[SAD] Garmin is still not using 2FA for their cloud based Garmin Connect service.
It's 2018 and Garmin has no option to enable 2FA for their Garmin Connect service. If you are not familiar with the Garmin Connect service, it's a service where all the Garmin fitness tracker upload all the data. The data is highly sensitive, which includes GPS tracks, steps, heart ratio, sleep time and so on. I've asked Garmin if they could provide the service with 2FA but without any response until today.
Submitted February 22, 2018 at 02:43AM by Radi1229
via reddit http://ift.tt/2GxN5Ps
It's 2018 and Garmin has no option to enable 2FA for their Garmin Connect service. If you are not familiar with the Garmin Connect service, it's a service where all the Garmin fitness tracker upload all the data. The data is highly sensitive, which includes GPS tracks, steps, heart ratio, sleep time and so on. I've asked Garmin if they could provide the service with 2FA but without any response until today.
Submitted February 22, 2018 at 02:43AM by Radi1229
via reddit http://ift.tt/2GxN5Ps
reddit
[SAD] Garmin is still not using 2FA for their cloud... • r/security
It's 2018 and Garmin has no option to enable 2FA for their Garmin Connect service. If you are not familiar with the Garmin Connect service, it's a...
I've Just Launched "Pwned Passwords" V2 With Half a Billion Passwords for Download
http://ift.tt/2Cedgwo
Submitted February 22, 2018 at 04:22AM by rmddos
via reddit http://ift.tt/2EEv9Cb
http://ift.tt/2Cedgwo
Submitted February 22, 2018 at 04:22AM by rmddos
via reddit http://ift.tt/2EEv9Cb
Troy Hunt
I've Just Launched "Pwned Passwords" V2 With Half a Billion Passwords for Download
Last August, I launched a little feature within Have I Been Pwned (HIBP) I called Pwned Passwords. This was a list of 320 million passwords from a range of different data breaches which organisations could use to better protect their own systems. How? NIST…
Google's Project Zero reveals elevation of privilege bug in Windows
http://ift.tt/2EHeWQO
Submitted February 22, 2018 at 04:04AM by raincan
via reddit http://ift.tt/2Fkrw5G
http://ift.tt/2EHeWQO
Submitted February 22, 2018 at 04:04AM by raincan
via reddit http://ift.tt/2Fkrw5G
reddit
Google's Project Zero reveals elevation of privilege... • r/netsec
3 points and 0 comments so far on reddit
Hiding in plain sight: XXE Zeroday In HP Project and Portfolio Management Center Application
http://ift.tt/2onNYCY
Submitted February 22, 2018 at 05:11AM by hackers_and_builders
via reddit http://ift.tt/2EXhZDC
http://ift.tt/2onNYCY
Submitted February 22, 2018 at 05:11AM by hackers_and_builders
via reddit http://ift.tt/2EXhZDC
Rhino Security Labs
Hiding in Plain Sight: XXE Vulnerability in HP Project & Portfolio Mgmt Center - Rhino Security Labs
Rhino Security Labs explores an XXE vulnerability. This flaw can lead to confidential data disclosure, DoS attacks, server-side request forgery, and more.
FinSpy VM Unpacking Tutorial Part 3: Devirtualization
http://ift.tt/2HBN6TY
Submitted February 22, 2018 at 07:36AM by TechLord2
via reddit http://ift.tt/2EJsSps
http://ift.tt/2HBN6TY
Submitted February 22, 2018 at 07:36AM by TechLord2
via reddit http://ift.tt/2EJsSps
Möbius Strip Reverse Engineering
FinSpy VM Unpacking Tutorial Part 3: Devirtualization
1. Overview This is the third and final part in my series on statically unpacking the FinSpy VM. After having deobfuscated the x86 implementation of FinSpy in part one and after having analyzed the VM and written a disassembler for the bytecode format for…
wotmate: a GnuPG keyring paths grapher
http://ift.tt/2HAHTvD
Submitted February 22, 2018 at 07:24AM by mricon
via reddit http://ift.tt/2sGOYHK
http://ift.tt/2HAHTvD
Submitted February 22, 2018 at 07:24AM by mricon
via reddit http://ift.tt/2sGOYHK
GitHub
mricon/wotmate
wotmate - Web of trust grapher
Finding a mentor
How and where do I find one? What are some learning resources that I can use to actually do instead of read only? I've been doing picoctf and am learning a lot, but want to know and learn more " real life" every day skills. Can soneone help?
