Attacking Uninitialized Variables with Recursion
http://ift.tt/2itvezx
Submitted November 22, 2017 at 10:26PM by maxxori
via reddit http://ift.tt/2ztCeqF
http://ift.tt/2itvezx
Submitted November 22, 2017 at 10:26PM by maxxori
via reddit http://ift.tt/2ztCeqF
Intel Management Engine (IME). Fleshing out the rumors.
A lot of talk is swirling around lately about a shadow operating system found in Intel CPUs. Although no known virus or exploit is yet documented that leverages on the IME, it is widely known that it could be utilized for remote access to a computer. Such remote access would bypass the OS, bypass antivirus, and whatever else exists on the targeted machine. In this thread, we will dispel or verify the cluster of rumors swirling around IME "Intel Managment Engine".Criticize and/or correct the following facts, liberally.IME is part of the CPU, not the motherboard.IME is a full operating system running through firmware. It is a redux of MINIX.IME runs its own OS with its own dedicated CPU.Intel pretends IME is a "Feature", but failed to disclose its existence in any public way. It was later "discovered" by a German security outfit.The National Security Agency (NSA) became aware of the vulnerability posed by IME, and requested that Intel give them their own little "switch bit" to turn it off. Intel's engineers obliged --- in a move that effectively admits guilt. Netsec bloggers refer to this as the "NSA bit" now.This IME stuff was not implemented in Intel chipsets until about 2015. It only effects certain "generations" starting from gen 6 and later.IME could be used to gain remote access to a machine over the internet -- in a way that is so drastic that some netsec experts call it a "God Mode".Your thoughts?
Submitted November 22, 2017 at 10:39PM by moschles
via reddit http://ift.tt/2ztjTu5
A lot of talk is swirling around lately about a shadow operating system found in Intel CPUs. Although no known virus or exploit is yet documented that leverages on the IME, it is widely known that it could be utilized for remote access to a computer. Such remote access would bypass the OS, bypass antivirus, and whatever else exists on the targeted machine. In this thread, we will dispel or verify the cluster of rumors swirling around IME "Intel Managment Engine".Criticize and/or correct the following facts, liberally.IME is part of the CPU, not the motherboard.IME is a full operating system running through firmware. It is a redux of MINIX.IME runs its own OS with its own dedicated CPU.Intel pretends IME is a "Feature", but failed to disclose its existence in any public way. It was later "discovered" by a German security outfit.The National Security Agency (NSA) became aware of the vulnerability posed by IME, and requested that Intel give them their own little "switch bit" to turn it off. Intel's engineers obliged --- in a move that effectively admits guilt. Netsec bloggers refer to this as the "NSA bit" now.This IME stuff was not implemented in Intel chipsets until about 2015. It only effects certain "generations" starting from gen 6 and later.IME could be used to gain remote access to a machine over the internet -- in a way that is so drastic that some netsec experts call it a "God Mode".Your thoughts?
Submitted November 22, 2017 at 10:39PM by moschles
via reddit http://ift.tt/2ztjTu5
reddit
Intel Management Engine (IME). Fleshing out the rumors. • r/security
A lot of talk is swirling around lately about a shadow operating system found in Intel CPUs. Although no known virus or exploit is yet...
The Technical Solution to Identity Fraud
http://ift.tt/2zrxNNb
Submitted November 22, 2017 at 10:29PM by stendec15
via reddit http://ift.tt/2zsRuV3
http://ift.tt/2zrxNNb
Submitted November 22, 2017 at 10:29PM by stendec15
via reddit http://ift.tt/2zsRuV3
reddit
The Technical Solution to Identity Fraud • r/security
1 points and 0 comments so far on reddit
Is there a low cost or free program to hide my IP without slowing everything down?
I don't want google and facebook selling my information, or any other organization monitoring me.I tried the tor browser but I was told that was too slow and meant for the dark web. HideMyAss seemed slow too.Any good options out there now? I'm a noob with security.Thanks for any help guys.(Edit: come to think of it. Is there any camera's I can set beside my window 30 feet away and have a live feed on my laptop and record? I saw a few on Amazon but some looked cheap and others came with a bunch of camera's and a dvr.)
