Intel AMT Security Issue Lets Attackers Bypass BIOS and BitLocker Passwords
http://ift.tt/2CYWPkv

Submitted January 13, 2018 at 01:57AM by 808hunna
via reddit http://ift.tt/2D6O2Bc

"2018 is barely two weeks old, and already it looks like we've got new piece of macOS malware! Hooray :)"
http://ift.tt/2D4DS3T

Submitted January 13, 2018 at 07:26AM by cpeacock15
via reddit http://ift.tt/2DrVinU

A publicly-disclosed UXSS vulnerability was being exploited against Opera users for over two years (2010 to late 2012)
http://ift.tt/2msFFES

Submitted January 13, 2018 at 08:45AM by Sephr
via reddit http://ift.tt/2mzl6Y4

Is India's Aadhaar System Really "Hack-Proof"? Assessing a Publicly Observable Security Posture
http://ift.tt/2mrqZWk

Submitted January 13, 2018 at 11:19AM by volci
via reddit http://ift.tt/2DchNQb

An introduction book to ethical hacking for kids?
My newphew is 10, he was excitedly telling me the other day about how he hacked an android game. He didn't actually hack an Android game, I suspect it was a cheat of some kind that he found on Google.Anyway, I wanted to use that enthusiasm to spark an interest in computing, perhaps Cyber Security.I had an idea of getting him a "hacking" book, which would of course excite the devilish imagination of a 10 year old. But what I actually want is a book aimed at kids that takes them through the very basics of Ethical Hacking/Cyber security.Perhaps just a simplified denoscription of an IP address and then showing you how to ping/traceroute etc - with a denoscription of when you might need to do this kind of thing in an ethical hacking scenario - that kind of thing.Any ideas? I've searched around the usual places (Amazon etc) but can't find anything similar.

Submitted January 13, 2018 at 11:10AM by usernameisprobstoolo
via reddit http://ift.tt/2mqy2Pb

DDoS Misusing DNS Resolvers - Some examples
http://ift.tt/2D6IE0T

Submitted January 13, 2018 at 12:40PM by nykzhang
via reddit http://ift.tt/2D9fEF4

A club near my area somehow got hold of my private email?
Sorry if this is isn't the appropiate subreddit for this, but I'm still a bit concerned about what happened to me the other day.Yesterday at 1PM I received an invitation email from a women's fitness club (????), hosting an event about eating healthy and properly or something like that. It was in my junk folder, so I thought it was some sort of scammer at first (which semt super strange, because I never get any scammers or actual spam mails).However, I've also noticed how the email mentioned the small city I live in. Apparently It was where the club was located in, so I opened the email and it was just a short wall of text, saying everyone's invited but theres an entry fee etc.After looking up their name in Google, I instantly knew who they were. It's some tiny women's fitness club named "heroine" next to my local bank, a mile away from my home.But I'm just confused on how they managed to get my email..?I never ever write down my personal email in public places, or if a person asks for it. It's a rare occasion but when asked, I usually make a completely new one, sometimes even on a whole new provider. Within 3 years I've only been asked for an email once (by my gym), and I created a completely new one in gmail, a provider which I do not use on my personal account.Anyone know what's going on?

Submitted January 13, 2018 at 02:04PM by KICKTYAN
via reddit http://ift.tt/2mrOvCP

Sending arbitrary Last-Event-ID header values across origins using the EventSource API.
http://ift.tt/2mtbqxD

Submitted January 13, 2018 at 05:05PM by bayotop
via reddit http://ift.tt/2AWfcEE

Hospital hit by ransomware: Attackers demand Bitcoin to release control of system
http://ift.tt/2FxzUOL

Submitted January 13, 2018 at 08:21PM by aafrn
via reddit http://ift.tt/2DdSZre

DDoS Misusing DNS Resolvers - Example against Uber
http://ift.tt/2D6IE0T

Submitted January 13, 2018 at 11:50PM by nykzhang
via reddit http://ift.tt/2D7BSIh

You want use Gigabyte online support? Ok! You need to create a account for that, BUT look first how *not* secure their servers are
http://ift.tt/2Fvjd6G

Submitted January 14, 2018 at 12:21AM by rediii123
via reddit http://ift.tt/2EE5xVB

Yet another gadget for java deserialization: Misusing Oracle JDBC for SSRF-attacks
http://ift.tt/2DddtjH

Submitted January 13, 2018 at 02:29AM by agrrrdog
via reddit http://ift.tt/2Fw08Bf

Chasing malware and c&c servers in OSINT style!
http://ift.tt/2muX3c6

Submitted January 14, 2018 at 02:30AM by Mysterii8
via reddit http://ift.tt/2DaxS9b

Proof of Concept: Website analytics/tracking only using CSS and no JS
http://ift.tt/2Dco3aB

Submitted January 14, 2018 at 03:34AM by jbtronics
via reddit http://ift.tt/2D9F5qJ

Russia behind NotPetya cyberattack in Ukraine, CIA concludes
http://ift.tt/2mzPgKN

Submitted January 14, 2018 at 12:17PM by cmstrump
via reddit http://ift.tt/2EHcgy9

Russian military was behind ‘NotPetya’ cyberattack in Ukraine, CIA concludes
http://ift.tt/2CYsh27

Submitted January 14, 2018 at 02:20PM by DerBootsMann
via reddit http://ift.tt/2mBSqO3

Looking for half-decent MSSP Service Catalog and documentation templates - Whatcha got?
http://ift.tt/2D2uxFB

Submitted January 14, 2018 at 03:25AM by sh8k3nb8by
via reddit http://ift.tt/2mBvmzf

You want use Gigabyte online support? Ok! You need to create a account for that, BUT look first how *not* secure their servers are
http://ift.tt/2Fvjd6G

Submitted January 14, 2018 at 04:10PM by rediii123
via reddit http://ift.tt/2EFJqyl

CTF Challenge n3ph4ck Writeup
http://ift.tt/2D8WKyD

Submitted January 14, 2018 at 03:17PM by administrator007
via reddit http://ift.tt/2EHX8AJ

Lenovo network-switches with backdoor
http://ift.tt/2CYtSoX

Submitted January 14, 2018 at 04:19PM by rediii123
via reddit http://ift.tt/2D8KfTQ

Fuzzing D code with LDC
http://ift.tt/2CZw6UN

Submitted January 14, 2018 at 06:22PM by cym13
via reddit http://ift.tt/2mx19Ai