Let's Encrypt ACMEv2 implementation supporting wildcard certificates is completed
http://ift.tt/2HUlSIa
Submitted March 02, 2018 at 08:52AM by mebrahim
via reddit http://ift.tt/2F4wfHz
http://ift.tt/2HUlSIa
Submitted March 02, 2018 at 08:52AM by mebrahim
via reddit http://ift.tt/2F4wfHz
GitHub
Comprehensive support for ACMEv2 (tracking issue) #5365
Get ACMEv2 support in acme module Get ACMEv2 support in Certbot Get DNS plugins installable Change the default ACME server to the v2 endpoint
FinFisher exposed: A researcher’s tale of defeating traps, tricks, and complex virtual machines
http://ift.tt/2GY141f
Submitted March 02, 2018 at 08:25AM by TechLord2
via reddit http://ift.tt/2oNlDGq
http://ift.tt/2GY141f
Submitted March 02, 2018 at 08:25AM by TechLord2
via reddit http://ift.tt/2oNlDGq
Microsoft
FinFisher exposed: A researcher’s tale of defeating traps, tricks, and complex virtual machines
Office 365 Advanced Threat Protection (Office 365 ATP) blocked many notable zero-day exploits in 2017. In our analysis, one activity group stood out: NEODYMIUM. This threat actor is remarkable for two reasons: Its access to sophisticated zero-day exploits…
Help I accidentally tried to hack someone’s account?
So For fun me and my girlfriends were seeing if we could hack someone’s account (I’m aware this is dumb. Please don’t talk about it). We did the forgot password option and it said how they sent a code to their Microsoft authentication app. That means she would get a notification that someone tried to access her account. Does this mean that she will know it came from me? Does it show any backtracking of where the request came from?
Submitted March 02, 2018 at 02:08PM by helpmepls1120
via reddit http://ift.tt/2Fiyzy0
So For fun me and my girlfriends were seeing if we could hack someone’s account (I’m aware this is dumb. Please don’t talk about it). We did the forgot password option and it said how they sent a code to their Microsoft authentication app. That means she would get a notification that someone tried to access her account. Does this mean that she will know it came from me? Does it show any backtracking of where the request came from?
Submitted March 02, 2018 at 02:08PM by helpmepls1120
via reddit http://ift.tt/2Fiyzy0
reddit
Help I accidentally tried to hack someone’s account? • r/security
So For fun me and my girlfriends were seeing if we could hack someone’s account (I’m aware this is dumb. Please don’t talk about it). We did the...
The OWASP Top 10: 2013 vs. 2017
http://ift.tt/2CRQpTw
Submitted March 02, 2018 at 01:44PM by zinsi-
via reddit http://ift.tt/2Fe9ch4
http://ift.tt/2CRQpTw
Submitted March 02, 2018 at 01:44PM by zinsi-
via reddit http://ift.tt/2Fe9ch4
Templarbit Inc.
The OWASP Top 10: 2013 vs. 2017
Every few years, the Open Web Application Security Project...
A Medium publication just for InfoSec writeups.
http://ift.tt/2iII67Q
Submitted March 02, 2018 at 02:35PM by Eta-Meson
via reddit http://ift.tt/2oCx3x9
http://ift.tt/2iII67Q
Submitted March 02, 2018 at 02:35PM by Eta-Meson
via reddit http://ift.tt/2oCx3x9
Medium
InfoSec Writeups – Medium
A collection of awesome write ups from best hackers in topics ranging from bug bounties, CTFs, vulnhub machines, hardware challenges, real life encounters and everything else which can help other enthusiasts to learn. #sharingiscaring.
Number of Sites Hosting Cryptocurrency Miners Surges 725% in 4 Months
http://ift.tt/2oIybi9
Submitted March 02, 2018 at 03:23PM by Chumstick
via reddit http://ift.tt/2oKPA9P
http://ift.tt/2oIybi9
Submitted March 02, 2018 at 03:23PM by Chumstick
via reddit http://ift.tt/2oKPA9P
Dark Reading
Number of Sites Hosting Cryptocurrency Miners Surges 725% in 4 Months
The dramatic increase in cryptocurrency prices, especially for Monero, is behind the sudden explosive growth, says Cyren.
