Official press release regarding the NiceHash security breach
http://ift.tt/1loSslj
Submitted December 07, 2017 at 02:28PM by giomke
via reddit http://ift.tt/2AgDcqD
http://ift.tt/1loSslj
Submitted December 07, 2017 at 02:28PM by giomke
via reddit http://ift.tt/2AgDcqD
reddit
Official press release regarding the NiceHash security... • r/netsec
1 points and 0 comments so far on reddit
Q3 DDoS Trends: 3 out of 4 bitcoin sites were attacked, gaming sites and ISPs remain high targets
http://ift.tt/2ARQ32i
Submitted December 07, 2017 at 03:36PM by whitehattracker
via reddit http://ift.tt/2iBKpGR
http://ift.tt/2ARQ32i
Submitted December 07, 2017 at 03:36PM by whitehattracker
via reddit http://ift.tt/2iBKpGR
reddit
Q3 DDoS Trends: 3 out of 4 bitcoin sites were... • r/security
1 points and 0 comments so far on reddit
Keylogger Found on Nearly 5,500 Infected WordPress Sites
http://ift.tt/2k2VD7v
Submitted December 07, 2017 at 02:13PM by texmex5
via reddit http://ift.tt/2BQJESw
http://ift.tt/2k2VD7v
Submitted December 07, 2017 at 02:13PM by texmex5
via reddit http://ift.tt/2BQJESw
BleepingComputer
Keylogger Found on Nearly 5,500 Infected WordPress Sites
Nearly 5,500 WordPress sites are infected with a malicious noscript that logs keystrokes and sometimes loads an in-browser cryptocurrency miner.
EasyCSRF 2.0 extension for Burp Suite
http://ift.tt/2BQiYBj
Submitted December 07, 2017 at 03:56PM by 0ang3el
via reddit http://ift.tt/2BaMC7k
http://ift.tt/2BQiYBj
Submitted December 07, 2017 at 03:56PM by 0ang3el
via reddit http://ift.tt/2BaMC7k
GitHub
0ang3el/EasyCSRF
Contribute to EasyCSRF development by creating an account on GitHub.
build an alarmsystem that scans for nearby cellphones
dear swarmintelligence, im living on a dead end road and im wondering how i could build an securitysystem for my home without spending a fortune on cameras that will (at best) give me a recording of someone breaking into my room, destroying everything and noticing that there is not even anything they could steal because im poor af.so i was thinking of an alarm that notices me on my mobile when someone with a network ready device shows up around my house - except for some known devices. is this even possible? i know its useless when someone does not have a smartphone or wifi enabled on him, but i think this is one of the more clever ways to check for someone. motion sensors will trigger from dogs, birds, my ducks, the sick boy watching my ducks all day long. cameras are plain useless in preventing anything if you are not watching them 24/7 and are really expensive if you want to see something in the dark.
Submitted December 07, 2017 at 04:49PM by crtvrm
via reddit http://ift.tt/2ADa7mt
dear swarmintelligence, im living on a dead end road and im wondering how i could build an securitysystem for my home without spending a fortune on cameras that will (at best) give me a recording of someone breaking into my room, destroying everything and noticing that there is not even anything they could steal because im poor af.so i was thinking of an alarm that notices me on my mobile when someone with a network ready device shows up around my house - except for some known devices. is this even possible? i know its useless when someone does not have a smartphone or wifi enabled on him, but i think this is one of the more clever ways to check for someone. motion sensors will trigger from dogs, birds, my ducks, the sick boy watching my ducks all day long. cameras are plain useless in preventing anything if you are not watching them 24/7 and are really expensive if you want to see something in the dark.
Submitted December 07, 2017 at 04:49PM by crtvrm
via reddit http://ift.tt/2ADa7mt
reddit
build an alarmsystem that scans for nearby cellphones • r/security
dear swarmintelligence, im living on a dead end road and im wondering how i could build an securitysystem for my home without spending a fortune...
