How dangerous is it to reveal your birthday through phone survey?
Recently I had a university graduation survey. The representitive calling asked me to do a survey at 6:30 PM and he asked me a lot of questions about employment since graduation and then finally asked me what was my month and day of birth. So I answered it but my parents were livid when I did.I looked at my call log and traced the number and tried to call them back. The automatic line said "welcome to <<school's>> survey research department". At this point I knew this number seemed legit. What I'm worried is why the fuck did they ask me for hints of my birthday? Are they really trying to steal my confidential information? If the know my name and number, could they potentially hack into my bank account?
Submitted December 22, 2017 at 07:30AM by strandoflight
via reddit http://ift.tt/2kBIFi6
Recently I had a university graduation survey. The representitive calling asked me to do a survey at 6:30 PM and he asked me a lot of questions about employment since graduation and then finally asked me what was my month and day of birth. So I answered it but my parents were livid when I did.I looked at my call log and traced the number and tried to call them back. The automatic line said "welcome to <<school's>> survey research department". At this point I knew this number seemed legit. What I'm worried is why the fuck did they ask me for hints of my birthday? Are they really trying to steal my confidential information? If the know my name and number, could they potentially hack into my bank account?
Submitted December 22, 2017 at 07:30AM by strandoflight
via reddit http://ift.tt/2kBIFi6
reddit
How dangerous is it to reveal your birthday through... • r/security
Recently I had a university graduation survey. The representitive calling asked me to do a survey at 6:30 PM and he asked me a lot of questions...
PentesterLab | Web for Pentester - Learn all you need to know to start doing web penetration testing
http://ift.tt/1BidOfs
Submitted December 22, 2017 at 12:05PM by Gallus
via reddit http://ift.tt/2kWkQ3Y
http://ift.tt/1BidOfs
Submitted December 22, 2017 at 12:05PM by Gallus
via reddit http://ift.tt/2kWkQ3Y
Pentesterlab
PentesterLab: Web for Pentester
This exercise is a set of the most common web vulnerabilities.
Arbitrary Linux kernel memory read+write via incorrect range tracking in eBPF
http://ift.tt/2BSNP39
Submitted December 22, 2017 at 02:00PM by 0xdea
via reddit http://ift.tt/2zglBKo
http://ift.tt/2BSNP39
Submitted December 22, 2017 at 02:00PM by 0xdea
via reddit http://ift.tt/2zglBKo
NetSPI SQL Injection Wiki
http://ift.tt/2BAWiVO
Submitted December 22, 2017 at 04:25PM by speckz
via reddit http://ift.tt/2BAtosg
http://ift.tt/2BAWiVO
Submitted December 22, 2017 at 04:25PM by speckz
via reddit http://ift.tt/2BAtosg
Netspi
NetSPI SQL Injection Wiki
This wiki's mission is to be a one stop resource for fully identifying, exploiting, and escalating SQL injection vulnerabilities across various Database Management Systems.
Intercepting HTTPS Traffic from Apps on Android 7+ using Magisk & Burp | NVISO LABS
http://ift.tt/2kXPUQF
Submitted December 22, 2017 at 05:41PM by TheDauntless_
via reddit http://ift.tt/2DtmsKX
http://ift.tt/2kXPUQF
Submitted December 22, 2017 at 05:41PM by TheDauntless_
via reddit http://ift.tt/2DtmsKX
NVISO LABS - blog
Intercepting HTTPS Traffic from Apps on Android 7+ using Magisk & Burp
Intercepting HTTPS traffic is a necessity with any mobile security assessment. By adding a custom CA to Android, this can easily be done. As of Android Nougat, however, apps don’t trust clien…
Security In 5: Episode 138 - Tools, Tips and Tricks - Infosec Reactions Humor Website
http://ift.tt/2BXpWar
Submitted December 22, 2017 at 07:35PM by BinaryBlog
via reddit http://ift.tt/2Bm8pVQ
http://ift.tt/2BXpWar
Submitted December 22, 2017 at 07:35PM by BinaryBlog
via reddit http://ift.tt/2Bm8pVQ
Libsyn
Security In Five Podcast: Episode 138 - Tools, Tips and Tricks - Infosec Reactions Humor Website
The security business is a serious and frustrating world. Like many things in life you have to not take it too seriously from time to time. There is a website dedicated for Security Professionals to express their challenges and experiences through animated…
SwordPhish - free, lightweight and open-source phish reporting tool
http://ift.tt/2BRkbc9
Submitted December 22, 2017 at 07:57PM by eth0izzle
via reddit http://ift.tt/2kYecKA
http://ift.tt/2BRkbc9
Submitted December 22, 2017 at 07:57PM by eth0izzle
via reddit http://ift.tt/2kYecKA
GitHub
Schillings/SwordPhish
Schillings SwordPhish empowers organisations and engages its employees to establish the key component of any cyber security strategy: the Human Firewall.
