What We Can Learn From The Uber Hack And Response
http://ift.tt/2AOAS7C
Submitted December 13, 2017 at 04:10AM by abhishekiyer
via reddit http://ift.tt/2BZmLLT
http://ift.tt/2AOAS7C
Submitted December 13, 2017 at 04:10AM by abhishekiyer
via reddit http://ift.tt/2BZmLLT
reddit
What We Can Learn From The Uber Hack And Response • r/security
1 points and 0 comments so far on reddit
Popular Destinations rerouted to Russia - 80 prefixes normally announced by organizations such Google, Apple, Facebook, Microsoft, Twitch, NTT Communications and Riot Games were redirected during two event windows of about three minutes each
http://ift.tt/2C6Ahyf
Submitted December 13, 2017 at 03:55AM by speckz
via reddit http://ift.tt/2BcV05Z
http://ift.tt/2C6Ahyf
Submitted December 13, 2017 at 03:55AM by speckz
via reddit http://ift.tt/2BcV05Z
reddit
Popular Destinations rerouted to Russia - 80 prefixes... • r/security
1 points and 0 comments so far on reddit
Anyone know when Duo Security will support Pulse Connect Secure 8.3Rx?
EDIT: I'm an idiot. I didn't have DNS configured properly on my new 8.3 Pulse VM, so it couldn't reach any URLs. Fixed DNS and Duo works...Original post below: At the moment, Duo only supports Pulse Connect Secure 8.2Rx. Anyone in the loop on when they may update their integration? I have the free Duo account, so I can't ask Duo directly.Source: http://ift.tt/2C7hYJn
Submitted December 13, 2017 at 05:04AM by iPhoid
via reddit http://ift.tt/2nUvU67
EDIT: I'm an idiot. I didn't have DNS configured properly on my new 8.3 Pulse VM, so it couldn't reach any URLs. Fixed DNS and Duo works...Original post below: At the moment, Duo only supports Pulse Connect Secure 8.2Rx. Anyone in the loop on when they may update their integration? I have the free Duo account, so I can't ask Duo directly.Source: http://ift.tt/2C7hYJn
Submitted December 13, 2017 at 05:04AM by iPhoid
via reddit http://ift.tt/2nUvU67
Duo Security
Two-Factor Authentication for Pulse Secure SSL VPN
Duo integrates with your Pulse Connect Secure SSL VPN to add tokenless two-factor authentication to any VPN login.
XXE - Things Are Getting Out of Band
http://ift.tt/2Axe6Ea
Submitted December 13, 2017 at 05:03AM by ZephrX112
via reddit http://ift.tt/2AOZmNU
http://ift.tt/2Axe6Ea
Submitted December 13, 2017 at 05:03AM by ZephrX112
via reddit http://ift.tt/2AOZmNU
ZeroSec - Adventures In Information Security
XXE - Things Are Getting Out of Band
XXE Out of Band testing, explaining how to execute XXE OOB attacks over HTTP & FTP. Additional explanation on XXE RCE.
Searchable database of 1.4 billion stolen credentials found on dark web
http://ift.tt/2nUAsJN
Submitted December 13, 2017 at 07:35AM by grepnork
via reddit http://ift.tt/2AyAHjT
http://ift.tt/2nUAsJN
Submitted December 13, 2017 at 07:35AM by grepnork
via reddit http://ift.tt/2AyAHjT
IT World Canada
Searchable database of 1.4 billion stolen credentials found on dark web
A security vendor has discovered a huge list of easily searchable stolen credentials in cleartext on the dark web which it fears
Cryptsky - an open source ransomware
http://ift.tt/2nVdv9j
Submitted December 13, 2017 at 03:05PM by sirKareon
via reddit http://ift.tt/2ASyJrw
http://ift.tt/2nVdv9j
Submitted December 13, 2017 at 03:05PM by sirKareon
via reddit http://ift.tt/2ASyJrw
GitHub
deadPix3l/CryptSky
CryptSky - A simple, fully python ransomware PoC
Nessus Professional v7 announced
http://ift.tt/2AxifYK
Submitted December 13, 2017 at 02:23PM by brainscrewer
via reddit http://ift.tt/2BZNkjY
http://ift.tt/2AxifYK
Submitted December 13, 2017 at 02:23PM by brainscrewer
via reddit http://ift.tt/2BZNkjY
Tenable™
Announcing Nessus Professional v7
We’re pleased to announce Nessus Professional v7. More than 20,000 organizations today use Nessus Professional and there are more than a million and a half Nessus users worldwide.