Emotet Malware URLs
http://ift.tt/2HY7XRA
Submitted March 02, 2018 at 03:21PM by Chumstick
via reddit http://ift.tt/2oKAPDR
http://ift.tt/2HY7XRA
Submitted March 02, 2018 at 03:21PM by Chumstick
via reddit http://ift.tt/2oKAPDR
Pastebin
Emotet Malware URLs 03/01/18 - Pastebin.com
New DDoS Record Set at 1.3 Tbps Thanks to Memcached Servers
http://ift.tt/2F6HkYM
Submitted March 02, 2018 at 03:20PM by Chumstick
via reddit http://ift.tt/2HXpJ7r
http://ift.tt/2F6HkYM
Submitted March 02, 2018 at 03:20PM by Chumstick
via reddit http://ift.tt/2HXpJ7r
BleepingComputer
New DDoS Record Set at 1.3 Tbps Thanks to Memcached Servers
We have a new record for the largest DDoS attack ever detected. The new high mark is 1.3 Tbps (Terabits-per-second).
CannibalRAT, a RAT entirely written in Python observed in targeted attacks
http://ift.tt/2oAuP1c
Submitted March 02, 2018 at 04:03PM by CasperVPN
via reddit http://ift.tt/2tai1n3
http://ift.tt/2oAuP1c
Submitted March 02, 2018 at 04:03PM by CasperVPN
via reddit http://ift.tt/2tai1n3
Security Affairs
CannibalRAT, a RAT entirely written in Python observed in targeted attacks
Security researchers from Cisco Talos discovered a new remote access Trojan (RAT) dubbed CannibalRAT that has been written entirely in Python.
The infamous vulnerability of target _blank code. Do you validate under "best coding practice" to prevent phishing.
http://ift.tt/2oKv89j
Submitted March 02, 2018 at 04:22PM by xrna
via reddit http://ift.tt/2HVKh02
http://ift.tt/2oKv89j
Submitted March 02, 2018 at 04:22PM by xrna
via reddit http://ift.tt/2HVKh02
Cyber Sins
The infamous issue of target _blank code
This is one of those vulnerabilities which hasn't got enough spotlight, and therefore vendors are still reluctant to fix it. Some of the vendors do not consider this a vulnerability at all. Here via this blog post, I would like to highlight this issue, and…
Reflected Cross Site Scripting when "Referer" header value renders on web page
http://ift.tt/2F5HWSw
Submitted March 02, 2018 at 05:10PM by indishell1046
via reddit http://ift.tt/2HXDrqM
http://ift.tt/2F5HWSw
Submitted March 02, 2018 at 05:10PM by indishell1046
via reddit http://ift.tt/2HXDrqM
GitHub
incredibleindishell/Random
Random - This repo contains random stuffs
TestLink Open Source Test Management(<= 1.9.16) Remote Code Execution
http://ift.tt/2t7E5Pp
Submitted March 02, 2018 at 06:40PM by indishell1046
via reddit http://ift.tt/2oJwQYd
http://ift.tt/2t7E5Pp
Submitted March 02, 2018 at 06:40PM by indishell1046
via reddit http://ift.tt/2oJwQYd
GitHub
incredibleindishell/exploit-code-by-me
exploit-code-by-me - Exploit code developed by me to check few famous vulnerabilities
Security In 5: Episode 186 - Tools, Tips and Tricks - Pwned Passwords
http://ift.tt/2oKHnlY
Submitted March 02, 2018 at 07:37PM by BinaryBlog
via reddit http://ift.tt/2HU9RCB
http://ift.tt/2oKHnlY
Submitted March 02, 2018 at 07:37PM by BinaryBlog
via reddit http://ift.tt/2HU9RCB
Libsyn
Security In Five Podcast: Episode 186 - Tools, Tips and Tricks - Pwned Passwords
Troy Hunt, creator of Have I Been Pwned, added a new feature to the website called Pwned Passwords. This is a collection of over 500 million passwords that were collected from all the breaches. The reason this was created is that NIST has suggested a change…
Easy-Scan: Terminal based minimal web application scanner built on Python
http://ift.tt/2sAqDz1
Submitted March 02, 2018 at 06:57PM by lazykid07
via reddit http://ift.tt/2oOuzLJ
http://ift.tt/2sAqDz1
Submitted March 02, 2018 at 06:57PM by lazykid07
via reddit http://ift.tt/2oOuzLJ
GitHub
introvertmac/Easy-Scan
Minimal web application scanner. Contribute to introvertmac/Easy-Scan development by creating an account on GitHub.
