Security Orchestration for Endpoint Security: Use Cases
http://ift.tt/2DmxkcT
Submitted January 20, 2018 at 04:15AM by abhishekiyer
via reddit http://ift.tt/2DS6U3Y
http://ift.tt/2DmxkcT
Submitted January 20, 2018 at 04:15AM by abhishekiyer
via reddit http://ift.tt/2DS6U3Y
Demisto
Security Orchestration for Endpoint Security: Carbon Black and Demisto
Learn how to leverage Demisto’s security orchestration with Carbon Black products to coordinate endpoint security, control, and response from one console.
OnePlus got pwned, exposed up to 40,000 users to credit card fraud | A malicious noscript injected into OnePlus' payment page went undiscovered for two months.
http://ift.tt/2mTdFeI
Submitted January 20, 2018 at 11:56AM by RandomCollection
via reddit http://ift.tt/2mROqIG
http://ift.tt/2mTdFeI
Submitted January 20, 2018 at 11:56AM by RandomCollection
via reddit http://ift.tt/2mROqIG
Ars Technica
OnePlus got pwned, exposed up to 40,000 users to credit card fraud
A malicious noscript injected into OnePlus' payment page went undiscovered for two months.
British teen gained access to US intelligence operations by pretending to be CIA head
http://ift.tt/2EZyNXf
Submitted January 20, 2018 at 03:54PM by Bastet1
via reddit http://ift.tt/2Bg0RTW
http://ift.tt/2EZyNXf
Submitted January 20, 2018 at 03:54PM by Bastet1
via reddit http://ift.tt/2Bg0RTW
Express.co.uk
British teen gained access to US intelligence operations by pretending to be CIA head
A BRITISH teenager is to be sentenced at the Old Bailey after he gained access to plans for intelligence operations in Afghanistan and Iran by pretending to be the head of the CIA, it has been reported.
OnePlus website hacked - Credit Card Information of 40000 customers leaked
http://ift.tt/2G0kAKP
Submitted January 20, 2018 at 05:29PM by chieffrank
via reddit http://ift.tt/2DtQnq9
http://ift.tt/2G0kAKP
Submitted January 20, 2018 at 05:29PM by chieffrank
via reddit http://ift.tt/2DtQnq9
IB Computing
OnePlus website hacked - Credit Card Information of 40000 customers leaked - IB Computing
OnePlus website hacked! Mobile manufacturer company OnePlus has confirmed in a forum post that it's been a prey to a Credit Card Hack. The hackers were able to inject some malicious JavaScript code into the website's payment page to extract the credit card…
You can actually update your microcode even without a BIOS update.
Here is how you do it in Windows, and here is some Linux fun. And here is Intel's latest microcode.AMD's microcode you can obtain via this git repo.
Submitted January 20, 2018 at 08:06PM by kn1ght
via reddit http://ift.tt/2DRV7m3
Here is how you do it in Windows, and here is some Linux fun. And here is Intel's latest microcode.AMD's microcode you can obtain via this git repo.
Submitted January 20, 2018 at 08:06PM by kn1ght
via reddit http://ift.tt/2DRV7m3
Tenforums
How to update the CPU's microcode - Windows 10 Forums
Good Morning All, I came from Linux to Windows 10. After 14 years, got tired of the Linux desktop mess. The experience has been good. I've been on W10 since the beginning of the year. Under Linux, CPU
Collection of Books on Info Sec and Hacking
http://ift.tt/2mSDD0U
Submitted January 20, 2018 at 09:01PM by learnie
via reddit http://ift.tt/2DtKXLO
http://ift.tt/2mSDD0U
Submitted January 20, 2018 at 09:01PM by learnie
via reddit http://ift.tt/2DtKXLO
Dropbox
Info Sec & Hacking
Shared with Dropbox
Mobile Devices Compromised by Fake Secure Messaging Clients
http://ift.tt/2DpyiJP
Submitted January 20, 2018 at 10:30PM by 4f97749cdfb5dc076228
via reddit http://ift.tt/2Bhqx2i
http://ift.tt/2DpyiJP
Submitted January 20, 2018 at 10:30PM by 4f97749cdfb5dc076228
via reddit http://ift.tt/2Bhqx2i
Electronic Frontier Foundation
Related Issues
San Francisco – The Electronic Frontier Foundation (EFF) and mobile security company Lookout have uncovered a new malware espionage campaign infecting thousands of people in more than 20 countries. Hundreds of gigabytes of data has been stolen, primarily…
IDOR leaks PII of Apple pre-order customers
http://ift.tt/2DSyxd6
Submitted January 21, 2018 at 02:17AM by hiilikecats
via reddit http://ift.tt/2Dmtwsn
http://ift.tt/2DSyxd6
Submitted January 21, 2018 at 02:17AM by hiilikecats
via reddit http://ift.tt/2Dmtwsn
not the same origin
Steps to Reproduce #1: Leaking PII of Apple pre-order customers
Hihi! N.B. Consent was received from Apple to disclose this bug. No data is disclosed in the article, and to respect privacy the couriers name is redacted. Today I'm writing about a very simple chain of bugs I found in the tracking site of the courier that…
Universal XSS vulnerability via Evernote Web Clipper extension
http://ift.tt/2mLDQ65
Submitted January 19, 2018 at 02:47PM by xpnsecurity
via reddit http://ift.tt/2rlnVAS
http://ift.tt/2mLDQ65
Submitted January 19, 2018 at 02:47PM by xpnsecurity
via reddit http://ift.tt/2rlnVAS
XPN InfoSec Blog
Universal XSS via Evernote WebClipper
During an evening of bug hunting, I found a cool issue in Evernote's WebClipper tool. The result was a Universal XSS vulnerability, which we will explore in this post.
