Persistent XSS in PNC’s Secure Email System [FIXED]
http://ift.tt/2Dr17RG
Submitted January 22, 2018 at 12:20AM by rwestergren
via reddit http://ift.tt/2DCgzOp
http://ift.tt/2Dr17RG
Submitted January 22, 2018 at 12:20AM by rwestergren
via reddit http://ift.tt/2DCgzOp
Randy Westergren
Persistent XSS in PNC's Secure Email System - Randy Westergren
PNC is a large financial services company with operations in both consumer and corporate sectors, predominantly located in the eastern and central United States. While making some account changes with them a few months ago, I had to exchange numerous sensitive…
Leveraging Cloudflare’s Authenticated Origin Pulls For Pentesting
http://ift.tt/2E4AinT
Submitted January 23, 2018 at 07:27AM by ss2342-
via reddit http://ift.tt/2F5a5EH
http://ift.tt/2E4AinT
Submitted January 23, 2018 at 07:27AM by ss2342-
via reddit http://ift.tt/2F5a5EH
Medium
Leveraging Cloudflare’s Authenticated Origin Pulls For Pentesting
During our regular penetration testing, we occasionally encounter a client who’s both using Cloudflare and seems to have configured it…
7-Zip: Multiple Memory Corruptions via RAR and ZIP
http://ift.tt/2DF6OPx
Submitted January 23, 2018 at 06:32PM by landave
via reddit http://ift.tt/2BmelO1
http://ift.tt/2DF6OPx
Submitted January 23, 2018 at 06:32PM by landave
via reddit http://ift.tt/2BmelO1
landave's blog
7-Zip: Multiple Memory Corruptions via RAR and ZIP
Blog about anti-virus software and its issues.
Security In 5: Episode 158 - Equifax Would Pay $1.5 BILLION If New Proposed Laws Were In Place
http://ift.tt/2n2UtKA
Submitted January 23, 2018 at 07:36PM by BinaryBlog
via reddit http://ift.tt/2DAwJsB
http://ift.tt/2n2UtKA
Submitted January 23, 2018 at 07:36PM by BinaryBlog
via reddit http://ift.tt/2DAwJsB
Libsyn
Security In Five Podcast: Episode 158 - Equifax Would Pay $1.5 BILLION If New Proposed Laws Were In Place
Penalties from hacked companies are insufficient to curb security practices and properly cover victims. That is about to change. A new proposal by the Senate would significantly increate the penalties against credit agencies that were hacked. Equifax got…
Over 90 percent of Gmail users still don’t use two-factor authentication
http://ift.tt/2DFfhSZ
Submitted January 23, 2018 at 07:30PM by thomodo
via reddit http://ift.tt/2n4OPHM
http://ift.tt/2DFfhSZ
Submitted January 23, 2018 at 07:30PM by thomodo
via reddit http://ift.tt/2n4OPHM
The Verge
Over 90 percent of Gmail users still don’t use two-factor authentication
Nearly all Gmail users don’t enable two-factor authentication
Interested in Internet Security? Get a Cybersecurity Masters Degree!
http://ift.tt/2n59206
Submitted January 23, 2018 at 09:12PM by IncitoLabs
via reddit http://ift.tt/2DCjbMQ
http://ift.tt/2n59206
Submitted January 23, 2018 at 09:12PM by IncitoLabs
via reddit http://ift.tt/2DCjbMQ
DocuServe
Interested in Internet Security? Get a Cybersecurity Masters Degree!
Cybersecurity Blog: Interested in Internet Security? Get a Cybersecurity Masters Degree! Brought to you by Docuserve: Secure Digital Content Provider
ClickJacking - My first contribute to the Community.
