Reverse engineering of Mikrotik exploit from Vault 7 CIA Leaks [Working PoC (Full Sources) and PDF Article - See Comment]
http://ift.tt/2mhlUjz

Submitted March 13, 2018 at 11:46PM by TechLord2
via reddit http://ift.tt/2DoPytM

Analysis of a Kubernetes hack -- Backdooring through kubelet
http://ift.tt/2GoAmzO

Submitted March 14, 2018 at 01:35AM by jc_sec
via reddit http://ift.tt/2GoP9dD

CVE 2018-1057: Authenticated [Samba] users can change other users' password
http://ift.tt/2In1pvO

Submitted March 14, 2018 at 01:27AM by FUS_ROH_yay
via reddit http://ift.tt/2Dpkx8T

OCEANLOTUS: OLD TECHNIQUES, NEW BACKDOOR [PDF]
http://ift.tt/2FDYAoA

Submitted March 13, 2018 at 11:54PM by TechLord2
via reddit http://ift.tt/2FxD74w

Researchers Say AMD Processors Have Serious Vulnerabilities and Backdoors
http://ift.tt/2FT8mGO

Submitted March 14, 2018 at 01:36AM by TaviRider
via reddit http://ift.tt/2Hwhcr4

Let's Encrypt ACME v2 and Wildcard Certificate Support is Live!
http://ift.tt/2GoXBtF

Submitted March 13, 2018 at 10:47PM by gvarisco
via reddit http://ift.tt/2HwPE4M

Frida 10.7 is out with full support for the Electra jailbreak on iOS 11
http://ift.tt/2InLq0T

Submitted March 14, 2018 at 02:22AM by oleavr
via reddit http://ift.tt/2pfyUYy

Visual Basic GUI: A Tool to Inject Keystrokes on a SSH Client via an X11 Forwarded Session
http://ift.tt/2pfDB4C

Submitted March 14, 2018 at 03:12AM by pergnib
via reddit http://ift.tt/2DqoEBr

Here's a List of 29 Different Types of USB Attacks
http://ift.tt/2pbb3ZR

Submitted March 14, 2018 at 03:55AM by Iot_Security
via reddit http://ift.tt/2p9Kjtz

MWC2018 – Digital Security Roundup
http://ift.tt/2FoJ5oj

Submitted March 14, 2018 at 03:41AM by Iot_Security
via reddit http://ift.tt/2p9AbAT

Madison Square Garden Has Used Face-Scanning Technology on Customers
http://ift.tt/2FuH2iy

Submitted March 14, 2018 at 03:40AM by NetAbel
via reddit http://ift.tt/2HvnkQk

Security In 5: Episode 193 - All Oculus Headsets Have Been Rendered Useless, A Study In Poor Certificate Management
http://ift.tt/2Hx755s

Submitted March 14, 2018 at 02:28AM by BinaryBlog
via reddit http://ift.tt/2FQrmWl

Yahoo Judge Lets Hack Victims Seek Payback for Data Breaches
http://ift.tt/2Go8rQq

Submitted March 14, 2018 at 04:06AM by NetAbel
via reddit http://ift.tt/2GoHV9H

Rate my security setup out of 10 🔒
Hello, i have just recently buffed my digital security across various accounts and was wondering if anyone here could have a look at what i have set up so far and tell me if there is anything i could improve on. I decided to make these updates after an attempt was made on one of my accounts. I have 3 main important accounts such as email ect accounts and 10 lesser accounts.My security is as follows:3 main accounts: 30+ character passwords comprising of different phrases and numbers/characters mixed in randomly. 2FA using either sms or authenticator app. Various devices setup. Backup recovery email address never used unless for recovery also with 2FA Backup codes setup everywhere.10+lesser accounts: 16+ character passwords same setup as above 2FA where provided Backup codes where providedIn addition: None off my passwords are the same, all are long and complex All my privacy settings for accounts are as private as possible I delete cookies and history regularly No passwords or bank details saved on websites All passwords are memorised and have them self encrypted written down in a safe in my house just incase My mobile company have verbal passwords and pin set up for customer service.Please let me know if there are any gaps in my security or if there are any areas i could improve.Cheers.

Submitted March 14, 2018 at 05:17AM by Bango-Fett
via reddit http://ift.tt/2HyYhMh

Malware over SSL
So we're looking at SSL visibility tools and we're questioning the value of them. When I do research on the threat, I see almost exclusively ZScaler written or referenced articles, which makes me think that it's just them pushing an agenda. When I think about how malware over ssl would work, the only way I can think it would work is if somehow the actual website was infected and was serving up malware with an intact cert.People have suggested that the malware could come in via advertisements or as an email attachment with a https reference, but that has me confused because most advertising I've seen is either http traffic, or has a valid SSL cert (which again means that the serving website must have been hacked). The only other way I can think of that malware via SSL would work is if the bad guys actually managed to register a cert that was widely trusted - but one would think that wouldn't last too long before someone revoked it.Can someone fill me in on what I'm missing here?Thanks.

Submitted March 14, 2018 at 05:10AM by Never_Been_Missed
via reddit http://ift.tt/2FMDWWL

Firefox Gets Privacy Boost By Disabling Proximity and Ambient Light Sensor APIs
http://ift.tt/2tDXuYq

Submitted March 14, 2018 at 05:04AM by AstuteJudo
via reddit http://ift.tt/2FINazG

Network Segmentation Needs to Evolve
http://ift.tt/2EvrEOj

Submitted March 14, 2018 at 04:39AM by SecurityTrust
via reddit http://ift.tt/2FFKfYS

Using FRIDA to bypass the Android 7+ Network Security Configuration feature
http://ift.tt/2FvcfSV

Submitted March 14, 2018 at 08:05AM by numberbuzy
via reddit http://ift.tt/2tKJ5tt

5 Myths About Socks Proxies
http://ift.tt/2pczmqo

Submitted March 14, 2018 at 11:52AM by Lime_proxies
via reddit http://ift.tt/2IqY8LZ

Five Important elements to keep in mind about Data Security
https://www.youtube.com/watch?v=3CPyJok77Oo&feature=youtu.be

Submitted March 14, 2018 at 11:30AM by grogerysolberg
via reddit http://ift.tt/2pczndW

.files, including ~/.macos — sensible hacker defaults for macOS
http://ift.tt/HGOPAC

Submitted March 14, 2018 at 01:05PM by _0x7f_
via reddit http://ift.tt/2pat5MK