Stealthy Dopant-Level Hardware Trojans
http://ift.tt/2phXkAE
Submitted March 16, 2018 at 07:33PM by al-maisan
via reddit http://ift.tt/2HDnKEi
http://ift.tt/2phXkAE
Submitted March 16, 2018 at 07:33PM by al-maisan
via reddit http://ift.tt/2HDnKEi
Brute forcing short URLs and targeting organisations to find highly confidential information
http://ift.tt/2tM6Xg8
Submitted March 16, 2018 at 07:23PM by eth0izzle
via reddit http://ift.tt/2Dyl2NW
http://ift.tt/2tM6Xg8
Submitted March 16, 2018 at 07:23PM by eth0izzle
via reddit http://ift.tt/2Dyl2NW
reddit
Brute forcing short URLs and targeting organisations to... • r/netsec
4 points and 0 comments so far on reddit
‘We Got to Be Cool About This‘: An Oral History of the L0pht, Part 1
http://ift.tt/2FuV0jy
Submitted March 16, 2018 at 08:27PM by YogiBerra88888
via reddit http://ift.tt/2phmFeM
http://ift.tt/2FuV0jy
Submitted March 16, 2018 at 08:27PM by YogiBerra88888
via reddit http://ift.tt/2phmFeM
Decipher
‘We Got to Be Cool About This‘: An Oral History of the L0pht, Part 1
Born from the Boston BBS scene of the 1980s, the L0pht emerged in the 1990s as one of the more influential hacker groups ever and helped spawn the security industry as we know it today.
To install or not to install
I am having an inner debate whether to install an app (Touch protector - https://play.google.com/store/apps/details?id=biz.obake.team.touchprotector) which would let me "do things while screen is off". This means e.g. playing youtube or video (just for its audio part) with a black screen and auto-blackening my screen when I put my phone into my pocket.The app needs 'no permissions', this means that it only has run at startup, control vibration and use fingerprinting device under all permissions. To use all the features, it is also needed to enable it as an accessibility service (permissions: it can observe what you type and monitor your actions). The app is from GPlay and has good (4.4) reviews. Some people asked about permissions and personal data handling and developers (from Japan) answered that no data theft is going on (of course) and accessibility is needed to block keys like 'Recent' etc.I would like to ask for your opinion, guys.
Submitted March 16, 2018 at 08:25PM by w00ck
via reddit http://ift.tt/2GyYlMK
I am having an inner debate whether to install an app (Touch protector - https://play.google.com/store/apps/details?id=biz.obake.team.touchprotector) which would let me "do things while screen is off". This means e.g. playing youtube or video (just for its audio part) with a black screen and auto-blackening my screen when I put my phone into my pocket.The app needs 'no permissions', this means that it only has run at startup, control vibration and use fingerprinting device under all permissions. To use all the features, it is also needed to enable it as an accessibility service (permissions: it can observe what you type and monitor your actions). The app is from GPlay and has good (4.4) reviews. Some people asked about permissions and personal data handling and developers (from Japan) answered that no data theft is going on (of course) and accessibility is needed to block keys like 'Recent' etc.I would like to ask for your opinion, guys.
Submitted March 16, 2018 at 08:25PM by w00ck
via reddit http://ift.tt/2GyYlMK
Who Is Afraid of More Spams and Scams?
http://ift.tt/2pjFWMo
Submitted March 16, 2018 at 08:21PM by volci
via reddit http://ift.tt/2FZr7rS
http://ift.tt/2pjFWMo
Submitted March 16, 2018 at 08:21PM by volci
via reddit http://ift.tt/2FZr7rS
reddit
Who Is Afraid of More Spams and Scams? • r/security
3 points and 0 comments so far on reddit
The Chrome extension that knows its you by the way you type
http://ift.tt/2FZWuTu
Submitted March 16, 2018 at 08:19PM by volci
via reddit http://ift.tt/2tUw8gM
http://ift.tt/2FZWuTu
Submitted March 16, 2018 at 08:19PM by volci
via reddit http://ift.tt/2tUw8gM
Naked Security
The Chrome extension that knows its you by the way you type
Using multi-factor authentication is more secure than relying on passwords alone – but could your typing make it even better?
