ropchain: bypassing ASLR+DEP+stack canaries
http://ift.tt/2lz93JR
Submitted January 02, 2018 at 06:22AM by dgryski
via reddit http://ift.tt/2CnevKv
http://ift.tt/2lz93JR
Submitted January 02, 2018 at 06:22AM by dgryski
via reddit http://ift.tt/2CnevKv
reddit
ropchain: bypassing ASLR+DEP+stack canaries • r/netsec
0 points and 0 comments so far on reddit
The nasty surprises hackers have in store for us in 2018
http://ift.tt/2DO36iZ
Submitted January 02, 2018 at 11:59AM by aasreddit
via reddit http://ift.tt/2qanU2j
http://ift.tt/2DO36iZ
Submitted January 02, 2018 at 11:59AM by aasreddit
via reddit http://ift.tt/2qanU2j
MIT Technology Review
Six Cyber Threats to Really Worry About in 2018
From AI-powered hacking to tampering with voting systems, here are some of the big risks on our radar screen.
The mysterious case of the Linux Page Table Isolation patches
http://ift.tt/2C5VZ53
Submitted January 02, 2018 at 12:01AM by Kerrovitar
via reddit http://ift.tt/2lFFu8D
http://ift.tt/2C5VZ53
Submitted January 02, 2018 at 12:01AM by Kerrovitar
via reddit http://ift.tt/2lFFu8D
Ad targeters are pulling data from your browser’s password manager
http://ift.tt/2CeNfNU
Submitted January 02, 2018 at 02:25PM by rhabarba
via reddit http://ift.tt/2A3TQ7Y
http://ift.tt/2CeNfNU
Submitted January 02, 2018 at 02:25PM by rhabarba
via reddit http://ift.tt/2A3TQ7Y
The Verge
Ad targeters are pulling data from your browser’s password manager
New research shows an alarming new way to track web users
Question regarding data shared with 2FA
Hope this makes sense. I have two accounts set up with a provider that I need to keep entirely separate, so use different usernames, passwords, IP addresses, payment details etc.However, 2FA is now compulsory, so I need to implement it on the second account. Can I use the same 2FA app (i.e. Google authenticator) for both accounts, or is some data shared with the provider that would show a link, i.e. the mac address, IP address or even the mobile phone number associated?I had considered setting up Authy for the separate account, but that now requests the mobile phone number too, before you can use it...again, leading to me wondering if the same problem applies or shared data?
Submitted January 02, 2018 at 05:51PM by ianmd
via reddit http://ift.tt/2EzTl97
Hope this makes sense. I have two accounts set up with a provider that I need to keep entirely separate, so use different usernames, passwords, IP addresses, payment details etc.However, 2FA is now compulsory, so I need to implement it on the second account. Can I use the same 2FA app (i.e. Google authenticator) for both accounts, or is some data shared with the provider that would show a link, i.e. the mac address, IP address or even the mobile phone number associated?I had considered setting up Authy for the separate account, but that now requests the mobile phone number too, before you can use it...again, leading to me wondering if the same problem applies or shared data?
Submitted January 02, 2018 at 05:51PM by ianmd
via reddit http://ift.tt/2EzTl97
reddit
Question regarding data shared with 2FA • r/security
Hope this makes sense. I have two accounts set up with a provider that I need to keep entirely separate, so use different usernames, passwords, IP...
New vulnerability exposed for smartphones
http://ift.tt/2Ch1j9F
Submitted January 02, 2018 at 05:22PM by silverf0x001
via reddit http://ift.tt/2DOuBc4
http://ift.tt/2Ch1j9F
Submitted January 02, 2018 at 05:22PM by silverf0x001
via reddit http://ift.tt/2DOuBc4
Digitaljournal
New vulnerability exposed for smartphones
Hackers can easily guess your phone PIN using its sensor data, according to new research into mobile device security vulnerabilities from Nanyang Technological University.
