Quantifying Untrusted Symantec Certificates
http://ift.tt/2GLnPWS
Submitted February 05, 2018 at 07:16AM by arkadiyt
via reddit http://ift.tt/2s83lEA
http://ift.tt/2GLnPWS
Submitted February 05, 2018 at 07:16AM by arkadiyt
via reddit http://ift.tt/2s83lEA
Arkadiyt
Quantifying Untrusted Symantec Certificates
Why & when is Google rejecting Symantec TLS certificates? How many & which certificates are going to become untrusted?
IoT security news roundup January 2018
http://ift.tt/2E2TUrw
Submitted February 05, 2018 at 12:31PM by Iot_Security
via reddit http://ift.tt/2EHJrmu
http://ift.tt/2E2TUrw
Submitted February 05, 2018 at 12:31PM by Iot_Security
via reddit http://ift.tt/2EHJrmu
SecuriThings
IoT Security as part of the IoT Eco-System
IoT security is fundamentally different than traditional IT security- in both the technical and legal aspects. It is common practice (and in many cases mandated by law or regulation) that [...]
Stealing CSRF tokens with CSS injection, without iFrames
http://ift.tt/2BV30ol
Submitted February 05, 2018 at 12:21PM by wifihack
via reddit http://ift.tt/2E4Rvwg
http://ift.tt/2BV30ol
Submitted February 05, 2018 at 12:21PM by wifihack
via reddit http://ift.tt/2E4Rvwg
GitHub
dxa4481/cssInjection
cssInjection - Stealing CSRF tokens with CSS injection (without iFrames)
My Door Security System Caught the Thief – With a Little Help From ME!
I’m not a policeman or a detective and I do not have any interest in becoming one. But yet my door security system put me in a situation one day where I had to play that role.This incident happened on an autumn afternoon two years ago. I still remember it all just like it was yesterday. I had just come back home from working overseas and I was still feeling really sleepy from the jet lag.I had just gone upstairs to lie on the bed after dropping my luggage when suddenly my door security system went off. Within seconds my mobile phone also began to ring. I was so startled that I almost did not realize what had happened.Someone had kicked in my front door and triggered the door security system. The call I received was from the security company to ask me if I was OK and if they should call the police.I frantically replied to the caller affirmatively and I just looked at the thief from the top of the stairs unsure of what I should do next. This was unbelievable. The thief apparently was so startled by the door security system alarm as well that in his haste to leave the scene before the police arrived he tripped and fell over a flower pot I had sitting next to the door and broke his ankle.While he was lying on the floor screaming in agony, I quickly jumped on top of him and I started hitting, swinging and yelling at this piece of crap. How dare he break into my home and invade my space. What if my wife or kids were at home? I was more than angry, I was breathing fire at this point.By the time the police showed up I had tied up the thief and was standing guard over him. I could only be thankful for the fact that the thief had to suffer that unfortunate accident along with my good sense to install a door security system which is something that I had done just months earlier.The point of my story is that you never know when bad things may happen. As a result, I returned to the website where I located the door security system company and purchased all of their additional emergency services as an extra precaution. There was no way I was taking any more chances with my home.I’m really glad that I purchased this alarm service from this site and as an extra bonus point now I also have an exciting story with a happy ending to tell! http://www.soposted.com/reality-bites/tech/door-security-system-caught-thief-little-help/
Submitted February 05, 2018 at 01:55PM by keshav9
via reddit http://ift.tt/2E3GMXi
