Justifying Security Spend, a Response Pt 2
https://www.youtube.com/watch?v=pvgPlAy6JC0&index=2&list=PLWV16JTzD6eabntglRTssFpTEXes_V2Ym
Submitted March 13, 2018 at 06:08PM by Uminekoshi
via reddit http://ift.tt/2Ikw9xw
https://www.youtube.com/watch?v=pvgPlAy6JC0&index=2&list=PLWV16JTzD6eabntglRTssFpTEXes_V2Ym
Submitted March 13, 2018 at 06:08PM by Uminekoshi
via reddit http://ift.tt/2Ikw9xw
YouTube
Justifying Security Spend, a Response from Nehemiah Security: Part 2
In this video, Jerry Caponera responds to an entry in our eBook about "7 Experts on Justifying Security Spend" written by Genady Vishnevetsky. If your friend...
Third-party security vetting: Do it before you sign a contract
http://ift.tt/2p7aQa2
Submitted March 13, 2018 at 06:08PM by Chumstick
via reddit http://ift.tt/2InDr3B
http://ift.tt/2p7aQa2
Submitted March 13, 2018 at 06:08PM by Chumstick
via reddit http://ift.tt/2InDr3B
CSO Online
Third-party security vetting: Do it before you sign a contract
Security needs to ensure that all vendors and partners, even those not controlled by IT, meet the organization's security standards.
Firefox tunnel to bypass any firewall
http://ift.tt/2p61qMH
Submitted March 13, 2018 at 06:07PM by Chumstick
via reddit http://ift.tt/2pb35zZ
http://ift.tt/2p61qMH
Submitted March 13, 2018 at 06:07PM by Chumstick
via reddit http://ift.tt/2pb35zZ
Medium
Firefox tunnel to bypass any firewall
A crucial element for the Red Team’s task is having stealth to perform the attack, success in the ability to expose an aggressive mindset…
NSA Retreats From Targeted PCs If They're Already Infected by Other APT Malware
http://ift.tt/2p5lfE5
Submitted March 13, 2018 at 06:06PM by Chumstick
via reddit http://ift.tt/2ImIL7F
http://ift.tt/2p5lfE5
Submitted March 13, 2018 at 06:06PM by Chumstick
via reddit http://ift.tt/2ImIL7F
BleepingComputer
NSA Retreats From Targeted PCs If They're Already Infected by Other APT Malware
Hacking tools leaked last year and believed to belong to the US National Security Agency (NSA) contain an utility for detecting the presence of malware developed by other cyber-espionage groups.
Tim Berners-Lee: we must regulate tech firms to prevent 'weaponised' web
http://ift.tt/2FGOXbY
Submitted March 13, 2018 at 06:06PM by Chumstick
via reddit http://ift.tt/2p996wW
http://ift.tt/2FGOXbY
Submitted March 13, 2018 at 06:06PM by Chumstick
via reddit http://ift.tt/2p996wW
the Guardian
Tim Berners-Lee: we must regulate tech firms to prevent 'weaponised' web
The inventor of the world wide web warns over concentration of power among a few companies ‘controlling which ideas are shared’
MOSQUITO Attack Allows Air-Gapped Computers to Covertly Exchange Data
http://ift.tt/2Dky3e3
Submitted March 13, 2018 at 06:05PM by Chumstick
via reddit http://ift.tt/2ImIMIL
http://ift.tt/2Dky3e3
Submitted March 13, 2018 at 06:05PM by Chumstick
via reddit http://ift.tt/2ImIMIL
The Hacker News
MOSQUITO Attack Allows Air-Gapped Computers to Covertly Exchange Data
Researchers demonstrated how two (or more) Air-Gapped computers can covertly exchange data via ultrasonic waves.