Information Security Project
Could you be me some ideas on what topic my project on Information Security course will be? It's just a course project and not a final year project. So it should not be very easy nor very hard. Thank you.
Submitted December 13, 2017 at 04:20PM by DsTyM
via reddit http://ift.tt/2j08hUE
Could you be me some ideas on what topic my project on Information Security course will be? It's just a course project and not a final year project. So it should not be very easy nor very hard. Thank you.
Submitted December 13, 2017 at 04:20PM by DsTyM
via reddit http://ift.tt/2j08hUE
reddit
Information Security Project • r/security
Could you be me some ideas on what topic my project on Information Security course will be? It's just a course project and not a final year...
Mozilla's AMO Extensions store has a spam infestation problem
http://ift.tt/2yjRYav
Submitted December 13, 2017 at 06:35PM by imr2017
via reddit http://ift.tt/2ymsJEs
http://ift.tt/2yjRYav
Submitted December 13, 2017 at 06:35PM by imr2017
via reddit http://ift.tt/2ymsJEs
gHacks Technology News
Mozilla’s AMO Extensions store has a spam infestation problem
If you visit the official Mozilla AMO -- Addons Mozilla Org -- site right now you may notice an increase in extensions that are pure spam.
Security In 5: Episode 131 - A Major Breach Exposed A Company Was Stealing Your Data
http://ift.tt/2AiuxjH
Submitted December 13, 2017 at 07:31PM by BinaryBlog
via reddit http://ift.tt/2z8Agua
http://ift.tt/2AiuxjH
Submitted December 13, 2017 at 07:31PM by BinaryBlog
via reddit http://ift.tt/2z8Agua
Libsyn
Security In Five Podcast: Episode 131 - A Major Breach Exposed A Company Was Stealing Your Data
A major breach with a popular keyboard app showed that they were collecting far more data on their users than they should. This makes all of us think twice whenever an app asks for Full Access to your devices. In this case, they were taking every piece of…
Analysing pastebin data using PasteHunter and ELK
http://ift.tt/2AACG7c
Submitted December 13, 2017 at 07:57PM by kev-thehermit
via reddit http://ift.tt/2iXwefb
http://ift.tt/2AACG7c
Submitted December 13, 2017 at 07:57PM by kev-thehermit
via reddit http://ift.tt/2iXwefb
reddit
Analysing pastebin data using PasteHunter and ELK • r/netsec
2 points and 0 comments so far on reddit
Adware company threatens to sue malware researcher for finding similarities to malware
http://ift.tt/2C6LX3U
Submitted December 13, 2017 at 07:48PM by Eliad-Cybereason
via reddit http://ift.tt/2ASjHC5
http://ift.tt/2C6LX3U
Submitted December 13, 2017 at 07:48PM by Eliad-Cybereason
via reddit http://ift.tt/2ASjHC5
Cybereason
OSX.Pirrit Mac Adware Part III: The DaVinci Code
Cybereason researcher Amit Serper discovers a new variant of TargetingEdge's Mac OSX Pirrit malware, now this adware includes remote access tool RAT capabilities.
