Any updates on ads being able to steal credentials via invisible forms?
Earlier this year, news came out that ads were able to include an invisible form in order to trick browser autofill in to handing over credentials. Supposedly these ad devs were only grabbing your email, but we all know how that goes. Anyways, has this been fixed? is it safe again to use browser autofill on chrome?
Submitted March 07, 2018 at 10:35PM by An_Angry_Badger
via reddit http://ift.tt/2FA7syH
Earlier this year, news came out that ads were able to include an invisible form in order to trick browser autofill in to handing over credentials. Supposedly these ad devs were only grabbing your email, but we all know how that goes. Anyways, has this been fixed? is it safe again to use browser autofill on chrome?
Submitted March 07, 2018 at 10:35PM by An_Angry_Badger
via reddit http://ift.tt/2FA7syH
reddit
Any updates on ads being able to steal credentials... • r/security
Earlier this year, news came out that ads were able to include an invisible form in order to trick browser autofill in to handing over...
Metasploit - Some “Assembly” Required
http://ift.tt/2oSOMjg
Submitted March 07, 2018 at 11:31PM by majorllama
via reddit http://ift.tt/2D8panE
http://ift.tt/2oSOMjg
Submitted March 07, 2018 at 11:31PM by majorllama
via reddit http://ift.tt/2D8panE
Ringzerolabs
Metasploit - Some Assembly Required
Metasploit is the most prevalent exploit framework in the world today thanks to it's ease of use, support, and scalability. Today we focus on payload generation and how "some assembly may be required." (Pun Intended)
Hackers May Use Cortana To Hack A Locked Windows PC
http://ift.tt/2G3JpWH
Submitted March 07, 2018 at 11:17PM by dailynewscard
via reddit http://ift.tt/2Fn8ryJ
http://ift.tt/2G3JpWH
Submitted March 07, 2018 at 11:17PM by dailynewscard
via reddit http://ift.tt/2Fn8ryJ
Dailynewscard
Hackers May Use Cortana To Hack A Locked Windows PC | Latest Cyber News
Compromising a PC this way is possible as Cortana contains performance to listen and react to your voice commands when the computer is secured.
Metasploit - Some “Assembly” Required
http://ift.tt/2oSOMjg
Submitted March 07, 2018 at 11:53PM by majorllama
via reddit http://ift.tt/2IcEJOT
http://ift.tt/2oSOMjg
Submitted March 07, 2018 at 11:53PM by majorllama
via reddit http://ift.tt/2IcEJOT
Ringzerolabs
Metasploit - Some Assembly Required
Metasploit is the most prevalent exploit framework in the world today thanks to it's ease of use, support, and scalability. Today we focus on payload generation and how "some assembly may be required." (Pun Intended)
Airline websites don’t care about your privacy follow-up: Emirates responds to my article with…
http://ift.tt/2D6FqFO
Submitted March 08, 2018 at 12:39AM by kmodi
via reddit http://ift.tt/2oXCxC7
http://ift.tt/2D6FqFO
Submitted March 08, 2018 at 12:39AM by kmodi
via reddit http://ift.tt/2oXCxC7
freeCodeCamp
Airline websites don’t care about your privacy follow-up: Emirates responds to my article with full-on denial
Yesterday, The Register wrote about my exposé on the privacy failings of airline websites.
AlgoSaaS, First & Only Network Security Policy Management "Software as a Service" Solution -
http://ift.tt/2G4j4Yv
Submitted March 08, 2018 at 12:40AM by ic3cub3d
via reddit http://ift.tt/2I9J71b
http://ift.tt/2G4j4Yv
Submitted March 08, 2018 at 12:40AM by ic3cub3d
via reddit http://ift.tt/2I9J71b
Techexeconline
AlgoSaaS, First & Only Network Security Policy Management “Software as a Service” Solution
AlgoSec, the leading provider of business-driven security policy management solutions, today announced AlgoSaaS, the industry’s first Network Security Policy Management Solution available as a Software as a Service (SaaS) solution. AlgoSaaS delivers AlgoSec’s…
The King of traffic distribution
http://ift.tt/2FyEO0I
Submitted March 08, 2018 at 01:31AM by IllRaspberry
via reddit http://ift.tt/2HcBnKE
http://ift.tt/2FyEO0I
Submitted March 08, 2018 at 01:31AM by IllRaspberry
via reddit http://ift.tt/2HcBnKE
MDNC | Malware don't need Coffee
The King of traffic distribution
Disclaimer: This post is hosted here as a courtesy to the author who prefers to remain anonymous. MDNC was not involved in any way with this study.