Jailbreak for iOS 10.x 64bit devices without KTRR
http://ift.tt/2HY69be
Submitted March 02, 2018 at 09:37PM by TechLord2
via reddit http://ift.tt/2CQYc3H
http://ift.tt/2HY69be
Submitted March 02, 2018 at 09:37PM by TechLord2
via reddit http://ift.tt/2CQYc3H
GitHub
tihmstar/doubleH3lix
doubleH3lix - Jailbreak for iOS 10.x 64bit devices without KTRR
Scrape the Twitter Frontend API without authentication
http://ift.tt/2ELHSar
Submitted March 02, 2018 at 09:35PM by TechLord2
via reddit http://ift.tt/2FLb12P
http://ift.tt/2ELHSar
Submitted March 02, 2018 at 09:35PM by TechLord2
via reddit http://ift.tt/2FLb12P
GitHub
kennethreitz/twitter-scraper
twitter-scraper - Scrape the Twitter Frontend API without authentication.
Bug in HP Remote Management Tool Leaves Servers Open to Attack
http://ift.tt/2CP4qkB
Submitted March 02, 2018 at 09:50PM by volci
via reddit http://ift.tt/2F94ldJ
http://ift.tt/2CP4qkB
Submitted March 02, 2018 at 09:50PM by volci
via reddit http://ift.tt/2F94ldJ
Threatpost | The first stop for security news
Bug in HP Remote Management Tool Leaves Servers Open to Attack
Firmware versions of HPE’s remote management hardware iLO3 have an unauthenticated remote denial of service vulnerability.
Shellen - Interactive shellcoding environment to easily craft shellcodes
http://ift.tt/2F4VcqH
Submitted March 02, 2018 at 10:17PM by pacotes
via reddit http://ift.tt/2FjekAr
http://ift.tt/2F4VcqH
Submitted March 02, 2018 at 10:17PM by pacotes
via reddit http://ift.tt/2FjekAr
GitHub
merrychap/shellen
:cherry_blossom: Interactive shellcoding environment to easily craft shellcodes - merrychap/shellen
Week 9 in Information Security, 2018
http://ift.tt/2GUkeoA
Submitted March 02, 2018 at 11:01PM by undercomm
via reddit http://ift.tt/2oEQW6M
http://ift.tt/2GUkeoA
Submitted March 02, 2018 at 11:01PM by undercomm
via reddit http://ift.tt/2oEQW6M
Malgregator
InfoSec Week 9, 2018
Wandera security researchers spotted a new sophisticated Android RedDrop malware hidden in at least 53 Android applications. It can...
New SMBv3 DoS exploit for Windows 8.1 & Windows Server 2012
http://ift.tt/2FeHuka
Submitted March 02, 2018 at 10:38PM by Neo-Bubba
via reddit http://ift.tt/2FjXaCO
http://ift.tt/2FeHuka
Submitted March 02, 2018 at 10:38PM by Neo-Bubba
via reddit http://ift.tt/2FjXaCO
Red Team Laptop & Infrastructure (pt 1: Architecture)
http://ift.tt/2CT9xR4
Submitted March 02, 2018 at 11:28PM by thugl0r
via reddit http://ift.tt/2Fatbd0
http://ift.tt/2CT9xR4
Submitted March 02, 2018 at 11:28PM by thugl0r
via reddit http://ift.tt/2Fatbd0