Security In 5: Episode 145 - Why You Should Be Keeping A Career Journal
http://ift.tt/2E7hAdJ
Submitted January 04, 2018 at 07:36PM by BinaryBlog
via reddit http://ift.tt/2Cncbih
http://ift.tt/2E7hAdJ
Submitted January 04, 2018 at 07:36PM by BinaryBlog
via reddit http://ift.tt/2Cncbih
Libsyn
Security In Five Podcast: Episode 145 - Why You Should Be Keeping A Career Journal
Everyone takes notes for their job. Not everyone keeps a journal specifically around their career life. Journaling is a powerful tool, if done correctly, to help you grow as a person and shape your career by recording wins and losses. This episode goes into…
What Security Pros Need to Know About Machine Learning in the Year Ahead
http://ift.tt/2EHcRRa
Submitted January 04, 2018 at 08:50PM by CrankyBear
via reddit http://ift.tt/2CnSQ0v
http://ift.tt/2EHcRRa
Submitted January 04, 2018 at 08:50PM by CrankyBear
via reddit http://ift.tt/2CnSQ0v
Security Boulevard
What Security Pros Need to Know About Machine Learning in the Year Ahead
Expect the gamut of security products to enter 2018 with their AI hats on. But the brain beneath the hat will be yours, not the machine’s. Here’s what to do.
subDoc: Stealing NTMLv2 hashes with MS Word Documents
http://ift.tt/2lVWOaG
Submitted January 04, 2018 at 09:02PM by netsecs
via reddit http://ift.tt/2lV3RQy
http://ift.tt/2lVWOaG
Submitted January 04, 2018 at 09:02PM by netsecs
via reddit http://ift.tt/2lV3RQy
reddit
subDoc: Stealing NTMLv2 hashes with MS Word Documents • r/netsec
2 points and 0 comments so far on reddit
Same hardcoded backdoor in both WDMyCloud and D-Link ShareCenter devices
http://ift.tt/2CpL4U0
Submitted January 04, 2018 at 11:25AM by ilikestoaskquestions
via reddit http://ift.tt/2qqWfu5
http://ift.tt/2CpL4U0
Submitted January 04, 2018 at 11:25AM by ilikestoaskquestions
via reddit http://ift.tt/2qqWfu5
gulftech.org
WDMyCloud <= 2.30.165 Multiple Vulnerabilities
GulfTech Research and Development
Looking for help with Krack Attacks
Just looking for a tutorial on how to carry out krack attacks and how to patch them.Any help is appreciated.
Submitted January 05, 2018 at 12:22AM by Evlerr
via reddit http://ift.tt/2CCMJsr
Just looking for a tutorial on how to carry out krack attacks and how to patch them.Any help is appreciated.
Submitted January 05, 2018 at 12:22AM by Evlerr
via reddit http://ift.tt/2CCMJsr
reddit
Looking for help with Krack Attacks • r/security
Just looking for a tutorial on how to carry out krack attacks and how to patch them. Any help is appreciated.
Xerox Alto zero-day: cracking disk password protection on a 45 year old system
http://ift.tt/2CAWrvH
Submitted January 05, 2018 at 01:44AM by Chris911
via reddit http://ift.tt/2EXEjdC
http://ift.tt/2CAWrvH
Submitted January 05, 2018 at 01:44AM by Chris911
via reddit http://ift.tt/2EXEjdC
Righto
Xerox Alto zero-day: cracking disk password protection on a 45 year old system
We've been archiving a bunch of old Xerox Alto disk packs from the 1970s. A few of them turned out to be password-protected, so I needed ...
Managing Passwords and Secrets: Common Anti-Patterns
http://ift.tt/2lVOCqy
Submitted January 05, 2018 at 01:43AM by danenania
via reddit http://ift.tt/2E7WlIN
http://ift.tt/2lVOCqy
Submitted January 05, 2018 at 01:43AM by danenania
via reddit http://ift.tt/2E7WlIN
EnvKey
Managing Passwords and Secrets: Common Anti-Patterns
10 ways that development teams tend to screw this up.
More details about mitigations for the CPU Speculative Execution issue
http://ift.tt/2E8bgCN
Submitted January 05, 2018 at 03:13AM by olbrich
via reddit http://ift.tt/2m0s34r
http://ift.tt/2E8bgCN
Submitted January 05, 2018 at 03:13AM by olbrich
via reddit http://ift.tt/2m0s34r
Google Online Security Blog
More details about mitigations for the CPU Speculative Execution issue
Posted by Matt Linton, Senior Security Engineer and Pat Parseghian, Technical Program Manager Yesterday, Google’s Project Zero team posted...
