KeePassXC 2.3.0 released
http://ift.tt/2GPIys3
Submitted February 28, 2018 at 11:58PM by pheedrus
via reddit http://ift.tt/2F01SSB
http://ift.tt/2GPIys3
Submitted February 28, 2018 at 11:58PM by pheedrus
via reddit http://ift.tt/2F01SSB
reddit
KeePassXC 2.3.0 released • r/netsec
1 points and 0 comments so far on reddit
How to implement "security.txt" to advocate responsible disclosures?
http://ift.tt/2owNnQe
Submitted March 01, 2018 at 12:21AM by xrna
via reddit http://ift.tt/2t4t3u4
http://ift.tt/2owNnQe
Submitted March 01, 2018 at 12:21AM by xrna
via reddit http://ift.tt/2t4t3u4
Cyber Sins
How to implement "security.txt" to advocate responsible disclosures?
After discussing CAA record in DNS to whitelist your certificate authorities in my previous article, do you know it's a matter of time that someone finds an issue with your web-presence, website or any front-facing application? If they do, what do you expect…
Duo Security has identified a security flaw in a third-party library used in the Duo Network Gateway which, under certain configurations, could allow for a bypass of the DNG's SAML first factor of authentication.
http://ift.tt/2F05EzH
Submitted March 01, 2018 at 12:48AM by EvanConover
via reddit http://ift.tt/2COF7iw
http://ift.tt/2F05EzH
Submitted March 01, 2018 at 12:48AM by EvanConover
via reddit http://ift.tt/2COF7iw
Duo Security
DUO-PSA-2017-003: Duo Product Security Advisory
How to Fight Mobile Number Port-out Scams
http://ift.tt/2FDviXX
Submitted March 01, 2018 at 02:28AM by volci
via reddit http://ift.tt/2oCkUIT
http://ift.tt/2FDviXX
Submitted March 01, 2018 at 02:28AM by volci
via reddit http://ift.tt/2oCkUIT
reddit
How to Fight Mobile Number Port-out Scams • r/security
3 points and 0 comments so far on reddit
Cheat engine priviliges
If every process has its own protected memory, how cheat engine read memory of other processes
Submitted March 01, 2018 at 02:58AM by Hadyelzayady
via reddit http://ift.tt/2t3SXOK
If every process has its own protected memory, how cheat engine read memory of other processes
Submitted March 01, 2018 at 02:58AM by Hadyelzayady
via reddit http://ift.tt/2t3SXOK
reddit
Cheat engine priviliges • r/security
If every process has its own protected memory, how cheat engine read memory of other processes
Industrial Control Systems Joint Working Group (ICSJWG) 2018 Spring Meeting: Albuquerque, NM | 10-12 April - Call for Abstracts
http://ift.tt/2lmRxHn
Submitted March 01, 2018 at 02:43AM by volci
via reddit http://ift.tt/2F0raA1
http://ift.tt/2lmRxHn
Submitted March 01, 2018 at 02:43AM by volci
via reddit http://ift.tt/2F0raA1
ics-cert.us-cert.gov
Industrial Control Systems Joint Working Group (ICSJWG) | ICS-CERT
The Department of Homeland Security (DHS) Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) established the Industrial Control Systems Joint Working Group (ICSJWG) to facilitate information sharing and reduce the risk to the nation’s industrial…
Risk Misconceptions in Social Engineering Testing
http://ift.tt/2CPdfLe
Submitted March 01, 2018 at 03:16AM by hackers_and_builders
via reddit http://ift.tt/2F1HJzQ
http://ift.tt/2CPdfLe
Submitted March 01, 2018 at 03:16AM by hackers_and_builders
via reddit http://ift.tt/2F1HJzQ
Rhino Security Labs
Risk Misconceptions in Social Engineering Testing - Rhino Security Labs
When considering social engineering, technical controls and understanding the potential impact of attacks are essential to a strong defense.
DigiCert Statement on Trustico Certificate Revocation
http://ift.tt/2Fe9GDQ
Submitted March 01, 2018 at 07:53AM by sifex
via reddit http://ift.tt/2oHFq9V
http://ift.tt/2Fe9GDQ
Submitted March 01, 2018 at 07:53AM by sifex
via reddit http://ift.tt/2oHFq9V
DigiCert
DigiCert Statement on Trustico Certificate Revocation - DigiCert
Today, DigiCert issued the following statement regarding Trustico certificate revocation: “Trustico requested revocation of their Symantec, GeoTrust, Thawte and RapidSSL certificates, claiming the certificates were compromised. When we asked for proof of…
antMan <= 0.9.0c Authentication Bypass
http://ift.tt/2ox6HfV
Submitted March 01, 2018 at 07:04AM by Bowserjklol
via reddit http://ift.tt/2GTaTxg
http://ift.tt/2ox6HfV
Submitted March 01, 2018 at 07:04AM by Bowserjklol
via reddit http://ift.tt/2GTaTxg
Codecatoctin
antMan Authentication Bypass
Issue Summary antMan versions <= 0.9.0c contain a critical authentication defect, allowing an unauthenticated attacker to obtain root...
