1.4 Billion Clear Text Credentials Discovered in a Single Database
http://ift.tt/2iFLwoH

Submitted December 09, 2017 at 08:57AM by rdewalt
via reddit http://ift.tt/2AGutva

HP keylogger
http://ift.tt/2iITgGL

Submitted December 09, 2017 at 02:20PM by coragr
via reddit http://ift.tt/2kFxWGd

Lost in Transaction: Process Doppelgänging (Complete Slide Deck)
http://ift.tt/2BTmNWm

Submitted December 08, 2017 at 06:10AM by tal_liberman
via reddit http://ift.tt/2ySOtva

New Targeted Attack in the Middle East by APT34, a Suspected Iranian Threat Group, Using CVE-2017-11882 Exploit
http://ift.tt/2AA76VX

Submitted December 08, 2017 at 01:03AM by EvanConover
via reddit http://ift.tt/2nGDm4I

Malpedia: a free collaborative platform for sharing malware samples
http://ift.tt/2BfekzL

Submitted December 09, 2017 at 07:20PM by 0xdea
via reddit http://ift.tt/2B1qiN5

x86-64 Windows Jurassic Park Payload
http://ift.tt/2kf8Da0

Submitted December 09, 2017 at 07:43PM by zznop_
via reddit http://ift.tt/2C1pHbF

Major OS upgrades with security fixes.
It is annoying that some companies (e.g., Apple's iOS) require major OS upgrades to get the security fixes. At the same time, you get new issues. I am curious about you guys, do you always get the newest OS upgrades to get their security fixes?Thank you in advance. :)

Submitted December 09, 2017 at 11:30PM by antdude
via reddit http://ift.tt/2yajQ0t

UK Warns Government Agencies not to use Kaspersky Software
http://ift.tt/2ACWxly

Submitted December 10, 2017 at 01:37AM by cmstrump
via reddit http://ift.tt/2ARxevN

Top-selling handgun safe can be remotely opened in seconds - no PIN needed
http://ift.tt/2BZo1zt

Submitted December 10, 2017 at 08:20AM by NISMO1968
via reddit http://ift.tt/2ARFJa3

Intel Management Engine Critical Firmware Update (Intel-SA-00086)
http://ift.tt/2zTW51K

Submitted December 10, 2017 at 07:09PM by QuirkySpiceBush
via reddit http://ift.tt/2AS0mmw

HP keylogger
http://ift.tt/2iITgGL

Submitted December 10, 2017 at 08:16PM by speckz
via reddit http://ift.tt/2jlGqSL

1.4 Billion Clear Text Credentials Discovered in a Single Database
http://ift.tt/2iFLwoH

Submitted December 10, 2017 at 08:01PM by speckz
via reddit http://ift.tt/2keMokC

You can actually put an invalid password and still log into Facebook.
My friend acidentally put a typo into his Facebook password. I've tried it as well and you CAN log into your account. If you add extra sign to your password, it will still let you log. Example: my password is "Password". I try logging in using the password "Password1" – it allows you.

Submitted December 10, 2017 at 08:35PM by Miscyfion
via reddit http://ift.tt/2BsUYr1

Anyone can steal all of chrome saved passwords, form fields, bookmarks, history
http://ift.tt/2BrjAjI

Submitted December 10, 2017 at 08:41PM by micgob
via reddit http://ift.tt/2yWgGBp

PowerShell noscript to dump generic Windows credentials from the Credential Manager without admin
http://ift.tt/2B87hIO

Submitted December 10, 2017 at 08:50PM by peewpw
via reddit http://ift.tt/2kjTWTo

Cool review: vulnerability detection plugins for Burp Suite and Google Chrome
http://ift.tt/2nLa0SO

Submitted December 11, 2017 at 12:48AM by isox_xx
via reddit http://ift.tt/2BqCPdz

How anyone could have hacked the Panama Papers law firm
http://ift.tt/2yUauKc

Submitted December 11, 2017 at 01:39AM by Pissy_Tree_Hugger
via reddit http://ift.tt/2nP5GBY

Vulnerable Lenovo's Unsecured Section Objects
http://ift.tt/2kNL0cF

Submitted December 11, 2017 at 07:19AM by MalwareSeattle
via reddit http://ift.tt/2nMUTIR

Is it as simple as ensuring port 16992 is blocked to see if AMT is disabled?
Been reading up more on this AMT thing given how serious it is to have a backdoor built into a cpu like this. Found that it seems to just listen on a port by sharing the NIC with the OS and it listens to a few ports such as 16992. If I do a port scan from a remote machine and find that it's closed, is that actually enough to find that it's not "working", or does it rely on some kind of secret port triggering to get it to open?Has anyone played deeper with this to find more details on how it works and what can be done to disable it?What about the 3G radio anyone know how that works? That is really the biggest threat as even if you have a non Intel based firewall and you are confident in your ethernet infrastructure then the 3G connection can bypass your firewall.Is this the thing of just ensuring that your hardware is not "compatible" with it, ex: does it rely on specific motherboards, and/or nics? Am I safer using some offbrand NIC in my firewall than an Intel one for example? If the 3G radio is not present (this is still a rumour at this point) then the most important box to protect would be the firewall as it is the one with an internet facing NIC.If the 3G radio really is present, could it be as simple as using a localized RF jammer near the firewall? It won't stop data from going out, but it will stop data from going in, to tell it to send data out... at least in theory? What I'm thinking is to build a faraday cage around my server room to the best of my ability - I won't really be able to get a perfect one, but then I could use a RF jammer inside, most of the jammer signal will hopefully stay contained so it won't affect anything outside. I imagine like 100mw would be more than enough. I would basically tune it until my cell works when I'm standing outside the room but does not work when I'm inside the room. Does this seem like a safe methodology?Having this backdoor wide open just scares the crap out of me and I really need to kill it.

Submitted December 11, 2017 at 07:50AM by RedSquirrelFtw
via reddit http://ift.tt/2AWipYx

New Android vulnerability allows attackers to modify apps without affecting their signatures
http://ift.tt/2A2ieHV

Submitted December 11, 2017 at 08:12AM by numberbuzy
via reddit http://ift.tt/2Bw6T7z

Cyber Threat Intelligence News
http://ift.tt/2Au3tSE

Submitted December 11, 2017 at 12:11PM by cywarelabs
via reddit http://ift.tt/2nOUgOD