LFI to Command Execution: Deutche Telekom Bug Bounty
http://ift.tt/2j87fpW
Submitted November 30, 2017 at 06:43PM by danmaxone
via reddit http://ift.tt/2jDENf9
http://ift.tt/2j87fpW
Submitted November 30, 2017 at 06:43PM by danmaxone
via reddit http://ift.tt/2jDENf9
Medium
LFI to Command Execution: Deutche Telekom Bug Bounty
Few months ago I did a little subdomain bruteforce on telekom.de
New JPCERT tool - LogonTracer
EDIT: doesn't seem like submitting a URL in the noscript worked, it's here:http://ift.tt/2BzDzdcLooks interesting, nice to see defenders tackling the problem of 'Defenders think in lists. Attackers think in graphs'http://ift.tt/1Uje8S3
Submitted November 30, 2017 at 10:19PM by SOCslave0
via reddit http://ift.tt/2i7GTU4
EDIT: doesn't seem like submitting a URL in the noscript worked, it's here:http://ift.tt/2BzDzdcLooks interesting, nice to see defenders tackling the problem of 'Defenders think in lists. Attackers think in graphs'http://ift.tt/1Uje8S3
Submitted November 30, 2017 at 10:19PM by SOCslave0
via reddit http://ift.tt/2i7GTU4
JPCERT/CC Blog
Visualise Event Logs to Identify Compromised Accounts - LogonTracer -
Hello again, this is Shusei Tomonaga from the Analysis Center. Event log analysis is a key element in security incident investigation. If a network is managed by Active Directory (hereafter, AD), can be identified by analysing AD event logs. For...
Hooking via InstrumentationCallback
http://ift.tt/2AsmL9Z
Submitted December 01, 2017 at 11:27PM by khasaia
via reddit http://ift.tt/2zVUObq
http://ift.tt/2AsmL9Z
Submitted December 01, 2017 at 11:27PM by khasaia
via reddit http://ift.tt/2zVUObq
secrary[dot]com
Hooking via InstrumentationCallback
This blog is about malware analysis and reverse engineering. But Does it matter?
Edge & Windows 10 TH2 new safety features / DLL Injection.
http://ift.tt/2AzFKzG
Submitted December 01, 2017 at 10:56PM by userpcblog
via reddit http://ift.tt/2jDEOjd
http://ift.tt/2AzFKzG
Submitted December 01, 2017 at 10:56PM by userpcblog
via reddit http://ift.tt/2jDEOjd
Tools Gathered from Recent CTF Travels
http://ift.tt/2zT8YtH
Submitted December 02, 2017 at 12:26AM by m3t0lius
via reddit http://ift.tt/2AOhsCA
http://ift.tt/2zT8YtH
Submitted December 02, 2017 at 12:26AM by m3t0lius
via reddit http://ift.tt/2AOhsCA
Two Six Labs | Advanced Analytics, Cyber Capabilities, Tactical Mobility Solutions for National Security
It's Dangerous To Go Alone, Take This! - Tools Gathered from Recent CTF Travels - Two Six Labs | Advanced Analytics, Cyber Capabilities…
One of the more interesting aspects of Capture the Flag (CTF) events is the frequent necessity to pick up, learn, and apply various reverse engineering and binary analysis tools to solve difficult challenges. Recently I completed The FireEye FLARE-On 2017…
NorthSec 2018 Registration + CFP now open!
https://nsec.io/
Submitted December 02, 2017 at 12:23AM by bvanheu
via reddit http://ift.tt/2j8aZYN
https://nsec.io/
Submitted December 02, 2017 at 12:23AM by bvanheu
via reddit http://ift.tt/2j8aZYN
NorthSec 2026
Flaw Found In Dirty COW Patch
http://ift.tt/2AxoWcu
Submitted December 02, 2017 at 03:17AM by speckz
via reddit http://ift.tt/2zV49A7
http://ift.tt/2AxoWcu
Submitted December 02, 2017 at 03:17AM by speckz
via reddit http://ift.tt/2zV49A7
Threat Post
Flaw Found In Dirty COW Patch
Researchers have found a flaw in the original fix for the Dirty COW vulnerability patched in October 2016.
