Recent Paste Breach / Have I been pwned - Emails and Passwords
Hello,I recently received a notification about a paste dump that contained my email address. This past dump has user names and passwords in it. Anyone else get a notification with these paste details?Title: dl.freeleecher.ir Author: Not provided Date of paste: Unknown Accounts found: 579,953The paste has email addresses and passwords in text. I'd link it but idk if that violates rules.. one of my older passwords is in there but I can't remember where I still might be using it but obviously I'd like to figure it out.
Submitted March 01, 2018 at 12:17PM by waterbed87
via reddit http://ift.tt/2oGsZvf
Hello,I recently received a notification about a paste dump that contained my email address. This past dump has user names and passwords in it. Anyone else get a notification with these paste details?Title: dl.freeleecher.ir Author: Not provided Date of paste: Unknown Accounts found: 579,953The paste has email addresses and passwords in text. I'd link it but idk if that violates rules.. one of my older passwords is in there but I can't remember where I still might be using it but obviously I'd like to figure it out.
Submitted March 01, 2018 at 12:17PM by waterbed87
via reddit http://ift.tt/2oGsZvf
reddit
Recent Paste Breach / Have I been pwned - Emails and... • r/security
Hello, I recently received a notification about a paste dump that contained my email address. This past dump has user names and passwords in it....
How can you find out where a 2FA code is coming from?
I've been receiving 2FA codes via SMS for the past few weeks. They always read "Your TFS verification code is xxxxxx. Please enter this code on the device from which is was requested. Please do no reply"I'm not signing in or requesting a 2FA SMS code, so I am not triggering it. Does TFS stand for Team Foundation Server? Is there any way to track down these types of incidents?
Submitted March 01, 2018 at 11:36AM by Volmcat
via reddit http://ift.tt/2t43oSa
I've been receiving 2FA codes via SMS for the past few weeks. They always read "Your TFS verification code is xxxxxx. Please enter this code on the device from which is was requested. Please do no reply"I'm not signing in or requesting a 2FA SMS code, so I am not triggering it. Does TFS stand for Team Foundation Server? Is there any way to track down these types of incidents?
Submitted March 01, 2018 at 11:36AM by Volmcat
via reddit http://ift.tt/2t43oSa
reddit
How can you find out where a 2FA code is coming from? • r/security
I've been receiving 2FA codes via SMS for the past few weeks. They always read "Your TFS verification code is xxxxxx. Please enter this code on...
Be aware of Onavo - Facebookâs Vampiric VPN Service
http://ift.tt/2GTISpz
Submitted March 01, 2018 at 01:18PM by tomasstatkus
via reddit http://ift.tt/2oyg3IC
http://ift.tt/2GTISpz
Submitted March 01, 2018 at 01:18PM by tomasstatkus
via reddit http://ift.tt/2oyg3IC
Reviewedbypro
Be aware of Onavo - Facebook’s Vampiric VPN Service
You should probably know that Facebook is not a privacy-oriented company, it is BIG Brother on PCP. Facebook will not anonymize or protect you, in
Do you want to know more about how to filter & query SSL/TLS certs for intelligence?
http://ift.tt/2GSRXyY
Submitted March 01, 2018 at 01:00PM by xrna
via reddit http://ift.tt/2EYJSfs
http://ift.tt/2GSRXyY
Submitted March 01, 2018 at 01:00PM by xrna
via reddit http://ift.tt/2EYJSfs
Cyber Sins
How to filter and query SSL/TLS certs for intelligence
Recently I noticed a new service/ project that is turning few heads among my peers in security community - CertDB. A one of its kind which indexes the domains SSL certs with their details, IP records, geo-location and timelines, common-name etc. They term…
firepwned: Check if your Firefox saved passwords have been compromised in a known data breach
http://ift.tt/2oFwYIv
Submitted March 01, 2018 at 01:26PM by thorn42
via reddit http://ift.tt/2CQfQoc
http://ift.tt/2oFwYIv
Submitted March 01, 2018 at 01:26PM by thorn42
via reddit http://ift.tt/2CQfQoc
GitHub
christophetd/firepwned
firepwned - Checks Firefox saved passwords against known data leaks using the Have I Been Pwned API.
Dear Developers, Beware of DNS Rebinding: DNS Rebinding and CSRF with Etcd
http://ift.tt/2t2fVG1
Submitted March 01, 2018 at 03:08PM by reddit_read_today
via reddit http://ift.tt/2F0zl3E
http://ift.tt/2t2fVG1
Submitted March 01, 2018 at 03:08PM by reddit_read_today
via reddit http://ift.tt/2F0zl3E
Twistlock
Dear developers, beware of DNS Rebinding | Twistlock
Dear developers, beware of DNS Rebinding from Twistlock. Dev-to-Production Docker and container security for enterprises.
