Free Computer Forensic Software
http://ift.tt/17UQpTt
Submitted January 17, 2018 at 11:56PM by xaocuc
via reddit http://ift.tt/2DpP62l
http://ift.tt/17UQpTt
Submitted January 17, 2018 at 11:56PM by xaocuc
via reddit http://ift.tt/2DpP62l
Forensic Control
Free Computer Forensic Software
List of free computer forensic tools created & maintained by Forensic Control. With disk capture, file viewers, Mac OS tools, email analysis & many others.
Meltdown, Spectre, and why hardware can be correct yet insecure
http://ift.tt/2DlAalM
Submitted January 17, 2018 at 11:50PM by mttd
via reddit http://ift.tt/2rhBHVa
http://ift.tt/2DlAalM
Submitted January 17, 2018 at 11:50PM by mttd
via reddit http://ift.tt/2rhBHVa
Andrew Myers
Meltdown, Spectre, and why hardware can be correct yet insecure
The recent Meltdown and Spectre attacks have exposed, or at least emphasized, a fundamental problem with the conventional approach to computer security at the hardware level. Both of these attacks …
What the 'Watch Dogs' video games tell us about today's cybersecurity
http://ift.tt/2DhYdil
Submitted January 18, 2018 at 01:31AM by abhishekiyer
via reddit http://ift.tt/2DHTO9m
http://ift.tt/2DhYdil
Submitted January 18, 2018 at 01:31AM by abhishekiyer
via reddit http://ift.tt/2DHTO9m
Demisto
What the ‘Watch Dogs’ Video Games Tell Us About Today’s Cybersecurity
Learn how the Watch Dogs games hit the right notes on key issues in cybersecurity, including the dangerous potential of IoT and dissolving endpoint perimeters.
Week 3 in Information Security, 2018
http://ift.tt/2FOPh5Q
Submitted January 18, 2018 at 03:49AM by undercomm
via reddit http://ift.tt/2Dei95y
http://ift.tt/2FOPh5Q
Submitted January 18, 2018 at 03:49AM by undercomm
via reddit http://ift.tt/2Dei95y
Malgregator
InfoSec Week 3, 2018
Notoriously known Necurs spam botnet is sending millions of spam emails that are pumping shitcoin cryptocurrency named Swisscoin....
Advice regarding Ethconnect securities scam by known fraudster Yair Shalev.
To try to keep this relatively concise, there was a cryptocurrency "initial coin offering" done on a website called Ethconnect which was supposed to be a cryptocurrency trading and exchange platform based in Japan. Upon further investigation of the domain registration, the idiot behind this website was actually a known spammer/fraudster named "Yair Shalev". He previously defrauded masses of people with "urgent" online correspondence regarding Affordable Care Act enrollment and was charged for it by the FTC as can be witnessed here. http://ift.tt/2FPlwBwThis time around, he simply took over 14 million dollars worth of people's Bitcoin and Ethereum without ever opening the promissed services and funneled said Bitcoin and Ethereum to his own address as can be witnessed by assessing the respective blockchains. He never opened the exchange and stopped addressing people on the company's social media site after the date the exchange was supposed to open had passed on December 20, 2017 (https://twitter.com/ethconnect?lang=en)The reason I know the amount was over 14 million dollars was because a statement regarding that amount was posted on the company's twitter and can still be witnessed there. I have taken screen shots of it as well in case he takes it down inasmuch as people are onto him now and he has been trying to cover his tracks.The reason I know that the site was run by Yair was because, although he proxied the name information on his ICANN registration, the phone number associated with the Ethconnect domain registration was the same number he used for Kobeni Solutions (the ACA scam company) among many other scam sites and businesses as can be witnessed here.http://ift.tt/2rhkCuzThe fact the the number (+1 (480) 624-2599 ) had a one before it was also a dead giveaway that he was and probably still is located in America and not Japan inasmuch as "1" signifies North America in the international phone format. Whitepages also still has him and his wife Tali located in Hollywood, Florida.I filed a complaint to the Florida Office of the Inspector General through the SEC's website link and I simply wanted to post this here to see if anyone here had knowledge or relationships that would assist in convicting this guy. He has defrauded thousands, maybe millions of people. This site is just his latest scam. I know functionally, the simplest way to have him arrested would probably be to Subpoena the registration record directly from Godaddy but I can't do that inasmuch as I am obviously not a district attorney. What do you guys/girls think? Did I do what I could? Should I also submit something to the Florida District Attorney or would that be redundant considering I've already submitted something to the Florida Office of the Inspector General? I appreciate any feedback.edit: He was charged by the "FTC" last time. Not the SEC.
