CCleaner Attackers Intended To Deploy Keylogger In Third Stage
http://ift.tt/2FxJrcj
Submitted March 13, 2018 at 09:02PM by EvanConover
via reddit http://ift.tt/2FDABWA
http://ift.tt/2FxJrcj
Submitted March 13, 2018 at 09:02PM by EvanConover
via reddit http://ift.tt/2FDABWA
Threatpost | The first stop for security news
CCleaner Attackers Intended To Deploy Keylogger In Third Stage
As investigations continue about the backdoor that was planted in CCleaner, Avast said it has found that the actors behind the attack were planning to install a third round of malware on compromised computers.
Phantom Secure is one of the most infamous companies in the secure phone industry. Sources and court documents detail that its owner has been arrested for allegedly helping criminal organizations.
http://ift.tt/2p4KRjl
Submitted March 13, 2018 at 09:53PM by GemmaJ123
via reddit http://ift.tt/2p7InAW
http://ift.tt/2p4KRjl
Submitted March 13, 2018 at 09:53PM by GemmaJ123
via reddit http://ift.tt/2p7InAW
Motherboard
Feds Bust CEO Allegedly Selling Custom BlackBerry Phones to Sinaloa Drug Cartel
Phantom Secure is one of the most infamous companies in the secure phone industry. Sources and court documents detail that its owner has been arrested for allegedly helping criminal organizations.
Researchers say AMD has a big chip security problem to solve
http://ift.tt/2DnyBQp
Submitted March 13, 2018 at 09:51PM by ScurfyBun
via reddit http://ift.tt/2In0tYv
http://ift.tt/2DnyBQp
Submitted March 13, 2018 at 09:51PM by ScurfyBun
via reddit http://ift.tt/2In0tYv
CNET
AMD has a Spectre/Meltdown-like security flaw of its own
Researchers find 13 vulnerabilities in AMD’s Ryzen and EPYC chips, which could let attackers install malware on highly guarded portions of the processor.
Public-facing websites that have an ECC cert?
Does anybody know of any public-facing websites protected by an ECC cert? Even the websites listed as references for ECC all seem to have RSA certs.
Submitted March 13, 2018 at 09:50PM by satyenshah
via reddit http://ift.tt/2p7IoF0
Does anybody know of any public-facing websites protected by an ECC cert? Even the websites listed as references for ECC all seem to have RSA certs.
Submitted March 13, 2018 at 09:50PM by satyenshah
via reddit http://ift.tt/2p7IoF0
Firefox turns out the lights on two privacy-sucking features
http://ift.tt/2p8ViCI
Submitted March 13, 2018 at 10:19PM by volci
via reddit http://ift.tt/2GmKpW1
http://ift.tt/2p8ViCI
Submitted March 13, 2018 at 10:19PM by volci
via reddit http://ift.tt/2GmKpW1
Naked Security
Firefox turns out the lights on two privacy-sucking features
Thanks to some illuminating privacy research, it’s “lights out” for another pair of esoteric APIs.
Warning! Spreading crypto mining malware!
