Video-Reversing/Debugging 3rd Party APKs (xpost r/ringzero)
http://ift.tt/2mGJlDF
Submitted January 16, 2018 at 01:36AM by majorllama
via reddit http://ift.tt/2D7YxzY
http://ift.tt/2mGJlDF
Submitted January 16, 2018 at 01:36AM by majorllama
via reddit http://ift.tt/2D7YxzY
Ringzerolabs
Reverse Engineering and Debugging 3rd Party APKs
Today we demonstrate what tools are needed to reverse engineer 3rd party APKs and how to debug them without having source-code.
Lost bitlocker key
Since MS released the update that gave lots of computers worldwide BSOD we have a laptop that has BSOD. Since this happend between a MS update, the bitlocker key got frozen in the memory. As of MS disables bitlocker temporairly when it reboots for a update.The computer could bould without a key but is in a boot loop.We lost the key. So we tried several things: * Seaching the key in our mailboxen and every possible know place * Tried the infeneon tpm hack which failes to read the public key * Finding a way to put a command line in the boot process somewere so we could use %system32%\config\Regback, but i coulnd stop windows from loading somehow to open up cmd or so. * As for as i know it cant be done with Meltdown cause the OS needs te be live, correct me if im wrongWe do think of freezing the memory still should be a reasonable option, DMA-attack, but this would be the last option to tryDoes anyone else has Any ideas to use or combine some off the things i listed. We really need to crack this laptop open cause there are lots of family pictures on it, and yes they didnt want a backup plan, but the key was my responsibility.
Submitted January 16, 2018 at 05:54AM by iiidefconiii
via reddit http://ift.tt/2D8Ceds
Since MS released the update that gave lots of computers worldwide BSOD we have a laptop that has BSOD. Since this happend between a MS update, the bitlocker key got frozen in the memory. As of MS disables bitlocker temporairly when it reboots for a update.The computer could bould without a key but is in a boot loop.We lost the key. So we tried several things: * Seaching the key in our mailboxen and every possible know place * Tried the infeneon tpm hack which failes to read the public key * Finding a way to put a command line in the boot process somewere so we could use %system32%\config\Regback, but i coulnd stop windows from loading somehow to open up cmd or so. * As for as i know it cant be done with Meltdown cause the OS needs te be live, correct me if im wrongWe do think of freezing the memory still should be a reasonable option, DMA-attack, but this would be the last option to tryDoes anyone else has Any ideas to use or combine some off the things i listed. We really need to crack this laptop open cause there are lots of family pictures on it, and yes they didnt want a backup plan, but the key was my responsibility.
Submitted January 16, 2018 at 05:54AM by iiidefconiii
via reddit http://ift.tt/2D8Ceds
reddit
Lost bitlocker key • r/security
Since MS released the update that gave lots of computers worldwide BSOD we have a laptop that has BSOD. Since this happend between a MS update,...
Browser as Botnet, or the Coming War on Your Web Browser
http://ift.tt/2EHePjM
Submitted January 16, 2018 at 05:13AM by chull2058
via reddit http://ift.tt/2D4J9EB
http://ift.tt/2EHePjM
Submitted January 16, 2018 at 05:13AM by chull2058
via reddit http://ift.tt/2D4J9EB
Medium
Browser as Botnet, or the Coming War on Your Web Browser
What if websites borrowed compute resources from their visitor’s devices while they browsed as a means of distributed computing?
Police Hand out Malware-Infected USBs as Prize in Cyber-Security Quiz
http://ift.tt/2B0E91U
Submitted January 16, 2018 at 05:12AM by chull2058
via reddit http://ift.tt/2D6bSJe
http://ift.tt/2B0E91U
Submitted January 16, 2018 at 05:12AM by chull2058
via reddit http://ift.tt/2D6bSJe
BleepingComputer
Police Hand out Malware-Infected USBs as Prize in Cyber-Security Quiz
Taiwanese police have handed out malware-infected USB thumb drives to the winners of a cyber-security quiz at a data security expo hosted in December last year by the country's Presidential Office.