Submitted January 18, 2018 at 07:35AM by doggdood
via reddit http://ift.tt/2BcmtAs
To try to keep this relatively concise, there was a cryptocurrency "initial coin offering" done on a website called Ethconnect which was supposed to be a cryptocurrency trading and exchange platform based in Japan. Upon further investigation of the domain registration, the idiot behind this website was actually a known spammer/fraudster named "Yair Shalev". He previously defrauded masses of people with "urgent" online correspondence regarding Affordable Care Act enrollment and was charged for it by the FTC as can be witnessed here. http://ift.tt/2FPlwBwThis time around, he simply took over 14 million dollars worth of people's Bitcoin and Ethereum without ever opening the promissed services and funneled said Bitcoin and Ethereum to his own address as can be witnessed by assessing the respective blockchains. He never opened the exchange and stopped addressing people on the company's social media site after the date the exchange was supposed to open had passed on December 20, 2017 (https://twitter.com/ethconnect?lang=en)The reason I know the amount was over 14 million dollars was because a statement regarding that amount was posted on the company's twitter and can still be witnessed there. I have taken screen shots of it as well in case he takes it down inasmuch as people are onto him now and he has been trying to cover his tracks.The reason I know that the site was run by Yair was because, although he proxied the name information on his ICANN registration, the phone number associated with the Ethconnect domain registration was the same number he used for Kobeni Solutions (the ACA scam company) among many other scam sites and businesses as can be witnessed here.http://ift.tt/2rhkCuzThe fact the the number (+1 (480) 624-2599 ) had a one before it was also a dead giveaway that he was and probably still is located in America and not Japan inasmuch as "1" signifies North America in the international phone format. Whitepages also still has him and his wife Tali located in Hollywood, Florida.I filed a complaint to the Florida Office of the Inspector General through the SEC's website link and I simply wanted to post this here to see if anyone here had knowledge or relationships that would assist in convicting this guy. He has defrauded thousands, maybe millions of people. This site is just his latest scam. I know functionally, the simplest way to have him arrested would probably be to Subpoena the registration record directly from Godaddy but I can't do that inasmuch as I am obviously not a district attorney. What do you guys/girls think? Did I do what I could? Should I also submit something to the Florida District Attorney or would that be redundant considering I've already submitted something to the Florida Office of the Inspector General? I appreciate any feedback.edit: He was charged by the "FTC" last time. Not the SEC.
Submitted January 18, 2018 at 07:35AM by doggdood
via reddit http://ift.tt/2BcmtAs
Remote code execution exploit in Chrome on Android
http://ift.tt/2DHYkEX
Submitted January 18, 2018 at 09:35AM by Ajedi32
via reddit http://ift.tt/2DgDZFE
http://ift.tt/2DHYkEX
Submitted January 18, 2018 at 09:35AM by Ajedi32
via reddit http://ift.tt/2DgDZFE
Android Developers Blog
Android Security Ecosystem Investments Pay Dividends for Pixel
The latest Android and Google Play news and tips for app and game developers.