SSL certificate revocation and how it is broken in practice: CRL, OCSP, OCSP stapling, must-staple, CRLSet
http://ift.tt/2EYOcIa
Submitted January 05, 2018 at 03:03AM by alsam88
via reddit http://ift.tt/2qlP6uV
http://ift.tt/2EYOcIa
Submitted January 05, 2018 at 03:03AM by alsam88
via reddit http://ift.tt/2qlP6uV
Medium
SSL certificate revocation and how it is broken in practice
Explore certificate revocation solutions: CRL, OCSP, OCSP stapling, must staple. Check out server implementation issues and browser support
SSL certificate revocation and how it is broken in practice: CRL, OCSP, OCSP stapling, must-staple, browser support
http://ift.tt/2EYOcIa
Submitted January 05, 2018 at 03:15AM by alsam88
via reddit http://ift.tt/2ArTVTk
http://ift.tt/2EYOcIa
Submitted January 05, 2018 at 03:15AM by alsam88
via reddit http://ift.tt/2ArTVTk
Medium
SSL certificate revocation and how it is broken in practice
Explore certificate revocation solutions: CRL, OCSP, OCSP stapling, must staple. Check out server implementation issues and browser support
Starting the year off with a bang - Summary of Spectre and Meltdown Vulnerabilities
http://ift.tt/2lY9XQe
Submitted January 05, 2018 at 06:29AM by esotericape
via reddit http://ift.tt/2E7zLAe
http://ift.tt/2lY9XQe
Submitted January 05, 2018 at 06:29AM by esotericape
via reddit http://ift.tt/2E7zLAe
A2 Cybersecurity Technical News Blog
Spectre and Meltdown starting the year off with a bang » A2 Cybersecurity Technical News Blog
CVE-2017-5754, CVE-2017–5753 and CVE-2017–5715 Spectre and Meltdown are hardware vulnerabilities that affect all modern CPU designs. That includes all desktop, laptop, and ARM CPU’s and mobile devices. The two vulnerabilities can be located on the Mitre CVE…
Lots of websites ask for my account/routing number. Is that safer, less safe, equally safe to the websites that ask for my login credentials?
I've been trained to think that giving some rando website my the account and routing number of my checking account is safe.And I've been trained to think that giving some rando webiste my user id and password to my bank is not safe.More and more, I've been finding mobile apps (and some web apps) that want my user id and password to my bank account.Why can't they work with my account and routing number?And is there really a substantial difference in security between handing over my account and routing number vs handing out my user id and login?
Submitted January 05, 2018 at 12:59PM by jpflathead
via reddit http://ift.tt/2lZFH7F
I've been trained to think that giving some rando website my the account and routing number of my checking account is safe.And I've been trained to think that giving some rando webiste my user id and password to my bank is not safe.More and more, I've been finding mobile apps (and some web apps) that want my user id and password to my bank account.Why can't they work with my account and routing number?And is there really a substantial difference in security between handing over my account and routing number vs handing out my user id and login?
Submitted January 05, 2018 at 12:59PM by jpflathead
via reddit http://ift.tt/2lZFH7F
reddit
Lots of websites ask for my account/routing number.... • r/security
I've been trained to think that giving some rando website my the account and routing number of my checking account is safe. And I've been trained...
Malicious Android software imitates Uber's layout to trick you into giving up your login details
http://ift.tt/2lV7SVh
Submitted January 05, 2018 at 03:49PM by GemmaJ123
via reddit http://ift.tt/2F0Yd7q
http://ift.tt/2lV7SVh
Submitted January 05, 2018 at 03:49PM by GemmaJ123
via reddit http://ift.tt/2F0Yd7q
Business Insider
Malicious Android software imitates Uber's layout to trick you into giving up your login details
The lesson: Don't download apps outside of Google Play.
Pale Moon isn't vulnerable to Meltdown / Spectre
http://ift.tt/2CL0pmp
Submitted January 05, 2018 at 05:11PM by rediii123
via reddit http://ift.tt/2CVnjUN
http://ift.tt/2CL0pmp
Submitted January 05, 2018 at 05:11PM by rediii123
via reddit http://ift.tt/2CVnjUN
Cisco IOS SNMP remote code execution (CVE-2017-6737) exploit
http://ift.tt/2E80EEb
Submitted January 05, 2018 at 05:57PM by kavmax
via reddit http://ift.tt/2CWSkHY
http://ift.tt/2E80EEb
Submitted January 05, 2018 at 05:57PM by kavmax
via reddit http://ift.tt/2CWSkHY
GitHub
artkond/cisco-snmp-rce
Cisco IOS SNMP RCE PoC. Contribute to artkond/cisco-snmp-rce development by creating an account on GitHub.
