Firewall Detection in Penetration Tests
http://ift.tt/2CV3fUS
Submitted January 09, 2018 at 08:05AM by berkdusunurx
via reddit http://ift.tt/2mbjwuv
http://ift.tt/2CV3fUS
Submitted January 09, 2018 at 08:05AM by berkdusunurx
via reddit http://ift.tt/2mbjwuv
www.berkdusunur.net
Firewall Detection in Penetration Tests (Sızma Testlerinde Firewall Tespiti)
Hello everyone. Today I will write about Firewall detection in penetration testing. Please let me know your views on the articles ...
What spectre and meltdown mean for WebKit
http://ift.tt/2D6uiu1
Submitted January 09, 2018 at 10:34AM by fproulx
via reddit http://ift.tt/2Danw6E
http://ift.tt/2D6uiu1
Submitted January 09, 2018 at 10:34AM by fproulx
via reddit http://ift.tt/2Danw6E
WebKit
What Spectre and Meltdown Mean For WebKit
(From 1995) The Intel 80x86 Process Architecture: Pitfalls for Secure Systems
http://ift.tt/2D5pzsJ
Submitted January 09, 2018 at 10:10AM by fproulx
via reddit http://ift.tt/2ElIAqf
http://ift.tt/2D5pzsJ
Submitted January 09, 2018 at 10:10AM by fproulx
via reddit http://ift.tt/2ElIAqf
Crypto courses
http://ift.tt/2jcl9a4
Submitted January 09, 2018 at 12:49PM by avi00
via reddit http://ift.tt/2Eoq1BT
http://ift.tt/2jcl9a4
Submitted January 09, 2018 at 12:49PM by avi00
via reddit http://ift.tt/2Eoq1BT
Top best quality of Security Doors in London
security doors are the top priority of people in the London because these type door not only enhance the look of an office or home but they also provide complete security to a home or office. For London security, Jai Shutter offers first quality security door in London.
Submitted January 09, 2018 at 04:52PM by Jai-shutters
via reddit http://ift.tt/2qFf2BQ
security doors are the top priority of people in the London because these type door not only enhance the look of an office or home but they also provide complete security to a home or office. For London security, Jai Shutter offers first quality security door in London.
Submitted January 09, 2018 at 04:52PM by Jai-shutters
via reddit http://ift.tt/2qFf2BQ
reddit
Top best quality of Security Doors in London • r/security
security doors are the top priority of people in the London because these type door not only enhance the look of an office or home but they also...
1-Day Browser & Kernel Exploitation
http://ift.tt/2qMSvD4
Submitted January 09, 2018 at 05:34PM by tunnelshade
via reddit http://ift.tt/2CWf79m
http://ift.tt/2qMSvD4
Submitted January 09, 2018 at 05:34PM by tunnelshade
via reddit http://ift.tt/2CWf79m
iOS kernel exploitation archaeology (34c3)
http://ift.tt/2lmbTBc
Submitted January 09, 2018 at 05:33PM by pwnwaffe
via reddit http://ift.tt/2mdfB0v
http://ift.tt/2lmbTBc
Submitted January 09, 2018 at 05:33PM by pwnwaffe
via reddit http://ift.tt/2mdfB0v
media.ccc.de
iOS kernel exploitation archaeology
This talk presents the technical details and the process of reverse engineering and re-implementation of the evasi0n7 jailbreak's main ke...
PCI Compliance History, Status, And Outlook
http://ift.tt/2AJPPpC
Submitted January 09, 2018 at 06:05PM by Uminekoshi
via reddit http://ift.tt/2mhRfmT
http://ift.tt/2AJPPpC
Submitted January 09, 2018 at 06:05PM by Uminekoshi
via reddit http://ift.tt/2mhRfmT
Nehemiah Security
Guest Post: PCI Compliance history, status, and outlook - Nehemiah Security
The Payment Card Industry-Data Security Standard (PCI DSS) has been around for many years. Regardless, we think it is worthwhile to review the history of PCI and explore current and future developments to better capitalize on the value-add of PCI. PCI-DSS…a…
PCI Compliance History, Status, And Outlook
http://ift.tt/2AJPPpC
Submitted January 09, 2018 at 06:05PM by Uminekoshi
via reddit http://ift.tt/2mhRfmT
http://ift.tt/2AJPPpC
Submitted January 09, 2018 at 06:05PM by Uminekoshi
via reddit http://ift.tt/2mhRfmT
Nehemiah Security
Guest Post: PCI Compliance history, status, and outlook - Nehemiah Security
The Payment Card Industry-Data Security Standard (PCI DSS) has been around for many years. Regardless, we think it is worthwhile to review the history of PCI and explore current and future developments to better capitalize on the value-add of PCI. PCI-DSS…a…
Security In 5: Episode 148 - Are You The Reason Your Identity Was Stolen? Don't Make The Mistakes
http://ift.tt/2Enqh3Z
Submitted January 09, 2018 at 07:43PM by BinaryBlog
via reddit http://ift.tt/2FikRZm
http://ift.tt/2Enqh3Z
Submitted January 09, 2018 at 07:43PM by BinaryBlog
via reddit http://ift.tt/2FikRZm
Libsyn
Security In Five Podcast: Episode 148 - Are You The Reason Your Identity Was Stolen? Don't Make The Mistakes
Personally Identifiable Information is the gateway to identity theft. We hear about companies losing control of PII but there are also things individuals can do to cause identity theft as well. This episode goes into the tips and pitfalls you could be doing…
WPA3 being released soon, thoughts?