Skyfall and Solace are two speculative attacks based on the work highlighted by Meltdown and Spectre. Full details are still under embargo.
http://ift.tt/2FS4yCU
Submitted January 18, 2018 at 11:25AM by OKNoah
via reddit http://ift.tt/2rjdSfD
http://ift.tt/2FS4yCU
Submitted January 18, 2018 at 11:25AM by OKNoah
via reddit http://ift.tt/2rjdSfD
reddit
Skyfall and Solace are two speculative attacks based... • r/security
1 points and 0 comments so far on reddit
More Meltdown and Spectre Flaws Incoming!
http://ift.tt/2DgTLjO
Submitted January 18, 2018 at 01:45PM by vaxfms
via reddit http://ift.tt/2mQ9Uqk
http://ift.tt/2DgTLjO
Submitted January 18, 2018 at 01:45PM by vaxfms
via reddit http://ift.tt/2mQ9Uqk
OS Radar
More Meltdown and Spectre Flaws Incoming! - OS Radar
After the Meltdown and Spectre, a huge security shock hit the world. Almost all the modern processors are deemed vulnerable to these flaws. These bugs affect practically all the modern chips. According to ARM's CEO Simon Segars, more flaws are likely to appear…
Skygofree: Following in the footsteps of HackingTeamhttps://www.reddit.com/r/security/securelist.com
http://ift.tt/2EJcNzO
Submitted January 18, 2018 at 03:15PM by cym13
via reddit http://ift.tt/2DguG8L
http://ift.tt/2EJcNzO
Submitted January 18, 2018 at 03:15PM by cym13
via reddit http://ift.tt/2DguG8L
Securelist - Information about Viruses, Hackers and Spam
Skygofree: Following in the footsteps of HackingTeam
At the beginning of October 2017, we discovered new Android spyware with several features previously unseen in the wild. In the course of further research, we found a number of related samples that point to a long-term development process. We believe the…
cctv surveillance system mumbai
http://ift.tt/2BeoFrq
Submitted January 18, 2018 at 03:24PM by zicom11
via reddit http://ift.tt/2FP6EU5
http://ift.tt/2BeoFrq
Submitted January 18, 2018 at 03:24PM by zicom11
via reddit http://ift.tt/2FP6EU5
Zicom
Zicom CCTV Surveillance, CCTV Mumbai, CCTV, Zicom
Zicom Offers an Electronic CCTV Surveillance camera, CCTV camera Mumbai, Zicom
Blockchain Technology and the Hiring Process-dock.io
http://ift.tt/2FQmtcQ
Submitted January 18, 2018 at 03:37PM by Theekshanag
via reddit http://ift.tt/2mPZDds
http://ift.tt/2FQmtcQ
Submitted January 18, 2018 at 03:37PM by Theekshanag
via reddit http://ift.tt/2mPZDds
reddit
Blockchain Technology and the Hiring Process-dock.io • r/netsec
0 points and 0 comments so far on reddit
B.I.G. Enterprises Bullet and Blast Resistant Guard Booths
https://www.youtube.com/watch?v=EwBUel1N70c
Submitted January 18, 2018 at 04:56PM by phelpsryans
via reddit http://ift.tt/2Bcc5c9
https://www.youtube.com/watch?v=EwBUel1N70c
Submitted January 18, 2018 at 04:56PM by phelpsryans
via reddit http://ift.tt/2Bcc5c9
YouTube
B.I.G. Enterprises Bullet and Blast Resistant Guard Booths.mp4
B.I.G. high security, bullet and blast resistant booths protect lives of security personnel so they are able to provide help in the event of an attack.
A reliable TCP/IP reader for 120 smartcards for crypto-wallets or general encryption
This device seems to provide a fairly reliable access to smartcards over TCP/IP. And it costs less than that many USB smart-card readers.http://ift.tt/2rkSOFxMaybe a new platform for secure crypto wallets with a more convenient access?