iOS 11 Horror Story: the Rise and Fall of iOS Security
http://ift.tt/2Aj9TTE
Submitted December 02, 2017 at 03:51AM by speckz
via reddit http://ift.tt/2iB7cpM
http://ift.tt/2Aj9TTE
Submitted December 02, 2017 at 03:51AM by speckz
via reddit http://ift.tt/2iB7cpM
Simplifying Password Spraying
http://ift.tt/2iAULtR
Submitted December 02, 2017 at 04:55AM by greenwolf247
via reddit http://ift.tt/2BsuUIB
http://ift.tt/2iAULtR
Submitted December 02, 2017 at 04:55AM by greenwolf247
via reddit http://ift.tt/2BsuUIB
Trustwave
Simplifying Password Spraying
A short intro to Password Spraying and an introduction to a tool built to simplify it
What is Fail2Ban Instalattion and Application
http://ift.tt/2BqVLEK
Submitted December 02, 2017 at 05:37AM by berkdusunurx
via reddit http://ift.tt/2AMQlI7
http://ift.tt/2BqVLEK
Submitted December 02, 2017 at 05:37AM by berkdusunurx
via reddit http://ift.tt/2AMQlI7
www.berkdusunur.net
What is fail2ban? İnstallation and Usage
What is Fail2Ban? İnstallation and Usage Hello everyone. Today I will write to you about Fail2Ban systems You can follow us on...
Would love some feedback! (x-post r/oscp)
Hey everyone,I've been working in security for a while and the OSCP is a big goal of mine. I've recently started writing up walkthroughs for VulnHub VMs on a blog, and I would really appreciate it if I could get some feedback.Based on the write ups, would you say I'm ready for the OSCP? I'll most likely be paying for it myself (company isn't covering it), so I want to try and be sure I'm not missing any critical skills before I dive in to it.Really appreciate your time and any constructive feedback you may have.Thanks!
Submitted December 02, 2017 at 04:56AM by Pavornoc
via reddit http://ift.tt/2nkVUY9
Hey everyone,I've been working in security for a while and the OSCP is a big goal of mine. I've recently started writing up walkthroughs for VulnHub VMs on a blog, and I would really appreciate it if I could get some feedback.Based on the write ups, would you say I'm ready for the OSCP? I'll most likely be paying for it myself (company isn't covering it), so I want to try and be sure I'm not missing any critical skills before I dive in to it.Really appreciate your time and any constructive feedback you may have.Thanks!
Submitted December 02, 2017 at 04:56AM by Pavornoc
via reddit http://ift.tt/2nkVUY9
Another Tech Blog
Infosec and things.
Persistent drive-by cryptomining coming to a browser near you - Malwarebytes Labs
http://ift.tt/2Al89cy
Submitted December 02, 2017 at 07:31AM by SnootyEuropean
via reddit http://ift.tt/2BCAsRu
http://ift.tt/2Al89cy
Submitted December 02, 2017 at 07:31AM by SnootyEuropean
via reddit http://ift.tt/2BCAsRu
Malwarebytes
Persistent drive-by cryptomining coming to a browser near you | Malwarebytes Labs
If you think closing your browser window to leave a site that runs a cryptominer will stop the mining process, think again. Persistent drive-by cryptomining has arrived.
Buy Comodo Positive MultiDomain wildcard SSL Certificate for Business
http://ift.tt/2AphMEL
Submitted December 02, 2017 at 03:12PM by sslsubdomain
via reddit http://ift.tt/2Amx6Ur
http://ift.tt/2AphMEL
Submitted December 02, 2017 at 03:12PM by sslsubdomain
via reddit http://ift.tt/2Amx6Ur
Thesslstreet
Buy Comodo Positive MultiDomain wildcard SSL Certificate for Business
Multi Domain wildcard SSL Certificate that allow you to secure unlimited subdomains and Secure your data. Get Multi Domain wildcard SSL Certificate.
How does it effect my system security when i make a update?
No text found
Submitted December 02, 2017 at 10:45PM by G0rd0nGekk0
via reddit http://ift.tt/2BFQESg
No text found
Submitted December 02, 2017 at 10:45PM by G0rd0nGekk0
via reddit http://ift.tt/2BFQESg
reddit
How does it effect my system security when i make a... • r/security
1 points and 0 comments so far on reddit
Reporting vulnerability to a large company that doesn't have Bug Bounty
I've been recently browsing a large retailer's website and discovered an exploit, quite stupidly left there, which would allow me to obtain dozens of customer's records. I wonder how can I report it? And how to deal with it legally? Has anyone had a chance of dealing with companies that don't have bug bounty programme?
Submitted December 03, 2017 at 01:55AM by ifilipis
via reddit http://ift.tt/2nmYAET
I've been recently browsing a large retailer's website and discovered an exploit, quite stupidly left there, which would allow me to obtain dozens of customer's records. I wonder how can I report it? And how to deal with it legally? Has anyone had a chance of dealing with companies that don't have bug bounty programme?