http://ift.tt/2Fflu5M
Submitted January 09, 2018 at 08:29PM by KingMidas369
via reddit http://ift.tt/2CIyu2g
http://ift.tt/2Fflu5M
Submitted January 09, 2018 at 08:29PM by KingMidas369
via reddit http://ift.tt/2CIyu2g
ZDNet
With WPA3, Wi-Fi security is about to get a lot tougher
Finally, a security reprieve for open Wi-Fi hotspot users.
Microsoft disables Windows Update for systems that don't have Spectre/Meltdown compliant antivirus
http://ift.tt/2qKT8NE
Submitted January 09, 2018 at 08:45PM by unluckier
via reddit http://ift.tt/2qNonaM
http://ift.tt/2qKT8NE
Submitted January 09, 2018 at 08:45PM by unluckier
via reddit http://ift.tt/2qNonaM
DoublePulsar
Important information about Microsoft Meltdown CPU security fixes, antivirus vendors and you
Last week, Microsoft issued January’s cumulative security fixes for January 2018. Although the media focus has been around “Meltdown” and…
KeystoneJS Open Source Penetration Testing Report
http://ift.tt/2zB6kaF
Submitted January 09, 2018 at 08:37PM by sandeep1337
via reddit http://ift.tt/2maKzq1
http://ift.tt/2zB6kaF
Submitted January 09, 2018 at 08:37PM by sandeep1337
via reddit http://ift.tt/2maKzq1
SecureLayer7
KeystoneJS Open Source Penetration Testing Report
Overview Under the Gratis Pentest 2017, we have evaluated security postures of open source applications. For Gratis 2017 we have selected KeystoneJS. In this blog we are discussing about KeystoneJS Open Source Penetration Testing Report and releasing the…
WiFi Alliance gave a glimpse of WPA3 and some of its features
http://ift.tt/2qHmoEZ
Submitted January 09, 2018 at 08:28PM by jithins1610
via reddit http://ift.tt/2CUm76n
http://ift.tt/2qHmoEZ
Submitted January 09, 2018 at 08:28PM by jithins1610
via reddit http://ift.tt/2CUm76n
Root Said
WPA3 Features Explained - What is WPA3? - Root Said
WPA3 Security - WiFi alliance announced the next upgraded version of WiFi WPA security standard. What is WPA3? Why do we need WPA3? Everything you need to know about WPA3.
Ideas on how to detect Meltdown and Spectre
http://ift.tt/2ErmHWt
Submitted January 09, 2018 at 08:06PM by ynvb
via reddit http://ift.tt/2CLuttV
http://ift.tt/2ErmHWt
Submitted January 09, 2018 at 08:06PM by ynvb
via reddit http://ift.tt/2CLuttV
Check Point Research
Detection of the Meltdown and Spectre Vulnerabilities - Check Point Research
Researchers: Erez Israel, Daniel Marx, Yoav Alon, Aviv Gafni and Ben Omelchenko Last week, two publications regarding a pair of vulnerabilities named individually by their publishers as Meltdown and Spectre sent shockwaves through the cyber-security ecosystem.…
WOW! Dangerous Cyber attack in starting of 2018. Is your device secure??