A know-how on how you can support responsible disclosures by implementing "security.txt" file.
http://ift.tt/2owNnQe
Submitted March 01, 2018 at 02:55PM by xrna
via reddit http://ift.tt/2FGO9Bw
http://ift.tt/2owNnQe
Submitted March 01, 2018 at 02:55PM by xrna
via reddit http://ift.tt/2FGO9Bw
Cyber Sins
How to implement "security.txt" to advocate responsible disclosures?
After discussing CAA record in DNS to whitelist your certificate authorities in my previous article, do you know it's a matter of time that someone finds an issue with your web-presence, website or any front-facing application? If they do, what do you expect…
OpenJDK Vulnerability Group
http://ift.tt/2FelBl6
Submitted March 01, 2018 at 03:22PM by artem_smotrakov
via reddit http://ift.tt/2t6XXC8
http://ift.tt/2FelBl6
Submitted March 01, 2018 at 03:22PM by artem_smotrakov
via reddit http://ift.tt/2t6XXC8
Instantly drop your fraud rate by over 60% with Zensed AI engine
https://www.zensed.com/
Submitted March 01, 2018 at 03:18PM by ToveLarsson
via reddit http://ift.tt/2oyeB8P
https://www.zensed.com/
Submitted March 01, 2018 at 03:18PM by ToveLarsson
via reddit http://ift.tt/2oyeB8P
reddit
Instantly drop your fraud rate by over 60% with Zensed... • r/netsec
0 points and 0 comments so far on reddit
Surveying the current IoT threat landscape
http://ift.tt/2FGWbu8
Submitted March 01, 2018 at 03:53PM by Iot_Security
via reddit http://ift.tt/2oHzn5f
http://ift.tt/2FGWbu8
Submitted March 01, 2018 at 03:53PM by Iot_Security
via reddit http://ift.tt/2oHzn5f
Digitaljournal
Surveying the current IoT threat landscape: Interview (Includes interview and first-hand account)
IoT security flaws are hitting the news at a higher rate, but what are the real risks? A leading expert explores the potential ‘worst-case scenario’ IoT attacks and provides best practice tips for enterprises and IoT service providers.
Interesting Phishing Technique Targeting Google G Suite
http://ift.tt/2F3bWub
Submitted March 01, 2018 at 05:46PM by jekapats
via reddit http://ift.tt/2F4uOgF
http://ift.tt/2F3bWub
Submitted March 01, 2018 at 05:46PM by jekapats
via reddit http://ift.tt/2F4uOgF
PhishAI
The Phishing Collage | PhishAI
We recently encountered a wave of attacks targeting Google G Suite using a technique we named the ‘phishing collage’ which evades different traditional solutions that try to detect zero-day phishing attacks by parsing and analysis of HTML payload. Attack…
Security In 5: Episode 185 - How You Can Be Breached Without Detecting It
http://ift.tt/2HU6eN5
Submitted March 01, 2018 at 07:32PM by BinaryBlog
via reddit http://ift.tt/2oHti95
http://ift.tt/2HU6eN5
Submitted March 01, 2018 at 07:32PM by BinaryBlog
via reddit http://ift.tt/2oHti95
Libsyn
Security In Five Podcast: Episode 185 - How You Can Be Breached Without Detecting It
Hackers want to remain undetected. The longer they slip under your radar the longer they can steal your data. This episode goes into a few ways you can identify signs that you have something malicious running on your machine that is going undetected by your…
Cyber as a Driver for Business Decisions
http://ift.tt/2GWeFGy
Submitted March 01, 2018 at 07:59PM by Uminekoshi
via reddit http://ift.tt/2owCwFV
http://ift.tt/2GWeFGy
Submitted March 01, 2018 at 07:59PM by Uminekoshi
via reddit http://ift.tt/2owCwFV
SoundCloud
Episode 7 - Cyber as a Driver for Business Decisions with Richard Van Horn
In this CyberTangent episode, we are joined by Richard Van Horn, a Cybersecurity professional and owner of https://www.technologyatrisk.info/ Our podcast host is Landon Johnson.