http://ift.tt/2n5eArD
Submitted January 23, 2018 at 08:56PM by Mteor
via reddit http://ift.tt/2E37Pyz
http://ift.tt/2n5eArD
Submitted January 23, 2018 at 08:56PM by Mteor
via reddit http://ift.tt/2E37Pyz
mteor.github.io
0x1_ClickJacking
Introduction
IoT: The Internet of Threat
http://ift.tt/2rxFJJg
Submitted January 23, 2018 at 10:02PM by Mi3Security
via reddit http://ift.tt/2G89unj
http://ift.tt/2rxFJJg
Submitted January 23, 2018 at 10:02PM by Mi3Security
via reddit http://ift.tt/2G89unj
Mi3 Security
IoT: The Internet of Threat
The Internet of Things (IOT) sector has seen explosive growth over the last 10 years. The Internet of Things was roughly ‘born’ in 2008/2009, and first added to the Gartner “hype cycle” in 2011. In this time we have seen not only an exponential growth in…
HackSysTeam Windows Kernel Vulnerable Driver: Type Confusion Vulnerability Exploitation
http://ift.tt/2DCWY0w
Submitted January 23, 2018 at 09:56PM by 00redbeer
via reddit http://ift.tt/2BnCwvp
http://ift.tt/2DCWY0w
Submitted January 23, 2018 at 09:56PM by 00redbeer
via reddit http://ift.tt/2BnCwvp
Locked out by two-factor authentication
My wife can't access her credit card accounts since they started this. She can't get a text or phone call because her phone is in my name, and for some unknown reason she never receives the email. She has called the company numerous times, and nobody knows how to fix it. Any ideas?
Submitted January 23, 2018 at 11:23PM by stupid-rando
via reddit http://ift.tt/2DAtlhm
My wife can't access her credit card accounts since they started this. She can't get a text or phone call because her phone is in my name, and for some unknown reason she never receives the email. She has called the company numerous times, and nobody knows how to fix it. Any ideas?
Submitted January 23, 2018 at 11:23PM by stupid-rando
via reddit http://ift.tt/2DAtlhm
reddit
Locked out by two-factor authentication • r/security
My wife can't access her credit card accounts since they started this. She can't get a text or phone call because her phone is in my name, and...
Please wait while we use your browser to mine bitcoin
http://ift.tt/2DycBqS
Submitted January 24, 2018 at 12:16AM by speckz
via reddit http://ift.tt/2n3VnXc
http://ift.tt/2DycBqS
Submitted January 24, 2018 at 12:16AM by speckz
via reddit http://ift.tt/2n3VnXc
Secbi
Please wait while we use your browser to mine bitcoin
SecBI detected a novel kind of attack draining organizational resources and aiding cybercrime while going undetected by security systems
Tinder app doesn't use HTTPS
http://ift.tt/2BmIXi8
Submitted January 24, 2018 at 01:52AM by safjx
via reddit http://ift.tt/2F901ut
http://ift.tt/2BmIXi8
Submitted January 24, 2018 at 01:52AM by safjx
via reddit http://ift.tt/2F901ut
WIRED
Tinder's Lack of Encryption Lets Strangers Spy on Your Swipes
Thanks to Tinder's patchwork use of HTTPS, researchers found they could reconstruct someone's entire experience in the app.
Prepare for These Information Security Threats in 2018
http://ift.tt/2n6HCYJ
Submitted January 24, 2018 at 01:25AM by TransTechIT
via reddit http://ift.tt/2BnQ222
http://ift.tt/2n6HCYJ
Submitted January 24, 2018 at 01:25AM by TransTechIT
via reddit http://ift.tt/2BnQ222
Blog
Prepare for These Information Security Threats in 2018 - Blog
Forecasts of information security threats suggest these trends will continue to menace enterprises throughout 2018.Here’s how to prepare for them.
Tinder mobile apps vulnerable to sniffing due to lack of TLS on image loads. Swipes can be inferred by TLS payload size.
http://ift.tt/2Dx6cIt
Submitted January 24, 2018 at 02:31AM by jdmulloy
via reddit http://ift.tt/2rAE8lI
http://ift.tt/2Dx6cIt
Submitted January 24, 2018 at 02:31AM by jdmulloy
via reddit http://ift.tt/2rAE8lI
Consumer Reports
Flaws in Tinder App Put Users' Privacy at Risk, Researchers Say
Due to security flaws in the Tinder app, security experts say Tinder isn’t doing enough to secure its popular dating app, and Consumer Reports says that puts users' privacy at risk.
Is a Cellular-Based Security System More Secure than WiFi or Bluetooth?
https://www.youtube.com/watch?v=SCxrdD12J_I
Submitted January 24, 2018 at 02:33AM by KaityNotes
via reddit http://ift.tt/2G8HzU5
https://www.youtube.com/watch?v=SCxrdD12J_I
Submitted January 24, 2018 at 02:33AM by KaityNotes
via reddit http://ift.tt/2G8HzU5
YouTube
Why is cellular better than Wifi or Blutetooth?
PRE-ORDER NOW AT: https://igg.me/at/duo Hear why Duo uses a cellular modem and how it's better than wifi or bluetooth. Duo by Simtek is the ONLY portable, al...
