Security Now 653 MemCrashed
http://ift.tt/2G04zoC
Submitted March 07, 2018 at 08:58PM by volci
via reddit http://ift.tt/2FjYW3p
http://ift.tt/2G04zoC
Submitted March 07, 2018 at 08:58PM by volci
via reddit http://ift.tt/2FjYW3p
TWiT.tv
Security Now 653 MemCrashed | TWiT.TV
This week we discuss some very welcome microcode news from Microsoft, ten (yes, ten!) new 4G LTE network attacks, the battle over how secure TLS v1.3 will be allowed to be, the inc…
Unearthing Z͌̈́̾a͊̈́l͊g̏̉͆o̾̚̚S̝̬ͅc̬r̯̼͇ͅi̼͖̜̭͔p̲̘̘̹͖t̠͖̟̹͓͇ͅ with visual fuzzing
http://ift.tt/2oSFnZV
Submitted March 07, 2018 at 09:36PM by albinowax
via reddit http://ift.tt/2I8xuHS
http://ift.tt/2oSFnZV
Submitted March 07, 2018 at 09:36PM by albinowax
via reddit http://ift.tt/2I8xuHS
blog.portswigger.net
Unearthing Z͌̈́̾a͊̈́l͊ g̏̉͆o̾̚̚S̝̬ͅc̬r̯̼͇ͅi̼͖̜̭͔p̲̘̘̹͖t̠͖̟̹͓͇ͅ with visual fuzzing
This is valid JavaScript on Edge: ̀̀̀̀̀́́́́́̂̂̂̂̂̃̃̃̃̃̄̄̄̄̄̅̅̅̅̅̆̆̆̆̆̇̇̇̇̇̈̈̈̈̈̉̉̉̉̉ͅͅͅͅͅͅͅͅͅͅͅ alert(̋̋̋̋̋̌̌̌̌̌̍̍̍̍̍̎̎̎̎̎̏̏̏̏̏ͅͅͅͅͅ1ͅ...
Multiple Vulnerabilities in PHP Could Allow for Arbitrary Code Execution
http://ift.tt/2t4eiaw
Submitted March 07, 2018 at 09:29PM by soonbesleeping
via reddit http://ift.tt/2IbQODQ
http://ift.tt/2t4eiaw
Submitted March 07, 2018 at 09:29PM by soonbesleeping
via reddit http://ift.tt/2IbQODQ
Investigation into the security and pri- vacy of the three critical procedures of the 4G LTE protocol (i.e., attach, detach, and paging)
http://ift.tt/2Fn3ZmZ
Submitted March 07, 2018 at 09:11PM by fxja
via reddit http://ift.tt/2oQfEkW
http://ift.tt/2Fn3ZmZ
Submitted March 07, 2018 at 09:11PM by fxja
via reddit http://ift.tt/2oQfEkW
The Voice Commands Hidden In YOUTUBE Videos May Hack Smartphone
http://ift.tt/2Fkd299
Submitted March 07, 2018 at 11:06PM by dailynewscard
via reddit http://ift.tt/2I8AJ1S
http://ift.tt/2Fkd299
Submitted March 07, 2018 at 11:06PM by dailynewscard
via reddit http://ift.tt/2I8AJ1S
Dailynewscard
The Voice Commands Hidden In YOUTUBE Videos May Hack Smartphone | Latest Cyber News
A study has showed twisted voice commands concealed in YouTube videos may be used to assault a smartphone.
Any updates on ads being able to steal credentials via invisible forms?
Earlier this year, news came out that ads were able to include an invisible form in order to trick browser autofill in to handing over credentials. Supposedly these ad devs were only grabbing your email, but we all know how that goes. Anyways, has this been fixed? is it safe again to use browser autofill on chrome?
Submitted March 07, 2018 at 10:35PM by An_Angry_Badger
via reddit http://ift.tt/2FA7syH
Earlier this year, news came out that ads were able to include an invisible form in order to trick browser autofill in to handing over credentials. Supposedly these ad devs were only grabbing your email, but we all know how that goes. Anyways, has this been fixed? is it safe again to use browser autofill on chrome?
Submitted March 07, 2018 at 10:35PM by An_Angry_Badger
via reddit http://ift.tt/2FA7syH
reddit
Any updates on ads being able to steal credentials... • r/security
Earlier this year, news came out that ads were able to include an invisible form in order to trick browser autofill in to handing over...
