You Can Hack Almost Any Smart Device With A Google Search
http://ift.tt/2pfoxUj
Submitted March 15, 2018 at 01:15PM by Iot_Security
via reddit http://ift.tt/2pf9IBa
http://ift.tt/2pfoxUj
Submitted March 15, 2018 at 01:15PM by Iot_Security
via reddit http://ift.tt/2pf9IBa
Co.Design
You Can Hack Almost Any Smart Device With A Google Search
A simple design change can fix the Internet-of-Things’ biggest security hole.
Jewelry site accidentally leaks personal details (and plaintext passwords!) of 1.3M users
http://ift.tt/2Gq6qmM
Submitted March 15, 2018 at 12:43PM by boppinmule
via reddit http://ift.tt/2pduQI4
http://ift.tt/2Gq6qmM
Submitted March 15, 2018 at 12:43PM by boppinmule
via reddit http://ift.tt/2pduQI4
The Next Web
Jewelry site accidentally leaks personal details (and plaintext passwords!) of 1.3M users
Few people are familiar with the Chicago-based MBM Company, Inc, but perhaps you might be familiar with its jewelry brand Limogés Jewelry. This firm sells cut-price trinkets through its website to customers across the US and Canada. Researchers from German…
Looking beyond “basic security” in IoT
http://ift.tt/2IqX8rp
Submitted March 15, 2018 at 02:25PM by Iot_Security
via reddit http://ift.tt/2pflQSV
http://ift.tt/2IqX8rp
Submitted March 15, 2018 at 02:25PM by Iot_Security
via reddit http://ift.tt/2pflQSV
SecuriThings
Looking beyond “basic security” in IoT
Convenient and secure, the Internet of Things (IoT) is a collection of devices that offer operational efficiency, cost savings, energy savings and more. But, everything comes at a cost. [...]
[X-post r/business] Equifax: Former executive charged with pre-data breach insider trading
http://ift.tt/2Hz8tEJ
Submitted March 15, 2018 at 03:34PM by GemmaJ123
via reddit http://ift.tt/2Dunwga
http://ift.tt/2Hz8tEJ
Submitted March 15, 2018 at 03:34PM by GemmaJ123
via reddit http://ift.tt/2Dunwga
Business Insider
A former Equifax executive has been charged with insider trading for selling shares before the company's massive data breach was…
Jun Ying, who was next in line to be Equifax's global chief information officer, made almost $1 million on the trades, according to an SEC complaint.
Top Firefox extensions can hide silent malware using easy pre-fab tool
http://ift.tt/1V3i7mE
Submitted March 15, 2018 at 04:56PM by piisfour
via reddit http://ift.tt/2FEu4iB
http://ift.tt/1V3i7mE
Submitted March 15, 2018 at 04:56PM by piisfour
via reddit http://ift.tt/2FEu4iB
www.theregister.co.uk
Top Firefox extensions can hide silent malware using easy pre-fab tool
The fix? No patch, just destroy all extensions.
#Hacking #iot devices is easier than ever with #shodan new Internet Exposure Dashboard #IoTSecurity
http://ift.tt/2Gvgn2z
Submitted March 15, 2018 at 05:38PM by Iot_Security
via reddit http://ift.tt/2DtPedj
http://ift.tt/2Gvgn2z
Submitted March 15, 2018 at 05:38PM by Iot_Security
via reddit http://ift.tt/2DtPedj
Icebreaker: From outside AD to domain admin in one command
http://ift.tt/2DAA3QT
Submitted March 15, 2018 at 05:29PM by coalfirelabs
via reddit http://ift.tt/2FT30v8
http://ift.tt/2DAA3QT
Submitted March 15, 2018 at 05:29PM by coalfirelabs
via reddit http://ift.tt/2FT30v8
GitHub
DanMcInerney/icebreaker
icebreaker - Gets plaintext Active Directory credentials if you're on the internal network but outside the AD environment
Security In 5: Episode 195 - The Faces Of Your Insider Threats
http://ift.tt/2tORSdM
Submitted March 15, 2018 at 06:37PM by BinaryBlog
via reddit http://ift.tt/2GvHWc1
http://ift.tt/2tORSdM
Submitted March 15, 2018 at 06:37PM by BinaryBlog
via reddit http://ift.tt/2GvHWc1
Libsyn
Security In Five Podcast: Episode 195 - The Faces Of Your Insider Threats
Insider threats is a common phrase and most people associate it to a single type of person. The malicious individual intent to do harm. This is not the case, inside threats have many faces. This episode goes through the different type of insider threats and…
How secure are home assistants like Amazon Echo and Google Home?