Today's topic is "Cyb
Today's topic is "Cyb
Selmayr slip discloses phone numbers in photo
http://ift.tt/2FDwP04
Submitted March 01, 2018 at 07:40PM by MilchreisMann412
via reddit http://ift.tt/2F3ftsA
http://ift.tt/2FDwP04
Submitted March 01, 2018 at 07:40PM by MilchreisMann412
via reddit http://ift.tt/2F3ftsA
Euobserver
Selmayr slip discloses phone numbers in photo
The European Commission's most powerful administrator, Martin Selmayr, has revealed the mobile phone numbers of heads of cabinet, including his own, in a vanity shot.
Oracle Server Exploit Opens up for Double Cryptocurrency miner Payload
http://ift.tt/2FdhG7X
Submitted March 01, 2018 at 08:35PM by htbridgedigital
via reddit http://ift.tt/2FceiKv
http://ift.tt/2FdhG7X
Submitted March 01, 2018 at 08:35PM by htbridgedigital
via reddit http://ift.tt/2FceiKv
Htbridge
Oracle Server Exploit Opens up for Double Cryptocurrency miner Payload
Hackers serve up a duo of cryptocurrency miners by exploiting Oracle server vulnerability...
Basics of Web Scraping
http://ift.tt/2t989Km
Submitted March 01, 2018 at 08:31PM by jacob16682
via reddit http://ift.tt/2oAQ0At
http://ift.tt/2t989Km
Submitted March 01, 2018 at 08:31PM by jacob16682
via reddit http://ift.tt/2oAQ0At
Vulsec
Web Scraping for Open Source Intelligence
Web scraping is a way to automate the process of going through a website and picking out the information that you need. This article will detail how to go about scraping the web and what web scraping can be used for.
Trustico self rooted?
https://twitter.com/svblxyz/status/969220402768736258
Submitted March 01, 2018 at 09:20PM by Teknowlogist
via reddit http://ift.tt/2CRtJT4
https://twitter.com/svblxyz/status/969220402768736258
Submitted March 01, 2018 at 09:20PM by Teknowlogist
via reddit http://ift.tt/2CRtJT4
Twitter
svbl
Hmmm... I can't validate my Domain certificate via #Trustico, it just ends up sending weird curl requests to my server. 🤔😏 Anyone got an idea whats wrong?
Intel Releases Updated Spectre Fixes For Broadwell and Haswell Chips
http://ift.tt/2CsFmV9
Submitted March 01, 2018 at 08:22PM by volci
via reddit http://ift.tt/2oFOaxe
http://ift.tt/2CsFmV9
Submitted March 01, 2018 at 08:22PM by volci
via reddit http://ift.tt/2oFOaxe
Threatpost | The first stop for security news
Intel Releases Updated Spectre Fixes For Broadwell and Haswell Chips
Intel has issued stable microcode to help protect its Broadwell and Haswell chips from the Spectre Variant 2 security exploits.
Demonstrating a VMware guest-to-host escape: ZDI researchers break down a winning Pwn2Own exploit chain that executes code on the hypervisor.
http://ift.tt/2FHY3mq
Submitted March 01, 2018 at 09:27PM by RedmondSecGnome
via reddit http://ift.tt/2F4eW9v
http://ift.tt/2FHY3mq
Submitted March 01, 2018 at 09:27PM by RedmondSecGnome
via reddit http://ift.tt/2F4eW9v
Zero Day Initiative
VMware Exploitation through Uninitialized Buffers
As we approach Pwn2Own 2018, I’m reminded of some of the exploits we saw at last year’s contest. Of course, the most interesting bugs we saw involved guest-to-host escalation in VMware. Recently, we presented “l’art de l’évasion: Modern VMware Exploitation…
Trustico's website was vulnerable to a trivial shell command substitution injection, running as uid=0
http://ift.tt/2ozbcXr
Submitted March 01, 2018 at 09:25PM by jw12321
via reddit http://ift.tt/2owx5qA
http://ift.tt/2ozbcXr
Submitted March 01, 2018 at 09:25PM by jw12321
via reddit http://ift.tt/2owx5qA
Google
Google Groups
Google Groups allows you to create and participate in online forums and email-based groups with a rich experience for community conversations.
GitHub survived the biggest DDoS attack ever recorded
http://ift.tt/2FeA7ZW
Submitted March 01, 2018 at 10:10PM by ShinjoB
via reddit http://ift.tt/2F6SEEa
http://ift.tt/2FeA7ZW
Submitted March 01, 2018 at 10:10PM by ShinjoB
via reddit http://ift.tt/2F6SEEa
WIRED
GitHub Survived the Biggest DDoS Attack Ever Recorded
On Wednesday, a 1.3Tbps DDoS attack pummeled GitHub for 15-20 minutes. Here's how it stayed online.