Submitted February 22, 2018 at 08:10AM by TSTEAD
via reddit http://ift.tt/2FjRUfU
How and where do I find one? What are some learning resources that I can use to actually do instead of read only? I've been doing picoctf and am learning a lot, but want to know and learn more " real life" every day skills. Can soneone help?
Submitted February 22, 2018 at 08:10AM by TSTEAD
via reddit http://ift.tt/2FjRUfU
reddit
Finding a mentor • r/security
How and where do I find one? What are some learning resources that I can use to actually do instead of read only? I've been doing picoctf and am...
Devirtualizing FinSpy, Phases #1-4 : Deobfuscating FinSpy VM Bytecode Programs
http://ift.tt/2Fl4hIJ
Submitted February 22, 2018 at 10:05AM by TechLord2
via reddit http://ift.tt/2osntfJ
http://ift.tt/2Fl4hIJ
Submitted February 22, 2018 at 10:05AM by TechLord2
via reddit http://ift.tt/2osntfJ
Möbius Strip Reverse Engineering
Devirtualizing FinSpy, Phase #1: Deobfuscating FinSpy VM Bytecode Programs
1. Introduction In part one of this series, we analyzed the obfuscation on the x86 implementation of the FinSpy VM, and wrote a tool to deobfuscate it to allow easier analysis. In the second part of this series, we analyzed the VM instruction set, wrote a…
Userland API Monitoring and Code Injection Detection
http://ift.tt/2GzsKJv
Submitted February 22, 2018 at 10:19AM by TechLord2
via reddit http://ift.tt/2okv6W7
http://ift.tt/2GzsKJv
Submitted February 22, 2018 at 10:19AM by TechLord2
via reddit http://ift.tt/2okv6W7
FlightSim Labs publicly admits to blatantly breaking the law by stealing passwords. Claims it's fine because it only targeted other law breakers.
http://ift.tt/2EJibHw
Submitted February 22, 2018 at 01:04PM by GregoryPanic
via reddit http://ift.tt/2GzEA6A
http://ift.tt/2EJibHw
Submitted February 22, 2018 at 01:04PM by GregoryPanic
via reddit http://ift.tt/2GzEA6A
Flight Sim Labs Forums
A320-X DRM - what happened
Hello all,
We feel that it's only fair that we disclose fully the extent of our DRM efforts here. So let's discuss exactly that now - but first, I need to p...
We feel that it's only fair that we disclose fully the extent of our DRM efforts here. So let's discuss exactly that now - but first, I need to p...
Check if your internet-connected devices are public on Shodan.
http://ift.tt/1U66yJ5
Submitted February 22, 2018 at 02:48PM by hubbabubbahobo
via reddit http://ift.tt/2sNXncc
http://ift.tt/1U66yJ5
Submitted February 22, 2018 at 02:48PM by hubbabubbahobo
via reddit http://ift.tt/2sNXncc
Bullguard
Internet of Things (IoT) Scanner - BullGuard
Check if your internet-connected devices at home (webcams, smart TVs etc) are public on Shodan. If they are, this means they are accessible to the public, and hackers.
I just published a blog on few tips on #BugBounty "Bug Bounty - Tips / Tricks / JS (JavaScript Files)" #TogetherWeHitHarder #InfoSec #InformationSecurity
https://twitter.com/prateek_0490/status/966397683446370304
https://twitter.com/prateek_0490/status/966397683446370304
Twitter
Prateek Tiwari
I just published a blog on few tips on #BugBounty "Bug Bounty - Tips / Tricks / JS (JavaScript Files)" #TogetherWeHitHarder #InfoSec #InformationSecurity https://t.co/CCfPGRIFKv
Android Malware Harvests Facebook Account Details
http://ift.tt/2GAXt93
Submitted February 22, 2018 at 05:19PM by Iot_Security
via reddit http://ift.tt/2FnjHMI
http://ift.tt/2GAXt93
Submitted February 22, 2018 at 05:19PM by Iot_Security
via reddit http://ift.tt/2FnjHMI
Symantec
Android Malware Harvests Facebook Account Details
New Fakeapp variants log into Facebook accounts to harvest user credentials directly from victims’ devices.
