How Bots Broke the FCC's Public Comment System
http://ift.tt/2Bk9BIX
Submitted November 29, 2017 at 02:45AM by xxfalcon69
via reddit http://ift.tt/2i0MOue
http://ift.tt/2Bk9BIX
Submitted November 29, 2017 at 02:45AM by xxfalcon69
via reddit http://ift.tt/2i0MOue
WIRED
How Bots Broke the FCC's Public Comment System
The FCC's net neutrality public comment period was overrun with bots, making it all but impossible for any one voice to be heard. That's not how this is supposed to work.
Recent Banking Trojan in Google Play Highlights the Importance of CAST - Contextually Aware Security Testing
http://ift.tt/2j1Ru3L
Submitted November 29, 2017 at 03:02AM by Mi3Security
via reddit http://ift.tt/2BkXc7P
http://ift.tt/2j1Ru3L
Submitted November 29, 2017 at 03:02AM by Mi3Security
via reddit http://ift.tt/2BkXc7P
Mi3 Security
Recent Banking Trojan in Google Play Highlights the Importance of CAST
Recently another piece of malware reared its head again inside the Google Play store. These recent examples of malware evading traditional up-front and one-time application scanning techniques underscore the importance of building a holistic risk profile…
PSA: Bitcoin Gold (BTG) Official Windows Wallet App Might Have Been Compromised
http://ift.tt/2jt85ND
Submitted November 29, 2017 at 02:58AM by speckz
via reddit http://ift.tt/2j1NbWt
http://ift.tt/2jt85ND
Submitted November 29, 2017 at 02:58AM by speckz
via reddit http://ift.tt/2j1NbWt
BleepingComputer
PSA: Bitcoin Gold (BTG) Official Windows Wallet App Might Have Been Compromised
The team behind the Bitcoin Gold (BTG) cryptocurrency have issued a security alert warning all users about a security incident involving the official Windows wallet application offered for download via its official website.
High Sierra: root with empty password
http://ift.tt/2j1F0sW
Submitted November 29, 2017 at 02:17AM by MantridDrones
via reddit http://ift.tt/2Ae51yF
http://ift.tt/2j1F0sW
Submitted November 29, 2017 at 02:17AM by MantridDrones
via reddit http://ift.tt/2Ae51yF
Symantec Encryption Desktop Local Privilege Escalation
http://ift.tt/2if0KEx
Submitted November 29, 2017 at 05:20AM by eth_
via reddit http://ift.tt/2BxmwII
http://ift.tt/2if0KEx
Submitted November 29, 2017 at 05:20AM by eth_
via reddit http://ift.tt/2BxmwII
Nettitude Labs
Symantec Encryption Desktop Local Privilege Escalation – Exploiting an Arbitrary Hard Disk Read/Write Vulnerability Over NTFS
Note: These vulnerabilities remain unpatched at the point of publication. We have been working with Symantec to try and help them to fix this since our initial private disclosure in July 2017 (ful…
HP stealthily installs spyware called HP Touchpoint Analytics Client
http://ift.tt/2AEnOEf
Submitted November 29, 2017 at 06:04AM by RandomCollection
via reddit http://ift.tt/2AFs4Uj
http://ift.tt/2AEnOEf
Submitted November 29, 2017 at 06:04AM by RandomCollection
via reddit http://ift.tt/2AFs4Uj
Computerworld
HP stealthily installs spyware called HP Touchpoint Analytics Client
It isn’t clear how the spying driver gets installed, but if you have an HP machine, locating and deleting the offending “service” takes just a few minutes.