Meltdown and Spectre - https://youtube.com/watch?list=PL4Z_2mButeI5eFuisg8p1oKzQw7OXvAsk&v=mi1fwGRma8s
Submitted January 09, 2018 at 10:25PM by sweet2weet
via reddit http://ift.tt/2qKwAwF
Meltdown and Spectre - https://youtube.com/watch?list=PL4Z_2mButeI5eFuisg8p1oKzQw7OXvAsk&v=mi1fwGRma8s
Submitted January 09, 2018 at 10:25PM by sweet2weet
via reddit http://ift.tt/2qKwAwF
YouTube
Meltdown and Spectre - Biggest Threat on All of Your Devices
Meltdown and Spectre, two new vulnerabilities are discovered recently on all the CPU's of intel, amd and arm processors. these new bugs are opening the door ...
Beginning to become more and more targeted.
It has been a few months I have noticed I am becoming more and more targeted in login attempts on various online services.2FA is active whenever I have a chance however, some services don't offer it (traditional banks for example) as well as I Simply forget where I have accounts.Does anyone have any tips or a guideline on how I can begin to find where the heck I have accounts and begin locking things down? 2FA is on my gmail and hotmail of course.
Submitted January 09, 2018 at 10:19PM by Pm_me_your_motocycle
via reddit http://ift.tt/2mjss1F
It has been a few months I have noticed I am becoming more and more targeted in login attempts on various online services.2FA is active whenever I have a chance however, some services don't offer it (traditional banks for example) as well as I Simply forget where I have accounts.Does anyone have any tips or a guideline on how I can begin to find where the heck I have accounts and begin locking things down? 2FA is on my gmail and hotmail of course.
Submitted January 09, 2018 at 10:19PM by Pm_me_your_motocycle
via reddit http://ift.tt/2mjss1F
reddit
Beginning to become more and more targeted. • r/security
It has been a few months I have noticed I am becoming more and more targeted in login attempts on various online services. 2FA is active...
Brute force password attack prevention
What does this community think about my ideas. Obviously, I cannot possibly be the first guy to think in these ways, or ...?http://ift.tt/2CLcKmx
Submitted January 09, 2018 at 09:44PM by mr-gaiasoul
via reddit http://ift.tt/2CLd5pj
What does this community think about my ideas. Obviously, I cannot possibly be the first guy to think in these ways, or ...?http://ift.tt/2CLcKmx
Submitted January 09, 2018 at 09:44PM by mr-gaiasoul
via reddit http://ift.tt/2CLd5pj
Gaiasoul
Brute force password attack prevention
For quite some time, I have been playing around with the ideas of being able to secure Phosphorus Five from brute force password attack, and actually once you spend time on it (pun!), it is actuall…
Cryptojacking - From Theft to Destruction
http://ift.tt/2CIl46i
Submitted January 09, 2018 at 09:30PM by Mi3Security
via reddit http://ift.tt/2DcgVIU
http://ift.tt/2CIl46i
Submitted January 09, 2018 at 09:30PM by Mi3Security
via reddit http://ift.tt/2DcgVIU
Mi3 Security
Cryptojacking - From Theft to Destruction
The rush to market with bleeding edge applications means that many mobile cryptocurrency applications and wallets contain vulnerabilities or security risks. This week we will examine a different kind of cryptocurrency risk. Cryptojacking.
practicalities of a primenumber rainbow table
how much effort would go in a programm/rainbowtable that goes to all values that you can make with, say, 4096 bit, check if its a prime number, if so, store it, then mutiply with every other found prime numer and store the result with some backlink to the correponding primenumber. how much would it cost in terms of cpu cycles and storage/memory, how good is this problem parallelisable? TL;DR: can such thing practicly break RSA
Submitted January 10, 2018 at 12:19AM by simcup
via reddit http://ift.tt/2CVFOvp
how much effort would go in a programm/rainbowtable that goes to all values that you can make with, say, 4096 bit, check if its a prime number, if so, store it, then mutiply with every other found prime numer and store the result with some backlink to the correponding primenumber. how much would it cost in terms of cpu cycles and storage/memory, how good is this problem parallelisable? TL;DR: can such thing practicly break RSA
Submitted January 10, 2018 at 12:19AM by simcup
via reddit http://ift.tt/2CVFOvp
reddit
practicalities of a primenumber rainbow table • r/security
how much effort would go in a programm/rainbowtable that goes to all values that you can make with, say, 4096 bit, check if its a prime number, if...