New code injection technique "Process Doppelgänging" announced at Black Hat Europe
http://ift.tt/2BQ8fa1
Submitted December 07, 2017 at 05:35PM by TheSecurityBug
via reddit http://ift.tt/2jpaBoO
http://ift.tt/2BQ8fa1
Submitted December 07, 2017 at 05:35PM by TheSecurityBug
via reddit http://ift.tt/2jpaBoO
BleepingComputer
"Process Doppelgänging" Attack Works on All Windows Versions
Today, at the Black Hat Europe 2017 security conference in London, two security researchers from cyber-security firm enSilo have described a new code injection technique called "Process Doppelgänging."
Penetration Testing Apache Thrift Applications
http://ift.tt/2nAGUFW
Submitted December 07, 2017 at 04:54PM by mdsec
via reddit http://ift.tt/2jmIp5S
http://ift.tt/2nAGUFW
Submitted December 07, 2017 at 04:54PM by mdsec
via reddit http://ift.tt/2jmIp5S
reddit
Penetration Testing Apache Thrift Applications • r/netsec
2 points and 0 comments so far on reddit
Thieves stole potentially millions of dollars in bitcoin in a hacking attack on a cryptocurrency company
http://ift.tt/2iXUwJG
Submitted December 07, 2017 at 05:32PM by GemmaJ123
via reddit http://ift.tt/2Aj0oVw
http://ift.tt/2iXUwJG
Submitted December 07, 2017 at 05:32PM by GemmaJ123
via reddit http://ift.tt/2Aj0oVw
Business Insider
Thieves stole potentially millions of dollars in bitcoin in a hacking attack on a cryptocurrency company
NiceHash shut down its website and confirmed the breach midday Wednesday after hours of speculation from its users.
Cloud database debased: ai.type virtual keyboard leaks 31M users' sensitive data
http://ift.tt/2k3v4yY
Submitted December 07, 2017 at 06:31PM by richij
via reddit http://ift.tt/2BSSRdc
http://ift.tt/2k3v4yY
Submitted December 07, 2017 at 06:31PM by richij
via reddit http://ift.tt/2BSSRdc
TechBeacon
Cloud databases debased: AI.type virtual keyboard leaks 31M users' sensitive data
Note to app makers: Secure the data you collect. And don’t rely on database defaults.
Sysinternals Sysmon suspicious activity guide
http://ift.tt/2ADk03B
Submitted December 07, 2017 at 06:39PM by Moti_Ba
via reddit http://ift.tt/2k6pc8b
http://ift.tt/2ADk03B
Submitted December 07, 2017 at 06:39PM by Moti_Ba
via reddit http://ift.tt/2k6pc8b
reddit
Sysinternals Sysmon suspicious activity guide • r/netsec
6 points and 0 comments so far on reddit
Security In 5: Episode 127 - Top 10 Security Tips For Your Network - Protect Against Malicious Code
http://ift.tt/2AZYusj
Submitted December 07, 2017 at 07:32PM by BinaryBlog
via reddit http://ift.tt/2ADkQgs
http://ift.tt/2AZYusj
Submitted December 07, 2017 at 07:32PM by BinaryBlog
via reddit http://ift.tt/2ADkQgs
Libsyn
Security In Five Podcast: Episode 127 - Top 10 Security Tips For Your Network - Protect Against Malicious Code
This one seems like a common sense action but you'd be surprised the lack of end to end protection in environments. Viruses, malware and malicious code don't just infect one machine, they look to spread. If you have protections only on your workstations and…
SMS based 2fa is weak and vulnerable, switch to a more secure MFA
http://ift.tt/2iBexlu
Submitted December 07, 2017 at 07:52PM by radmind
via reddit http://ift.tt/2kwFJGf
http://ift.tt/2iBexlu
Submitted December 07, 2017 at 07:52PM by radmind
via reddit http://ift.tt/2kwFJGf
Medium
Text Message Based Two-Factor Authentication is a Weak Form of Security, Choose a More Robust Method of Multi-Factor Authentication…
What is Multi Factor Authentication?