Demystifying HTTPS
http://ift.tt/2FKLV33
Submitted March 16, 2018 at 09:13PM by starwindsoftware
via reddit http://ift.tt/2HDARW1
http://ift.tt/2FKLV33
Submitted March 16, 2018 at 09:13PM by starwindsoftware
via reddit http://ift.tt/2HDARW1
Starwindsoftware
Demystifying HTTPS | StarWind Blog
If you’re not using HTTPS now you really need to consider moving to it. HTTPS (unlike HTTP) guarantees that the data that was received is the data that was sent
RIP Adrian Lamo ...
His brother just posted on facebook he's passed.
Submitted March 16, 2018 at 09:05PM by caffeinedrinker
via reddit http://ift.tt/2HFmDUI
His brother just posted on facebook he's passed.
Submitted March 16, 2018 at 09:05PM by caffeinedrinker
via reddit http://ift.tt/2HFmDUI
reddit
RIP Adrian Lamo ... • r/security
His brother just posted on facebook he's passed.
Hacker Adrian Lamo dies at 37
http://ift.tt/2IvPuMz
Submitted March 16, 2018 at 10:46PM by hacktvist
via reddit http://ift.tt/2pkqcIj
http://ift.tt/2IvPuMz
Submitted March 16, 2018 at 10:46PM by hacktvist
via reddit http://ift.tt/2pkqcIj
ZDNet
Hacker Adrian Lamo dies at 37
The circumstances of Lamo's death are not yet known.
How much to charge for this job
A little backstory, a family friend owns a small business and just got hit from one of their customers with a security audit. The customer will cease any business going forward until they comply with all the findings of the auditor.My job will be to respond to the auditor with all fixes. Current security policies that are non existent:Access Control Policy,
Business Continuity Plan,Asset Management Policy,HR Security Policy,Network Security Policy,Encryption Policy,Antivirus Policy,Physical security policy,Risk management Policy,Change Management Policy/Procedures,and Data classification schemes (similar to asset management).
This seems like a lot of work but mainly it will consist of finding templates for all these policies on nist.com or something similar and then personalizing it for the company.A little background on me, I've been working in IT for 10 years or so and have 2 degrees in network administration and cyber-security so this is definitely in my wheel house. I've done similar exercises in school but this would be my first time doing it for a clientWhat is the going rate for consultant work in this regard? Do i charge per hour? Per endpoint? Per policy?I would think work of this nature would be around 70-120$/ hour?Located in California.Thank you ♥edit: formatting
Submitted March 16, 2018 at 11:11PM by pres3rvation
via reddit http://ift.tt/2HEj6G3
A little backstory, a family friend owns a small business and just got hit from one of their customers with a security audit. The customer will cease any business going forward until they comply with all the findings of the auditor.My job will be to respond to the auditor with all fixes. Current security policies that are non existent:Access Control Policy,
Business Continuity Plan,Asset Management Policy,HR Security Policy,Network Security Policy,Encryption Policy,Antivirus Policy,Physical security policy,Risk management Policy,Change Management Policy/Procedures,and Data classification schemes (similar to asset management).
This seems like a lot of work but mainly it will consist of finding templates for all these policies on nist.com or something similar and then personalizing it for the company.A little background on me, I've been working in IT for 10 years or so and have 2 degrees in network administration and cyber-security so this is definitely in my wheel house. I've done similar exercises in school but this would be my first time doing it for a clientWhat is the going rate for consultant work in this regard? Do i charge per hour? Per endpoint? Per policy?I would think work of this nature would be around 70-120$/ hour?Located in California.Thank you ♥edit: formatting
Submitted March 16, 2018 at 11:11PM by pres3rvation
via reddit http://ift.tt/2HEj6G3
reddit
How much to charge for this job • r/security
A little backstory, a family friend owns a small business and just got hit from one of their customers with a security audit. The customer will...
