately infect my computer or would I have to run it?For example, if I downloaded a rattrojan.exe, scanned it using virustotal, realised it was malware and then deleted it, would my computer be infected?Thanks
Submitted November 19, 2017 at 03:37AM by Sovereigner
via reddit http://ift.tt/2AUEdjY
Hi, sorry I didn't know where to put thisIf I were to download malware accidentally, would it immediately infect my computer or would I have to run it?For example, if I downloaded a rattrojan.exe, scanned it using virustotal, realised it was malware and then deleted it, would my computer be infected?Thanks
Submitted November 19, 2017 at 03:37AM by Sovereigner
via reddit http://ift.tt/2AUEdjY
reddit
Really Quick Question • r/security
Hi, sorry I didn't know where to put this If I were to download malware accidentally, would it immediately infect my computer or would I have to...