http://ift.tt/2p89xIQ
Submitted March 13, 2018 at 10:12PM by tomasstatkus
via reddit http://ift.tt/2DmZdkv
http://ift.tt/2p89xIQ
Submitted March 13, 2018 at 10:12PM by tomasstatkus
via reddit http://ift.tt/2DmZdkv
Reviewedbypro
Rapidly spreading crypto-mining malware infected 500,000 machines
A rapidly spreading cryptocurrency mining malware infected nearly 500,000 Microsoft Windows PCs in just 12 hours time period. The cryptocurrency mining malware also known as
Bypassing Payments Using Webhooks
http://ift.tt/2tOSGQ4
Submitted March 13, 2018 at 10:32PM by cablej
via reddit http://ift.tt/2FBanYH
http://ift.tt/2tOSGQ4
Submitted March 13, 2018 at 10:32PM by cablej
via reddit http://ift.tt/2FBanYH
lightningsecurity.io
Bypassing Payments Using Webhooks
Metta: Uber’s Open Source Tool for Adversarial Simulation
http://ift.tt/2FFM87N
Submitted March 13, 2018 at 10:07PM by mubix
via reddit http://ift.tt/2paMeOk
http://ift.tt/2FFM87N
Submitted March 13, 2018 at 10:07PM by mubix
via reddit http://ift.tt/2paMeOk
Medium
Introducing Metta: Uber’s Open Source Tool for Adversarial Simulation
Chris Gates, Senior Security Engineer
Reverse Engineering a Self-Modifying Binary with radare2
http://ift.tt/2tO9Ux4
Submitted March 13, 2018 at 10:06PM by Megabeets
via reddit http://ift.tt/2FRDIO0
http://ift.tt/2tO9Ux4
Submitted March 13, 2018 at 10:06PM by Megabeets
via reddit http://ift.tt/2FRDIO0
Megabeets
Reversing a Self-Modifying Binary with radare2
This is how I used radare2 to solve a self-modifying binary challenge from r2con 2017. This is a radare2 tutorial for advanced users. Don't miss my series of articles for beginners.
March's Patch Tuesday update will fix a critical vulnerability in Microsoft Remote Desktop Protocol
http://ift.tt/2HwKPsv
Submitted March 13, 2018 at 10:42PM by BengaliKyd
via reddit http://ift.tt/2tOwd5o
http://ift.tt/2HwKPsv
Submitted March 13, 2018 at 10:42PM by BengaliKyd
via reddit http://ift.tt/2tOwd5o
On MSFT
March’s Patch Tuesday update will fix a critical vulnerability in Microsoft Remote Desktop Protocol
This month's Patch Tuesday update will fix a critical vulnerability in Microsoft's Remote Desktop Protocol affecting all PCs running Windows Vista and newer. The vulnerability allows attackers to exploit remote desktop and Windows remote management to run…
The Java Soothsayer: A practical application for insecure randomness (With free 0day).
http://ift.tt/2In4j3R
Submitted March 13, 2018 at 10:23PM by alex91ar
via reddit http://ift.tt/2IqnslA
http://ift.tt/2In4j3R
Submitted March 13, 2018 at 10:23PM by alex91ar
via reddit http://ift.tt/2IqnslA
Medium
The Java Soothsayer: A practical application for insecure randomness. (Includes free 0day)
As a pentester is quite usual that for several reasons one might not find as many shiny beautiful critical bugs as one might want to. Some…
Diamorphine + Hideusage fork. Kernel rootkit to spoof system load and load averages.
http://ift.tt/2HxJVMd
Submitted March 13, 2018 at 10:33PM by alex91ar
via reddit http://ift.tt/2p8j8PQ
http://ift.tt/2HxJVMd
Submitted March 13, 2018 at 10:33PM by alex91ar
via reddit http://ift.tt/2p8j8PQ
GitHub
alex91ar/Diamorphine
Diamorphine - LKM rootkit for Linux Kernels 2.6.x/3.x/4.x
Reversing a Self-Modifying Binary with radare2
http://ift.tt/2p9dxsF
Submitted March 13, 2018 at 11:37PM by TechLord2
via reddit http://ift.tt/2tLNaO4
http://ift.tt/2p9dxsF
Submitted March 13, 2018 at 11:37PM by TechLord2
via reddit http://ift.tt/2tLNaO4
Megabeets
Reversing a Self-Modifying Binary with radare2
This is how I used radare2 to solve a self-modifying binary challenge from r2con 2017. This is a radare2 tutorial for advanced users. Don't miss my series of articles for beginners.