How the industry-breaking Spectre bug stayed secret for seven months
http://ift.tt/2qU0fTZ
Submitted January 16, 2018 at 06:06AM by thatshirtman
via reddit http://ift.tt/2mzEjbz
http://ift.tt/2qU0fTZ
Submitted January 16, 2018 at 06:06AM by thatshirtman
via reddit http://ift.tt/2mzEjbz
The Verge
Keeping Spectre secret
And then leaked out.
uncached privileged memory can be read with meltdown (a controversy)
https://twitter.com/raphael_scarv/status/952078140028964864
Submitted January 16, 2018 at 06:51AM by raphaelscarv
via reddit http://ift.tt/2D47SZB
https://twitter.com/raphael_scarv/status/952078140028964864
Submitted January 16, 2018 at 06:51AM by raphaelscarv
via reddit http://ift.tt/2D47SZB
Twitter
Raphael Carvalho
F*ck, I can barely believe that I was able to read non-cached data from other process efficiently. Removed iteration and issued flush on secret. Thanks @misc0110, @aionescu for all the tips. Not releasing it or somebody could definitely set the world on fire…
How Can Access control system raise up the School’s Security?
http://ift.tt/2EKHR1V
Submitted January 16, 2018 at 01:15PM by Bellaava22
via reddit http://ift.tt/2FIbzps
http://ift.tt/2EKHR1V
Submitted January 16, 2018 at 01:15PM by Bellaava22
via reddit http://ift.tt/2FIbzps
Articlesengine
How Can Access control system raise up the School’s Security?
Security is not limited to residential and commercial buildings many places need high-level safety measurements so apart from private sectors.
Bypassing CSP by Abusing JSONP Endpoints
http://ift.tt/2FFSt3x
Submitted January 16, 2018 at 01:54PM by mazen160
via reddit http://ift.tt/2ravwlX
http://ift.tt/2FFSt3x
Submitted January 16, 2018 at 01:54PM by mazen160
via reddit http://ift.tt/2ravwlX
Medium
Bypassing CSP by Abusing JSONP Endpoints
This blog post discusses a technique that can be used to bypass CSP (Content Security Policy).
Seagate patched silently a security flaw in NAS devices
http://ift.tt/2DANzEc
Submitted January 16, 2018 at 02:20PM by rediii123
via reddit http://ift.tt/2Df3Rpj
http://ift.tt/2DANzEc
Submitted January 16, 2018 at 02:20PM by rediii123
via reddit http://ift.tt/2Df3Rpj
Bitcoin and Cryptocurrencies Under Attack from Hackers – Stay Safe
http://ift.tt/2DATA3R
Submitted January 16, 2018 at 01:56PM by vaxfms
via reddit http://ift.tt/2B5fJ7x
http://ift.tt/2DATA3R
Submitted January 16, 2018 at 01:56PM by vaxfms
via reddit http://ift.tt/2B5fJ7x
OS Radar
Bitcoin & Cryptocurrencies under Attack from Hackers - OS Radar
Bitcoin – we all are familiar with this name. Bitcoin is so popular that it has become a synonym of cryptocurrency. Bitcoin was the first and now, the biggest in the market. Because of its growing price, hackers are targetting Bitcoin users more. Learn how…
Seagate patched silently a security flaw in NAS devices
http://ift.tt/2DANzEc
Submitted January 16, 2018 at 02:20PM by rediii123
via reddit http://ift.tt/2mCB5E6
http://ift.tt/2DANzEc
Submitted January 16, 2018 at 02:20PM by rediii123
via reddit http://ift.tt/2mCB5E6
reddit
Seagate patched silently a security flaw in NAS devices • r/netsec
1 points and 0 comments so far on reddit
VNL launches battery powered ResQMobil trailer at ARTECH 2018
http://ift.tt/2DDVEbh
Submitted January 16, 2018 at 03:10PM by VNLIndiaNetwork
via reddit http://ift.tt/2DhLLDr
http://ift.tt/2DDVEbh
Submitted January 16, 2018 at 03:10PM by VNLIndiaNetwork
via reddit http://ift.tt/2DhLLDr
reddit
VNL launches battery powered ResQMobil trailer at... • r/security
1 points and 0 comments so far on reddit
GSM & Broadband Services for Homeland Security by VNL
http://ift.tt/2Dh7L0j
Submitted January 16, 2018 at 02:35PM by VNLIndiaNetwork
via reddit http://ift.tt/2Dbu6c4
http://ift.tt/2Dh7L0j
Submitted January 16, 2018 at 02:35PM by VNLIndiaNetwork
via reddit http://ift.tt/2Dbu6c4
www.vnl.in
GSM & Broadband Services for Homeland Security by VNL
VNL’s secure GSM & broadband communications solution for Homeland Security can integrated on a fixed or transportable platform, provide voice and data services.