Help! Outside security.
I live on my own and recently I've seen the same black car parked outside my drive three times this week. Earlier tonight my neighbor rang me scared because a man had walked down my drive and was looking over my fence. I'm really scared and looking for some home security. I know nothing about it and don't know what to buy. Any help or advice on what I should buy?
Submitted January 24, 2018 at 04:48AM by Splooofy
via reddit http://ift.tt/2DwuSRv
I live on my own and recently I've seen the same black car parked outside my drive three times this week. Earlier tonight my neighbor rang me scared because a man had walked down my drive and was looking over my fence. I'm really scared and looking for some home security. I know nothing about it and don't know what to buy. Any help or advice on what I should buy?
Submitted January 24, 2018 at 04:48AM by Splooofy
via reddit http://ift.tt/2DwuSRv
reddit
Help! Outside security. • r/security
I live on my own and recently I've seen the same black car parked outside my drive three times this week. Earlier tonight my neighbor rang me...
Getting Started in Information Security by Endgame
http://ift.tt/2G8qNV9
Submitted January 24, 2018 at 09:21AM by mathmare
via reddit http://ift.tt/2E2Cs7g
http://ift.tt/2G8qNV9
Submitted January 24, 2018 at 09:21AM by mathmare
via reddit http://ift.tt/2E2Cs7g
Endgame
Getting Started in Information Security
For many, entering the information security (infosec) industry is elusive and confusing, with mixed signals and conflicting information about what background or skills are required. The reality is that there is no single path into the industry. Despite the…
I was told yesterday at a university career fair that "nobody is looking for security"...
The man told me that "nobody is looking for information security candidates, but only developers."What would lead him to say something such as this? I found it to be absolutely ridiculous, and almost offensive to a kid who has already racked up $50k in debt pursuing this degree at a pretty good school.
Submitted January 24, 2018 at 09:42AM by ts23_
via reddit http://ift.tt/2n9zw1F
The man told me that "nobody is looking for information security candidates, but only developers."What would lead him to say something such as this? I found it to be absolutely ridiculous, and almost offensive to a kid who has already racked up $50k in debt pursuing this degree at a pretty good school.
Submitted January 24, 2018 at 09:42AM by ts23_
via reddit http://ift.tt/2n9zw1F
reddit
I was told yesterday at a university career fair that... • r/security
The man told me that "nobody is looking for information security candidates, but only developers." What would lead him to say something such as...
RCE vulnerability in Electron framework affects Skype, Signal, Wordpress and Slack that run on Microsoft Windows
http://ift.tt/2rwjhQK
Submitted January 24, 2018 at 06:40PM by digital_desert
via reddit http://ift.tt/2DCycxH
http://ift.tt/2rwjhQK
Submitted January 24, 2018 at 06:40PM by digital_desert
via reddit http://ift.tt/2DCycxH
Cybersecurity Podcast Ep 4 - Cyber-Awareness Landscape
http://ift.tt/2rC3Nun
Submitted January 24, 2018 at 06:49PM by Uminekoshi
via reddit http://ift.tt/2GcJhDS
http://ift.tt/2rC3Nun
Submitted January 24, 2018 at 06:49PM by Uminekoshi
via reddit http://ift.tt/2GcJhDS
SoundCloud
Episode 4 - Cyber-Awareness: Then, Now and the Future
In this CyberTangent episode, we are joined by our very own, Mike Alexiou, CISO at Nehemiah Security. Our podcast host is Landon Johnson.
Today's topic is "Cyber-Awareness: Then, Now and the Future."
Today's topic is "Cyber-Awareness: Then, Now and the Future."
Hide ‘n Seek - new IoT botnet growing fast. Uses a custom made P2P protocol for C&C and web exploits as well as telnet for compromising its victims.
http://ift.tt/2Dx7KlD
Submitted January 24, 2018 at 06:54PM by jaymzu
via reddit http://ift.tt/2n7adwX
http://ift.tt/2Dx7KlD
Submitted January 24, 2018 at 06:54PM by jaymzu
via reddit http://ift.tt/2n7adwX
Bitdefender Labs
New Hide ‘N Seek IoT Botnet using custom-built Peer-to-Peer...
Bitdefender researchers have uncovered an emerging botnet that uses advanced communication techniques to exploit victims and build its infrastructure. The bot, dubbed HNS, was intercepted by our...