IoT Security standards and guidelines
Does anyone know sources of open standards regarding IoT security?I could find good information from NIST, OWASP and GSMA.GSMA -> https://www.gsma.com/iot/future-iot-networks/iot-security-guidelines/OWASP -> https://www.owasp.org/index.php/OWASP_Internet_of_Things_ProjectNIST -> https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-183.pdf

Submitted March 07, 2018 at 12:33AM by neomer22
via reddit http://ift.tt/2D2K4Vj

Clang CFI Bypass Techniques
http://ift.tt/2HaMHXp

Submitted March 06, 2018 at 11:20PM by aohgdao
via reddit http://ift.tt/2Fvk3Dq

Is it possible that scammers hack someone's website and pursue their scam under that person's domain?
Long story short, I received a scam Paypal mail that links to a website where you are asked to update your PayPal information. The website is nearly identical to paypal.com in all aspects but the domain name, and I almost fell for the scam until I saw the url. Upon further investigation, I found the owner of the domain with all his personal information. I messaged him on twitter, and he claims he was hacked, and that he has notified the host. Please note that the scam website has been running for at least a month, probably longer (I received the mail a month ago, only checked it today). But the domain itself has been registered under his name for at least 7 years, possibly much longer. Other than that, the owner of the domain does not respond to my questions. I have recorded everything and I'm willing to expose this douchebag, who is surprisingly an Israeli lecturer at some university by the way. But I'm thinking, what if he really was hacked and had no idea this was happening? I find that unlikely but maybe things like this have happened before. I'm willing to provide any information you guys might need to corroborate my story.

Submitted March 07, 2018 at 02:11AM by mrdexie
via reddit http://ift.tt/2FgwUKr

How many websites have exposed their entire source codes?
https://twitter.com/mixnode/status/969265512680075264

Submitted March 07, 2018 at 01:54AM by mixnode
via reddit http://ift.tt/2Fkhoc5

Point-of-Sale Breach Affects 160+ Applebee's Locations
http://ift.tt/2D4K8UD

Submitted March 07, 2018 at 03:08AM by petermal67
via reddit http://ift.tt/2FZ6pGn

Adapting hashcat for SAP ‘half hashes’
http://ift.tt/2HaJPdk

Submitted March 07, 2018 at 01:40AM by gelim
via reddit http://ift.tt/2G42F6F

Was I legitimately hacked?
I think I might have been legitimately hacked through my iPhone, but I am not sure. I would really appreciate your guys' help.I was watching some explicit content in a private session in Safari on my iPhone running iOS 11.2.6. I accidentally navigated to a website that was clearly malicious -- it was the classic "you have won an Apple device" scam or something. However, this was different. Safari was completely locked up. I couldn't click any buttons in Safari, close the tabs, or anything. I could exit the app, but re-entering didn't allow me to regain control. After exiting the app and reentering multiple times, I was eventually able to close the tab.Just a little bit ago, I got an email to my personal email containing the following:Good day {my full name}. Just got several issues to resolve with you, won't take too long, for you to go through and will definitely get your awareness. Exactly how will you really feel if all ur relatives or friends will witness you taking care of your own self? How would they feel is the correct question here.You see where I am going with this one? I have infected a number of adult porn websites with my malware that steals all info from the machine and obtains an access to it's cams, and a lot more. And so today i have a video clip of u wanking and a film u jerked to, additionally all your contacts.It is your job e-mail, that I have located on your personal ps btw.Oh yeah, I have additionally edited the video to fit on a single screen, so it is going to be more comfortable to enjoy for everybody. Anyway- if u want me to get rid of all ur contact info with the video, this is my BTC wallet address -1CFdsWVuZVMJuk6bQVC16T8992XHBv5MhLjust make sure that you won't copy no spaces or different symbols. U can quickly get the info on the internet on how you can use this payment method if you do not know how to. 630 is the sum in us dollars i will need to leave you alone permanently.This letter has invisible monitoring tool inside and i will know when you will open it, and from that minute on, you will receive 5 days, to make-up ur mind.i promise that every single contact coming from ur list will see this movie, in case for whatever reason i won't see my funds. You are welcome to get in touch with ur nearby cops or anyone, i doubt it will help.I thought it was bs at first, but they got access to my personal email as well as my full name. Once I realized that, I got pretty nervous. Any advice would be extremely appreciated. Thank you.

Submitted March 07, 2018 at 06:21AM by alwsfwd
via reddit http://ift.tt/2Fr9QYH

Is PreyProject safe to use as far as privacy?
Haven't seen any negative reports on them, but I am still giving them a lot of leeway. It's great to have a free app to track my laptop and phone if they are lost/stolen, but at what cost?

Submitted March 07, 2018 at 05:48AM by SteveBozell
via reddit http://ift.tt/2HeNxmf

POS Malware Found at 160 Applebee's Restaurant Locations
http://ift.tt/2I7QqGs

Submitted March 07, 2018 at 05:37AM by volci
via reddit http://ift.tt/2FuDHPF

Vulnerability Affects Half of the Internet's Email Servers
http://ift.tt/2Fv3BTy

Submitted March 07, 2018 at 05:24AM by majorllama
via reddit http://ift.tt/2oNGJ86

How Hackers Bypassed an Adobe Flash Protection Mechanism
http://ift.tt/2FhHShO

Submitted March 07, 2018 at 10:06AM by TechLord2
via reddit http://ift.tt/2HcxJQG

Encryption 101: How to break encryption - Malwarebytes Labs
http://ift.tt/2He6SUD

Submitted March 07, 2018 at 10:17AM by TechLord2
via reddit http://ift.tt/2tnhfDd

Encryption 101: ShiOne ransomware case study - Malwarebytes Labs
http://ift.tt/2CqbsAI

Submitted March 07, 2018 at 10:14AM by TechLord2
via reddit http://ift.tt/2Hd6VA7

CyberArk Labs - Kerberos Decryption
http://ift.tt/2tnm4MP

Submitted March 07, 2018 at 02:20AM by bono353
via reddit http://ift.tt/2FhswdY

R.I.P. Kernelmode.info - Popular InfoSec Site Closes Down
http://ift.tt/2oVaJ11

Submitted March 07, 2018 at 01:50PM by alessiodelv
via reddit http://ift.tt/2FiiVUf

Vulnerability Affects Half of the Internet's Email Servers
http://ift.tt/2Fv3BTy

Submitted March 07, 2018 at 01:48PM by alessiodelv
via reddit http://ift.tt/2D4QUJZ

Starting in Security or transitioning into security wiki
http://ift.tt/2Foc0EW

Submitted March 07, 2018 at 02:21PM by Chouma
via reddit http://ift.tt/2FfjEFE

Security Update Rolling out for Google Pixel, Nexus Devices
http://ift.tt/2Fm4cUp

Submitted March 07, 2018 at 02:06PM by technewstuff
via reddit http://ift.tt/2FfjGxg

These Are Most Worst Types Of Cyber Attacks
http://ift.tt/2tqC8xk

Submitted March 07, 2018 at 03:23PM by tomzikerburg009
via reddit http://ift.tt/2tkx5i9

Payload Generation using SharpShooter
http://ift.tt/2G2mpaE

Submitted March 07, 2018 at 03:19PM by dmchell
via reddit http://ift.tt/2D8hPEv

DAFF: Android application (browsers & pdf readers) fuzzing framework with fuzzers and crash monitor
http://ift.tt/2FsFtAP

Submitted March 07, 2018 at 02:53PM by ajinabraham
via reddit http://ift.tt/2G1Qwz3