No text found
Submitted March 15, 2018 at 06:33PM by mscaff
via reddit http://ift.tt/2tT1VP8
No text found
Submitted March 15, 2018 at 06:33PM by mscaff
via reddit http://ift.tt/2tT1VP8
reddit
How secure are home assistants like Amazon Echo and... • r/security
1 points and 0 comments so far on reddit
A Cyberattack in Saudi Arabia Had a Deadly Goal. Experts Fear Another Try.
http://ift.tt/2HBvFCe
Submitted March 15, 2018 at 06:33PM by joey_php
via reddit http://ift.tt/2FVdH09
http://ift.tt/2HBvFCe
Submitted March 15, 2018 at 06:33PM by joey_php
via reddit http://ift.tt/2FVdH09
Nytimes
A Cyberattack in Saudi Arabia Had a Deadly Goal. Experts Fear Another Try.
Petrochemical companies were hit by a series of cyberassaults last year. The worst of them, against a widely used safety system, could have set off an explosion.
Analyzing VPC flow logs
http://ift.tt/2FSZ1P5
Submitted March 15, 2018 at 06:46PM by tech-tramp
via reddit http://ift.tt/2HAjJ3s
http://ift.tt/2FSZ1P5
Submitted March 15, 2018 at 06:46PM by tech-tramp
via reddit http://ift.tt/2HAjJ3s
TotalCloud Blog
Analyze VPC flow logs | Security | Performance - TotalCloud Blog
The VPC flow logs capture important information about the IP traffic to and from network interfaces, subnets and VPCs in the AWS infrastructure. They are used to monitor security by tracking traffic reaching and leaving the resources(instance, databases,…
Flash, Windows Users: It’s Time to Patch
http://ift.tt/2FPu5PF
Submitted March 15, 2018 at 08:08PM by volci
via reddit http://ift.tt/2peDC8G
http://ift.tt/2FPu5PF
Submitted March 15, 2018 at 08:08PM by volci
via reddit http://ift.tt/2peDC8G
reddit
Flash, Windows Users: It’s Time to Patch • r/security
1 points and 1 comments so far on reddit
How do I secure an Amazon Echo, and secure my network and privacy from it?
I’ve just purchased my parents an Amazon Echo however, as most people are, I’m concerned with the level of privacy these units respect.I plan to sign up to Amazon with a dummy email, there will be no smart devices, no locks, no lights, the Echo will just be used to assist my parents with quick info etc.My question is, what can I do to improve the security of the device and my household, whilst retaining my right to privacy?I’d really like to be able to set a schedule for when the microphone is activated, is that a thing?Note: I use pfSense with a managed UniFi switch and AC Pro’s - the plan is to build an IoT network VLANd off from the rest of my network, and I was also considering time-based firewall rules to ensure Alexa can’t talk outside my network after 12 for example.
Submitted March 15, 2018 at 08:05PM by mscaff
via reddit http://ift.tt/2IuiDHF
I’ve just purchased my parents an Amazon Echo however, as most people are, I’m concerned with the level of privacy these units respect.I plan to sign up to Amazon with a dummy email, there will be no smart devices, no locks, no lights, the Echo will just be used to assist my parents with quick info etc.My question is, what can I do to improve the security of the device and my household, whilst retaining my right to privacy?I’d really like to be able to set a schedule for when the microphone is activated, is that a thing?Note: I use pfSense with a managed UniFi switch and AC Pro’s - the plan is to build an IoT network VLANd off from the rest of my network, and I was also considering time-based firewall rules to ensure Alexa can’t talk outside my network after 12 for example.
Submitted March 15, 2018 at 08:05PM by mscaff
via reddit http://ift.tt/2IuiDHF
reddit
How do I secure an Amazon Echo, and secure my network... • r/security
I’ve just purchased my parents an Amazon Echo however, as most people are, I’m concerned with the level of privacy these units respect. I plan to...
Sources for Threats to IT and Hosting Providers
Does anyone know of any literature or sources that shed some light on threats within the IT industry for IT support and hosting providers? Anything from statistics to news articles would be appreciated. Thanks in advance.