Security In 5: Episode 146 - Tools, Tips and Tricks - Qualsys SSL Server Test
http://ift.tt/2AwUxXG
Submitted January 05, 2018 at 07:36PM by BinaryBlog
via reddit http://ift.tt/2CV4mBt
http://ift.tt/2AwUxXG
Submitted January 05, 2018 at 07:36PM by BinaryBlog
via reddit http://ift.tt/2CV4mBt
Libsyn
Security In Five Podcast: Episode 146 - Tools, Tips and Tricks - Qualsys SSL Server Test
This week's TTT episode talks about a website from Qualsys' SSL Labs. SSL Server Test is a fantastic website for a preliminary scan of any website you control. This will check all the SSL information, known SSL based vulnerabilities, check the domain with…
This Survey Found the Current Password Habits of the Average American
http://ift.tt/2AcSybC
Submitted January 05, 2018 at 07:35PM by trilydog
via reddit http://ift.tt/2CuHiZm
http://ift.tt/2AcSybC
Submitted January 05, 2018 at 07:35PM by trilydog
via reddit http://ift.tt/2CuHiZm
EPC Group
“What’s the Password?”: The Surprising Results
Nowadays, it seems that to be able to function in our modern world it’s essential to have multiple passwords. From logging into social media or a bank account, your work computer or email, to buying products online, passwords are a major part of our daily…
Intel's Meltdown And Spectre Security Updates Will Hit 90% Of Its Processors By Next Week
http://ift.tt/2lZLWHI
Submitted January 05, 2018 at 07:33PM by DJRWolf
via reddit http://ift.tt/2CVWJL6
http://ift.tt/2lZLWHI
Submitted January 05, 2018 at 07:33PM by DJRWolf
via reddit http://ift.tt/2CVWJL6
HotHardware
Intel's Meltdown And Spectre Security Updates Will Hit 90% Of Its Processors By Next Week | HotHardware
The tech industry is still trying to recover from the fallout surrounding the Meltdown and Spectre vulnerabilities that were disclosed this week. Intel, AMD, Apple, Microsoft, ARM, and other key players in the hardware and software arena have been working…
Spectre-on-Kubernetes, a proof of concept
http://ift.tt/2CL8KX9
Submitted January 05, 2018 at 09:22PM by speckz
via reddit http://ift.tt/2m0ektB
http://ift.tt/2CL8KX9
Submitted January 05, 2018 at 09:22PM by speckz
via reddit http://ift.tt/2m0ektB
Hacker Noon
Spectre-on-Kubernetes, a proof of concept
TL;DR: a PoC demonstrating Spectre, the nasty CPU bug, running on Kubernetes.
Documenting system/app settings
At work I was tasked with documenting the decision made for settings for "widget" software. That way in 2-5 years when some asks "Why did we use this setting vs others?" we have something to support the decision.Ive tried hitting google and Im having difficulty finding resources that are helpful.What do you call this practice? what are phrases I could search? What resources do you have?
Submitted January 05, 2018 at 09:21PM by gnomeparadox
via reddit http://ift.tt/2CL8PcF
At work I was tasked with documenting the decision made for settings for "widget" software. That way in 2-5 years when some asks "Why did we use this setting vs others?" we have something to support the decision.Ive tried hitting google and Im having difficulty finding resources that are helpful.What do you call this practice? what are phrases I could search? What resources do you have?
Submitted January 05, 2018 at 09:21PM by gnomeparadox
via reddit http://ift.tt/2CL8PcF
reddit
Documenting system/app settings • r/security
At work I was tasked with documenting the decision made for settings for "widget" software. That way in 2-5 years when some asks "Why did we use...
“Intel Core 2 bugs will assuredly be exploitable from userland code” (2007)
http://archive.is/XO6Fz
Submitted January 05, 2018 at 07:18PM by w122
via reddit http://ift.tt/2Eamt69
http://archive.is/XO6Fz
Submitted January 05, 2018 at 07:18PM by w122
via reddit http://ift.tt/2Eamt69
archive.is
'Intel Core 2' - MARC
archived 4 Jan 2018 15:10:45 UTC