Learned about TwoFactorAuth.org and DongleAuth.info via Security Now podcast
From the latest episode (show notes - http://ift.tt/2nDTEvk) of the Security Now! podcast (http://ift.tt/2A0fwmb), learned about TwoFactorAuth.org and DongleAuth.info which will show what sites/services support software 2FA and USB dongle MFA, respectively.
Submitted December 07, 2017 at 07:59PM by volci
via reddit http://ift.tt/2nDTG6q
From the latest episode (show notes - http://ift.tt/2nDTEvk) of the Security Now! podcast (http://ift.tt/2A0fwmb), learned about TwoFactorAuth.org and DongleAuth.info which will show what sites/services support software 2FA and USB dongle MFA, respectively.
Submitted December 07, 2017 at 07:59PM by volci
via reddit http://ift.tt/2nDTG6q
Does anyone have any recommendations on a home security cameras?
No text found
Submitted December 07, 2017 at 07:52PM by tildodildo
via reddit http://ift.tt/2zZTgJu
No text found
Submitted December 07, 2017 at 07:52PM by tildodildo
via reddit http://ift.tt/2zZTgJu
reddit
Does anyone have any recommendations on a home... • r/security
1 points and 0 comments so far on reddit
An Etsy Engineer Made Earrings To Hold Your Two-Factor Security Keys
http://ift.tt/2zObtt9
Submitted December 07, 2017 at 08:47PM by EvanConover
via reddit http://ift.tt/2iDBq7W
http://ift.tt/2zObtt9
Submitted December 07, 2017 at 08:47PM by EvanConover
via reddit http://ift.tt/2iDBq7W
Motherboard
An Etsy Engineer Made Earrings To Hold Your Two-Factor Security Keys
Finally, a useful infosec accessory for a femme audience.
CTF365 - Blitz CTF write-up. 5 challenges, created for beginners.
http://ift.tt/2AC6e15
Submitted December 07, 2017 at 09:11PM by thel3l
via reddit http://ift.tt/2nCgy6s
http://ift.tt/2AC6e15
Submitted December 07, 2017 at 09:11PM by thel3l
via reddit http://ift.tt/2nCgy6s
Medium
CTF365 — Blitz CTF Writeup
Introduction
Banking apps vulnerable to MITM. Spinner: Semi-Automatic Detection of Pinning without Hostname Verification
http://ift.tt/2k1LoQP
Submitted December 07, 2017 at 10:59PM by americanmonty
via reddit http://ift.tt/2nERL1h
http://ift.tt/2k1LoQP
Submitted December 07, 2017 at 10:59PM by americanmonty
via reddit http://ift.tt/2nERL1h
My VK acvount has been hacked
Today I've tried to log in to my account and I found out it had been blocked by the vk staff. After I managed to log in to it I saw a job offer on my wall posted in russian and a lot of private messages.Работа в вашем городе! Свободный >график! Обучение за счет фирмы! Зарплата от 55 000 до 80 000 в >неделю , И ЭТО РЕАЛЬНО !! Не >интернет, не пирамида, не косметика >=) Ждем Вас! Собеседование через >защищенное приложение телеграмм. Мои контакты там-@DZ91199 >( Money )262/5000 Rabota v vashem gorode! Svobodnyy >grafik! Obucheniye za schet firmy! Zarplata ot 55 000 do 80 000 v nedelyu , >I ETO REAL'NO !! Ne internet, ne >piramida, ne kosmetika =) Zhdem Vas! Sobesedovaniye cherez >zashchishchennoye prilozheniye >telegramm. Moi kontakty tam-@DZ91199 ( Money )Work in your city! Free schedule! Training at the expense of the company! Salary from 55 000 to 80 000 per week, >> AND IT IS REAL !! Not the Internet, not the pyramid, not the makeup =) Waiting for you! Interview via secure >>telegram application. My contacts there- @ DZ91199 (Money)My password hadn't been modified and I immediately changed it. I had my phone number linked to my profile settings but the two step verification was disabled because I kept missing the verification messages with my current smartphone.The mail and password used is not linked to any other account.What else am I supposed to do now?Should I reactivate the two step verification before deleting the account?