Submitted November 22, 2017 at 10:06PM by John25255
via reddit http://ift.tt/2Bemwgy
I don't want google and facebook selling my information, or any other organization monitoring me.I tried the tor browser but I was told that was too slow and meant for the dark web. HideMyAss seemed slow too.Any good options out there now? I'm a noob with security.Thanks for any help guys.(Edit: come to think of it. Is there any camera's I can set beside my window 30 feet away and have a live feed on my laptop and record? I saw a few on Amazon but some looked cheap and others came with a bunch of camera's and a dvr.)
Submitted November 22, 2017 at 10:06PM by John25255
via reddit http://ift.tt/2Bemwgy
reddit
Is there a low cost or free program to hide my IP... • r/security
I don't want google and facebook selling my information, or any other organization monitoring me. I tried the tor browser but I was told that was...
77% of 433,000 Sites Use Vulnerable JavaScript Libraries
http://ift.tt/2A0CH0y
Submitted November 23, 2017 at 12:18AM by heitortsergent
via reddit http://ift.tt/2jetXMB
http://ift.tt/2A0CH0y
Submitted November 23, 2017 at 12:18AM by heitortsergent
via reddit http://ift.tt/2jetXMB
snyk.io
Snyk - 77% of 433,000 Sites Use Vulnerable JavaScript Libraries
Last week, we released our first annual State of Open Source Security report. One of the discoveries the report mentions is that an analysis of around 433,000 sites found that 77% of them use at least one front-end JavaScript library with a known security…
Any way to run cables from inside house to outside without drilling holes in wall?
Just trying to brainstorm. My exterior is brick so I'd have to drill through cement in order to get to the outside. I was thinking of drilling through the plastic frame on my windows, and then filling the hole around the wire.Any ideas?
Submitted November 23, 2017 at 12:43AM by Hydranis
via reddit http://ift.tt/2jMtGnN
Just trying to brainstorm. My exterior is brick so I'd have to drill through cement in order to get to the outside. I was thinking of drilling through the plastic frame on my windows, and then filling the hole around the wire.Any ideas?
Submitted November 23, 2017 at 12:43AM by Hydranis
via reddit http://ift.tt/2jMtGnN
reddit
Any way to run cables from inside house to outside... • r/security
Just trying to brainstorm. My exterior is brick so I'd have to drill through cement in order to get to the outside. I was thinking of drilling...
Reddit OSINT - Looking for users/enhancement ideas
http://ift.tt/2zeV7tj
Submitted November 23, 2017 at 02:21AM by kizzzzurt
via reddit http://ift.tt/2Bc7TKF
http://ift.tt/2zeV7tj
Submitted November 23, 2017 at 02:21AM by kizzzzurt
via reddit http://ift.tt/2Bc7TKF
Building an Information Security Awareness Program in 5 Easy Steps
http://ift.tt/2zuWE2z
Submitted November 23, 2017 at 01:50AM by spgingras
via reddit http://ift.tt/2mU6d5e
http://ift.tt/2zuWE2z
Submitted November 23, 2017 at 01:50AM by spgingras
via reddit http://ift.tt/2mU6d5e
Medium
Building an Information Security Awareness Program in 5 Easy Steps
When we think of information security, we usually think of encryption, vulnerability management and other more technical subjects that my…
British police learning to hack
http://ift.tt/2AoqeXA
Submitted November 23, 2017 at 03:50AM by nzwasp
via reddit http://ift.tt/2iHRPbW
http://ift.tt/2AoqeXA
Submitted November 23, 2017 at 03:50AM by nzwasp
via reddit http://ift.tt/2iHRPbW
Security Breach Online
British police learning to hack - Security Breach Online
In the United Kingdom, cyber crime is reported every 10 minutes, the Office for National Statistics revealed. As technologies used by cyber criminals outpaces traditional law enforcement, it can be impossible to effectively prosecute criminals. Cybercrime…
Uber breached tried to cover it up. 57M people's information hacked
http://ift.tt/2hKl0u0
Submitted November 23, 2017 at 02:57AM by chull2058
via reddit http://ift.tt/2Ao2cMs
http://ift.tt/2hKl0u0