Stored XSS, and SSRF in Google using the Dataset Publishing Language
http://ift.tt/2tmaBNL
Submitted March 08, 2018 at 12:47AM by s1gnalc
via reddit http://ift.tt/2FnnCYY
http://ift.tt/2tmaBNL
Submitted March 08, 2018 at 12:47AM by s1gnalc
via reddit http://ift.tt/2FnnCYY
reddit
Stored XSS, and SSRF in Google using the Dataset... • r/netsec
2 points and 0 comments so far on reddit
Is there a hidden process?
http://ift.tt/2oTE4cd
Submitted March 07, 2018 at 10:01PM by khasaia
via reddit http://ift.tt/2G7YRkR
http://ift.tt/2oTE4cd
Submitted March 07, 2018 at 10:01PM by khasaia
via reddit http://ift.tt/2G7YRkR
secrary[dot]com
Is there a hidden process?
This blog is about malware analysis and reverse engineering. But Does it matter?
Half a million Exim mail servers need an urgent update
http://ift.tt/2FvZB5g
Submitted March 08, 2018 at 02:55AM by volci
via reddit http://ift.tt/2FAfQ1e
http://ift.tt/2FvZB5g
Submitted March 08, 2018 at 02:55AM by volci
via reddit http://ift.tt/2FAfQ1e
Naked Security
Patch now! Half a million Exim mail servers need an urgent update
Exim is the world’s most popular mail server and it has a bug that can be triggered remotely
New DDoS Record Is Now 1.7 Tbps
http://ift.tt/2Fj8oEj
Submitted March 08, 2018 at 02:53AM by majorllama
via reddit http://ift.tt/2FmUcKA
http://ift.tt/2Fj8oEj
Submitted March 08, 2018 at 02:53AM by majorllama
via reddit http://ift.tt/2FmUcKA
BleepingComputer
New DDoS Record Is Now 1.7 Tbps
Four days after GitHub suffered a massive 1.3 Tbps DDoS attack, we now have a new record with a DDoS attack that clocked at 1.7 Tbps.
ManageEngine Applications Manager unauth RCE and SQLi
http://ift.tt/2DbHVXy
Submitted March 08, 2018 at 03:33AM by wtfse
via reddit http://ift.tt/2I7tRSq
http://ift.tt/2DbHVXy
Submitted March 08, 2018 at 03:33AM by wtfse
via reddit http://ift.tt/2I7tRSq
IoT Security Concerns : Consumer vs. Corporate viewpoint
http://ift.tt/2oREX5U
Submitted March 08, 2018 at 03:28AM by Iot_Security
via reddit http://ift.tt/2Hh178F
http://ift.tt/2oREX5U
Submitted March 08, 2018 at 03:28AM by Iot_Security
via reddit http://ift.tt/2Hh178F
SecuriThings
IoT Security Concerns : Consumer vs. Corporate viewpoint
When the masses start to use industry terminology, things have clearly gone mainstream. IoT is now mainstream, and there is no turning back. But, is security ready to move ahead at the speed of [...]
Need help
I gave someone access to my computer by typing helpme.net/some numbers into the box when you hit Window Key + RHow do I remove all access they may have? Already shut down my computer but not sure if that fully did the job.
Submitted March 08, 2018 at 04:25AM by BigFap123
via reddit http://ift.tt/2p0v2Ku
I gave someone access to my computer by typing helpme.net/some numbers into the box when you hit Window Key + RHow do I remove all access they may have? Already shut down my computer but not sure if that fully did the job.
Submitted March 08, 2018 at 04:25AM by BigFap123
via reddit http://ift.tt/2p0v2Ku
reddit
Need help • r/security
I gave someone access to my computer by typing helpme.net/*some numbers* into the box when you hit Window Key + R How do I remove all access they...
XML External Entity Injection in Jive-n (CVE-2018-5758); Researcher - Spencer Gietzen
http://ift.tt/2Dapbra
Submitted March 08, 2018 at 06:08AM by hackers_and_builders
via reddit http://ift.tt/2FrFZMp
http://ift.tt/2Dapbra
Submitted March 08, 2018 at 06:08AM by hackers_and_builders
via reddit http://ift.tt/2FrFZMp
Rhino Security Labs
XML External Entity Injection in Jive-n (CVE-2018-5758) - Rhino Security Labs
Our researchers discovered an XML external entity injection vulnerability in Jive-n (CVE-2018-5758). This flaw lies in the “Upload File” functionality.