S/Mime Email security
More context at the bottom of the page.I have to encrypt and sign an email with an attachment per some instructions, but I don't know enough about cryptology to know how to interpret the instructions.I took the instructions below to mean "encrypt only the attachment (not the full e-mail), encrypt it with AES 256, using the RSA public key as the secret, (which means generating a random IV")The problem is that the secret key in C# doesn't appear that it can be more than 32 bytes. If I use the public key byte array, it is 270 bytes and it is not allowed.My guess at this point is that I should NOT be creating the AES key from the RSA public key, but that's where it loses me. Should I be creating a random key, or using the same one, how are they able to decrypt it if they don't have this key?"Using the secure/multipurpose internet mail exchange (S/MIME) standard, the email must be encrypted using AES-256 (AES cipher with a 256-bit key length) and FMCSA’s ELD public key. The message must be signed using the manufacturer’s ELD private key that corresponds with the ELD public key submitted to FMCSA by the provider when self-certifying the ELD.(a) The ELD must attach a file to an email message to be sent using RFC 5321 Simple Mail Transfer Protocol (SMTP) (incorporated by reference, see § 395.38), to a specific email address, which will be shared with the ELD providers during the technology registration process. (b)The file must have the format described in section 4.8.2.1 of this appendix and must be encrypted using the Secure/Multipurpose Internet Mail Extensions as described in RFC 5751 (incorporated by reference, see § 395.38), and the RSA algorithm as 116 described in RFC 4056 (incorporated by reference, see § 395.38), with the FMCSA public key compliant with NIST SP 800-32 (incorporated by reference, see § 395.38) to be provided to the ELD provider at the time of registration. The content must be encrypted using AES in FIPS Publication 197 (incorporated by reference, see § 395.38), and RFC 3565 (incorporated by reference, see § 395.38). (c)The email must be formatted using the RFC 5322 Internet Message Format (incorporated by reference, see § 395.38), as follows: Element Format To : <Address Provided by FMCSA during online registration> From : <Desired return address for confirmation> Subject : ELD records from <ELD Registration ID><’:’> <ELD Identifier> Body : <Output File Comment> Attachment : MIME encoded AES-256 encrypted file with <filename>.<Date string>.<unique identifier>.aes "
Submitted January 10, 2018 at 01:13AM by educated_female
via reddit http://ift.tt/2CZt6M8
More context at the bottom of the page.I have to encrypt and sign an email with an attachment per some instructions, but I don't know enough about cryptology to know how to interpret the instructions.I took the instructions below to mean "encrypt only the attachment (not the full e-mail), encrypt it with AES 256, using the RSA public key as the secret, (which means generating a random IV")The problem is that the secret key in C# doesn't appear that it can be more than 32 bytes. If I use the public key byte array, it is 270 bytes and it is not allowed.My guess at this point is that I should NOT be creating the AES key from the RSA public key, but that's where it loses me. Should I be creating a random key, or using the same one, how are they able to decrypt it if they don't have this key?"Using the secure/multipurpose internet mail exchange (S/MIME) standard, the email must be encrypted using AES-256 (AES cipher with a 256-bit key length) and FMCSA’s ELD public key. The message must be signed using the manufacturer’s ELD private key that corresponds with the ELD public key submitted to FMCSA by the provider when self-certifying the ELD.(a) The ELD must attach a file to an email message to be sent using RFC 5321 Simple Mail Transfer Protocol (SMTP) (incorporated by reference, see § 395.38), to a specific email address, which will be shared with the ELD providers during the technology registration process. (b)The file must have the format described in section 4.8.2.1 of this appendix and must be encrypted using the Secure/Multipurpose Internet Mail Extensions as described in RFC 5751 (incorporated by reference, see § 395.38), and the RSA algorithm as 116 described in RFC 4056 (incorporated by reference, see § 395.38), with the FMCSA public key compliant with NIST SP 800-32 (incorporated by reference, see § 395.38) to be provided to the ELD provider at the time of registration. The content must be encrypted using AES in FIPS Publication 197 (incorporated by reference, see § 395.38), and RFC 3565 (incorporated by reference, see § 395.38). (c)The email must be formatted using the RFC 5322 Internet Message Format (incorporated by reference, see § 395.38), as follows: Element Format To : <Address Provided by FMCSA during online registration> From : <Desired return address for confirmation> Subject : ELD records from <ELD Registration ID><’:’> <ELD Identifier> Body : <Output File Comment> Attachment : MIME encoded AES-256 encrypted file with <filename>.<Date string>.<unique identifier>.aes "
Submitted January 10, 2018 at 01:13AM by educated_female
via reddit http://ift.tt/2CZt6M8
reddit
S/Mime Email security • r/security
More context at the bottom of the page. I have to encrypt and sign an email with an attachment per some instructions, but I don't know enough...