Data Breach Report: December 2017
http://ift.tt/2CaL4XO
Submitted January 02, 2018 at 06:05PM by Uminekoshi
via reddit http://ift.tt/2lJc1dU
http://ift.tt/2CaL4XO
Submitted January 02, 2018 at 06:05PM by Uminekoshi
via reddit http://ift.tt/2lJc1dU
Nehemiah Security
Data Breach Report: December 2017 - Nehemiah Security
Below is a compilation of news articles covering some of the notable data breaches that occurred in December 2017. Doesn’t this really put things into perspective? Morrisons found liable for data breach – UPDATED – Dec 1 PayPal Unit TIO Networks Discloses…
Leveraging "French Kiss Attack" to boost your phishing campaign
http://ift.tt/2EABAGM
Submitted January 02, 2018 at 06:11PM by Void_Sec
via reddit http://ift.tt/2C99EIx
http://ift.tt/2EABAGM
Submitted January 02, 2018 at 06:11PM by Void_Sec
via reddit http://ift.tt/2C99EIx
VoidSec
Uncommon Phishing and Social Engineering Techniques - VoidSec
Leveraging French Kiss Attack to boost your phishing campaign
Fingerprinting with Zero-Width Characters
http://ift.tt/2Cm640V
Submitted January 02, 2018 at 07:47PM by speckz
via reddit http://ift.tt/2EASdCe
http://ift.tt/2Cm640V
Submitted January 02, 2018 at 07:47PM by speckz
via reddit http://ift.tt/2EASdCe
reddit
Fingerprinting with Zero-Width Characters • r/security
1 points and 0 comments so far on reddit
Security In 5: File Progress Episode 143 - How To Secure Your Video Game Consoles - Switch, Xbox One, PS4
http://ift.tt/2lGz0Y5
Submitted January 02, 2018 at 07:32PM by BinaryBlog
via reddit http://ift.tt/2A6fbOh
http://ift.tt/2lGz0Y5
Submitted January 02, 2018 at 07:32PM by BinaryBlog
via reddit http://ift.tt/2A6fbOh
Libsyn
Security In Five Podcast: File
Progress Episode 143 - How To Secure Your Video Game Consoles - Switch, Xbox One, PS4
Progress Episode 143 - How To Secure Your Video Game Consoles - Switch, Xbox One, PS4
Your video games systems are powerful computers running operating systems similar to those driving your desktops. Requiring internet connectivity exposes these machines and your information exposed if not taken care of. This episode goes through each of the…
Attacking Read-Only Domain Controllers (RODCs) to Own Active Directory
http://ift.tt/2Er77ej
Submitted January 01, 2018 at 10:04PM by based2
via reddit http://ift.tt/2CF36lS
http://ift.tt/2Er77ej
Submitted January 01, 2018 at 10:04PM by based2
via reddit http://ift.tt/2CF36lS
reddit
Attacking Read-Only Domain Controllers (RODCs) to Own... • r/netsec
0 points and 1 comments so far on reddit
Stop Procrastinating and Get Things Done! From Senior Security Analyst/Malware Reverser to WebDev/SecDevOps
http://ift.tt/2A7cRGx
Submitted January 02, 2018 at 09:59PM by marcomcse
via reddit http://ift.tt/2lF2wNU
http://ift.tt/2A7cRGx
Submitted January 02, 2018 at 09:59PM by marcomcse
via reddit http://ift.tt/2lF2wNU
SecDevOps
Stop Procrastinating and Get Things Done!
From Senior Security Analyst/Malware Reverser to WebDev/SecDevOps
The password requirements for the Social Security Administration website are horrifying. How is this even allowed?
http://ift.tt/2lFYWTQ
Submitted January 02, 2018 at 09:31PM by jklick
via reddit http://ift.tt/2qcBqSN
http://ift.tt/2lFYWTQ
Submitted January 02, 2018 at 09:31PM by jklick
via reddit http://ift.tt/2qcBqSN
Imgur
Imgur: The magic of the Internet
Multiple vulnerabilities in the online services of (GPS) location tracking devices
http://ift.tt/2CsgagZ
Submitted January 02, 2018 at 10:53PM by cybergibbons
via reddit http://ift.tt/2EDkMiA
http://ift.tt/2CsgagZ
Submitted January 02, 2018 at 10:53PM by cybergibbons
via reddit http://ift.tt/2EDkMiA
Tomb is a secure alternative to TrueCrypt and VeraCrypt ?
