Security In 5: File Progress Episode 143 - How To Secure Your Video Game Consoles - Switch, Xbox One, PS4
http://ift.tt/2lGz0Y5
Submitted January 02, 2018 at 07:32PM by BinaryBlog
via reddit http://ift.tt/2A6fbOh
http://ift.tt/2lGz0Y5
Submitted January 02, 2018 at 07:32PM by BinaryBlog
via reddit http://ift.tt/2A6fbOh
Libsyn
Security In Five Podcast: File
Progress Episode 143 - How To Secure Your Video Game Consoles - Switch, Xbox One, PS4
Progress Episode 143 - How To Secure Your Video Game Consoles - Switch, Xbox One, PS4
Your video games systems are powerful computers running operating systems similar to those driving your desktops. Requiring internet connectivity exposes these machines and your information exposed if not taken care of. This episode goes through each of the…
Attacking Read-Only Domain Controllers (RODCs) to Own Active Directory
http://ift.tt/2Er77ej
Submitted January 01, 2018 at 10:04PM by based2
via reddit http://ift.tt/2CF36lS
http://ift.tt/2Er77ej
Submitted January 01, 2018 at 10:04PM by based2
via reddit http://ift.tt/2CF36lS
reddit
Attacking Read-Only Domain Controllers (RODCs) to Own... • r/netsec
0 points and 1 comments so far on reddit
Stop Procrastinating and Get Things Done! From Senior Security Analyst/Malware Reverser to WebDev/SecDevOps
http://ift.tt/2A7cRGx
Submitted January 02, 2018 at 09:59PM by marcomcse
via reddit http://ift.tt/2lF2wNU
http://ift.tt/2A7cRGx
Submitted January 02, 2018 at 09:59PM by marcomcse
via reddit http://ift.tt/2lF2wNU
SecDevOps
Stop Procrastinating and Get Things Done!
From Senior Security Analyst/Malware Reverser to WebDev/SecDevOps
The password requirements for the Social Security Administration website are horrifying. How is this even allowed?
http://ift.tt/2lFYWTQ
Submitted January 02, 2018 at 09:31PM by jklick
via reddit http://ift.tt/2qcBqSN
http://ift.tt/2lFYWTQ
Submitted January 02, 2018 at 09:31PM by jklick
via reddit http://ift.tt/2qcBqSN
Imgur
Imgur: The magic of the Internet
Multiple vulnerabilities in the online services of (GPS) location tracking devices
http://ift.tt/2CsgagZ
Submitted January 02, 2018 at 10:53PM by cybergibbons
via reddit http://ift.tt/2EDkMiA
http://ift.tt/2CsgagZ
Submitted January 02, 2018 at 10:53PM by cybergibbons
via reddit http://ift.tt/2EDkMiA
Tomb is a secure alternative to TrueCrypt and VeraCrypt ?
http://ift.tt/1x6YD5J
Submitted January 03, 2018 at 12:29AM by magicpupper
via reddit http://ift.tt/2lG40Hs
http://ift.tt/1x6YD5J
Submitted January 03, 2018 at 12:29AM by magicpupper
via reddit http://ift.tt/2lG40Hs
dyne.org
Tomb :: File Encryption on GNU/Linux
Tomb is an 100% free and open source system for file encryption on GNU/Linux. It simply makes gpg dm-crypt and cryptsetup usable in a variety of situations.
Understanding And Preparing For The Upcoming W2 Fraud Attacks in Q1.