Submitted December 07, 2017 at 10:58PM by 8412286215E
via reddit http://ift.tt/2AEmgcy
Today I've tried to log in to my account and I found out it had been blocked by the vk staff. After I managed to log in to it I saw a job offer on my wall posted in russian and a lot of private messages.Работа в вашем городе! Свободный >график! Обучение за счет фирмы! Зарплата от 55 000 до 80 000 в >неделю , И ЭТО РЕАЛЬНО !! Не >интернет, не пирамида, не косметика >=) Ждем Вас! Собеседование через >защищенное приложение телеграмм. Мои контакты там-@DZ91199 >( Money )262/5000 Rabota v vashem gorode! Svobodnyy >grafik! Obucheniye za schet firmy! Zarplata ot 55 000 do 80 000 v nedelyu , >I ETO REAL'NO !! Ne internet, ne >piramida, ne kosmetika =) Zhdem Vas! Sobesedovaniye cherez >zashchishchennoye prilozheniye >telegramm. Moi kontakty tam-@DZ91199 ( Money )Work in your city! Free schedule! Training at the expense of the company! Salary from 55 000 to 80 000 per week, >> AND IT IS REAL !! Not the Internet, not the pyramid, not the makeup =) Waiting for you! Interview via secure >>telegram application. My contacts there- @ DZ91199 (Money)My password hadn't been modified and I immediately changed it. I had my phone number linked to my profile settings but the two step verification was disabled because I kept missing the verification messages with my current smartphone.The mail and password used is not linked to any other account.What else am I supposed to do now?Should I reactivate the two step verification before deleting the account?
Submitted December 07, 2017 at 10:58PM by 8412286215E
via reddit http://ift.tt/2AEmgcy
reddit
My VK acvount has been hacked • r/security
Today I've tried to log in to my account and I found out it had been blocked by the vk staff. After I managed to log in to it I saw a job offer on...
When Scriptlets Attack: Excel’s Alternative to DDE Code Execution
http://ift.tt/2nCKY8z
Submitted December 08, 2017 at 12:06AM by teksquisite
via reddit http://ift.tt/2BL672j
http://ift.tt/2nCKY8z
Submitted December 08, 2017 at 12:06AM by teksquisite
via reddit http://ift.tt/2BL672j
Lastline
When Scriptlets Attack: Excel’s Alternative to DDE Code Execution
We've recently discovered a malicious Office Excel file that appeared to have the ability to download and execute malware. Examining the file, we saw no evidence of macros, shellcode, or DDE functionality. When scanning the
How to Hack a Turned-Off Computer, or Running Unsigned Code in Intel Management Engine
http://ift.tt/2BLl8SF
Submitted December 07, 2017 at 11:40PM by maxxori
via reddit http://ift.tt/2BRClK9
http://ift.tt/2BLl8SF
Submitted December 07, 2017 at 11:40PM by maxxori
via reddit http://ift.tt/2BRClK9
Cloudflare[.]Solutions Keylogger on Thousands of Infected WordPress Sites
http://ift.tt/2Ae6oyD
Submitted December 08, 2017 at 01:01AM by pesofr
via reddit http://ift.tt/2jpbFJe
http://ift.tt/2Ae6oyD
Submitted December 08, 2017 at 01:01AM by pesofr
via reddit http://ift.tt/2jpbFJe
Sucuri Blog
Cloudflare[.]Solutions Keylogger on Thousands of Infected WordPress Sites
A WordPress website infection includes keylogger malware that can steal sensitive information and credentials and uses a fake CloudFlare domain.