The Curious Case of Caching CSRF Tokens
http://ift.tt/2ymFWwQ
Submitted December 13, 2017 at 07:47PM by civicode
via reddit http://ift.tt/2BYd7Jx
http://ift.tt/2ymFWwQ
Submitted December 13, 2017 at 07:47PM by civicode
via reddit http://ift.tt/2BYd7Jx
reddit
The Curious Case of Caching CSRF Tokens • r/netsec
0 points and 0 comments so far on reddit
TLS 'ROBOT' Vulnerability Allows Attackers to Obtain RSA Key Through Discrepancies in PKCS Padding
http://ift.tt/2BEEV9M
Submitted December 13, 2017 at 09:55PM by Derbel__McDillet
via reddit http://ift.tt/2j08Ygs
http://ift.tt/2BEEV9M
Submitted December 13, 2017 at 09:55PM by Derbel__McDillet
via reddit http://ift.tt/2j08Ygs
www.kb.cert.org
Vulnerability Note VU#144389 - TLS implementations may disclose side channel information via discrepencies between valid and invalid…
TLS implementations may disclose side channel information via discrepancies between valid and invalid PKCS#1 padding, and may therefore be vulnerable to Bleichenbacher-style attacks.. This attack is known as a
5 ransomware as a service (RaaS) kits
http://ift.tt/2nY2X9A
Submitted December 13, 2017 at 09:39PM by volci
via reddit http://ift.tt/2ATWEGZ
http://ift.tt/2nY2X9A
Submitted December 13, 2017 at 09:39PM by volci
via reddit http://ift.tt/2ATWEGZ
Naked Security
5 ransomware as a service (RaaS) kits – SophosLabs investigates
A look at five RaaS kits and how each is marketed and priced
Palo Alto Networks firewalls pre-auth remote root code execution via web management (CVE-2017-15944)
http://ift.tt/2BiN8jk
Submitted December 13, 2017 at 09:46PM by 0xdea
via reddit http://ift.tt/2ASTeEk
http://ift.tt/2BiN8jk
Submitted December 13, 2017 at 09:46PM by 0xdea
via reddit http://ift.tt/2ASTeEk
seclists.org
Full Disclosure: CVE-2017-15944: Palo Alto Networks firewalls remote root code
execution
execution
Trend Micro researcher details a bug in DirecTV's Wireless Video Bridge that allows remote root.
http://ift.tt/2ABRvqh
Submitted December 13, 2017 at 10:30PM by RedmondSecGnome
via reddit http://ift.tt/2ynjzY6
http://ift.tt/2ABRvqh
Submitted December 13, 2017 at 10:30PM by RedmondSecGnome
via reddit http://ift.tt/2ynjzY6
Zero Day Initiative
Remote Root in DirecTV's Wireless Video Bridge: A Tale of Rage and Despair
In this guest blog, Trend Micro DVLabs researcher Ricky Lawshae discusses the recently disclosed CVE-2017-17411. He discovered and reported this bug through the ZDI program. Earlier this year, I learned that AT&T was starting to move customers away from its…
Remote Root in DirecTV's Wireless Video Bridge: A Tale of Rage and Despair
http://ift.tt/2ABRvqh
Submitted December 13, 2017 at 10:14PM by HeadlessZeke
via reddit http://ift.tt/2iZKq7l
http://ift.tt/2ABRvqh
Submitted December 13, 2017 at 10:14PM by HeadlessZeke
via reddit http://ift.tt/2iZKq7l
Zero Day Initiative
Remote Root in DirecTV's Wireless Video Bridge: A Tale of Rage and Despair
In this guest blog, Trend Micro DVLabs researcher Ricky Lawshae discusses the recently disclosed CVE-2017-17411. He discovered and reported this bug through the ZDI program. Earlier this year, I learned that AT&T was starting to move customers away from its…
Security Now 641 The iOS Security Trade-off | TWiT.TV
http://ift.tt/2z5ub1m
Submitted December 13, 2017 at 11:18PM by dmp1ce
via reddit http://ift.tt/2nZczAY
http://ift.tt/2z5ub1m
Submitted December 13, 2017 at 11:18PM by dmp1ce
via reddit http://ift.tt/2nZczAY
TWiT.tv
Security Now 641 The iOS Security Trade-off | TWiT.TV
This week we discuss the details behind the 'USB / JTAG takeover' of Intel's Management Engine, a rare Project Zero discovery, Microsoft's well-meaning but ill-tested IoT security …
Loveland Co to start tracking you via your cell phone's MAC address
http://ift.tt/2j0rBRq
Submitted December 13, 2017 at 11:23PM by Fearm0nger
via reddit http://ift.tt/2CeOjxQ
http://ift.tt/2j0rBRq
Submitted December 13, 2017 at 11:23PM by Fearm0nger
via reddit http://ift.tt/2CeOjxQ
Lovelandpolitics
Loveland tracking resident movements using unique identifier on mobile devices
Loveland's interim director of public works mislead Loveland's City Council on December 5, 2017 claiming receivers the city is placing around the community cannot link an individual to a phone.
How Email Open Tracking Quietly Took Over the Web
http://ift.tt/2B3jbmG
Submitted December 14, 2017 at 12:10AM by volci
via reddit http://ift.tt/2ATyso5
http://ift.tt/2B3jbmG
Submitted December 14, 2017 at 12:10AM by volci
via reddit http://ift.tt/2ATyso5
WIRED
How Email Open Tracking Quietly Took Over the Web
You give up more privacy than you might think each time you open an email.