Metasploit - Some “Assembly” Required
http://ift.tt/2oSOMjg
Submitted March 07, 2018 at 11:31PM by majorllama
via reddit http://ift.tt/2D8panE
http://ift.tt/2oSOMjg
Submitted March 07, 2018 at 11:31PM by majorllama
via reddit http://ift.tt/2D8panE
Ringzerolabs
Metasploit - Some Assembly Required
Metasploit is the most prevalent exploit framework in the world today thanks to it's ease of use, support, and scalability. Today we focus on payload generation and how "some assembly may be required." (Pun Intended)
Hackers May Use Cortana To Hack A Locked Windows PC
http://ift.tt/2G3JpWH
Submitted March 07, 2018 at 11:17PM by dailynewscard
via reddit http://ift.tt/2Fn8ryJ
http://ift.tt/2G3JpWH
Submitted March 07, 2018 at 11:17PM by dailynewscard
via reddit http://ift.tt/2Fn8ryJ
Dailynewscard
Hackers May Use Cortana To Hack A Locked Windows PC | Latest Cyber News
Compromising a PC this way is possible as Cortana contains performance to listen and react to your voice commands when the computer is secured.
Metasploit - Some “Assembly” Required
http://ift.tt/2oSOMjg
Submitted March 07, 2018 at 11:53PM by majorllama
via reddit http://ift.tt/2IcEJOT
http://ift.tt/2oSOMjg
Submitted March 07, 2018 at 11:53PM by majorllama
via reddit http://ift.tt/2IcEJOT
Ringzerolabs
Metasploit - Some Assembly Required
Metasploit is the most prevalent exploit framework in the world today thanks to it's ease of use, support, and scalability. Today we focus on payload generation and how "some assembly may be required." (Pun Intended)
Airline websites don’t care about your privacy follow-up: Emirates responds to my article with…
http://ift.tt/2D6FqFO
Submitted March 08, 2018 at 12:39AM by kmodi
via reddit http://ift.tt/2oXCxC7
http://ift.tt/2D6FqFO
Submitted March 08, 2018 at 12:39AM by kmodi
via reddit http://ift.tt/2oXCxC7
freeCodeCamp
Airline websites don’t care about your privacy follow-up: Emirates responds to my article with full-on denial
Yesterday, The Register wrote about my exposé on the privacy failings of airline websites.
AlgoSaaS, First & Only Network Security Policy Management "Software as a Service" Solution -
http://ift.tt/2G4j4Yv
Submitted March 08, 2018 at 12:40AM by ic3cub3d
via reddit http://ift.tt/2I9J71b
http://ift.tt/2G4j4Yv
Submitted March 08, 2018 at 12:40AM by ic3cub3d
via reddit http://ift.tt/2I9J71b
Techexeconline
AlgoSaaS, First & Only Network Security Policy Management “Software as a Service” Solution
AlgoSec, the leading provider of business-driven security policy management solutions, today announced AlgoSaaS, the industry’s first Network Security Policy Management Solution available as a Software as a Service (SaaS) solution. AlgoSaaS delivers AlgoSec’s…
The King of traffic distribution
http://ift.tt/2FyEO0I
Submitted March 08, 2018 at 01:31AM by IllRaspberry
via reddit http://ift.tt/2HcBnKE
http://ift.tt/2FyEO0I
Submitted March 08, 2018 at 01:31AM by IllRaspberry
via reddit http://ift.tt/2HcBnKE
MDNC | Malware don't need Coffee
The King of traffic distribution
Disclaimer: This post is hosted here as a courtesy to the author who prefers to remain anonymous. MDNC was not involved in any way with this study.
Stored XSS, and SSRF in Google using the Dataset Publishing Language
http://ift.tt/2tmaBNL
Submitted March 08, 2018 at 12:47AM by s1gnalc
via reddit http://ift.tt/2FnnCYY
http://ift.tt/2tmaBNL
Submitted March 08, 2018 at 12:47AM by s1gnalc
via reddit http://ift.tt/2FnnCYY
reddit
Stored XSS, and SSRF in Google using the Dataset... • r/netsec
2 points and 0 comments so far on reddit
Is there a hidden process?
http://ift.tt/2oTE4cd
Submitted March 07, 2018 at 10:01PM by khasaia
via reddit http://ift.tt/2G7YRkR
http://ift.tt/2oTE4cd
Submitted March 07, 2018 at 10:01PM by khasaia
via reddit http://ift.tt/2G7YRkR
secrary[dot]com
Is there a hidden process?
