New-But-Old US Bill Introduces Prison Time for Execs Who Conceal Data Breaches
http://ift.tt/2zEWVfz
Submitted December 01, 2017 at 07:48PM by DJRWolf
via reddit http://ift.tt/2AxqC5W
http://ift.tt/2zEWVfz
Submitted December 01, 2017 at 07:48PM by DJRWolf
via reddit http://ift.tt/2AxqC5W
BleepingComputer
New-But-Old US Bill Introduces Prison Time for Execs Who Conceal Data Breaches
Three US senators have introduced a bill on Thursday that will make it mandatory for companies to report breaches to customers within 30 days, but also carries fines and possible prison time for execs who conceal breaches from users and authorities.
Security In 5: Episode 123 - Tools, Tips and Tricks - Malwarebytes
http://ift.tt/2BBntQh
Submitted December 01, 2017 at 07:32PM by BinaryBlog
via reddit http://ift.tt/2kdJT5V
http://ift.tt/2BBntQh
Submitted December 01, 2017 at 07:32PM by BinaryBlog
via reddit http://ift.tt/2kdJT5V
Libsyn
Security In Five Podcast: Episode 123 - Tools, Tips and Tricks - Malwarebytes
The starting point for any malware scan is a tool called Malwarebytes. This episode goes into the reason why I always start with Malwarebytes on machines that are infected or start to behave oddly. It easy, it free, it works and that's why Malwarebytes is…
Kali Linux 2017.3 Release
http://ift.tt/2mQgLST
Submitted December 01, 2017 at 08:40PM by volci
via reddit http://ift.tt/2ANJ5M4
http://ift.tt/2mQgLST
Submitted December 01, 2017 at 08:40PM by volci
via reddit http://ift.tt/2ANJ5M4
www.kali.org
Kali Linux 2017.3 Release
We are delighted to announce the immediate availability of Kali Linux 2017.3, which includes all patches, fixes, updates, and improvements since our last release. In addition to the new kernel and all of the updates and fixes we pull from Debian, we have…
Domain Fronting with Meterpreter
http://ift.tt/2AqCaI2
Submitted December 01, 2017 at 09:06PM by nullminded
via reddit http://ift.tt/2BBpcEY
http://ift.tt/2AqCaI2
Submitted December 01, 2017 at 09:06PM by nullminded
via reddit http://ift.tt/2BBpcEY
Bit Rot
Domain Fronting with Meterpreter
Domain Fronting with Meterpreter Why Domain Fronting? Domain Fronting is a technique that is typically used for censorship evasion. It relies on popular Content Delivery Networks (CDNs) such as …
BDMs: GDPR "Right to be Forgotten" Requests Will Drain Company Resource
http://ift.tt/2zV1qa4
Submitted December 01, 2017 at 10:43PM by EvanConover
via reddit http://ift.tt/2BCs2d5
http://ift.tt/2zV1qa4
Submitted December 01, 2017 at 10:43PM by EvanConover
via reddit http://ift.tt/2BCs2d5
Infosecurity Magazine
BDMs: GDPR ‘Right to be Forgotten’ Requests Will Drain Company Resource
Three-quarters of employees likely to exercise their right to be forgotten under GDPR
LFI to Command Execution: Deutche Telekom Bug Bounty
http://ift.tt/2j87fpW
Submitted November 30, 2017 at 06:43PM by danmaxone
via reddit http://ift.tt/2jDENf9
http://ift.tt/2j87fpW
Submitted November 30, 2017 at 06:43PM by danmaxone
via reddit http://ift.tt/2jDENf9
Medium
LFI to Command Execution: Deutche Telekom Bug Bounty
Few months ago I did a little subdomain bruteforce on telekom.de
New JPCERT tool - LogonTracer
EDIT: doesn't seem like submitting a URL in the noscript worked, it's here:http://ift.tt/2BzDzdcLooks interesting, nice to see defenders tackling the problem of 'Defenders think in lists. Attackers think in graphs'http://ift.tt/1Uje8S3
Submitted November 30, 2017 at 10:19PM by SOCslave0
via reddit http://ift.tt/2i7GTU4
EDIT: doesn't seem like submitting a URL in the noscript worked, it's here:http://ift.tt/2BzDzdcLooks interesting, nice to see defenders tackling the problem of 'Defenders think in lists. Attackers think in graphs'http://ift.tt/1Uje8S3
Submitted November 30, 2017 at 10:19PM by SOCslave0
via reddit http://ift.tt/2i7GTU4
JPCERT/CC Blog
Visualise Event Logs to Identify Compromised Accounts - LogonTracer -
Hello again, this is Shusei Tomonaga from the Analysis Center. Event log analysis is a key element in security incident investigation. If a network is managed by Active Directory (hereafter, AD), can be identified by analysing AD event logs. For...