Debugging third-party Android Java code on OS X
http://ift.tt/2DoZ0hh
Submitted January 21, 2018 at 02:59PM by xaocuc
via reddit http://ift.tt/2DqgppO
http://ift.tt/2DoZ0hh
Submitted January 21, 2018 at 02:59PM by xaocuc
via reddit http://ift.tt/2DqgppO
Wapiti (web vulnerability scanner)
http://ift.tt/1j1r2Du
Submitted January 21, 2018 at 06:01PM by fAyf5eQR
via reddit http://ift.tt/2mZn2cw
http://ift.tt/1j1r2Du
Submitted January 21, 2018 at 06:01PM by fAyf5eQR
via reddit http://ift.tt/2mZn2cw
reddit
Wapiti (web vulnerability scanner) • r/netsec
2 points and 0 comments so far on reddit
abatchy's blog | [Kernel Exploitation] 2: Payloads
http://ift.tt/2rsy12T
Submitted January 21, 2018 at 06:44PM by sanderD
via reddit http://ift.tt/2FWQXtP
http://ift.tt/2rsy12T
Submitted January 21, 2018 at 06:44PM by sanderD
via reddit http://ift.tt/2FWQXtP
Abatchy
[Kernel Exploitation] 2: Payloads
Discusses payloads to be used in upcoming posts
CISSP Dysfunction
http://ift.tt/2mYsmvV
Submitted January 22, 2018 at 12:46AM by Deku-shrub
via reddit http://ift.tt/2DxqggZ
http://ift.tt/2mYsmvV
Submitted January 22, 2018 at 12:46AM by Deku-shrub
via reddit http://ift.tt/2DxqggZ
pirate dot london
CISSP Dysfunction
Exploring the Certified Information Systems Security Professional certification, I tried out a free version of the test to see how I’d do…
CISSP Dysfunction
http://ift.tt/2mYsmvV
Submitted January 22, 2018 at 12:44AM by Deku-shrub
via reddit http://ift.tt/2Dv7h7N
http://ift.tt/2mYsmvV
Submitted January 22, 2018 at 12:44AM by Deku-shrub
via reddit http://ift.tt/2Dv7h7N
pirate dot london
CISSP Dysfunction
Exploring the Certified Information Systems Security Professional certification, I tried out a free version of the test to see how I’d do…
Surprising CTF task solution using php://filter
http://ift.tt/2DvP1Li
Submitted January 22, 2018 at 05:23AM by ffyns
via reddit http://ift.tt/2mZ2Cj4
http://ift.tt/2DvP1Li
Submitted January 22, 2018 at 05:23AM by ffyns
via reddit http://ift.tt/2mZ2Cj4
reddit
Surprising CTF task solution using php://filter • r/netsec
9 points and 0 comments so far on reddit
Should I make a new email and reroute my current accounts to the new email?
I have been getting a email saying it’s coming from a family member but when I click the name to see the email address it’s a email that I don’t recognize. The email wants me to click on the link it provided but I know better not to click it. It worries me that I have someone trying to do this with a email that I have a lot of accounts connected to. Would it be smart to make a new email address and account and reroute all that is associated with it?
Submitted January 22, 2018 at 07:26AM by Turtle131313
via reddit http://ift.tt/2Bk9rRp
I have been getting a email saying it’s coming from a family member but when I click the name to see the email address it’s a email that I don’t recognize. The email wants me to click on the link it provided but I know better not to click it. It worries me that I have someone trying to do this with a email that I have a lot of accounts connected to. Would it be smart to make a new email address and account and reroute all that is associated with it?