http://ift.tt/1x6YD5J
Submitted January 03, 2018 at 12:29AM by magicpupper
via reddit http://ift.tt/2lG40Hs
http://ift.tt/1x6YD5J
Submitted January 03, 2018 at 12:29AM by magicpupper
via reddit http://ift.tt/2lG40Hs
dyne.org
Tomb :: File Encryption on GNU/Linux
Tomb is an 100% free and open source system for file encryption on GNU/Linux. It simply makes gpg dm-crypt and cryptsetup usable in a variety of situations.
Understanding And Preparing For The Upcoming W2 Fraud Attacks in Q1.
http://ift.tt/2lH6CUJ
Submitted January 02, 2018 at 11:10PM by MadSecuritySquirrel
via reddit http://ift.tt/2CromPa
http://ift.tt/2lH6CUJ
Submitted January 02, 2018 at 11:10PM by MadSecuritySquirrel
via reddit http://ift.tt/2CromPa
The Mad Squ1rrel
Understanding And Preparing For The Upcoming W2 Fraud Attacks | The Mad Squ1rrel
Having survived the challenges in 2017 I'm sure we're all looking forward to a bit of a rest, however that is not in our future. It does help to be prepared for what's coming and that's why I want to talk a minute about W2 fraud. As we enter the first quarter…
Leveraging "French Kiss Attack" to boost your phishing campaign
http://ift.tt/2EABAGM
Submitted January 02, 2018 at 11:03PM by Void_Sec
via reddit http://ift.tt/2A6A63K
http://ift.tt/2EABAGM
Submitted January 02, 2018 at 11:03PM by Void_Sec
via reddit http://ift.tt/2A6A63K
VoidSec
Uncommon Phishing and Social Engineering Techniques - VoidSec
Leveraging French Kiss Attack to boost your phishing campaign
Writeup and PoC for arbitrary file read/write in locked Samsung Android device via MTP (SVE-2017-10086)
http://ift.tt/2lHkFe5
Submitted January 03, 2018 at 01:29AM by smesoraca
via reddit http://ift.tt/2Cv2ba5
http://ift.tt/2lHkFe5
Submitted January 03, 2018 at 01:29AM by smesoraca
via reddit http://ift.tt/2Cv2ba5
GitHub
smeso/MTPwn
MTPwn - PoC exploit for arbitrary file read/write in locked Samsung Android device via MTP (SVE-2017-10086)
Security Orchestration For Policy Management
http://ift.tt/2DSUMP4
Submitted January 03, 2018 at 02:32AM by abhishekiyer
via reddit http://ift.tt/2qdtb9k
http://ift.tt/2DSUMP4
Submitted January 03, 2018 at 02:32AM by abhishekiyer
via reddit http://ift.tt/2qdtb9k
Demisto
Security Orchestration Use Case: Policy Management with McAfee ePO and Demisto
Learn how Demisto’s integration with McAfee ePolicy Orchestrator (ePO) can bring policy management under the umbrella of security orchestration and automation.
VMSA-2018-0001: vSphere Data Protection (VDP) updates address multiple security issues.
http://ift.tt/2ECDMOb
Submitted January 03, 2018 at 01:26AM by bagaudin
via reddit http://ift.tt/2EAs6LH
http://ift.tt/2ECDMOb
Submitted January 03, 2018 at 01:26AM by bagaudin
via reddit http://ift.tt/2EAs6LH
VMWare
VMSA-2018-0001
vSphere Data Protection (VDP) updates address multiple security issues.
I get this pop up on my phone for EVERY WEBSITE. It’s scary. I cleared cookies but it won’t go away?
http://ift.tt/2lIO9az
Submitted January 03, 2018 at 02:44AM by chriserie
via reddit http://ift.tt/2CtAEqz
http://ift.tt/2lIO9az
Submitted January 03, 2018 at 02:44AM by chriserie
via reddit http://ift.tt/2CtAEqz