Session side jacking | sniffing unencrypted traffic
http://ift.tt/2tRbNc9
Submitted March 19, 2018 at 05:12PM by Hardbeattt
via reddit http://ift.tt/2G7QzLY
http://ift.tt/2tRbNc9
Submitted March 19, 2018 at 05:12PM by Hardbeattt
via reddit http://ift.tt/2G7QzLY
Secapps
Session Side Jacking
Security In 5: Episode 197 - At This Point Don't Use Any Facebook Security Products
http://ift.tt/2G5vSjT
Submitted March 19, 2018 at 06:31PM by BinaryBlog
via reddit http://ift.tt/2HOdNnQ
http://ift.tt/2G5vSjT
Submitted March 19, 2018 at 06:31PM by BinaryBlog
via reddit http://ift.tt/2HOdNnQ
Libsyn
Security In Five Podcast: Episode 197 - At This Point Don't Use Any Facebook Security Products
Facebook released, then pulled back, another security product through their Onavo arm that siphoned data from your phone. This is the second app released in a month by Facebook that turned out to be nothing more than a surveillance tool. This episode goes…
Justifying Security Spend, a Response Pt 3
https://www.youtube.com/watch?v=heqfKzoEtY8
Submitted March 19, 2018 at 06:19PM by Uminekoshi
via reddit http://ift.tt/2FKjUN3
https://www.youtube.com/watch?v=heqfKzoEtY8
Submitted March 19, 2018 at 06:19PM by Uminekoshi
via reddit http://ift.tt/2FKjUN3
YouTube
Justifying Security Spend, a Response from Nehemiah Security: Part 3
In this video, Jerry Caponera responds to an entry in our eBook about "7 Experts on Justifying Security Spend" written by Suzie Smibert. If your friend was p...
Best Cyber Security Twitter Profiles to Follow 2018
http://ift.tt/2FI7gKH
Submitted March 19, 2018 at 06:08PM by Iot_Security
via reddit http://ift.tt/2FKjV3z
http://ift.tt/2FI7gKH
Submitted March 19, 2018 at 06:08PM by Iot_Security
via reddit http://ift.tt/2FKjV3z
cyberdb.co
Best Cyber Security Twitter Profiles to Follow 2018 | CyberDB
We have created a list with some of the best Twitter CyberSecurity accounts so you don’t waste your time in searching – you can follow them right away.
A Deep Dive into Database Attacks [Part III]: Why Scarlett Johansson’s Picture Got My Postgre Database to Start Mining Monero
http://ift.tt/2tGXfvH
Submitted March 19, 2018 at 06:08PM by QuirkySpiceBush
via reddit http://ift.tt/2u05H9p
http://ift.tt/2tGXfvH
Submitted March 19, 2018 at 06:08PM by QuirkySpiceBush
via reddit http://ift.tt/2u05H9p
Blog | Imperva
A Deep Dive into Database Attacks [Part III]: Why Scarlett Johansson’s Picture Got My Postgre Database to Start Mining Monero
OffensiveCon 2018 Videos
https://www.youtube.com/channel/UCMNvAtT4ak2azKNk6UlB1QQ
Submitted March 19, 2018 at 07:13PM by juken
via reddit http://ift.tt/2u1CeMf
https://www.youtube.com/channel/UCMNvAtT4ak2azKNk6UlB1QQ
Submitted March 19, 2018 at 07:13PM by juken
via reddit http://ift.tt/2u1CeMf
YouTube
OffensiveCon
OffensiveCon Berlin is a highly technical international security conference focused on offensive security only. The aim of OffensiveCon is to bring the community of hackers together for high quality and deep technical talks, engaging and renowned technical…
OffensiveCon 2018 Videos
https://www.youtube.com/channel/UCMNvAtT4ak2azKNk6UlB1QQ
Submitted March 19, 2018 at 07:13PM by juken
via reddit http://ift.tt/2u1CeMf
https://www.youtube.com/channel/UCMNvAtT4ak2azKNk6UlB1QQ
Submitted March 19, 2018 at 07:13PM by juken
via reddit http://ift.tt/2u1CeMf
YouTube
OffensiveCon
OffensiveCon Berlin is a highly technical international security conference focused on offensive security only. The aim of OffensiveCon is to bring the community of hackers together for high quality and deep technical talks, engaging and renowned technical…
Drachten man suspected of leaking nude footage of Dutch handball team
http://ift.tt/2HNNi1L
Submitted March 19, 2018 at 07:28PM by Iot_Security
via reddit http://ift.tt/2FOhlcX
http://ift.tt/2HNNi1L
Submitted March 19, 2018 at 07:28PM by Iot_Security
via reddit http://ift.tt/2FOhlcX
NL Times
Drachten man suspected of leaking nude footage of Dutch handball team
A man from Drachten is suspected of posting nude images of the Dutch women's handball team, recorded at sauna Oase in Nederasselt, online. He hasn't been arrested yet, but the police confiscated various digital data carriers from him, the police said on Monday.
