Browser as botnet, the coming war on your web browser
http://ift.tt/2EHePjM

Submitted January 15, 2018 at 01:21AM by brannondorsey
via reddit http://ift.tt/2mxkFNj

AKITA Instant Privacy | Worth it?
http://ift.tt/2lk0666

Submitted January 15, 2018 at 01:26AM by bjm123
via reddit http://ift.tt/2EG68X0

A few OSSEC HIDS thoughts...
We've used OSSEC HIDS in PCI:DSS environments for years now, but I'm looking to extend the functionality quite a bit.Automated agent installation. (Puppet Labs?)Reporting Analytics / Rules. (Wazuh?)Templated site configuration. (no idea...)The goal would be to prop-up a vanilla OSSEC installation with base configs on a VM (probably in Hyper-V) then create an image we could clone to other future client spaces. This would greatly reduce the time spent on initial project-work, remediating these specific PCI requirements.A few questions:How would you go about it?Is AlienVault worth it? (Demo'ing their product this week.)Have you run into any gotcha's with OSSEC HIDS that are better overcome with another product?Thanks in advance!

Submitted January 14, 2018 at 10:48PM by sh8k3nb8by
via reddit http://ift.tt/2AXUvZk

OnePlus Checkout Hacked? The Dangers of On-Site Payment Processing
http://ift.tt/2r7tYcl

Submitted January 15, 2018 at 03:30AM by JustAPenTester
via reddit http://ift.tt/2r9cNaq

[x-post r/Huawei] How secure is the fingerprint lock? (pentesting?)
Ive never been on this sub so i dont know if this is the right place.. but anyways.To preface, let me start by saying i am not a programmer or pentester at all but i do take an interest in learning what is behind the interface of my various electronic devices.So i own a Huawei Mate 9I noticed when I go to "phone manager > applock" you can lock certain apps with the fingerprint scanner. I use kik a lot for messaging people and used that function for this app (as well as literally every other app that would give anyone information about me if they had access). When i receive a notification and click it, my phone first directs me to unlock the app with the fingerprint. However before i unlock it, the person who sent me the message can see that i "read" their message before ever opening their message. This applies with every other messaging app i have at the moment.Again, i dont have much experience in this realm, but with the little knowledge i do have.. it seems that it allows me to access the messages BEFORE i unlock it. It appears that the only reason I cant see the message is because the fingerprint scanner pops up so I cant physically see the message, but the phone can.Assuming someone hacked or installed spyware/malware on my phone, does that mean that the fingerprint lock does not offer me another layer of security?

Submitted January 15, 2018 at 03:37AM by whatisthisrn
via reddit http://ift.tt/2Dy9UST

ProtonMail remains one of the most secure emails with the end to end decryption system
http://ift.tt/2Dr8aLb

Submitted January 15, 2018 at 04:03AM by giobbo
via reddit http://ift.tt/2mwqScj

Persistence by adding data to alternate data streams and executing it
http://ift.tt/2mxUMg3

Submitted January 15, 2018 at 04:02AM by oddvarmoe
via reddit http://ift.tt/2Dfowc5

SMB Antimalware Suite Recommendations please
Looking for a cloud based antimalware endpoint solution (preferably with some basic MDM ability---check encryption and patching).Currently 50 employees, but likely to be 250 in a year.Has to work on Mac and Windows. It's been ages since I investigated this so advice from those in the field is greatly appreciated.

Submitted January 15, 2018 at 11:49AM by TheDroogie
via reddit http://ift.tt/2r1S1cu

Bash noscript that enumerates affected systems by each vulnerability per year using Shodan
http://ift.tt/2mv9jJJ

Submitted January 15, 2018 at 01:21PM by tobortidder
via reddit http://ift.tt/2DdY0Ra

2018 B-day Reverse Engineering Challenge
http://ift.tt/2B1Bxkn

Submitted January 15, 2018 at 03:17PM by Rikaard
via reddit http://ift.tt/2mIStIj

Cyber Security Training and Education
https://www.youtube.com/attribution_link?a=QmMdTAgWZa8&u=%2Fwatch%3Fv%3D_S2zNf0C48A%26feature%3Dshare

Submitted January 15, 2018 at 03:29PM by steppa_cyber
via reddit http://ift.tt/2mES1dT

How Secure Is Your Hotel Mobile Room Key?
http://ift.tt/2AE5s22

Submitted January 15, 2018 at 04:08PM by GemmaJ123
via reddit http://ift.tt/2D3JXtw

OSINT AS A MINDSET
http://ift.tt/2DiSSdN

Submitted January 15, 2018 at 04:20PM by xaocuc
via reddit http://ift.tt/2FGaFd5

Automating Application Security
http://ift.tt/2r9ZQga

Submitted January 15, 2018 at 04:17PM by TheRealest_Me
via reddit http://ift.tt/2mFdnaT

Toymaker VTech Settles Charges of Violating Child Privacy Law
http://ift.tt/2CTt9Za

Submitted January 15, 2018 at 04:09PM by GemmaJ123
via reddit http://ift.tt/2r7bZCL

Purple Rain Attack: Password Cracking With Random Generation
http://ift.tt/2D5EEJT

Submitted January 15, 2018 at 05:06PM by netmux
via reddit http://ift.tt/2DzMOeJ

Subdomain enumeration using Censys certificate transparency logs
http://ift.tt/2B3pdA4

Submitted January 15, 2018 at 05:48PM by thorn42
via reddit http://ift.tt/2EIkg20

Security In 5: Episode 152 - How To Help Your Security Program Be Accepted
http://ift.tt/2EGETLZ

Submitted January 15, 2018 at 07:32PM by BinaryBlog
via reddit http://ift.tt/2DfhmVn

RFID tag in key fob?
When your smart keyfob looses power you can often start the engine by pushing the start button with the key fob. Suspecting a passive RFID tag, I tried to pick up a 125khz tag with an Innovations reader and tried to read an NFC tag with a PN532 reader to no avail. Anyone know what's in there?

Submitted January 15, 2018 at 07:23PM by hydronics2
via reddit http://ift.tt/2mzTWiT

Check https grades via console
http://ift.tt/2EIeHR8

Submitted January 15, 2018 at 07:14PM by CoolUsernamesAreGone
via reddit http://ift.tt/2B2861q

Hacking Facebook accounts using CSRF in Oculus-Facebook integration
http://ift.tt/2Dy9tbf

Submitted January 15, 2018 at 08:55PM by josipfranjkovic
via reddit http://ift.tt/2B20c8q