Hooking via InstrumentationCallback
http://ift.tt/2AsmL9Z
Submitted December 01, 2017 at 11:27PM by khasaia
via reddit http://ift.tt/2zVUObq
http://ift.tt/2AsmL9Z
Submitted December 01, 2017 at 11:27PM by khasaia
via reddit http://ift.tt/2zVUObq
secrary[dot]com
Hooking via InstrumentationCallback
This blog is about malware analysis and reverse engineering. But Does it matter?
Edge & Windows 10 TH2 new safety features / DLL Injection.
http://ift.tt/2AzFKzG
Submitted December 01, 2017 at 10:56PM by userpcblog
via reddit http://ift.tt/2jDEOjd
http://ift.tt/2AzFKzG
Submitted December 01, 2017 at 10:56PM by userpcblog
via reddit http://ift.tt/2jDEOjd
Tools Gathered from Recent CTF Travels
http://ift.tt/2zT8YtH
Submitted December 02, 2017 at 12:26AM by m3t0lius
via reddit http://ift.tt/2AOhsCA
http://ift.tt/2zT8YtH
Submitted December 02, 2017 at 12:26AM by m3t0lius
via reddit http://ift.tt/2AOhsCA
Two Six Labs | Advanced Analytics, Cyber Capabilities, Tactical Mobility Solutions for National Security
It's Dangerous To Go Alone, Take This! - Tools Gathered from Recent CTF Travels - Two Six Labs | Advanced Analytics, Cyber Capabilities…
One of the more interesting aspects of Capture the Flag (CTF) events is the frequent necessity to pick up, learn, and apply various reverse engineering and binary analysis tools to solve difficult challenges. Recently I completed The FireEye FLARE-On 2017…
NorthSec 2018 Registration + CFP now open!
https://nsec.io/
Submitted December 02, 2017 at 12:23AM by bvanheu
via reddit http://ift.tt/2j8aZYN
https://nsec.io/
Submitted December 02, 2017 at 12:23AM by bvanheu
via reddit http://ift.tt/2j8aZYN
NorthSec 2026
Flaw Found In Dirty COW Patch
http://ift.tt/2AxoWcu
Submitted December 02, 2017 at 03:17AM by speckz
via reddit http://ift.tt/2zV49A7
http://ift.tt/2AxoWcu
Submitted December 02, 2017 at 03:17AM by speckz
via reddit http://ift.tt/2zV49A7
Threat Post
Flaw Found In Dirty COW Patch
Researchers have found a flaw in the original fix for the Dirty COW vulnerability patched in October 2016.
iOS 11 Horror Story: the Rise and Fall of iOS Security
http://ift.tt/2Aj9TTE
Submitted December 02, 2017 at 03:51AM by speckz
via reddit http://ift.tt/2iB7cpM
http://ift.tt/2Aj9TTE
Submitted December 02, 2017 at 03:51AM by speckz
via reddit http://ift.tt/2iB7cpM
Simplifying Password Spraying
http://ift.tt/2iAULtR
Submitted December 02, 2017 at 04:55AM by greenwolf247
via reddit http://ift.tt/2BsuUIB
http://ift.tt/2iAULtR
Submitted December 02, 2017 at 04:55AM by greenwolf247
via reddit http://ift.tt/2BsuUIB
Trustwave
Simplifying Password Spraying
A short intro to Password Spraying and an introduction to a tool built to simplify it
What is Fail2Ban Instalattion and Application
http://ift.tt/2BqVLEK
Submitted December 02, 2017 at 05:37AM by berkdusunurx
via reddit http://ift.tt/2AMQlI7
http://ift.tt/2BqVLEK
Submitted December 02, 2017 at 05:37AM by berkdusunurx
via reddit http://ift.tt/2AMQlI7
www.berkdusunur.net
What is fail2ban? İnstallation and Usage
What is Fail2Ban? İnstallation and Usage Hello everyone. Today I will write to you about Fail2Ban systems You can follow us on...
Would love some feedback! (x-post r/oscp)
Hey everyone,I've been working in security for a while and the OSCP is a big goal of mine. I've recently started writing up walkthroughs for VulnHub VMs on a blog, and I would really appreciate it if I could get some feedback.Based on the write ups, would you say I'm ready for the OSCP? I'll most likely be paying for it myself (company isn't covering it), so I want to try and be sure I'm not missing any critical skills before I dive in to it.Really appreciate your time and any constructive feedback you may have.Thanks!