Security Services in London to the Rich and Famous
http://ift.tt/Dcsx2A
Submitted November 29, 2017 at 05:40AM by guardsguy00
via reddit http://ift.tt/2jxlDay
http://ift.tt/Dcsx2A
Submitted November 29, 2017 at 05:40AM by guardsguy00
via reddit http://ift.tt/2jxlDay
Wfuzz Web Application Penetration Testing With Wfuzz
http://ift.tt/EfiePv
Submitted November 29, 2017 at 06:27AM by berkdusunurx
via reddit http://ift.tt/2jugPmC
http://ift.tt/EfiePv
Submitted November 29, 2017 at 06:27AM by berkdusunurx
via reddit http://ift.tt/2jugPmC
reddit
Wfuzz Web Application Penetration Testing With Wfuzz • r/netsec
2 points and 0 comments so far on reddit
Major macOS High Sierra Bug Allows Full Admin Access Without Password - How to Fix [Updated]
http://ift.tt/2j1F0sW
Submitted November 29, 2017 at 06:21AM by Reddfish
via reddit http://ift.tt/2Bk6iS0
http://ift.tt/2j1F0sW
Submitted November 29, 2017 at 06:21AM by Reddfish
via reddit http://ift.tt/2Bk6iS0
reddit
Major macOS High Sierra Bug Allows Full Admin Access... • r/netsec
15 points and 1 comments so far on reddit
root on macOS might be accessible without a password
https://twitter.com/lemiorhan/status/935578694541770752
Submitted November 29, 2017 at 01:33AM by LawnGnome
via reddit http://ift.tt/BZwCDD
https://twitter.com/lemiorhan/status/935578694541770752
Submitted November 29, 2017 at 01:33AM by LawnGnome
via reddit http://ift.tt/BZwCDD
Twitter
Lemi Orhan Ergin
Dear @AppleSupport, we noticed a *HUGE* security issue at MacOS High Sierra. Anyone can login as "root" with empty password after clicking on login button several times. Are you aware of it @Apple?
FingBox vs BitDefender Box 2.0?
Hey, all! I’m interested in securing my home network, and was wondering if anybody could offer thoughts on the strengths and weaknesses of the FingBox (plus an off-the-shelf virus protection) vs the soon to be released BitDefender Box 2.0? It looks to me like the BD Box is expected to be much more comprehensive, offering continuous monitoring - but I can’t tell if this is packet sniffing?My home does have IoT, including Echo and smart devices, so I like the promise of BD Box 2 Protection - but I’m skeptical, after the less-than-stellar performance of their first gen unit.Any thoughts or advice?Thanks, all, in advance!
Submitted November 29, 2017 at 09:16AM by AmousAnon
via reddit http://ift.tt/2zz2qvX
Hey, all! I’m interested in securing my home network, and was wondering if anybody could offer thoughts on the strengths and weaknesses of the FingBox (plus an off-the-shelf virus protection) vs the soon to be released BitDefender Box 2.0? It looks to me like the BD Box is expected to be much more comprehensive, offering continuous monitoring - but I can’t tell if this is packet sniffing?My home does have IoT, including Echo and smart devices, so I like the promise of BD Box 2 Protection - but I’m skeptical, after the less-than-stellar performance of their first gen unit.Any thoughts or advice?Thanks, all, in advance!
Submitted November 29, 2017 at 09:16AM by AmousAnon
via reddit http://ift.tt/2zz2qvX
reddit
FingBox vs BitDefender Box 2.0? • r/security
Hey, all! I’m interested in securing my home network, and was wondering if anybody could offer thoughts on the strengths and weaknesses of the...
People are going nuts over Apple's root password bug. Reminds me of CVE-2016-4484. Sometimes holding enter is all you need
http://ift.tt/2ez4Sfu
Submitted November 29, 2017 at 10:13AM by ticoombs
via reddit http://ift.tt/2kavXJT
http://ift.tt/2ez4Sfu
Submitted November 29, 2017 at 10:13AM by ticoombs
via reddit http://ift.tt/2kavXJT
reddit
People are going nuts over Apple's root password bug.... • r/netsec
1 points and 2 comments so far on reddit
Pupy websocket transport writeup
http://ift.tt/2Bmxlft
Submitted November 29, 2017 at 02:23PM by n1nj4sec
via reddit http://ift.tt/2Af0Oe5
http://ift.tt/2Bmxlft
Submitted November 29, 2017 at 02:23PM by n1nj4sec
via reddit http://ift.tt/2Af0Oe5
Bit Rot
Pupy WebSocket Transport
Pupy WebSocket Transport Why Pupy? Pupy is an open source, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in Python. It’s easily …
Why "blank" Gets You Root on macOS
http://ift.tt/2igMg78
Submitted November 29, 2017 at 05:29PM by albinowax
via reddit http://ift.tt/2AjF7Kk
http://ift.tt/2igMg78
Submitted November 29, 2017 at 05:29PM by albinowax
via reddit http://ift.tt/2AjF7Kk
Objective-See
Why _blank_ Gets You Root
tracking down the cause of a serious authentication flaw
Attackers Exploit 17-Year-Old Bug to Deliver Malware via Cobalt Strike
http://ift.tt/2Aj2L9N
Submitted November 29, 2017 at 05:41PM by nanooonanooo
via reddit http://ift.tt/2Bw1YjD
http://ift.tt/2Aj2L9N
Submitted November 29, 2017 at 05:41PM by nanooonanooo
via reddit http://ift.tt/2Bw1YjD
The State of Security
Attackers Exploit 17-Year-Old Bug to Deliver Malware via Cobalt Strike
Malicious actors are exploiting a 17-year-old vulnerability to infect machines with malware using a component of the Cobalt Strike penetration tool.