http://ift.tt/2lH6CUJ
Submitted January 02, 2018 at 11:10PM by MadSecuritySquirrel
via reddit http://ift.tt/2CromPa
http://ift.tt/2lH6CUJ
Submitted January 02, 2018 at 11:10PM by MadSecuritySquirrel
via reddit http://ift.tt/2CromPa
The Mad Squ1rrel
Understanding And Preparing For The Upcoming W2 Fraud Attacks | The Mad Squ1rrel
Having survived the challenges in 2017 I'm sure we're all looking forward to a bit of a rest, however that is not in our future. It does help to be prepared for what's coming and that's why I want to talk a minute about W2 fraud. As we enter the first quarter…
Leveraging "French Kiss Attack" to boost your phishing campaign
http://ift.tt/2EABAGM
Submitted January 02, 2018 at 11:03PM by Void_Sec
via reddit http://ift.tt/2A6A63K
http://ift.tt/2EABAGM
Submitted January 02, 2018 at 11:03PM by Void_Sec
via reddit http://ift.tt/2A6A63K
VoidSec
Uncommon Phishing and Social Engineering Techniques - VoidSec
Leveraging French Kiss Attack to boost your phishing campaign
Writeup and PoC for arbitrary file read/write in locked Samsung Android device via MTP (SVE-2017-10086)
http://ift.tt/2lHkFe5
Submitted January 03, 2018 at 01:29AM by smesoraca
via reddit http://ift.tt/2Cv2ba5
http://ift.tt/2lHkFe5
Submitted January 03, 2018 at 01:29AM by smesoraca
via reddit http://ift.tt/2Cv2ba5
GitHub
smeso/MTPwn
MTPwn - PoC exploit for arbitrary file read/write in locked Samsung Android device via MTP (SVE-2017-10086)
Security Orchestration For Policy Management
http://ift.tt/2DSUMP4
Submitted January 03, 2018 at 02:32AM by abhishekiyer
via reddit http://ift.tt/2qdtb9k
http://ift.tt/2DSUMP4
Submitted January 03, 2018 at 02:32AM by abhishekiyer
via reddit http://ift.tt/2qdtb9k
Demisto
Security Orchestration Use Case: Policy Management with McAfee ePO and Demisto
Learn how Demisto’s integration with McAfee ePolicy Orchestrator (ePO) can bring policy management under the umbrella of security orchestration and automation.
VMSA-2018-0001: vSphere Data Protection (VDP) updates address multiple security issues.
http://ift.tt/2ECDMOb
Submitted January 03, 2018 at 01:26AM by bagaudin
via reddit http://ift.tt/2EAs6LH
http://ift.tt/2ECDMOb
Submitted January 03, 2018 at 01:26AM by bagaudin
via reddit http://ift.tt/2EAs6LH
VMWare
VMSA-2018-0001
vSphere Data Protection (VDP) updates address multiple security issues.
I get this pop up on my phone for EVERY WEBSITE. It’s scary. I cleared cookies but it won’t go away?
http://ift.tt/2lIO9az
Submitted January 03, 2018 at 02:44AM by chriserie
via reddit http://ift.tt/2CtAEqz
http://ift.tt/2lIO9az
Submitted January 03, 2018 at 02:44AM by chriserie
via reddit http://ift.tt/2CtAEqz
Safe file formats
By safe I mean absolutely 100% safe or very close.I know that pdf is not safe due to javanoscriptI know that .docx is unsafe due to macrosI've heard that .rtf is unsafeWhat basic file formats are safe from malware? Mostly interested in text formats but tips on other basic formats are welcome.BONUS QUESTION: If I take an infected file (ex. .pdf) and convert it to a different format (ex. .docx) before opening, does that render the attack useless? I mean, from what I understand .pdf and .docx have different vulnerabilities, so a .pdf attack shouldn't transfer to .docx. What if I then convert it back to pdf?
Submitted January 03, 2018 at 03:47AM by Optymistyk
via reddit http://ift.tt/2CGNMFj
By safe I mean absolutely 100% safe or very close.I know that pdf is not safe due to javanoscriptI know that .docx is unsafe due to macrosI've heard that .rtf is unsafeWhat basic file formats are safe from malware? Mostly interested in text formats but tips on other basic formats are welcome.BONUS QUESTION: If I take an infected file (ex. .pdf) and convert it to a different format (ex. .docx) before opening, does that render the attack useless? I mean, from what I understand .pdf and .docx have different vulnerabilities, so a .pdf attack shouldn't transfer to .docx. What if I then convert it back to pdf?
Submitted January 03, 2018 at 03:47AM by Optymistyk
via reddit http://ift.tt/2CGNMFj
reddit
Safe file formats • r/security
By safe I mean absolutely 100% safe or very close. I know that pdf is not safe due to javanoscript I know that .docx is unsafe due to macros I've...
blackberrymobile.com mining monero?
The site seems to be including a coinhive.com noscript. http://ift.tt/2qSHLiI Address is
Submitted January 03, 2018 at 05:31AM by cryptocripples
via reddit http://ift.tt/2Cv3CVV
The site seems to be including a coinhive.com noscript. http://ift.tt/2qSHLiI Address is
9KNyPFbDqJesaSxBLcQoJZX6PgXN1ld0. The way that it's implemented (before the first byte) makes it look like it got injected.Seems weird that something got injected into a BlackBerry site, since blackberry is supposed to be security-focussed.Is anyone else seeing this miner?Submitted January 03, 2018 at 05:31AM by cryptocripples
via reddit http://ift.tt/2Cv3CVV
reddit
blackberrymobile.com mining monero? • r/security
The site seems to be including a coinhive.com noscript. https://www.blackberrymobile.com/ Address is `9KNyPFbDqJesaSxBLcQoJZX6PgXN1ld0`. The way...