We're Making 12 Million Sensitive URLs Available for Download
http://ift.tt/2pck6tr
Submitted March 13, 2018 at 11:33PM by cwings
via reddit http://ift.tt/2FvHLA2
http://ift.tt/2pck6tr
Submitted March 13, 2018 at 11:33PM by cwings
via reddit http://ift.tt/2FvHLA2
6 digit PINs and the usefulness of password restrictions
http://ift.tt/2tIX2YR
Submitted March 14, 2018 at 12:46AM by OrdisLux
via reddit http://ift.tt/2Gpsvlo
http://ift.tt/2tIX2YR
Submitted March 14, 2018 at 12:46AM by OrdisLux
via reddit http://ift.tt/2Gpsvlo
Medium
Response to
Last month Troy Hunt released Pwned Passwords V2, a list of 500 million hashed passwords together with how often these are used¹. I then…
Reverse engineering of Mikrotik exploit from Vault 7 CIA Leaks [Working PoC (Full Sources) and PDF Article - See Comment]
http://ift.tt/2mhlUjz
Submitted March 13, 2018 at 11:46PM by TechLord2
via reddit http://ift.tt/2DoPytM
http://ift.tt/2mhlUjz
Submitted March 13, 2018 at 11:46PM by TechLord2
via reddit http://ift.tt/2DoPytM
GitHub
BigNerd95/Chimay-Red
Chimay-Red - Working POC of Mikrotik exploit from Vault 7 CIA Leaks
Analysis of a Kubernetes hack -- Backdooring through kubelet
http://ift.tt/2GoAmzO
Submitted March 14, 2018 at 01:35AM by jc_sec
via reddit http://ift.tt/2GoP9dD
http://ift.tt/2GoAmzO
Submitted March 14, 2018 at 01:35AM by jc_sec
via reddit http://ift.tt/2GoP9dD
Medium
Analysis of a Kubernetes hack — Backdooring through kubelet
Unless you’ve been living under a rock for the past three years, you’ve probably heard about Kubernetes. At Handy, our infrastructure is…
CVE 2018-1057: Authenticated [Samba] users can change other users' password
http://ift.tt/2In1pvO
Submitted March 14, 2018 at 01:27AM by FUS_ROH_yay
via reddit http://ift.tt/2Dpkx8T
http://ift.tt/2In1pvO
Submitted March 14, 2018 at 01:27AM by FUS_ROH_yay
via reddit http://ift.tt/2Dpkx8T
OCEANLOTUS: OLD TECHNIQUES, NEW BACKDOOR [PDF]
http://ift.tt/2FDYAoA
Submitted March 13, 2018 at 11:54PM by TechLord2
via reddit http://ift.tt/2FxD74w
http://ift.tt/2FDYAoA
Submitted March 13, 2018 at 11:54PM by TechLord2
via reddit http://ift.tt/2FxD74w
Researchers Say AMD Processors Have Serious Vulnerabilities and Backdoors
http://ift.tt/2FT8mGO
Submitted March 14, 2018 at 01:36AM by TaviRider
via reddit http://ift.tt/2Hwhcr4
http://ift.tt/2FT8mGO
Submitted March 14, 2018 at 01:36AM by TaviRider
via reddit http://ift.tt/2Hwhcr4
Motherboard
Researchers Say AMD Processors Have Serious Vulnerabilities and Backdoors
Security researchers announced a series of 13 vulnerabilities within AMD’s RYZEN and EPYC processors that could make some data breaches even worse.
Let's Encrypt ACME v2 and Wildcard Certificate Support is Live!
http://ift.tt/2GoXBtF
Submitted March 13, 2018 at 10:47PM by gvarisco
via reddit http://ift.tt/2HwPE4M
http://ift.tt/2GoXBtF
Submitted March 13, 2018 at 10:47PM by gvarisco
via reddit http://ift.tt/2HwPE4M
Let's Encrypt Community Support
ACME v2 and Wildcard Certificate Support is Live
We’re pleased to announce that ACMEv2 and wildcard certificate support is live! With today’s new features we’re continuing to break down barriers for HTTPS adoption across the Web by making it even easier for every website to get and manage certificates.…