Security online training & courses by ITSM
http://ift.tt/2j0EBae
Submitted November 29, 2017 at 06:47PM by lipsacademy
via reddit http://ift.tt/2BlMEVN
http://ift.tt/2j0EBae
Submitted November 29, 2017 at 06:47PM by lipsacademy
via reddit http://ift.tt/2BlMEVN
IT Security Mentor
Security online training - IT Security - Itsecuritymentor
Itsecuritymentor is complete package for IT security solutions, We provide Security online training & information security solutions to customer.
Yet Another Way of Getting root on High Sierra
https://twitter.com/xiam/status/935878591082049536
Submitted November 29, 2017 at 08:01PM by xiamk
via reddit http://ift.tt/2Ajj6Jb
https://twitter.com/xiam/status/935878591082049536
Submitted November 29, 2017 at 08:01PM by xiamk
via reddit http://ift.tt/2Ajj6Jb
Twitter
josé nieto
I found yet ANOTHER WAY of getting root on High Sierra w/o providing a password: 1. Open a terminal and type "su". 2. When asked for a password press {ARROW UP} and {ENTER} instead. 3. # PROFIT!!11 (doesn't work if you've already set a password for root)…
Security In 5: Episode 121 - Personal Security Tips For Holiday Shopping
http://ift.tt/2kaA08I
Submitted November 29, 2017 at 07:32PM by BinaryBlog
via reddit http://ift.tt/2ijCTDQ
http://ift.tt/2kaA08I
Submitted November 29, 2017 at 07:32PM by BinaryBlog
via reddit http://ift.tt/2ijCTDQ
Libsyn
Security In Five Podcast: Episode 121 - Personal Security Tips For Holiday Shopping
The holiday season is upon us and that means more trips to the stores and more purchases online. This also means the bad guys are increasing their patrols to steal, defraud and get your data. This episode lays out tips that you can can to strengthen your…
5 Reasons Cyber Defense Is Like Healthcare
http://ift.tt/2i0L9og
Submitted November 29, 2017 at 07:11PM by Uminekoshi
via reddit http://ift.tt/2j0gLeM
http://ift.tt/2i0L9og
Submitted November 29, 2017 at 07:11PM by Uminekoshi
via reddit http://ift.tt/2j0gLeM
Nehemiah Security
5 Reasons Cyber Defense Is Like Healthcare - Nehemiah Security
Let’s face it, enterprise information systems can be large, complex ecosystems that preclude anyone from completely understanding all aspects of them. Thirty years ago, a few endpoints were cobbled together on a single LAN and everyone marveled at how characters…
Anatomy of an ASP.NET Identity PasswordHash
http://ift.tt/2Akh1PO
Submitted November 29, 2017 at 06:57PM by ruidfigueiredo
via reddit http://ift.tt/2Bx4B4y
http://ift.tt/2Akh1PO
Submitted November 29, 2017 at 06:57PM by ruidfigueiredo
via reddit http://ift.tt/2Bx4B4y
The Blinking Caret
Anatomy of an ASP.NET Identity PasswordHash - The Blinking Caret
This blog post explains how password storage is performed in ASP.NET Identity V2 and V3. It provides a guide on how to manually create a PasswordHash.
Exploring cmdkey: An Edge Case for Privilege Escalation
http://ift.tt/2AlGSqg
Submitted November 29, 2017 at 06:33PM by swizzlez_
via reddit http://ift.tt/2iikwPw
http://ift.tt/2AlGSqg
Submitted November 29, 2017 at 06:33PM by swizzlez_
via reddit http://ift.tt/2iikwPw
Peew.pw
Exploring cmdkey: An Edge Case for Privilege Escalation
In this post we look at how credentials cached via cmdkey.exe can be used as a method of privilege escalation on an internal penetration test.