This blog is about malware analysis and reverse engineering. But Does it matter?
Half a million Exim mail servers need an urgent update
http://ift.tt/2FvZB5g
Submitted March 08, 2018 at 02:55AM by volci
via reddit http://ift.tt/2FAfQ1e
http://ift.tt/2FvZB5g
Submitted March 08, 2018 at 02:55AM by volci
via reddit http://ift.tt/2FAfQ1e
Naked Security
Patch now! Half a million Exim mail servers need an urgent update
Exim is the world’s most popular mail server and it has a bug that can be triggered remotely
New DDoS Record Is Now 1.7 Tbps
http://ift.tt/2Fj8oEj
Submitted March 08, 2018 at 02:53AM by majorllama
via reddit http://ift.tt/2FmUcKA
http://ift.tt/2Fj8oEj
Submitted March 08, 2018 at 02:53AM by majorllama
via reddit http://ift.tt/2FmUcKA
BleepingComputer
New DDoS Record Is Now 1.7 Tbps
Four days after GitHub suffered a massive 1.3 Tbps DDoS attack, we now have a new record with a DDoS attack that clocked at 1.7 Tbps.
ManageEngine Applications Manager unauth RCE and SQLi
http://ift.tt/2DbHVXy
Submitted March 08, 2018 at 03:33AM by wtfse
via reddit http://ift.tt/2I7tRSq
http://ift.tt/2DbHVXy
Submitted March 08, 2018 at 03:33AM by wtfse
via reddit http://ift.tt/2I7tRSq
IoT Security Concerns : Consumer vs. Corporate viewpoint
http://ift.tt/2oREX5U
Submitted March 08, 2018 at 03:28AM by Iot_Security
via reddit http://ift.tt/2Hh178F
http://ift.tt/2oREX5U
Submitted March 08, 2018 at 03:28AM by Iot_Security
via reddit http://ift.tt/2Hh178F
SecuriThings
IoT Security Concerns : Consumer vs. Corporate viewpoint
When the masses start to use industry terminology, things have clearly gone mainstream. IoT is now mainstream, and there is no turning back. But, is security ready to move ahead at the speed of [...]
Need help
I gave someone access to my computer by typing helpme.net/some numbers into the box when you hit Window Key + RHow do I remove all access they may have? Already shut down my computer but not sure if that fully did the job.
Submitted March 08, 2018 at 04:25AM by BigFap123
via reddit http://ift.tt/2p0v2Ku
I gave someone access to my computer by typing helpme.net/some numbers into the box when you hit Window Key + RHow do I remove all access they may have? Already shut down my computer but not sure if that fully did the job.
Submitted March 08, 2018 at 04:25AM by BigFap123
via reddit http://ift.tt/2p0v2Ku
reddit
Need help • r/security
I gave someone access to my computer by typing helpme.net/*some numbers* into the box when you hit Window Key + R How do I remove all access they...
XML External Entity Injection in Jive-n (CVE-2018-5758); Researcher - Spencer Gietzen
http://ift.tt/2Dapbra
Submitted March 08, 2018 at 06:08AM by hackers_and_builders
via reddit http://ift.tt/2FrFZMp
http://ift.tt/2Dapbra
Submitted March 08, 2018 at 06:08AM by hackers_and_builders
via reddit http://ift.tt/2FrFZMp
Rhino Security Labs
XML External Entity Injection in Jive-n (CVE-2018-5758) - Rhino Security Labs
Our researchers discovered an XML external entity injection vulnerability in Jive-n (CVE-2018-5758). This flaw lies in the “Upload File” functionality.
SharpShooter - a weaponised payload generation framework with anti-sandbox analysis, staged and stageless payload execution and support for evading ingress monitoring [See comment for Sources]
http://ift.tt/2G2mpaE
Submitted March 08, 2018 at 06:46AM by TechLord2
via reddit http://ift.tt/2D8dn93
http://ift.tt/2G2mpaE
Submitted March 08, 2018 at 06:46AM by TechLord2
via reddit http://ift.tt/2D8dn93
reddit
SharpShooter - a weaponised payload generation... • r/netsec
10 points and 1 comments so far on reddit