I’m not a policeman or a detective and I do not have any interest in becoming one. But yet my door security system put me in a situation one day where I had to play that role.This incident happened on an autumn afternoon two years ago. I still remember it all just like it was yesterday. I had just come back home from working overseas and I was still feeling really sleepy from the jet lag.I had just gone upstairs to lie on the bed after dropping my luggage when suddenly my door security system went off. Within seconds my mobile phone also began to ring. I was so startled that I almost did not realize what had happened.Someone had kicked in my front door and triggered the door security system. The call I received was from the security company to ask me if I was OK and if they should call the police.I frantically replied to the caller affirmatively and I just looked at the thief from the top of the stairs unsure of what I should do next. This was unbelievable. The thief apparently was so startled by the door security system alarm as well that in his haste to leave the scene before the police arrived he tripped and fell over a flower pot I had sitting next to the door and broke his ankle.While he was lying on the floor screaming in agony, I quickly jumped on top of him and I started hitting, swinging and yelling at this piece of crap. How dare he break into my home and invade my space. What if my wife or kids were at home? I was more than angry, I was breathing fire at this point.By the time the police showed up I had tied up the thief and was standing guard over him. I could only be thankful for the fact that the thief had to suffer that unfortunate accident along with my good sense to install a door security system which is something that I had done just months earlier.The point of my story is that you never know when bad things may happen. As a result, I returned to the website where I located the door security system company and purchased all of their additional emergency services as an extra precaution. There was no way I was taking any more chances with my home.I’m really glad that I purchased this alarm service from this site and as an extra bonus point now I also have an exciting story with a happy ending to tell! http://www.soposted.com/reality-bites/tech/door-security-system-caught-thief-little-help/
Submitted February 05, 2018 at 01:55PM by keshav9
via reddit http://ift.tt/2E3GMXi
SoPosted.com
My Door Security System Caught the Thief - With a Little Help From ME! | SoPosted.com
I’m not a policeman or a detective and I do not have any interest in becoming one. But yet my door security system put me in a situation one day where I had to play that role. This incident happened on an autumn afternoon two years ago. I still remember it…
My Door Security System Caught the Thief - With a Little Help From ME!
http://ift.tt/2E3HorX
Submitted February 05, 2018 at 01:29PM by keshav9
via reddit http://ift.tt/2nIzcWV
http://ift.tt/2E3HorX
Submitted February 05, 2018 at 01:29PM by keshav9
via reddit http://ift.tt/2nIzcWV
SoPosted.com
My Door Security System Caught the Thief - With a Little Help From ME! | SoPosted.com
I’m not a policeman or a detective and I do not have any interest in becoming one. But yet my door security system put me in a situation one day where I had to play that role. This incident happened on an autumn afternoon two years ago. I still remember it…
Disclosure Woes: Dealing With Non-Techies
http://ift.tt/2nHNOpy
Submitted February 05, 2018 at 02:34PM by TheRealest_Me
via reddit http://ift.tt/2BUXpyx
http://ift.tt/2nHNOpy
Submitted February 05, 2018 at 02:34PM by TheRealest_Me
via reddit http://ift.tt/2BUXpyx
reddit
Disclosure Woes: Dealing With Non-Techies • r/netsec
2 points and 0 comments so far on reddit
Netflix Phishing Scam Provokes Police Warning
http://ift.tt/2DWgCW7
Submitted February 05, 2018 at 04:20PM by GemmaJ123
via reddit http://ift.tt/2sfGxD5
http://ift.tt/2DWgCW7
Submitted February 05, 2018 at 04:20PM by GemmaJ123
via reddit http://ift.tt/2sfGxD5
Fortune
Netflix Phishing Scam Provokes Police Warning
Don't fall for it.
Fighting IoT botnets , a joint effort
http://ift.tt/2GNZ1NY
Submitted February 05, 2018 at 05:19PM by Iot_Security
via reddit http://ift.tt/2s8A5gX
http://ift.tt/2GNZ1NY
Submitted February 05, 2018 at 05:19PM by Iot_Security
via reddit http://ift.tt/2s8A5gX
SecuriThings
Fighting IoT Botnets – From Policies to Process and People
Cybersecurity defenders are engaged in what can often feel like a never-ending battle, especially when faced with attacks manifested by IoT Bontes. With the rise of IoT botnets, the challenge to [...]
Common approaches to securing Linux servers and what runs on them.
http://ift.tt/2s5Ex05
Submitted February 05, 2018 at 06:54PM by speckz
via reddit http://ift.tt/2GNeAp4
http://ift.tt/2s5Ex05
Submitted February 05, 2018 at 06:54PM by speckz
via reddit http://ift.tt/2GNeAp4
Medium
Common approaches to securing Linux servers and what runs on them.