JavaScript Zero: Real JavaScript and Zero Side-Channel Attacks [Research Paper PDF]
http://ift.tt/2Io8Lzw
Submitted March 13, 2018 at 06:46PM by TechLord2
via reddit http://ift.tt/2pa5s5T
http://ift.tt/2Io8Lzw
Submitted March 13, 2018 at 06:46PM by TechLord2
via reddit http://ift.tt/2pa5s5T
How to analyze memory from newer builds of Windows 10 with Volatility
http://ift.tt/2oQBCU7
Submitted March 13, 2018 at 06:21PM by 13Cubed
via reddit http://ift.tt/2pb2yxZ
http://ift.tt/2oQBCU7
Submitted March 13, 2018 at 06:21PM by 13Cubed
via reddit http://ift.tt/2pb2yxZ
Cyber debt - What is the cost of doing nothing?
http://ift.tt/2p881Gu
Submitted March 13, 2018 at 06:49PM by Uminekoshi
via reddit http://ift.tt/2FxQCS3
http://ift.tt/2p881Gu
Submitted March 13, 2018 at 06:49PM by Uminekoshi
via reddit http://ift.tt/2FxQCS3
Nehemiah Security
The High Cost of Doing Nothing - Nehemiah Security
In business, the name of the game is to make hard choices with the hope that the decision made will pay off. IT is not exempt from these difficult decisions. Originally coined in 1992 to address quick and dirty coding in software development, technical debt…
FireEye's Marina Krotofil On Triton and ICS Threats (video)
http://ift.tt/2DliJ0N
Submitted March 13, 2018 at 06:44PM by volci
via reddit http://ift.tt/2FGgZkM
http://ift.tt/2DliJ0N
Submitted March 13, 2018 at 06:44PM by volci
via reddit http://ift.tt/2FGgZkM
Threatpost | The first stop for security news
FireEye's Marina Krotofil On Triton and ICS Threats
At the Security Analyst Summit this year in Cancun, FireEye's Marina Krotofil talks about the Triton malware, first disclosed in December 2017, that targets industrial control systems.
When I used the password recovery function, I received my old password.
Hello,I am worried because the trading platform I am using, provided me with my old password when I used the password recovery. I thought that the passwords were encrypted and they cannot be restored. Is the fact that they have provided me with my password a sign of weak security and lack of encryption?
Submitted March 13, 2018 at 06:29PM by slickobro
via reddit http://ift.tt/2FzLHji
Hello,I am worried because the trading platform I am using, provided me with my old password when I used the password recovery. I thought that the passwords were encrypted and they cannot be restored. Is the fact that they have provided me with my password a sign of weak security and lack of encryption?
Submitted March 13, 2018 at 06:29PM by slickobro
via reddit http://ift.tt/2FzLHji
reddit
When I used the password recovery function, I... • r/security
Hello, I am worried because the trading platform I am using, provided me with my old password when I used the password recovery. I thought that...
TSA Accused of Searching Devices During Domestic Travel
http://ift.tt/2FOLpnS
Submitted March 13, 2018 at 07:29PM by nojohntrumbull
via reddit http://ift.tt/2Hs0MQz
http://ift.tt/2FOLpnS
Submitted March 13, 2018 at 07:29PM by nojohntrumbull
via reddit http://ift.tt/2Hs0MQz
Tom's Guide
TSA Accused of Searching Your Devices
There are a growing number of reports that the Transportation Security Administration (TSA) is searching electronic devices at security checkpoints for domestic flights within the United States.
Security In 5: Episode 192 - How Much Is Your Identity Worth On The Dark Web
http://ift.tt/2pcvyFt
Submitted March 13, 2018 at 07:58PM by BinaryBlog
via reddit http://ift.tt/2IqgGwc
http://ift.tt/2pcvyFt
Submitted March 13, 2018 at 07:58PM by BinaryBlog
via reddit http://ift.tt/2IqgGwc
Libsyn
Security In Five Podcast: Episode 192 - How Much Is Your Identity Worth On The Dark Web
When you identity is stolen one of two things will happen. The thief will use your information or they will sell it. The Dark Web is the place where the nefarious actions take place but do you know how much you digital life is actually worth? This episode…
IDN Homograph attack is back for some crypto
http://ift.tt/2FMv8js
Submitted March 13, 2018 at 09:19PM by jekapats
via reddit http://ift.tt/2tMl1GJ
http://ift.tt/2FMv8js
Submitted March 13, 2018 at 09:19PM by jekapats
via reddit http://ift.tt/2tMl1GJ
PhishAI
IDN Homograph Attack Is Back For Some Crypto | PhishAI
Homograph attacks are a decade-old problem. Last time it made headlines was just last week with the attack on Binanace Exchange and before that when security enthusiast, Xudong Zheng published a vulnerability in the way modern browsers handle domain names.…
Secunia PSI will be end-of-life on April 20 (2018)
http://ift.tt/2HyeW2K
Submitted March 13, 2018 at 09:06PM by retrodanny
via reddit http://ift.tt/2tHFqN9
http://ift.tt/2HyeW2K
Submitted March 13, 2018 at 09:06PM by retrodanny
via reddit http://ift.tt/2tHFqN9
Assessment Mindset - I hope this mindmap could be useful for the infosec community when doing pentesting, bug bounty and red-team assessments. Feel free to contribute.