Home security; corner condo. Can I just put up a bunch of motion sensors with alarms and lights?
This seems an order of magnitude cheaper than cameras, and cameras only help for insurance since thieves can just wear masks. I want to deter as hard as possible before they break through the window...Thoughts?
Submitted March 01, 2018 at 08:25AM by Tsimshia
via reddit http://ift.tt/2F20N0N
This seems an order of magnitude cheaper than cameras, and cameras only help for insurance since thieves can just wear masks. I want to deter as hard as possible before they break through the window...Thoughts?
Submitted March 01, 2018 at 08:25AM by Tsimshia
via reddit http://ift.tt/2F20N0N
reddit
Home security; corner condo. Can I just put up a... • r/security
This seems an order of magnitude cheaper than cameras, and cameras only help for insurance since thieves can just wear masks. I want to deter as...
23,000 Trustico Certs to be revoked in next 24 hours
http://ift.tt/2oF0NsI
Submitted March 01, 2018 at 07:54AM by jberkers42
via reddit http://ift.tt/2CQvEY3
http://ift.tt/2oF0NsI
Submitted March 01, 2018 at 07:54AM by jberkers42
via reddit http://ift.tt/2CQvEY3
www.theregister.co.uk
23,000 HTTPS certs will be axed in next 24 hours after private keys leak
Trustico, DigiCert come to blows as browsers prepare to snub Symantec-brand SSL
Intercepting COM Objects with CoGetInterceptor (with source code)
http://ift.tt/2GOB7Bd
Submitted March 01, 2018 at 11:22AM by TechLord2
via reddit http://ift.tt/2FGF4sf
http://ift.tt/2GOB7Bd
Submitted March 01, 2018 at 11:22AM by TechLord2
via reddit http://ift.tt/2FGF4sf
How To Install An SSL Certificate On WordPress Sites
http://ift.tt/2HVxvim
Submitted March 01, 2018 at 10:43AM by JohnnyDoran
via reddit http://ift.tt/2CQHwJz
http://ift.tt/2HVxvim
Submitted March 01, 2018 at 10:43AM by JohnnyDoran
via reddit http://ift.tt/2CQHwJz
Nonprofit Blog
How To Install An SSL Certificate On WordPress Sites | Nonprofit Blog
WordPress Security: Installing SSL WordPress security – and SEO – is incomplete without SSL and HTTPs. Secure Socket Layers encrypt your visitors’ data when they access your blog, making it a lot harder to snoop and intercept your users’ traffic. Google,…
Intercepting COM Objects with CoGetInterceptor (with source code)
http://ift.tt/2GOB7Bd
Submitted March 01, 2018 at 11:22AM by TechLord2
via reddit http://ift.tt/2FGF4sf
http://ift.tt/2GOB7Bd
Submitted March 01, 2018 at 11:22AM by TechLord2
via reddit http://ift.tt/2FGF4sf
reddit
Intercepting COM Objects with CoGetInterceptor (with... • r/netsec
3 points and 1 comments so far on reddit
Recent Paste Breach / Have I been pwned - Emails and Passwords
Hello,I recently received a notification about a paste dump that contained my email address. This past dump has user names and passwords in it. Anyone else get a notification with these paste details?Title: dl.freeleecher.ir Author: Not provided Date of paste: Unknown Accounts found: 579,953The paste has email addresses and passwords in text. I'd link it but idk if that violates rules.. one of my older passwords is in there but I can't remember where I still might be using it but obviously I'd like to figure it out.
Submitted March 01, 2018 at 12:17PM by waterbed87
via reddit http://ift.tt/2oGsZvf
Hello,I recently received a notification about a paste dump that contained my email address. This past dump has user names and passwords in it. Anyone else get a notification with these paste details?Title: dl.freeleecher.ir Author: Not provided Date of paste: Unknown Accounts found: 579,953The paste has email addresses and passwords in text. I'd link it but idk if that violates rules.. one of my older passwords is in there but I can't remember where I still might be using it but obviously I'd like to figure it out.