Are we always doing everything that is necessary to secure, and I mean really seriously secure, any valuable server containing sensitive…
NSA Exploits Ported to Work on All Windows Versions Released Since Windows 2000
http://ift.tt/2E1OHjO
Submitted February 05, 2018 at 06:27PM by neko2314
via reddit http://ift.tt/2EGegb1
http://ift.tt/2E1OHjO
Submitted February 05, 2018 at 06:27PM by neko2314
via reddit http://ift.tt/2EGegb1
Huggable Hacker
NSA Exploits Ported to Work on All Windows Versions Released Since Windows 2000
A security researcher has ported three leaked NSA exploits to work on all Windows versions released in the past 18 years, starting with Windows 2000. The three exploits are EternalChampion, Eternal…
Hoe to monitore too many risks technical and non-technical
Hello Hope that this is the right place for my question. Dear all if you have many risks in your organization technical and non technical and you need to monitor them with their controls and mitigation planes..is there a tool or app or anything that will allow me to track it. Many tools like archer allow you but they need to be feeded by IP and they did not accept manual add or change..appreaciate inputs on this matter. Or how to monitor this risks and deal with them..technical or non technical.
Submitted February 05, 2018 at 07:59PM by besmile4ever
via reddit http://ift.tt/2E2IpQO
Hello Hope that this is the right place for my question. Dear all if you have many risks in your organization technical and non technical and you need to monitor them with their controls and mitigation planes..is there a tool or app or anything that will allow me to track it. Many tools like archer allow you but they need to be feeded by IP and they did not accept manual add or change..appreaciate inputs on this matter. Or how to monitor this risks and deal with them..technical or non technical.
Submitted February 05, 2018 at 07:59PM by besmile4ever
via reddit http://ift.tt/2E2IpQO
reddit
Hoe to monitore too many risks technical and... • r/security
Hello Hope that this is the right place for my question. Dear all if you have many risks in your organization technical and non technical and you...
NameCheap Name Server Vulnerability Allows Unauthorized Users to Create Sub-Domains
http://ift.tt/2E3Yt4Q
Submitted February 05, 2018 at 07:57PM by speckz
via reddit http://ift.tt/2EIeKNV
http://ift.tt/2E3Yt4Q
Submitted February 05, 2018 at 07:57PM by speckz
via reddit http://ift.tt/2EIeKNV
Kirkville
NameCheap Name Server Vulnerability Allows Unauthorized Users to Create Sub-Domains
Someone created websites with sub-domains of kirkville.com. That shouldn’t be possible.
Security In 5: Episode 167 - It's Tax Time and Tax Scam Time, Some Prevention Tips For You
http://ift.tt/2E59e6P
Submitted February 05, 2018 at 07:37PM by BinaryBlog
via reddit http://ift.tt/2EIlhrQ
http://ift.tt/2E59e6P
Submitted February 05, 2018 at 07:37PM by BinaryBlog
via reddit http://ift.tt/2EIlhrQ
Libsyn
Security In Five Podcast: Episode 167 - It's Tax Time and Tax Scam Time, Some Prevention Tips For You
It's that time of year for us all to do our taxes. It's also the time of year our most sensitive data is moving around to multiple locations, seen by several people, printed, stored, emailed, faxed and we want to keep them safe. This episode talks about some…
Transferring mimikatz over x509 extensions during TLS negotiation
http://ift.tt/2BWL4K4
Submitted February 05, 2018 at 09:12PM by sysopfb
via reddit http://ift.tt/2EHmakJ
http://ift.tt/2BWL4K4
Submitted February 05, 2018 at 09:12PM by sysopfb
via reddit http://ift.tt/2EHmakJ
Fidelis Cybersecurity
Sometimes what’s missing is right in front of us, we only need to look.
Fidelis' own Jason Reaves exposes X.509 vulnerabilities and covert data exchanges.