Submitted January 18, 2018 at 04:15PM by dc352
via reddit http://ift.tt/2FSd0lB
This device seems to provide a fairly reliable access to smartcards over TCP/IP. And it costs less than that many USB smart-card readers.http://ift.tt/2rkSOFxMaybe a new platform for secure crypto wallets with a more convenient access?
Submitted January 18, 2018 at 04:15PM by dc352
via reddit http://ift.tt/2FSd0lB
reddit
A reliable TCP/IP reader for 120 smartcards for... • r/security
This device seems to provide a fairly reliable access to smartcards over TCP/IP. And it costs less than that many USB smart-card...
Cisco’s new tool will detect malware in encrypted traffic
http://ift.tt/2ECfh2P
Submitted January 18, 2018 at 04:19PM by pielco11
via reddit http://ift.tt/2DMYquI
http://ift.tt/2ECfh2P
Submitted January 18, 2018 at 04:19PM by pielco11
via reddit http://ift.tt/2DMYquI
HackRead
Cisco's new tool will detect malware in encrypted traffic
According to technology giant Cisco they company has created a security tool that detects malware in encrypted traffic which was not possible previously.
CES 2018: SimpliSafe's revamped home security system available now, more products planned
As the DIY home security market gets crowded, SimpliSafe gets serious about design.If you've ever looked into a DIY home security solution, you've likely come across SimpliSafe. The company has made a name for itself by providing a base system, allowing users to add ad hoc sensors and components, and pay a monthly fee without any sort of contract.Starting Wednesday, SimpliSafe will begin selling a completely redesigned system. The new design comes from a partnership between SimpliSafe and IDEO.A more streamlined keypad, key fob, sensors, and home hub each have a more appealing look -- some of which reminds me of something I'd expect to see from the likes of Ring or Nest -- starts at $229 for a basic kit, and it goes up to $539 depending on number of sensors and components.SimpliSafe's new system boasts a cellular and Wi-Fi connection for added peace of mind, along with a backup battery capable of running for 24 hours. A new processor makes the new system up to five times faster than the previous model.Following an expansion of ADT's services outside of the home, and the announcement that Ring Alarm will ship this spring, SimpliSafe's announcement shows just how competitive the DIY home security market is becoming.In addition to its redesigned system, SimpliSafe also plans to release a video doorbell, outdoor camera, smart lock, and add voice support through Amazon's Alexa in 2018. The new hardware products don't currently have pricing or a firm release date.More News:- http://ift.tt/2DHVQpT
Submitted January 18, 2018 at 05:11PM by sameenasamu
via reddit http://ift.tt/2DtDews
As the DIY home security market gets crowded, SimpliSafe gets serious about design.If you've ever looked into a DIY home security solution, you've likely come across SimpliSafe. The company has made a name for itself by providing a base system, allowing users to add ad hoc sensors and components, and pay a monthly fee without any sort of contract.Starting Wednesday, SimpliSafe will begin selling a completely redesigned system. The new design comes from a partnership between SimpliSafe and IDEO.A more streamlined keypad, key fob, sensors, and home hub each have a more appealing look -- some of which reminds me of something I'd expect to see from the likes of Ring or Nest -- starts at $229 for a basic kit, and it goes up to $539 depending on number of sensors and components.SimpliSafe's new system boasts a cellular and Wi-Fi connection for added peace of mind, along with a backup battery capable of running for 24 hours. A new processor makes the new system up to five times faster than the previous model.Following an expansion of ADT's services outside of the home, and the announcement that Ring Alarm will ship this spring, SimpliSafe's announcement shows just how competitive the DIY home security market is becoming.In addition to its redesigned system, SimpliSafe also plans to release a video doorbell, outdoor camera, smart lock, and add voice support through Amazon's Alexa in 2018. The new hardware products don't currently have pricing or a firm release date.More News:- http://ift.tt/2DHVQpT
Submitted January 18, 2018 at 05:11PM by sameenasamu
via reddit http://ift.tt/2DtDews
reddit
CES 2018: SimpliSafe's revamped home security system... • r/security
**As the DIY home security market gets crowded, SimpliSafe gets serious about design.** If you've ever looked into a DIY home security solution,...