http://ift.tt/2pbpY6n
Submitted March 13, 2018 at 08:35PM by s0pas
via reddit http://ift.tt/2IlNYwt
http://ift.tt/2pbpY6n
Submitted March 13, 2018 at 08:35PM by s0pas
via reddit http://ift.tt/2IlNYwt
GitHub
dsopas/assessment-mindset
assessment-mindset - I hope this mindmap could be useful for the infosec community when doing pentesting, bug bounty, red-team assessments, etc.
Severe Security Advisory on AMD Processors
https://amdflaws.com/
Submitted March 13, 2018 at 08:15PM by I_am_UNIX
via reddit http://ift.tt/2p4Xqwc
https://amdflaws.com/
Submitted March 13, 2018 at 08:15PM by I_am_UNIX
via reddit http://ift.tt/2p4Xqwc
reddit
Severe Security Advisory on AMD Processors • r/netsec
14 points and 8 comments so far on reddit
CCleaner Attackers Intended To Deploy Keylogger In Third Stage
http://ift.tt/2FxJrcj
Submitted March 13, 2018 at 09:02PM by EvanConover
via reddit http://ift.tt/2FDABWA
http://ift.tt/2FxJrcj
Submitted March 13, 2018 at 09:02PM by EvanConover
via reddit http://ift.tt/2FDABWA
Threatpost | The first stop for security news
CCleaner Attackers Intended To Deploy Keylogger In Third Stage
As investigations continue about the backdoor that was planted in CCleaner, Avast said it has found that the actors behind the attack were planning to install a third round of malware on compromised computers.
Phantom Secure is one of the most infamous companies in the secure phone industry. Sources and court documents detail that its owner has been arrested for allegedly helping criminal organizations.
http://ift.tt/2p4KRjl
Submitted March 13, 2018 at 09:53PM by GemmaJ123
via reddit http://ift.tt/2p7InAW
http://ift.tt/2p4KRjl
Submitted March 13, 2018 at 09:53PM by GemmaJ123
via reddit http://ift.tt/2p7InAW
Motherboard
Feds Bust CEO Allegedly Selling Custom BlackBerry Phones to Sinaloa Drug Cartel
Phantom Secure is one of the most infamous companies in the secure phone industry. Sources and court documents detail that its owner has been arrested for allegedly helping criminal organizations.
Researchers say AMD has a big chip security problem to solve
http://ift.tt/2DnyBQp
Submitted March 13, 2018 at 09:51PM by ScurfyBun
via reddit http://ift.tt/2In0tYv
http://ift.tt/2DnyBQp
Submitted March 13, 2018 at 09:51PM by ScurfyBun
via reddit http://ift.tt/2In0tYv
CNET
AMD has a Spectre/Meltdown-like security flaw of its own
Researchers find 13 vulnerabilities in AMD’s Ryzen and EPYC chips, which could let attackers install malware on highly guarded portions of the processor.
Public-facing websites that have an ECC cert?
Does anybody know of any public-facing websites protected by an ECC cert? Even the websites listed as references for ECC all seem to have RSA certs.
Submitted March 13, 2018 at 09:50PM by satyenshah
via reddit http://ift.tt/2p7IoF0
Does anybody know of any public-facing websites protected by an ECC cert? Even the websites listed as references for ECC all seem to have RSA certs.
Submitted March 13, 2018 at 09:50PM by satyenshah
via reddit http://ift.tt/2p7IoF0