Top 5 ways I gained access to Your Corporate Wireless Network (Lo0tBo0ty KARMA edition)
http://ift.tt/2HGp5do
Submitted March 16, 2018 at 11:25PM by wootock
via reddit http://ift.tt/2pjj0wa
http://ift.tt/2HGp5do
Submitted March 16, 2018 at 11:25PM by wootock
via reddit http://ift.tt/2pjj0wa
Medium
Top Five Ways I gained access to Your Corporate Wireless Network (Lo0tBo0ty KARMA edition)
While performing penetration and red team services , I have always enjoyed the challenge of gaining access to a well fortified wireless…
GrayKey iPhone unlocker poses serious security concerns
http://ift.tt/2HyLklO
Submitted March 16, 2018 at 11:20PM by zexterio
via reddit http://ift.tt/2IvcwDb
http://ift.tt/2HyLklO
Submitted March 16, 2018 at 11:20PM by zexterio
via reddit http://ift.tt/2IvcwDb
Malwarebytes Labs
GrayKey iPhone unlocker poses serious security concerns - Malwarebytes Labs
GrayKey, an iPhone unlocker, is secretly being marketed to law enforcement. Thanks to an anonymous source, we now know how the device works—and the danger it presents to security.
Week 11 in Information Security, 2018
http://ift.tt/2DwDmqQ
Submitted March 17, 2018 at 12:19AM by undercomm
via reddit http://ift.tt/2pj4qFT
http://ift.tt/2DwDmqQ
Submitted March 17, 2018 at 12:19AM by undercomm
via reddit http://ift.tt/2pj4qFT
Malgregator
InfoSec Week 11, 2018
A cyberattack on a Saudi Arabian petrochemical company was probably planed with the physical explosion in mind. They have attributed...
IoT security warning: Cyber-attacks on medical devices could put patients at risk
http://ift.tt/2Du1FW8
Submitted March 17, 2018 at 12:06AM by EvanConover
via reddit http://ift.tt/2GBCOTu
http://ift.tt/2Du1FW8
Submitted March 17, 2018 at 12:06AM by EvanConover
via reddit http://ift.tt/2GBCOTu
ZDNet
IoT security warning: Cyber-attacks on medical devices could put patients at risk
More collaboration is needed in order to ensure internet-connected medical devices can't cause harm to patients, says research.
This alert from DHS/FBI on Russian intrusions into U.S. power companies is a good read if you are interested in how these kind of hacks are pulled off.
http://ift.tt/2hUJUXw
Submitted March 16, 2018 at 07:23AM by IUsedToBeACave
via reddit http://ift.tt/2IxTig7
http://ift.tt/2hUJUXw
Submitted March 16, 2018 at 07:23AM by IUsedToBeACave
via reddit http://ift.tt/2IxTig7
www.us-cert.gov
Advanced Persistent Threat Activity Targeting Energy and Other Critical Infrastructure Sectors
Since at least May 2017, threat actors have targeted government entities and the energy, water, aviation, nuclear, and critical manufacturing sectors, and, in some cases, have leveraged their capabilities to compromise victims’ networks. Historically, cyber…
Signature Spoofing Patcher for Android [Full Sources]
http://ift.tt/2fXAb1m
Submitted March 17, 2018 at 02:02AM by TechLord2
via reddit http://ift.tt/2pn5pUK
http://ift.tt/2fXAb1m
Submitted March 17, 2018 at 02:02AM by TechLord2
via reddit http://ift.tt/2pn5pUK
GitHub
Lanchon/haystack
haystack - Signature Spoofing Patcher for Android
Assassination Attempt on AMD by Viceroy Research & CTS Labs, AMD "Should Be $0"
http://ift.tt/2FETVmf
Submitted March 17, 2018 at 01:30AM by volci
via reddit http://ift.tt/2GzAAnD
http://ift.tt/2FETVmf
Submitted March 17, 2018 at 01:30AM by volci
via reddit http://ift.tt/2GzAAnD
www.gamersnexus.net
Assassination Attempt on AMD by Viceroy Research & CTS Labs, AMD 'Should Be $0' | GamersNexus - Gaming PC Builds & Hardware Benchmarks
There are roots in legitimacy here, but as we dug deep into the origins of the companies involved in this new hit piece on AMD, we found peculiar financial connections that make us question the motive behind the reportage.