Submitted November 23, 2017 at 02:57AM by chull2058
via reddit http://ift.tt/2Ao2cMs
Bloomberg.com
Uber Concealed Cyberattack That Exposed 57 Million People’s Data
Hackers stole the personal data of 57 million customers and drivers from Uber Technologies Inc., a massive breach that the company concealed for more than a year. This week, the ride-hailing company ousted Joe Sullivan, chief security officer, and one of…
Kali Linux 2017.3 With New Tools Check Out Now
http://ift.tt/2jRzKvl
Submitted November 23, 2017 at 10:10AM by deepupak
via reddit http://ift.tt/2hX4ryT
http://ift.tt/2jRzKvl
Submitted November 23, 2017 at 10:10AM by deepupak
via reddit http://ift.tt/2hX4ryT
Cybernog
Kali Linux 2017.3 With New Tools Check Out Now
Learning about and designing a CP-ABE solution
I’m in on a exchange semester in uni taking a course in cyber security. However, I am missing some of the prerequisites for this course since there was some confusion when I applied for the course, so I feel a bit lost. Could someone please point me in the right direction where I can learn more about how to create a CP-ABE solution with a simple policy? I have been googling but without success. I would be super grateful if there is anyone who would be willing to help me. If you think this is not the right place to ask for help maybe you know about some other subreddit, forum website or online course that could help me. Really any help at all would be appreciated since I have to finish the assignment in less than a week and feel stuck.
Submitted November 23, 2017 at 09:19AM by drsomedude
via reddit http://ift.tt/2ApgxbA
I’m in on a exchange semester in uni taking a course in cyber security. However, I am missing some of the prerequisites for this course since there was some confusion when I applied for the course, so I feel a bit lost. Could someone please point me in the right direction where I can learn more about how to create a CP-ABE solution with a simple policy? I have been googling but without success. I would be super grateful if there is anyone who would be willing to help me. If you think this is not the right place to ask for help maybe you know about some other subreddit, forum website or online course that could help me. Really any help at all would be appreciated since I have to finish the assignment in less than a week and feel stuck.
Submitted November 23, 2017 at 09:19AM by drsomedude
via reddit http://ift.tt/2ApgxbA
reddit
Learning about and designing a CP-ABE solution • r/security
I’m in on a exchange semester in uni taking a course in cyber security. However, I am missing some of the prerequisites for this course since...
Security Camera Installation
https://youtu.be/EVZub_6lEtA
Submitted November 23, 2017 at 11:17AM by centerhomecinema
via reddit http://ift.tt/2A4ETEg
https://youtu.be/EVZub_6lEtA
Submitted November 23, 2017 at 11:17AM by centerhomecinema
via reddit http://ift.tt/2A4ETEg
YouTube
Best Security Camera Installation at California
Protect your home and get peace of mind with easy-to-install home security systems, home surveillance systems, wireless security cameras and more that are be...
Here's a how-to for Ethereum smart contract vulnerability scanning (source code and on-chain)
http://ift.tt/2A0orqB
Submitted November 23, 2017 at 02:45PM by berndtzl
via reddit http://ift.tt/2hYFLWz
http://ift.tt/2A0orqB
Submitted November 23, 2017 at 02:45PM by berndtzl
via reddit http://ift.tt/2hYFLWz
Medium
Scanning Ethereum smart contracts for vulnerabilities
Over the last couple of months, Mythril has gained a capable security analysis engine, as well as a small collection of analysis modules…
SWORD dropbox: A $15 OpenWRT based DIY disposable pen-test tool.
http://ift.tt/2zusYCP
Submitted November 23, 2017 at 03:13PM by Orlin82
via reddit http://ift.tt/2jiwEfV
http://ift.tt/2zusYCP
Submitted November 23, 2017 at 03:13PM by Orlin82
via reddit http://ift.tt/2jiwEfV
Medium
SWORD dropbox: A $15 OpenWRT based DIY disposable pen-test tool.