Cyber Security Company WebARX Creates Tool to Detect Cryptojacking
http://ift.tt/2oiu0Ko
Submitted February 22, 2018 at 05:07PM by ded1cated
via reddit http://ift.tt/2GBLMim
http://ift.tt/2oiu0Ko
Submitted February 22, 2018 at 05:07PM by ded1cated
via reddit http://ift.tt/2GBLMim
Coinsquare Discover
Cyber Security Company WebARX Creates Tool to Detect Cryptojacking
To combat cryptojacking, cybersecurity company WebARX created a tool designed to allow website owners to detect unwanted digital currency mining noscripts.
Tesla Cloud Account Data Breached!
http://ift.tt/2FlQ1iZ
Submitted February 22, 2018 at 05:04PM by vaxfms
via reddit http://ift.tt/2GBybaS
http://ift.tt/2FlQ1iZ
Submitted February 22, 2018 at 05:04PM by vaxfms
via reddit http://ift.tt/2GBybaS
OSRadar
Tesla Cloud Account Data Breached! - OSRadar
According to the security company RedLock, a Tesla Cloud account is breached using an unsecured Kubernetes container management console. Hackers used the account to mine cryptocurrency. Learn more about the incident and stay secured from cryptojacking.
OMG: Mirai-based Bot Turns IoT Devices into Proxy Servers
http://ift.tt/2CCXK98
Submitted February 22, 2018 at 04:58PM by Iot_Security
via reddit http://ift.tt/2HEiHnM
http://ift.tt/2CCXK98
Submitted February 22, 2018 at 04:58PM by Iot_Security
via reddit http://ift.tt/2HEiHnM
reddit
OMG: Mirai-based Bot Turns IoT Devices into Proxy Servers • r/security
6 points and 0 comments so far on reddit
Cryptomining accounted for 49% of IoT malware detections in 2017
http://ift.tt/2CD8moq
Submitted February 22, 2018 at 04:57PM by Iot_Security
via reddit http://ift.tt/2EJEWeq
http://ift.tt/2CD8moq
Submitted February 22, 2018 at 04:57PM by Iot_Security
via reddit http://ift.tt/2EJEWeq
securitybrief.co.nz
Cryptomining accounted for 49% of IoT malware detections in 2017
Smart homes, smart buildings and smart devices are giving cybercriminals a helping hand, and many device owners may not even know it is happening.
Unsecured Connected Cameras Installed in Public Space Undermine Our Privacy
http://ift.tt/2HBytA9
Submitted February 22, 2018 at 06:19PM by Iot_Security
via reddit http://ift.tt/2CANrCF
http://ift.tt/2HBytA9
Submitted February 22, 2018 at 06:19PM by Iot_Security
via reddit http://ift.tt/2CANrCF
reddit
Unsecured Connected Cameras Installed in Public Space... • r/security
1 points and 0 comments so far on reddit
lol this dude left himself logged in on a public computer
y'all better let him know to be more cautious next time
Submitted February 22, 2018 at 08:11PM by Y0h_513nn_R3n
via reddit http://ift.tt/2EZMYis
y'all better let him know to be more cautious next time
Submitted February 22, 2018 at 08:11PM by Y0h_513nn_R3n
via reddit http://ift.tt/2EZMYis
reddit
lol this dude left himself logged in on a public computer • r/security
y'all better let him know to be more cautious next time
Max Secure Spyware Detector VS Plumbytes Anti-Malware
http://ift.tt/2sT8BMT
Submitted February 22, 2018 at 08:09PM by tomasstatkus
via reddit http://ift.tt/2EURRJR
http://ift.tt/2sT8BMT
Submitted February 22, 2018 at 08:09PM by tomasstatkus
via reddit http://ift.tt/2EURRJR
Reviewedbypro
Max Secure Spyware Detector VS Plumbytes Anti-Malware
Max Secure Spyware Detector and Plumbytes Anti-Malware were developed in order to protect PC users against cyber threats and clean their system from infected and
Security In 5: Episode 180 - How To Avoid Torpedoing Your Own Security Plans
http://ift.tt/2BIPSpK
Submitted February 22, 2018 at 07:34PM by BinaryBlog
via reddit http://ift.tt/2Ceu1Yr
http://ift.tt/2BIPSpK
Submitted February 22, 2018 at 07:34PM by BinaryBlog
via reddit http://ift.tt/2Ceu1Yr
Libsyn
Security In Five Podcast: Episode 180 - How To Avoid Torpedoing Your Own Security Plans
There are threats everywhere looking to disrupt and try to break your security plans and projects. Most teams forget to look at themselves and realize that their own actions and inactions can do just as much damage to their security plans as something external.…