Submitted December 03, 2017 at 01:55AM by ifilipis
via reddit http://ift.tt/2nmYAET
reddit
Reporting vulnerability to a large company that... • r/security
I've been recently browsing a large retailer's website and discovered an exploit, quite stupidly left there, which would allow me to obtain dozens...
Fell for phishing scam
Ok, so I'm an idiot. I followed a link in a fake email from PayPal. I entered all my info like an idiot and clicked send. I then immediately realized what a dork I was being and clicked the back arrow before the page loaded. I was on my phone on a cellular network with slow coverage. The little loading bar was only like a fifth of the way loaded for the page when I clicked the back arrow. Do you guys know if the scammers likely got my data? Or is clicking the back arrow right after submitting good enough to protect me? Or is security not the right sub to ask? I'm ignorant. Thanks!
Submitted December 03, 2017 at 05:05AM by pirates_and_monkeys
via reddit http://ift.tt/2BEtnQw
Ok, so I'm an idiot. I followed a link in a fake email from PayPal. I entered all my info like an idiot and clicked send. I then immediately realized what a dork I was being and clicked the back arrow before the page loaded. I was on my phone on a cellular network with slow coverage. The little loading bar was only like a fifth of the way loaded for the page when I clicked the back arrow. Do you guys know if the scammers likely got my data? Or is clicking the back arrow right after submitting good enough to protect me? Or is security not the right sub to ask? I'm ignorant. Thanks!
Submitted December 03, 2017 at 05:05AM by pirates_and_monkeys
via reddit http://ift.tt/2BEtnQw
reddit
Fell for phishing scam • r/security
Ok, so I'm an idiot. I followed a link in a fake email from PayPal. I entered all my info like an idiot and clicked send. I then immediately...
Converting E01(encase) to DD(raw)
I can't seem to figure out how to convert an E01 file to a DD file WITHOUT using FTK imager.
Submitted December 03, 2017 at 06:32AM by Divine_Dosu
via reddit http://ift.tt/2AFmHE0
I can't seem to figure out how to convert an E01 file to a DD file WITHOUT using FTK imager.
Submitted December 03, 2017 at 06:32AM by Divine_Dosu
via reddit http://ift.tt/2AFmHE0
reddit
Converting E01(encase) to DD(raw) • r/security
I can't seem to figure out how to convert an E01 file to a DD file WITHOUT using FTK imager.
How to activate two-factor authentication on your Google account
http://ift.tt/2ADkIjL
Submitted December 03, 2017 at 03:16PM by mukul6803
via reddit http://ift.tt/2iH5TWn
http://ift.tt/2ADkIjL
Submitted December 03, 2017 at 03:16PM by mukul6803
via reddit http://ift.tt/2iH5TWn
www.getus.us
How to activate two-factor authentication on your Google account
Two-Factor Authentication is an additional layer of security that is added to accounts to ensure unauthorized access or logins.
Best of two worlds, anonymous and tamperproof voting system(III)
http://ift.tt/2zZn6lr
Submitted December 03, 2017 at 01:45PM by dhtura
via reddit http://ift.tt/2AQQYAs
http://ift.tt/2zZn6lr
Submitted December 03, 2017 at 01:45PM by dhtura
via reddit http://ift.tt/2AQQYAs
reddit
Best of two worlds, anonymous and tamperproof voting... • r/math
TLDR - User downloads an app, prints a vote from the app, and goes and scans this vote in the EVM, gets a signed receipt from the EVM, which he...
Don't use antivirus firms linked to Russia, cyber security chief tells Whitehall
http://ift.tt/2keM88X
Submitted December 03, 2017 at 06:21PM by doors_1
via reddit http://ift.tt/2Asjwgg
http://ift.tt/2keM88X
Submitted December 03, 2017 at 06:21PM by doors_1
via reddit http://ift.tt/2Asjwgg
the Guardian
Don't use antivirus firms linked to Russia, cyber security chief tells Whitehall
The Kremlin uses cyberspace for ‘espionage, disruption and influence’, says Ciaran Martin in letter to government departments
The Bots Of Bitcoin
http://ift.tt/2ibPjd4
Submitted December 03, 2017 at 07:37PM by whitehattracker
via reddit http://ift.tt/2jH53oO
http://ift.tt/2ibPjd4
Submitted December 03, 2017 at 07:37PM by whitehattracker
via reddit http://ift.tt/2jH53oO
Forbes
The Bots Of Bitcoin
The rise of bots is likely to bring some stability to cryptocurrency markets.