Some cyber security training resources. Get your certs on.
http://ift.tt/2BB31CE
Submitted December 22, 2017 at 08:15PM by j03c0nn01
via reddit http://ift.tt/2C0k3cQ
http://ift.tt/2BB31CE
Submitted December 22, 2017 at 08:15PM by j03c0nn01
via reddit http://ift.tt/2C0k3cQ
Technoloman
Cyber Security Degrees Archives - Technoloman
Cyber Security Degrees, CyberSecurity Training Courses, Cyber Security Training for Veterans and Cyber Security Salaries.
ZDI's last Top 5 bug of 2017 details a matched pair of JavaScript bugs that could allow RCE on unpatched versions of Edge.
http://ift.tt/2BRAXb3
Submitted December 22, 2017 at 09:12PM by RedmondSecGnome
via reddit http://ift.tt/2BRANQZ
http://ift.tt/2BRAXb3
Submitted December 22, 2017 at 09:12PM by RedmondSecGnome
via reddit http://ift.tt/2BRANQZ
Zero Day Initiative
A Matching Pair of Use-After-Free Bugs in Chakra asm.js
This is the final blog in our series of Top 5 interesting cases from 2017. Each of these bugs has some element that sets them apart from the approximately 1,000 advisories released by the program this year. Today’s post details two bugs in Chakra – Microsoft’s…
Best way to protect your password from hackers!
http://ift.tt/2zaJdje
Submitted December 22, 2017 at 08:53PM by radu-matei
via reddit http://ift.tt/2zg5vAk
http://ift.tt/2zaJdje
Submitted December 22, 2017 at 08:53PM by radu-matei
via reddit http://ift.tt/2zg5vAk
Windows DMA Attacks : Gaining SYSTEM shells using a generic patch
http://ift.tt/2pgN52I
Submitted December 22, 2017 at 10:21PM by phocean
via reddit http://ift.tt/2kHzNaD
http://ift.tt/2pgN52I
Submitted December 22, 2017 at 10:21PM by phocean
via reddit http://ift.tt/2kHzNaD
Sysdream
Sysdream, Windows DMA Attacks : Gaining SYSTEM shells using a generic patch
Sysdream, audits et formations en sécurité informatique Ethical Hacking PCI DSS Test d'intrusion
Security Incident Report Best Practices: Important Metrics to Measure
http://ift.tt/2DvE0pL
Submitted December 22, 2017 at 10:34PM by abhishekiyer
via reddit http://ift.tt/2zhysfb
http://ift.tt/2DvE0pL
Submitted December 22, 2017 at 10:34PM by abhishekiyer
via reddit http://ift.tt/2zhysfb
Demisto
Security Incident Report Best Practices: Important Metrics to Measure
Learn about important metrics and categories that a security incident report should cover. A security incident report template is also provided with this blog.
ncat - cheatsheet
http://ift.tt/2BouAyY
Submitted December 23, 2017 at 12:18AM by nullminded
via reddit http://ift.tt/2CYNKYH
http://ift.tt/2BouAyY
Submitted December 23, 2017 at 12:18AM by nullminded
via reddit http://ift.tt/2CYNKYH
Bit Rot
Ncat Cheatsheet
Man Page
Name
ncat — Concatenate and redirect sockets
Synopsis
ncat [ ...] [ ] [ ]
Name
ncat — Concatenate and redirect sockets
Synopsis
ncat [ ...] [ ] [ ]
Using ElastAlert to Help Automate Threat Hunting
http://ift.tt/2zhGEfw
Submitted December 23, 2017 at 01:29AM by ok_bye_now_
via reddit http://ift.tt/2kZzcjZ
http://ift.tt/2zhGEfw
Submitted December 23, 2017 at 01:29AM by ok_bye_now_
via reddit http://ift.tt/2kZzcjZ
JP
Using ElastAlert to Help Automate Threat Hunting
I first want to say thanks to CyberWarDog for his fantastic lab walk through for setting up a Threat Hunting Lab. It is hands down the best guide I have read to getting started with Threat Hunting.…
IDA Plug-in contest 2017 results
http://ift.tt/2DyHDLN
Submitted December 23, 2017 at 02:10AM by alain_proviste
via reddit http://ift.tt/2BYnRep
http://ift.tt/2DyHDLN
Submitted December 23, 2017 at 02:10AM by alain_proviste
via reddit http://ift.tt/2BYnRep
Hex-Rays
Plug-In Contest 2017: Hall Of Fame
The IDA Disassembler and debugger is a multi-processor disassembler and debugger hosted on the Windows, Linux and Mac OS X Platforms.