SharpShooter - a weaponised payload generation framework with anti-sandbox analysis, staged and stageless payload execution and support for evading ingress monitoring [See comment for Sources]
http://ift.tt/2G2mpaE
Submitted March 08, 2018 at 06:46AM by TechLord2
via reddit http://ift.tt/2D8dn93
http://ift.tt/2G2mpaE
Submitted March 08, 2018 at 06:46AM by TechLord2
via reddit http://ift.tt/2D8dn93
reddit
SharpShooter - a weaponised payload generation... • r/netsec
10 points and 1 comments so far on reddit
Reconstructing C++ classes in the iOS kernelcache using IDA Pro
http://ift.tt/2FjjE7v
Submitted March 08, 2018 at 06:36AM by TechLord2
via reddit http://ift.tt/2FBytSA
http://ift.tt/2FjjE7v
Submitted March 08, 2018 at 06:36AM by TechLord2
via reddit http://ift.tt/2FBytSA
Version 0.1 of amass, the most effective subdomain enumeration tool, has just been released with precompiled binaries
http://ift.tt/2G4ya0i
Submitted March 08, 2018 at 08:39AM by jeff_foley
via reddit http://ift.tt/2Hhdhyh
http://ift.tt/2G4ya0i
Submitted March 08, 2018 at 08:39AM by jeff_foley
via reddit http://ift.tt/2Hhdhyh
GitHub
caffix/amass
amass - Subdomain Enumeration in Go
Best Proxies for Scrapebox
http://ift.tt/2tnH2v5
Submitted March 08, 2018 at 10:39AM by Lime_proxies
via reddit http://ift.tt/2tqETiq
http://ift.tt/2tnH2v5
Submitted March 08, 2018 at 10:39AM by Lime_proxies
via reddit http://ift.tt/2tqETiq
Limeproxies
Best Proxies for Scrapebox
Introduction to Scrapebox : Scrapebox is recently noticed to be the best online search engine scraping tool available, A lot of data analysts use Scrapebox as it is a most versatile tool in scraping data from almost all the search engines
Setting up Kali Linux on Windows Subsystem
http://ift.tt/2G1fUol
Submitted March 08, 2018 at 10:54AM by Moti_Ba
via reddit http://ift.tt/2FCwq0u
http://ift.tt/2G1fUol
Submitted March 08, 2018 at 10:54AM by Moti_Ba
via reddit http://ift.tt/2FCwq0u
I want to become a security pentester or similar but I need help
Back in the days around 2000, I did have experience doing some pentesting but not really deep. I used Nessus to do the assessment. I visited some tutorial sites to learn how to conduct vulnerability testing against a web server like directory traversal. I'm so rusty now. I'd like to move back to security field again. I would like to ask you if you can provide me with great urls that I can read about security. Also few weeks ago, I started learning assembly language since I also want to be able to reverse engineer malwares.
Also, I'd like to prepare myself for an interview. I'm sure there are tons of new terminologies now. Today I heard CSIRT and I was like "what is that, lol". I just learned it few seconds ago since I saw a post here Episode 185 :)
Thank you so much in advance!
Submitted March 08, 2018 at 01:13PM by Oxffff0000
via reddit http://ift.tt/2IcIZhA
Back in the days around 2000, I did have experience doing some pentesting but not really deep. I used Nessus to do the assessment. I visited some tutorial sites to learn how to conduct vulnerability testing against a web server like directory traversal. I'm so rusty now. I'd like to move back to security field again. I would like to ask you if you can provide me with great urls that I can read about security. Also few weeks ago, I started learning assembly language since I also want to be able to reverse engineer malwares.
Also, I'd like to prepare myself for an interview. I'm sure there are tons of new terminologies now. Today I heard CSIRT and I was like "what is that, lol". I just learned it few seconds ago since I saw a post here Episode 185 :)
Thank you so much in advance!
Submitted March 08, 2018 at 01:13PM by Oxffff0000
via reddit http://ift.tt/2IcIZhA
reddit
I want to become a security pentester or similar but... • r/security
Back in the days around 2000, I did have experience doing some pentesting but not really deep. I used Nessus to do the assessment. I visited some...