Submitted March 01, 2018 at 12:17PM by waterbed87
via reddit http://ift.tt/2oGsZvf
reddit
Recent Paste Breach / Have I been pwned - Emails and... • r/security
Hello, I recently received a notification about a paste dump that contained my email address. This past dump has user names and passwords in it....
How can you find out where a 2FA code is coming from?
I've been receiving 2FA codes via SMS for the past few weeks. They always read "Your TFS verification code is xxxxxx. Please enter this code on the device from which is was requested. Please do no reply"I'm not signing in or requesting a 2FA SMS code, so I am not triggering it. Does TFS stand for Team Foundation Server? Is there any way to track down these types of incidents?
Submitted March 01, 2018 at 11:36AM by Volmcat
via reddit http://ift.tt/2t43oSa
I've been receiving 2FA codes via SMS for the past few weeks. They always read "Your TFS verification code is xxxxxx. Please enter this code on the device from which is was requested. Please do no reply"I'm not signing in or requesting a 2FA SMS code, so I am not triggering it. Does TFS stand for Team Foundation Server? Is there any way to track down these types of incidents?
Submitted March 01, 2018 at 11:36AM by Volmcat
via reddit http://ift.tt/2t43oSa
reddit
How can you find out where a 2FA code is coming from? • r/security
I've been receiving 2FA codes via SMS for the past few weeks. They always read "Your TFS verification code is xxxxxx. Please enter this code on...
Be aware of Onavo - Facebookâs Vampiric VPN Service
http://ift.tt/2GTISpz
Submitted March 01, 2018 at 01:18PM by tomasstatkus
via reddit http://ift.tt/2oyg3IC
http://ift.tt/2GTISpz
Submitted March 01, 2018 at 01:18PM by tomasstatkus
via reddit http://ift.tt/2oyg3IC
Reviewedbypro
Be aware of Onavo - Facebook’s Vampiric VPN Service
You should probably know that Facebook is not a privacy-oriented company, it is BIG Brother on PCP. Facebook will not anonymize or protect you, in
Do you want to know more about how to filter & query SSL/TLS certs for intelligence?
http://ift.tt/2GSRXyY
Submitted March 01, 2018 at 01:00PM by xrna
via reddit http://ift.tt/2EYJSfs
http://ift.tt/2GSRXyY
Submitted March 01, 2018 at 01:00PM by xrna
via reddit http://ift.tt/2EYJSfs
Cyber Sins
How to filter and query SSL/TLS certs for intelligence
Recently I noticed a new service/ project that is turning few heads among my peers in security community - CertDB. A one of its kind which indexes the domains SSL certs with their details, IP records, geo-location and timelines, common-name etc. They term…
firepwned: Check if your Firefox saved passwords have been compromised in a known data breach
http://ift.tt/2oFwYIv
Submitted March 01, 2018 at 01:26PM by thorn42
via reddit http://ift.tt/2CQfQoc
http://ift.tt/2oFwYIv
Submitted March 01, 2018 at 01:26PM by thorn42
via reddit http://ift.tt/2CQfQoc
GitHub
christophetd/firepwned
firepwned - Checks Firefox saved passwords against known data leaks using the Have I Been Pwned API.
Dear Developers, Beware of DNS Rebinding: DNS Rebinding and CSRF with Etcd
http://ift.tt/2t2fVG1
Submitted March 01, 2018 at 03:08PM by reddit_read_today
via reddit http://ift.tt/2F0zl3E
http://ift.tt/2t2fVG1
Submitted March 01, 2018 at 03:08PM by reddit_read_today
via reddit http://ift.tt/2F0zl3E
Twistlock
Dear developers, beware of DNS Rebinding | Twistlock
Dear developers, beware of DNS Rebinding from Twistlock. Dev-to-Production Docker and container security for enterprises.
A know-how on how you can support responsible disclosures by implementing "security.txt" file.
http://ift.tt/2owNnQe
Submitted March 01, 2018 at 02:55PM by xrna
via reddit http://ift.tt/2FGO9Bw
http://ift.tt/2owNnQe
Submitted March 01, 2018 at 02:55PM by xrna
via reddit http://ift.tt/2FGO9Bw
Cyber Sins
How to implement "security.txt" to advocate responsible disclosures?
After discussing CAA record in DNS to whitelist your certificate authorities in my previous article, do you know it's a matter of time that someone finds an issue with your web-presence, website or any front-facing application? If they do, what do you expect…