Hacking With Go: Packet Crafting and Manipulation in Golang Pt 2
http://ift.tt/2EHTyYz
Submitted February 05, 2018 at 10:25PM by secdevops
via reddit http://ift.tt/2E2uAlp
http://ift.tt/2EHTyYz
Submitted February 05, 2018 at 10:25PM by secdevops
via reddit http://ift.tt/2E2uAlp
SecDevOps
Hacking With Go: Packet Crafting and Manipulation in Golang Pt 2
“Hacking With Go: Packet Crafting and Manipulation in Golang Pt 2” is published by Ronald Eddings in SecDevOps
Take a former NSA head hacker, a Raspberry Pi, weird Kiwi radios and what do you get?
http://ift.tt/2F1vIGd
Submitted February 05, 2018 at 10:11PM by Iot_Security
via reddit http://ift.tt/2E19ech
http://ift.tt/2F1vIGd
Submitted February 05, 2018 at 10:11PM by Iot_Security
via reddit http://ift.tt/2E19ech
www.theregister.co.uk
Take a former NSA head hacker, a Raspberry Pi, weird Kiwi radios and what do you get?
Legal – promise! – but completely mad Christmas lights, that's what
Early Warning: ADB.Miner A Mining Botnet Utilizing Android ADB Is Now Rapidly Spreading
http://ift.tt/2DXDalr
Submitted February 05, 2018 at 11:02PM by groganard
via reddit http://ift.tt/2seeUdu
http://ift.tt/2DXDalr
Submitted February 05, 2018 at 11:02PM by groganard
via reddit http://ift.tt/2seeUdu
reddit
Early Warning: ADB.Miner A Mining Botnet Utilizing... • r/netsec
3 points and 0 comments so far on reddit
Spambots at Their Finest
I've seen quite a number of laugh-inducing, quality spam emails, but this one takes the cake:"How are you FirstName LastName.I really do not would like to judge you, in addition don't believe that wanking off to porn websites is quite terrible thing to try and do, but when all ur relatives, see it may definitely be awful.And so, what do i want? You actually stopped at the online adult site, which poisoned with my malware. Soon after you clicked on a online video, trojan begun functioning on you unit and all cameras and screen started recording promptly and after that the program stored all contacts from ur machine.I made a decision to message you on this particular address, because i have located it on your machine, now i am quite sure that you may be reading this considering that it is ur work address.The most significant detail is that I modified video clip the way that, on one part it displays your display, on the other your web camera with u on it. Kind of funny isn't it?. To be brief, if u wish me to remove all the evidence, this is my BTC wallet address:14uWZPTzwWL9bkzkGkLatLGY8xCgwTFiVd(its needs to be without "spaces" or "=", verify you get it correct). If you do not know how to use it, you can very easily yahoo or google it or discover guidance on youtube its very simple. I feel that 280 usd will settle your problem with myself.You have 3 days immediately after reading through this message (I placed monitoring pixel on it and is going to know any time you open it).If you not going to make this transaction, ill share the evidence with all contacts i have collected from you.I do not think that cops will actually find me, so think 3 days, just before you can burn your respect."It was sent to one of our SVPs. She was pretty embarrassed to even bring it up to me even though it's (obviously) untrue. I reassured her that she has nothing to worry about.What's the best spam email you've ever come across?
Submitted February 06, 2018 at 12:31AM by Derbel__McDillet
via reddit http://ift.tt/2E5iBYB
I've seen quite a number of laugh-inducing, quality spam emails, but this one takes the cake:"How are you FirstName LastName.I really do not would like to judge you, in addition don't believe that wanking off to porn websites is quite terrible thing to try and do, but when all ur relatives, see it may definitely be awful.And so, what do i want? You actually stopped at the online adult site, which poisoned with my malware. Soon after you clicked on a online video, trojan begun functioning on you unit and all cameras and screen started recording promptly and after that the program stored all contacts from ur machine.I made a decision to message you on this particular address, because i have located it on your machine, now i am quite sure that you may be reading this considering that it is ur work address.The most significant detail is that I modified video clip the way that, on one part it displays your display, on the other your web camera with u on it. Kind of funny isn't it?. To be brief, if u wish me to remove all the evidence, this is my BTC wallet address:14uWZPTzwWL9bkzkGkLatLGY8xCgwTFiVd(its needs to be without "spaces" or "=", verify you get it correct). If you do not know how to use it, you can very easily yahoo or google it or discover guidance on youtube its very simple. I feel that 280 usd will settle your problem with myself.You have 3 days immediately after reading through this message (I placed monitoring pixel on it and is going to know any time you open it).If you not going to make this transaction, ill share the evidence with all contacts i have collected from you.I do not think that cops will actually find me, so think 3 days, just before you can burn your respect."It was sent to one of our SVPs. She was pretty embarrassed to even bring it up to me even though it's (obviously) untrue. I reassured her that she has nothing to worry about.What's the best spam email you've ever come across?