Porn Filters Compared: OpenDNS, Neustar, CleanBrowsing, Norton, Yandex and AdGuard
http://ift.tt/2BC8R6P
Submitted December 23, 2017 at 02:30AM by nykzhang
via reddit http://ift.tt/2zgPf29
http://ift.tt/2BC8R6P
Submitted December 23, 2017 at 02:30AM by nykzhang
via reddit http://ift.tt/2zgPf29
Medium
Porn Filters Compared: OpenDNS, Neustar, CleanBrowsing, Norton, Yandex and AdGuard
On a recent post, I provided some details on a disappointing test with a few free DNS resolvers that were supposed to block access to…
Comparing the effectiveness of DNS-based porn filters: OpenDNS, Neustar, CleanBrowsing, Norton, Yandex and AdGuard
http://ift.tt/2BC8R6P
Submitted December 23, 2017 at 02:39AM by nykzhang
via reddit http://ift.tt/2l0J3WD
http://ift.tt/2BC8R6P
Submitted December 23, 2017 at 02:39AM by nykzhang
via reddit http://ift.tt/2l0J3WD
Medium
Porn Filters Compared: OpenDNS, Neustar, CleanBrowsing, Norton, Yandex and AdGuard
On a recent post, I provided some details on a disappointing test with a few free DNS resolvers that were supposed to block access to…
What are the different ways Crypto transactions can be traced back to a person?
Supposedly Crypto currency is "anonymous" on the internet, using your banking information and phone & e-mail verification for every login in and from your computer with public ledgers.This makes absolutely no sense to me that anybody can say it's "anonymous" with a straight face or not followed with "NOT!/PSYCH!"
Submitted December 23, 2017 at 04:33AM by Project_Ho2018
via reddit http://ift.tt/2Bn7Knb
Supposedly Crypto currency is "anonymous" on the internet, using your banking information and phone & e-mail verification for every login in and from your computer with public ledgers.This makes absolutely no sense to me that anybody can say it's "anonymous" with a straight face or not followed with "NOT!/PSYCH!"
Submitted December 23, 2017 at 04:33AM by Project_Ho2018
via reddit http://ift.tt/2Bn7Knb
reddit
What are the different ways Crypto transactions can... • r/security
Supposedly Crypto currency is "anonymous" on the internet, using your banking information and phone & e-mail verification for every login in and...
Phish... Or not?
In this day and age you'd think credit card companies wouldn't make their security calls sound like phishing attempts. My current company just called me with a fraud alert, and asked for identifying information to "make sure" it was me.It's bad practice for individuals to give out any identifying information on incoming phone calls. It's also bad practice for companies to call and then ask for identifying information, because it tends to train people to give out information on incoming phone calls.I'm hoping someone here works for one of the major card systems, and can ping their security department about this, because they should try to keep issuing banks from trying this sort of verification.
Submitted December 23, 2017 at 04:57AM by o0shad0o
via reddit http://ift.tt/2kGMcvD
In this day and age you'd think credit card companies wouldn't make their security calls sound like phishing attempts. My current company just called me with a fraud alert, and asked for identifying information to "make sure" it was me.It's bad practice for individuals to give out any identifying information on incoming phone calls. It's also bad practice for companies to call and then ask for identifying information, because it tends to train people to give out information on incoming phone calls.I'm hoping someone here works for one of the major card systems, and can ping their security department about this, because they should try to keep issuing banks from trying this sort of verification.
Submitted December 23, 2017 at 04:57AM by o0shad0o
via reddit http://ift.tt/2kGMcvD
reddit
Phish... Or not? • r/security
In this day and age you'd think credit card companies wouldn't make their security calls sound like phishing attempts. My current company just...
'123456' is sadly triumphant as it tops list of most-used passwords | V3
http://ift.tt/2kCTEI2
Submitted December 23, 2017 at 10:35AM by antdude
via reddit http://ift.tt/2zjw1sz
http://ift.tt/2kCTEI2
Submitted December 23, 2017 at 10:35AM by antdude
via reddit http://ift.tt/2zjw1sz
http://www.v3.co.uk
'123456' is sadly triumphant as it tops list of most-used passwords | V3
'letmein', while appropriate, isn't as hard to guess as you think
Privacy aware Todo app?
HiI really would like to use a Todo/Calendar app on my Android. But most apps sync your data to the cloud, which i'm not comfortable with.Do you know any todo/calendar app that's privacy aware?
Submitted December 23, 2017 at 02:29PM by b00h
via reddit http://ift.tt/2BsCqDq
HiI really would like to use a Todo/Calendar app on my Android. But most apps sync your data to the cloud, which i'm not comfortable with.Do you know any todo/calendar app that's privacy aware?
Submitted December 23, 2017 at 02:29PM by b00h
via reddit http://ift.tt/2BsCqDq
reddit
Privacy aware Todo app? • r/security
Hi I really would like to use a Todo/Calendar app on my Android. But most apps sync your data to the cloud, which i'm not comfortable with. Do...