Google's Chronicle
http://ift.tt/2n7QxZ6

Submitted January 25, 2018 at 01:34PM by micgob
via reddit http://ift.tt/2FfpKS9

Commercial Security Services at Tate Security Technology Ltd in UK
http://ift.tt/2Eb9sKR

Submitted January 25, 2018 at 03:46PM by TateSecurity
via reddit http://ift.tt/2DxIxHY

Exploit Mitigation Techniques - Stack Canaries - Exploit Development
http://ift.tt/2rF6ueH

Submitted January 25, 2018 at 04:09PM by Jen0vah
via reddit http://ift.tt/2n6pC0I

ASUS routers LAN-side unauthenticated remote code execution
http://ift.tt/2BsEyKX

Submitted January 25, 2018 at 05:13PM by jose_boneh
via reddit http://ift.tt/2Fce4iR

Building a fully operational cyber incident response team
http://ift.tt/2DMDvL7

Submitted January 25, 2018 at 04:57PM by LiamBigDataDonoghue
via reddit http://ift.tt/2FdFVPO

Reddit now offers two-factor authentication to all !
http://ift.tt/2Bs9HxQ

Submitted January 25, 2018 at 04:54PM by time-pass
via reddit http://ift.tt/2DMDy9L

Beware! Undetectable CrossRAT malware targets Windows, MacOS, and Linux systems
http://ift.tt/2BsSWmj

Submitted January 25, 2018 at 06:14PM by Vault10001
via reddit http://ift.tt/2nbQhZX

Rules and targets for Pwn2Own 2018 announced. Up to $2,000,000 in prizes available.
http://ift.tt/2DyknwF

Submitted January 25, 2018 at 07:02PM by RedmondSecGnome
via reddit http://ift.tt/2E86TZD

Security In 5: Episode 160 - Only 10% Of Gmail Users Have Two-Factor Authentication Enabled, Don't Be In The 90%
http://ift.tt/2DA6SAK

Submitted January 25, 2018 at 07:36PM by BinaryBlog
via reddit http://ift.tt/2nbuvVs

Spectre and Meltdown attack explained, simply, for non-programmers
http://ift.tt/2nc1zwt

Submitted January 25, 2018 at 07:18PM by kulious
via reddit http://ift.tt/2DD3EN1

Students asking basic pointers for a hackathon (beginner level)
Hello,My school had an open invitation to attend a hackathon. I registered and was put into a group. There are several groups of students from my school participating in the same hackathon. There are 4 of us in this group. Apart from me and one other, we have some decent knowledge of linux, and use of the software. The other two students didn't really understand what and how KALI even was.Assuming you participate, and even if you don't find any vulnerabilities, we get credits for being apart of it.That said, we would like to at least have a fighting chance. We have been given some basic instructions. I'm not sure where to start once we are connected to the network and have scanned it.Note, I have set up my Kali linux. It's dist-upgraded and ready to go.These are my basic assumptions. Scan network with nmap, to find all available devices. We have been told they are 'hidden' somehow. I think this means scan the network with nmap at like T4? But what are the best options that I should be looking at?Once we find all the devices. Nmap should help with OS detection etc. As well as open ports and versions.This is where I get confused. They told us that the computers are like Windows 7 and full of holes.How do I know what program/port to use so that I can apply metasploit exploits to it?Clearly from reading this you can probably see my gaps in knowledge.If you would kindly point out some tips and tricks, we would appreciate having a fighting chance. :)

Submitted January 25, 2018 at 08:44PM by beangay
via reddit http://ift.tt/2naWs0u

Why more sites don't use PGP/GPG for 2FA?
Reddit just enabled 2FA for all accounts using Google Authenticator. Many sites are using this method or text messaging. What if I don't want to use my phone or don't have it. If I forget my phone and head out for the day, I'm stuck.This made me curious about another form of 2FA which is not used all that often: PGP (or GPG). Given the nature of Reddit, I would think there would be a good number of us who would use it if it was offered.I assume it is because the number of people using PGP is relatively small when you consider the entire population of internet users. Other than that, is there another reason why more sites don't offer PGP as an option for 2FA?

Submitted January 25, 2018 at 09:15PM by flipjargendy
via reddit http://ift.tt/2E7pN2P

Developers + GDPR/PCI question
Does anyone know if PCI or GDPR policy restrict the app developers having access to customers data? (e.g. some basic, some sensitive such as last 4 digits of card number).Ive been told yes but I don't believe thats reasonable. Fixing certain bugs seems impossible without setting the state of the data.

Submitted January 25, 2018 at 10:27PM by craigtaub
via reddit http://ift.tt/2naAY2F

How Secure Is Your Data When It's Stored in the Cloud?
http://ift.tt/2DyfV0Z

Submitted January 26, 2018 at 12:04AM by robert_brooks
via reddit http://ift.tt/2E7RloL

High Risk Vulnerabilities within the DoD from Coldfusion, Dotnet Nuke, Oracle, and more
http://ift.tt/2DD4VUi

Submitted January 26, 2018 at 12:18AM by alyssathegryphon
via reddit http://ift.tt/2Gh43m0

Exploiting Electron RCE in Exodus wallet
http://ift.tt/2nd2FrN

Submitted January 26, 2018 at 02:09AM by JE_SHORT
via reddit http://ift.tt/2GjZwPB

10 Solid Tips to Increase and optimize IIS Performance for 2018. Covers ASP.Net, WordPress,ColdFusion And SharePoint
http://ift.tt/2DMgoQt

Submitted January 26, 2018 at 01:44AM by BitsAndScrews
via reddit http://ift.tt/2FhYItp

Microsoft releases updated VS compiler for Spectre V2. Let the builds begin. GCC backports to v7
http://ift.tt/2DKCVNU

Submitted January 26, 2018 at 02:02AM by kn1ght
via reddit http://ift.tt/2FdFjcX

3 Questions About CYBERTACOS You Know You Want To Ask
http://ift.tt/2DLDDdC

Submitted January 26, 2018 at 12:29AM by Uminekoshi
via reddit http://ift.tt/2nceOOn

Bastion Hopping With SSH And ScaleFT
http://ift.tt/2FfsUFB

Submitted January 26, 2018 at 12:15AM by alexdebrie
via reddit http://ift.tt/2BuxE7K

Moar ASUS router vulns
http://ift.tt/2DFljDR

Submitted January 26, 2018 at 02:18AM by aetsu
via reddit http://ift.tt/2nb42Hq