Did I Miss Anything?
Hi All, I wrote a (hopefully) secure chat implementation in Python. Would love to hear your expert opinion about its security flaws (if any):http://ift.tt/2DphFgmThanks Ynon
Submitted January 18, 2018 at 05:43PM by ynonp
via reddit http://ift.tt/2mLwxew
Hi All, I wrote a (hopefully) secure chat implementation in Python. Would love to hear your expert opinion about its security flaws (if any):http://ift.tt/2DphFgmThanks Ynon
Submitted January 18, 2018 at 05:43PM by ynonp
via reddit http://ift.tt/2mLwxew
Ynon Perek
Writing a Secure Encrypted Chat in Python
When using a stream ciphers to pass encrypted messages to the other, there are some potential traps that we should look out for. Let's explore them and then move on to a demo chat application. Key Storage The first question is where do you store the key.…
Security In 5: Episode 155 - Why You Should Phish Your Employees
http://ift.tt/2mRlTnA
Submitted January 18, 2018 at 07:31PM by BinaryBlog
via reddit http://ift.tt/2Di59f8
http://ift.tt/2mRlTnA
Submitted January 18, 2018 at 07:31PM by BinaryBlog
via reddit http://ift.tt/2Di59f8
Libsyn
Security In Five Podcast: Episode 155 - Why You Should Phish Your Employees
Phishing, emails made to look legitimate, is one of the main methods to deliver malware, steal credentials and conduct fraud. Security awareness training covers phishing but how do you really know if people can avoid them? Trust but verify and how you do…
Security considerations for choosing a Content Management System. Share your thoughts.
http://ift.tt/2mKrScI
Submitted January 18, 2018 at 07:16PM by ded1cated
via reddit http://ift.tt/2DLLhSW
http://ift.tt/2mKrScI
Submitted January 18, 2018 at 07:16PM by ded1cated
via reddit http://ift.tt/2DLLhSW
WebARX
Security Overview Of Popular Content Management Systems
WordPress Security. Drupal Security. Joomla Security. Must Know Facts About The Security Of Popular Content Management Systems.
Remote Code Execution on a Medical Infusion Pump
http://ift.tt/2mRZjen
Submitted January 18, 2018 at 08:07PM by BDelay
via reddit http://ift.tt/2DmPNdr
http://ift.tt/2mRZjen
Submitted January 18, 2018 at 08:07PM by BDelay
via reddit http://ift.tt/2DmPNdr
GitHub
sgayou/medfusion-4000-research
medfusion-4000-research - Medfusion 4000 Security Research
87 Security Experts to follow on Twitter
http://ift.tt/2Dgdujy
Submitted January 18, 2018 at 08:36PM by yourbasicgeek
via reddit http://ift.tt/2FQPIMM
http://ift.tt/2Dgdujy
Submitted January 18, 2018 at 08:36PM by yourbasicgeek
via reddit http://ift.tt/2FQPIMM
Securityinnovationeurope
Security Experts You Need to follow
Pysaml2: Running python with optimizations makes UsernamePasswordMako accept any password for any user
http://ift.tt/2xA5g2W
Submitted January 18, 2018 at 08:35PM by cym13
via reddit http://ift.tt/2FRBQC0
http://ift.tt/2xA5g2W
Submitted January 18, 2018 at 08:35PM by cym13
via reddit http://ift.tt/2FRBQC0
GitHub
Running python with optimizations makes UsernamePasswordMako accept any password for any user · Issue #451 · rohe/pysaml2
On the current master branch, the UsernamePasswordMako class relies on an assert statement to check the user's password:
pysaml2/src/saml2/authn.py
Line 149
...
pysaml2/src/saml2/authn.py
Line 149
...