Submitted March 15, 2018 at 08:28PM by wrec_
via reddit http://ift.tt/2Gwa8vd
Does anyone know of any literature or sources that shed some light on threats within the IT industry for IT support and hosting providers? Anything from statistics to news articles would be appreciated. Thanks in advance.
Submitted March 15, 2018 at 08:28PM by wrec_
via reddit http://ift.tt/2Gwa8vd
reddit
Sources for Threats to IT and Hosting Providers • r/security
Does anyone know of any literature or sources that shed some light on threats within the IT industry for IT support and hosting providers?...
DFIR - extracting timestamps of open network connections in usermode
http://ift.tt/2tMoWmY
Submitted March 15, 2018 at 09:10PM by hadar0x
via reddit http://ift.tt/2pgUBqS
http://ift.tt/2tMoWmY
Submitted March 15, 2018 at 09:10PM by hadar0x
via reddit http://ift.tt/2pgUBqS
Illusivenetworks
Why and How to Extract Network Connection Timestamps for DFIR Investigations
For as long as I have been doing forensics, or more specifically, live response, there has been a lot of value in reviewing a Windows system’s network connections during an investigation. In this blog I introduce the importance of extracting an unfamiliar…
Critical Infrastructure Security & Protection Services in Wyoming
http://ift.tt/2Gx63qK
Submitted March 15, 2018 at 10:45PM by burris123
via reddit http://ift.tt/2tV3QD0
http://ift.tt/2Gx63qK
Submitted March 15, 2018 at 10:45PM by burris123
via reddit http://ift.tt/2tV3QD0
Burris Security
Best Critical Infrastructure Security & Protection Services Wyoming
Burris Security Services has great deal of experience managing protective force operations for governments and multinational corporations. It employs highly-trained experts in counter-terrorism, special operations, training, weapons, explosives, security…
VPN Providers HotSpot Shield, Pure VPN, & Zenmate are leaking your IP
http://ift.tt/2tMrMrU
Submitted March 15, 2018 at 10:40PM by timmyRS
via reddit http://ift.tt/2GwwHQA
http://ift.tt/2tMrMrU
Submitted March 15, 2018 at 10:40PM by timmyRS
via reddit http://ift.tt/2GwwHQA
The Hacker News
Warning – 3 Popular VPN Services Are Leaking Your IP Address
3 Popular VPN Services—HotSpot Shield, PureVPN, and Zenmate—Are Leaking Your IP Address And Online Activities
This is gonna be fun. Couldn't have got a cooler intro to Metasploit. Time to wake up
http://ift.tt/2tS5AwE
Submitted March 15, 2018 at 09:55PM by thematrix1001
via reddit http://ift.tt/2FYdzNy
http://ift.tt/2tS5AwE
Submitted March 15, 2018 at 09:55PM by thematrix1001
via reddit http://ift.tt/2FYdzNy
Aggressive password policy: When your security turns against you.
http://ift.tt/2GwmTpP
Submitted March 15, 2018 at 10:44PM by alex91ar
via reddit http://ift.tt/2Dt8R56
http://ift.tt/2GwmTpP
Submitted March 15, 2018 at 10:44PM by alex91ar
via reddit http://ift.tt/2Dt8R56
Medium
Aggressive password policy: When your security turns against you.
Say you have an application on a pentesting gig. Say that application has a special “Recover your account” routine, which includes…
Mining Mimecast: brute forcing your way to success
http://ift.tt/2tM6Xg8
Submitted March 15, 2018 at 10:33PM by eth0izzle
via reddit http://ift.tt/2FVUz25
http://ift.tt/2tM6Xg8
Submitted March 15, 2018 at 10:33PM by eth0izzle
via reddit http://ift.tt/2FVUz25
MikroTik RouterOS SMB Buffer Overflow (unauthenticated RCE)
http://ift.tt/2GvIRcm
Submitted March 15, 2018 at 10:48PM by pepit0r
via reddit http://ift.tt/2FLz5Sd
http://ift.tt/2GvIRcm
Submitted March 15, 2018 at 10:48PM by pepit0r
via reddit http://ift.tt/2FLz5Sd
Core Security
MikroTik RouterOS SMB Buffer Overflow
1. Advisory InformationTitle: MikroTik RouterOS SMB Buffer OverflowAdvisory ID: CORE-2018-0003Advisory URL: http://www.coresecurity.com/advisories/mikrotik-routeros-smb-buffer-overflowDate published: 2018-03-15Date of last update: 2018-03-15Vendors contacted:…