Ex-Hacker Adrian Lamo Dies at Age 37 - RIP
http://ift.tt/2HDW8Pn
Submitted March 17, 2018 at 01:27AM by alessiodelv
via reddit http://ift.tt/2DzgCq2
http://ift.tt/2HDW8Pn
Submitted March 17, 2018 at 01:27AM by alessiodelv
via reddit http://ift.tt/2DzgCq2
The Hacker News
Ex-Hacker Adrian Lamo Dies at Age 37
Former Hacker Adrian Lamo, Who Turned In Wikileaks Informant Chelsea Manning (then Bradley Manning) to the FBI, Dies at 37.
Assassination Attempt on AMD by Viceroy Research & CTS Labs
https://youtu.be/ZZ7H1WTqaeo
Submitted March 17, 2018 at 02:36AM by -Argih
via reddit http://ift.tt/2FJpMGI
https://youtu.be/ZZ7H1WTqaeo
Submitted March 17, 2018 at 02:36AM by -Argih
via reddit http://ift.tt/2FJpMGI
YouTube
Assassination Attempt on AMD by Viceroy Research & CTS Labs
We delve into a security issue presented by CTS Labs and Viceroy Research, who jointly paint AMD in a much more negative light than we think fair.
Ad: Buy the Thermaltake View 71 on Amazon (https://goo.gl/XeV1Vu)
READ THE Article: https://www.gamersnexu…
Ad: Buy the Thermaltake View 71 on Amazon (https://goo.gl/XeV1Vu)
READ THE Article: https://www.gamersnexu…
Microsoft password length.
Hello,I have a pretty long password for my Microsoft account. It is more that 40 characters.However, someone mentioned to me that the maximum password length is 38 characters, can anyone confirm this?If this is the case, why am i able to login with a longer password, or is it the case that the service would ignore characters 39 and above?Any help would be appreciated.
Submitted March 17, 2018 at 06:02AM by Bango-Fett
via reddit http://ift.tt/2pkFDAd
Hello,I have a pretty long password for my Microsoft account. It is more that 40 characters.However, someone mentioned to me that the maximum password length is 38 characters, can anyone confirm this?If this is the case, why am i able to login with a longer password, or is it the case that the service would ignore characters 39 and above?Any help would be appreciated.
Submitted March 17, 2018 at 06:02AM by Bango-Fett
via reddit http://ift.tt/2pkFDAd
reddit
Microsoft password length. • r/security
Hello, I have a pretty long password for my Microsoft account. It is more that 40 characters. However, someone mentioned to me that the...
Microsoft password length.
Hello,I have a pretty long password for my Microsoft account. It is more that 40 characters.However, someone mentioned to me that the maximum password length is 38 characters, can anyone confirm this?If this is the case, why am i able to login with a longer password, or is it the case that the service would ignore characters 39 and above?Any help would be appreciated.
Submitted March 17, 2018 at 06:02AM by Bango-Fett
via reddit http://ift.tt/2pkFDAd
Hello,I have a pretty long password for my Microsoft account. It is more that 40 characters.However, someone mentioned to me that the maximum password length is 38 characters, can anyone confirm this?If this is the case, why am i able to login with a longer password, or is it the case that the service would ignore characters 39 and above?Any help would be appreciated.
Submitted March 17, 2018 at 06:02AM by Bango-Fett
via reddit http://ift.tt/2pkFDAd
reddit
Microsoft password length. • r/security
Hello, I have a pretty long password for my Microsoft account. It is more that 40 characters. However, someone mentioned to me that the...