Submitted January 22, 2018 at 07:26AM by Turtle131313
via reddit http://ift.tt/2Bk9rRp
reddit
Should I make a new email and reroute my current... • r/security
I have been getting a email saying it’s coming from a family member but when I click the name to see the email address it’s a email that I don’t...
Recording voice in a phonecall, is it a problem?
Out of curiosity, a friend (Let's call him Henry) filled some online form with some personal information, like name, phone number, location, email address, date-of-birth, and nothing more. Then he closed the webpage which was advertising a certain service.Later, Henry receives a phonecall apparently from the company behind that site, trying to get him to complete the sale. However, he noticed the person at the other end trying hard just to get Henry to say positive general words like "yes", "I agree", "I understand". When Henry tried using other words, the caller reformed the sentences to persuade him to say those words only.Are you aware of this behavior as a scam, or identity theft attempt, or some other security/privacy issue?
Submitted January 22, 2018 at 10:26AM by AlfredoOf98
via reddit http://ift.tt/2rwHK8A
Out of curiosity, a friend (Let's call him Henry) filled some online form with some personal information, like name, phone number, location, email address, date-of-birth, and nothing more. Then he closed the webpage which was advertising a certain service.Later, Henry receives a phonecall apparently from the company behind that site, trying to get him to complete the sale. However, he noticed the person at the other end trying hard just to get Henry to say positive general words like "yes", "I agree", "I understand". When Henry tried using other words, the caller reformed the sentences to persuade him to say those words only.Are you aware of this behavior as a scam, or identity theft attempt, or some other security/privacy issue?
Submitted January 22, 2018 at 10:26AM by AlfredoOf98
via reddit http://ift.tt/2rwHK8A
reddit
Recording voice in a phonecall, is it a problem? • r/security
Out of curiosity, a friend (Let's call him Henry) filled some online form with some personal information, like name, phone number, location, email...
Why are legitimate companies not listing the full address and/or email.
http://ift.tt/2G3NBFz
Submitted January 22, 2018 at 12:26PM by myx523
via reddit http://ift.tt/2rv4KVh
http://ift.tt/2G3NBFz
Submitted January 22, 2018 at 12:26PM by myx523
via reddit http://ift.tt/2rv4KVh
Interview with Yan Zhu, Privacy Engineer at Brave and Technologist Fellow at EFF working on Let’sEncrypt, HTTPSEverywhere and other projects for encrypting the web
http://ift.tt/2FUukGr
Submitted January 22, 2018 at 11:46AM by pramodhs
via reddit http://ift.tt/2n1lmiO
http://ift.tt/2FUukGr
Submitted January 22, 2018 at 11:46AM by pramodhs
via reddit http://ift.tt/2n1lmiO
Mapping The Journey
Episode 15: Interview with Yan Zhu, Privacy Engineer - Mapping The Journey
Yan Zhu is renowned security and privacy engineer. She is currently working as a Senior Software Engineer at Brave and a Technology Fellow at the Electronic Frontier Foundation. She is an open web standard author, technology speaker, and open source contributor.…
Blockchain Protocol Analysis and Security Engineering 2018 on January 24, 2018
http://ift.tt/2mZnMxM
Submitted January 22, 2018 at 02:00PM by cywarelabs
via reddit http://ift.tt/2DuzRWz
http://ift.tt/2mZnMxM
Submitted January 22, 2018 at 02:00PM by cywarelabs
via reddit http://ift.tt/2DuzRWz
Cyware
Blockchain Protocol Analysis and Security Engineering 2018 | Cyware
This conference will explore the use of formal methods, empirical analysis, and risk modeling to better understand security and systemic risk in blockchain protocols. We aim to foster multidisciplinary collaboration among practitioners and researchers in…
Cyware Threat Intelligence eXchange (CTIX) – with STIX, TAXII Standards
http://ift.tt/2DwnJnY
Submitted January 22, 2018 at 02:54PM by cywarelabs
via reddit http://ift.tt/2mYlE9f
http://ift.tt/2DwnJnY
Submitted January 22, 2018 at 02:54PM by cywarelabs
via reddit http://ift.tt/2mYlE9f
Cyware
CTIX | STIX TAXII Server | Cyber Threat Intelligence eXchange | Cyware
Cyware Threat Intelligence eXchange (CTIX) helps organization to sharing the cyber threat intelligence and Real time Information alerts with STIX TAXII standards. The Strategic and Tactical Intelligence Sharing prevent your firms from cyber threats. Request…