Submitted February 06, 2018 at 12:31AM by Derbel__McDillet
via reddit http://ift.tt/2E5iBYB
reddit
Spambots at Their Finest • r/security
I've seen quite a number of laugh-inducing, quality spam emails, but this one takes the cake: "How are you FirstName LastName. I really do not...
Super Bowl national security docs left on plane - DHS BioWatch
http://ift.tt/2E1y87t
Submitted February 06, 2018 at 12:55AM by sheffus
via reddit http://ift.tt/2GSMetQ
http://ift.tt/2E1y87t
Submitted February 06, 2018 at 12:55AM by sheffus
via reddit http://ift.tt/2GSMetQ
CNN
Super Bowl national security docs left on plane
Sensitive DHS reports about protecting the Super Bowl from terrorism were found in the seat-back pocket on a commercial airplane flight.
NSA, the Shadow Brokers, and the future of cyber conflict with Adrian Sanabria.
http://ift.tt/2BYmrwv
Submitted February 06, 2018 at 03:31AM by delegait
via reddit http://ift.tt/2nEB3Nb
http://ift.tt/2BYmrwv
Submitted February 06, 2018 at 03:31AM by delegait
via reddit http://ift.tt/2nEB3Nb
Forward Observer
05 FEB: NSA, the Shadow Brokers, and the future of cyber conflict with Adrian Sanabria
My guest today is Adrian Sanabria, co-founder of Savage Security, which was recently acquired by Threatcare, where Adrian is now the Director of Research. He’s an information security veteran…
Facebook locked me out of everything.. Help?
Okay. So. I'm almost 100% positive my Facebook account has been taken over by a stranger. My password is changed, and when I request the code to be sent to reset it I noticed that the options this time were different. Usually a code can be sent to my email or phone number, but this time the email changed and there was no phone number at all. I can not log in to express my conserns to Facebook, nor do I have any idea how to recover an account without a phone number, email, or using the page it tried to direct me to asking me to contact my secure contacts or something of that nature? I have never selected any secure contacts so I don't know why I would be directed to that page? Any suggestions? Without being logged onto FB I've lost out on all my Pinterest stuff, shapchat ect.. someone please help me hack myself back in or something? I mean if someone can do it to me, there must be a way I can do it to myself.. right??
Submitted February 06, 2018 at 09:12AM by snackqu33n
via reddit http://ift.tt/2EJZctc
Okay. So. I'm almost 100% positive my Facebook account has been taken over by a stranger. My password is changed, and when I request the code to be sent to reset it I noticed that the options this time were different. Usually a code can be sent to my email or phone number, but this time the email changed and there was no phone number at all. I can not log in to express my conserns to Facebook, nor do I have any idea how to recover an account without a phone number, email, or using the page it tried to direct me to asking me to contact my secure contacts or something of that nature? I have never selected any secure contacts so I don't know why I would be directed to that page? Any suggestions? Without being logged onto FB I've lost out on all my Pinterest stuff, shapchat ect.. someone please help me hack myself back in or something? I mean if someone can do it to me, there must be a way I can do it to myself.. right??
Submitted February 06, 2018 at 09:12AM by snackqu33n
via reddit http://ift.tt/2EJZctc
reddit
Facebook locked me out of everything.. Help? • r/security
Okay. So. I'm almost 100% positive my Facebook account has been taken over by a stranger. My password is changed, and when I request the code to...