DNS Spoofing www.berkdusunur.net
http://ift.tt/2A8NyUR
Submitted January 03, 2018 at 06:29AM by berkdusunurx
via reddit http://ift.tt/2CwymXt
http://ift.tt/2A8NyUR
Submitted January 03, 2018 at 06:29AM by berkdusunurx
via reddit http://ift.tt/2CwymXt
www.berkdusunur.net
DNS Spoofing (DNS Zehirlenmesi)
Hello everyone :) I'm going to do a dns poisoning scenario today. I want to do DNS spoofing in an open and free network. Okay lets ...
OS Command Injection Unauthorized Access
http://ift.tt/2CHphb9
Submitted January 03, 2018 at 06:19AM by berkdusunurx
via reddit http://ift.tt/2A8PHzB
http://ift.tt/2CHphb9
Submitted January 03, 2018 at 06:19AM by berkdusunurx
via reddit http://ift.tt/2A8PHzB
www.berkdusunur.net
OS Command Injection Unauthorized Access
Hello Everyone :) bWAPP bWAPP, or a buggy web application, is a free and open source deliberately inse...
Academic researchers fire latest shots in adblocking arms race
http://ift.tt/2CsE5wS
Submitted January 03, 2018 at 08:46AM by RandomCollection
via reddit http://ift.tt/2DTpyqX
http://ift.tt/2CsE5wS
Submitted January 03, 2018 at 08:46AM by RandomCollection
via reddit http://ift.tt/2DTpyqX
Ars Technica
Academic researchers fire latest shots in adblocking arms race
Manipulating javanoscript can overcome publishers' software.
Star Wars Episode IV.1.d: The Pentesters Strike Back
http://ift.tt/1kcUBmV
Submitted January 03, 2018 at 10:27AM by antdude
via reddit http://ift.tt/2CeDbkd
http://ift.tt/1kcUBmV
Submitted January 03, 2018 at 10:27AM by antdude
via reddit http://ift.tt/2CeDbkd
Vimeo
Star Wars Episode IV.1.d: The Pentesters Strike Back
It is a period of cyber war. In an effort to sustain commerce during these challenging times, the Galactic Trade Federation has required the Empire retain the services…
Client specific design security booth by Big Booth
https://www.youtube.com/watch?time_continue=2&v=TtuiRzfaFL4
Submitted January 03, 2018 at 12:33PM by phelpsryans
via reddit http://ift.tt/2DWBacN
https://www.youtube.com/watch?time_continue=2&v=TtuiRzfaFL4
Submitted January 03, 2018 at 12:33PM by phelpsryans
via reddit http://ift.tt/2DWBacN
YouTube
B.I.G. Booths Architectural_Harmony.mp4
B.I.G. Booths, Architectural Harmony and Perimeter Security
The new intel vulnerability
It allows normal user programs – from database applications to JavaScript in web browsers – to discern to some extent the layout or contents of protected kernel memory areas.http://ift.tt/2lEEKleSo, does this mean that by visiting a website, the javanoscript can access information from the kernel of my PC?
Submitted January 03, 2018 at 03:19PM by Lumo5
via reddit http://ift.tt/2CjxIZn
It allows normal user programs – from database applications to JavaScript in web browsers – to discern to some extent the layout or contents of protected kernel memory areas.http://ift.tt/2lEEKleSo, does this mean that by visiting a website, the javanoscript can access information from the kernel of my PC?
Submitted January 03, 2018 at 03:19PM by Lumo5
via reddit http://ift.tt/2CjxIZn
www.theregister.co.uk
'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign
Other OSes will need an update, performance hits loom
Intel left a fascinating security flaw in its chips for 16 years – here's how to exploit it • The Register
http://ift.tt/2qhD3yD
Submitted January 03, 2018 at 04:23PM by Seiryth
via reddit http://ift.tt/2lKf8Dc
http://ift.tt/2qhD3yD
Submitted January 03, 2018 at 04:23PM by Seiryth
via reddit http://ift.tt/2lKf8Dc
www.theregister.co.uk
Intel left a fascinating security flaw in its chips for 16 years – here's how to exploit it
Howler opens door for SMM rootkits