If you haven’t heard of Hak5 products, they inspire a lot of passion. Hackers and pentesters love. Popping up in popular shows like Mr…
An XSS in Atom Editor That Turned into RCE
http://ift.tt/2zUi8p0
Submitted November 23, 2017 at 07:41PM by imfromsirius
via reddit http://ift.tt/2BcD1cN
http://ift.tt/2zUi8p0
Submitted November 23, 2017 at 07:41PM by imfromsirius
via reddit http://ift.tt/2BcD1cN
reddit
An XSS in Atom Editor That Turned into RCE • r/security
0 points and 0 comments so far on reddit
Baseline Security Recommendations for IoT
http://ift.tt/2zfpq39
Submitted November 23, 2017 at 08:13PM by johnmountain
via reddit http://ift.tt/2B6Ul1Y
http://ift.tt/2zfpq39
Submitted November 23, 2017 at 08:13PM by johnmountain
via reddit http://ift.tt/2B6Ul1Y
www.enisa.europa.eu
Baseline Security Recommendations for IoT — ENISA
The study which is noscriptd ‘Baseline Security Recommendations for Internet of Things in the context of critical information infrastructures’, aims to set the scene for IoT security in Europe. It serves as a reference point in this field and as a foundation…
Secure your WordPress site from hackers
http://ift.tt/2hN3Dsq
Submitted November 24, 2017 at 12:13AM by nzwasp
via reddit http://ift.tt/2hXeF25
http://ift.tt/2hN3Dsq
Submitted November 24, 2017 at 12:13AM by nzwasp
via reddit http://ift.tt/2hXeF25
Security Breach Online
Secure your wordpress site from hackers - Security Breach Online
How secure is your wordpress site, are you using plugins today that could protect your website from hackers and other malware in the future.
SSF 3.0.0 released: Network swiss army knife (TCP/UDP port forwarding, SOCKS proxy, Remote shell, ...)
http://ift.tt/2hPTlbf
Submitted November 23, 2017 at 11:22PM by ssf-developer
via reddit http://ift.tt/2hZXtZA
http://ift.tt/2hPTlbf
Submitted November 23, 2017 at 11:22PM by ssf-developer
via reddit http://ift.tt/2hZXtZA
GitHub
securesocketfunneling/ssf
ssf - Secure Socket Funneling - Network tool and toolkit - TCP and UDP port forwarding, SOCKS proxy, remote shell, standalone and cross platform
Security Now 638 Quad Nine | TWiT.TV
http://ift.tt/2Alevt3
Submitted November 24, 2017 at 02:10AM by dmp1ce
via reddit http://ift.tt/2A1ahpI
http://ift.tt/2Alevt3
Submitted November 24, 2017 at 02:10AM by dmp1ce
via reddit http://ift.tt/2A1ahpI
TWiT.tv
Security Now 638 Quad Nine | TWiT.TV
This week we discuss Windows having a birthday, Net Neutrality about to succumb to big business despite a valiant battle, Intel's response to the horrifying JTAG over USB discovery…
Affidavit: Fred Meyer loss prevention manager stole from U-Scan machines
http://ift.tt/2uaxkI6
Submitted November 24, 2017 at 01:51AM by PepperiteTW
via reddit http://ift.tt/2zxe4fa
http://ift.tt/2uaxkI6
Submitted November 24, 2017 at 01:51AM by PepperiteTW
via reddit http://ift.tt/2zxe4fa
Kptv
Affidavit: Fred Meyer loss prevention manager stole from U-Scan machines
A loss prevention manager at a Fred Meyer store in northeast Portland was arrested in connection with the theft of $300,000 from self-checkout registers, according to court documents.