Submitted December 02, 2017 at 04:56AM by Pavornoc
via reddit http://ift.tt/2nkVUY9
Hey everyone,I've been working in security for a while and the OSCP is a big goal of mine. I've recently started writing up walkthroughs for VulnHub VMs on a blog, and I would really appreciate it if I could get some feedback.Based on the write ups, would you say I'm ready for the OSCP? I'll most likely be paying for it myself (company isn't covering it), so I want to try and be sure I'm not missing any critical skills before I dive in to it.Really appreciate your time and any constructive feedback you may have.Thanks!
Submitted December 02, 2017 at 04:56AM by Pavornoc
via reddit http://ift.tt/2nkVUY9
Another Tech Blog
Infosec and things.
Persistent drive-by cryptomining coming to a browser near you - Malwarebytes Labs
http://ift.tt/2Al89cy
Submitted December 02, 2017 at 07:31AM by SnootyEuropean
via reddit http://ift.tt/2BCAsRu
http://ift.tt/2Al89cy
Submitted December 02, 2017 at 07:31AM by SnootyEuropean
via reddit http://ift.tt/2BCAsRu
Malwarebytes
Persistent drive-by cryptomining coming to a browser near you | Malwarebytes Labs
If you think closing your browser window to leave a site that runs a cryptominer will stop the mining process, think again. Persistent drive-by cryptomining has arrived.
Buy Comodo Positive MultiDomain wildcard SSL Certificate for Business
http://ift.tt/2AphMEL
Submitted December 02, 2017 at 03:12PM by sslsubdomain
via reddit http://ift.tt/2Amx6Ur
http://ift.tt/2AphMEL
Submitted December 02, 2017 at 03:12PM by sslsubdomain
via reddit http://ift.tt/2Amx6Ur
Thesslstreet
Buy Comodo Positive MultiDomain wildcard SSL Certificate for Business
Multi Domain wildcard SSL Certificate that allow you to secure unlimited subdomains and Secure your data. Get Multi Domain wildcard SSL Certificate.
How does it effect my system security when i make a update?
No text found
Submitted December 02, 2017 at 10:45PM by G0rd0nGekk0
via reddit http://ift.tt/2BFQESg
No text found
Submitted December 02, 2017 at 10:45PM by G0rd0nGekk0
via reddit http://ift.tt/2BFQESg
reddit
How does it effect my system security when i make a... • r/security
1 points and 0 comments so far on reddit
Reporting vulnerability to a large company that doesn't have Bug Bounty
I've been recently browsing a large retailer's website and discovered an exploit, quite stupidly left there, which would allow me to obtain dozens of customer's records. I wonder how can I report it? And how to deal with it legally? Has anyone had a chance of dealing with companies that don't have bug bounty programme?
Submitted December 03, 2017 at 01:55AM by ifilipis
via reddit http://ift.tt/2nmYAET
I've been recently browsing a large retailer's website and discovered an exploit, quite stupidly left there, which would allow me to obtain dozens of customer's records. I wonder how can I report it? And how to deal with it legally? Has anyone had a chance of dealing with companies that don't have bug bounty programme?
Submitted December 03, 2017 at 01:55AM by ifilipis
via reddit http://ift.tt/2nmYAET
reddit
Reporting vulnerability to a large company that... • r/security
I've been recently browsing a large retailer's website and discovered an exploit, quite stupidly left there, which would allow me to obtain dozens...
Fell for phishing scam
Ok, so I'm an idiot. I followed a link in a fake email from PayPal. I entered all my info like an idiot and clicked send. I then immediately realized what a dork I was being and clicked the back arrow before the page loaded. I was on my phone on a cellular network with slow coverage. The little loading bar was only like a fifth of the way loaded for the page when I clicked the back arrow. Do you guys know if the scammers likely got my data? Or is clicking the back arrow right after submitting good enough to protect me? Or is security not the right sub to ask? I'm ignorant. Thanks!
Submitted December 03, 2017 at 05:05AM by pirates_and_monkeys
via reddit http://ift.tt/2BEtnQw
Ok, so I'm an idiot. I followed a link in a fake email from PayPal. I entered all my info like an idiot and clicked send. I then immediately realized what a dork I was being and clicked the back arrow before the page loaded. I was on my phone on a cellular network with slow coverage. The little loading bar was only like a fifth of the way loaded for the page when I clicked the back arrow. Do you guys know if the scammers likely got my data? Or is clicking the back arrow right after submitting good enough to protect me? Or is security not the right sub to ask? I'm ignorant. Thanks!
Submitted December 03, 2017 at 05:05AM by pirates_and_monkeys
via reddit http://ift.tt/2BEtnQw
reddit
Fell for phishing scam • r/security
Ok, so I'm an idiot. I followed a link in a fake email from PayPal. I entered all my info like an idiot and clicked send. I then immediately...