Analysis of cryptocurrency miner in compromised websites
http://ift.tt/2B6h4uJ
Submitted January 16, 2018 at 03:11PM by TheRealest_Me
via reddit http://ift.tt/2D7A9i8
http://ift.tt/2B6h4uJ
Submitted January 16, 2018 at 03:11PM by TheRealest_Me
via reddit http://ift.tt/2D7A9i8
And again: new Commodo cert compromised
http://ift.tt/2rdZohf
Submitted January 16, 2018 at 03:39PM by rediii123
via reddit http://ift.tt/2mDPIqT
http://ift.tt/2rdZohf
Submitted January 16, 2018 at 03:39PM by rediii123
via reddit http://ift.tt/2mDPIqT
Google
Google Groups
Google Groups allows you to create and participate in online forums and email-based groups with a rich experience for community conversations.
And again: new Commodo cert compromised
http://ift.tt/2rdZohf
Submitted January 16, 2018 at 03:38PM by rediii123
via reddit http://ift.tt/2rclBvX
http://ift.tt/2rdZohf
Submitted January 16, 2018 at 03:38PM by rediii123
via reddit http://ift.tt/2rclBvX
Google
Google Groups
Google Groups allows you to create and participate in online forums and email-based groups with a rich experience for community conversations.
Hackers target Ukrainian software company to spread the notorious Zeus banking trojan
http://ift.tt/2m41ZoZ
Submitted January 16, 2018 at 06:11PM by thumbsdrivesmecrazy
via reddit http://ift.tt/2EMMlFt
http://ift.tt/2m41ZoZ
Submitted January 16, 2018 at 06:11PM by thumbsdrivesmecrazy
via reddit http://ift.tt/2EMMlFt
International Business Times UK
Hackers target Ukrainian software company to spread the notorious Zeus banking trojan
Researchers said the attack occurred in August 2017, around the time of Ukraine's Independence Day holiday.
Cyber Risk Quantification: Building The Test Range
http://ift.tt/2DhtmFZ
Submitted January 16, 2018 at 06:00PM by Uminekoshi
via reddit http://ift.tt/2FK6lJR
http://ift.tt/2DhtmFZ
Submitted January 16, 2018 at 06:00PM by Uminekoshi
via reddit http://ift.tt/2FK6lJR
Nehemiah Security
Cyber Risk Quantification: Building the Test Range - Nehemiah Security
There are many ways to estimate your potential losses due to a cyber attack. One way to start is building a test range.
Russian troll factory expands its work space threefold in 2018
http://ift.tt/2DaEZzj
Submitted January 16, 2018 at 06:22PM by cmstrump
via reddit http://ift.tt/2B5xUtT
http://ift.tt/2DaEZzj
Submitted January 16, 2018 at 06:22PM by cmstrump
via reddit http://ift.tt/2B5xUtT
Euromaidan Press
Russian troll factory expands its work space threefold in 2018 -
When the employees of the famous “troll factory” in St. Petersburg return to their desks after the Russian holidays, they will be writing comments and posts on social media in much more spacious offices. As the city’s leading business daily Delovoy Peterburg reports…
Security In 5: Episode 153 - IoT Strikes Again - VTech Ordered To Pay Up For Child Privacy Failures
http://ift.tt/2rcXsWc
Submitted January 16, 2018 at 07:36PM by BinaryBlog
via reddit http://ift.tt/2mKdG4C
http://ift.tt/2rcXsWc
Submitted January 16, 2018 at 07:36PM by BinaryBlog
via reddit http://ift.tt/2mKdG4C
Libsyn
Security In Five Podcast: Episode 153 - IoT Strikes Again - VTech Ordered To Pay Up For Child Privacy Failures
VTech had a large data leak with one of their toys in 2015 and now they have been hit with a big fine. VTech collected personal information on millions of children and did not disclose this properly to the parents and did not have proper security control…
Analyzing the TRITON industrial malware
http://ift.tt/2DC8Qxi
Submitted January 16, 2018 at 07:30PM by 2ROT13
via reddit http://ift.tt/2rhzY2n
http://ift.tt/2DC8Qxi
Submitted January 16, 2018 at 07:30PM by 2ROT13
via reddit http://ift.tt/2rhzY2n
Midnight Blue
Analyzing the TRITON industrial malware
This blog post aims to discuss the incident background, the TRITON framework and the attack payload in an effort to clarify this attack in particular and attacks on industrial safety systems in general.