Linux distro with one eye on security and other on sweet looking? I will switch from MacOS so sweet means MacOS sweet. Security means Fort Knox.
Full disk encryption is not an option.
Submitted March 19, 2018 at 08:04PM by NebelMe
via reddit http://ift.tt/2psYYQ3
Full disk encryption is not an option.
Submitted March 19, 2018 at 08:04PM by NebelMe
via reddit http://ift.tt/2psYYQ3
reddit
Linux distro with one eye on security and other on... • r/security
Full disk encryption is not an option.
The Newest IoT Threat: Child Predators
http://ift.tt/2u1LpfF
Submitted March 19, 2018 at 07:48PM by Iot_Security
via reddit http://ift.tt/2FKP3jM
http://ift.tt/2u1LpfF
Submitted March 19, 2018 at 07:48PM by Iot_Security
via reddit http://ift.tt/2FKP3jM
Security Today
The Newest IoT Threat: Child Predators -- Security Today
Connected devices at home can record the voices, movements, weight and eating habits of those who live there. They are, in effect, very sophisticated sensors installed in the home environment. As such, they can be utilized by all sorts of people with various…
Fast tools to protect businesses
I'm putting together a data-protection package for companies to comply with GDPR (doesn't matter if you don't know it). It seems easy and natural to place some basic security with the package.This isn't a security package, so I'm only looking to cover bare-bones basics - jobs which can be done quickly - and not turn WeLikeShoes.com into Cyber-Fort Knox. I have some tools and I'd love to hear about others which are also quick and simple to implement.So far I have:nmap can scan for vulnerabilities within minutes.sqlmap can do the same.Basic password checks by comparing people's passwords to the rockyou wordlist or guestimating if a dictionary attack would penetrate a field.Possibly setting up Phishing awareness and tests - but that's getting into the realms of too much time.Any other quick and easy, but potentially useful security checks one might add to protect a business?Also, how much should I worry about permissions? Obviously I will obtain permission from the company, but will I also need permission from the people hosting their data on their webpage? Or is the company
Submitted March 19, 2018 at 07:48PM by intrepidraspberry
via reddit http://ift.tt/2IBTU4j
I'm putting together a data-protection package for companies to comply with GDPR (doesn't matter if you don't know it). It seems easy and natural to place some basic security with the package.This isn't a security package, so I'm only looking to cover bare-bones basics - jobs which can be done quickly - and not turn WeLikeShoes.com into Cyber-Fort Knox. I have some tools and I'd love to hear about others which are also quick and simple to implement.So far I have:nmap can scan for vulnerabilities within minutes.sqlmap can do the same.Basic password checks by comparing people's passwords to the rockyou wordlist or guestimating if a dictionary attack would penetrate a field.Possibly setting up Phishing awareness and tests - but that's getting into the realms of too much time.Any other quick and easy, but potentially useful security checks one might add to protect a business?Also, how much should I worry about permissions? Obviously I will obtain permission from the company, but will I also need permission from the people hosting their data on their webpage? Or is the company
Submitted March 19, 2018 at 07:48PM by intrepidraspberry
via reddit http://ift.tt/2IBTU4j
reddit
Fast tools to protect businesses • r/security
I'm putting together a data-protection package for companies to comply with GDPR (doesn't matter if you don't know it). It seems easy and natural...
Zenis Ransomware – Deletes Your Backup and Encrypts Files
http://ift.tt/2ppYQ3L
Submitted March 19, 2018 at 07:35PM by vaxfms
via reddit http://ift.tt/2IxDMkx
http://ift.tt/2ppYQ3L
Submitted March 19, 2018 at 07:35PM by vaxfms
via reddit http://ift.tt/2IxDMkx
OSRadar
Zenis Ransomware – Deletes Your Backup and Encrypts Files - OSRadar
Ransomware has been the hot topic of security world for quite a few months. This is a type of attack that encrypts a system’s file and asks for a ransom to the victim for the unlocking password. A new ransomware is in the wild. Learn more about Zenis - the…
Why Scarlett Johansson’s Picture Got My Postgre Database to Start Mining Monero
http://ift.tt/2tGXfvH
Submitted March 19, 2018 at 08:33PM by whitehattracker
via reddit http://ift.tt/2HO2D2h
http://ift.tt/2tGXfvH
Submitted March 19, 2018 at 08:33PM by whitehattracker
via reddit http://ift.tt/2HO2D2h
Blog | Imperva
A Deep Dive into Database Attacks [Part III]: Why Scarlett Johansson’s Picture Got My Postgre Database to Start Mining Monero
DNS Poisoning and How To Prevent It
http://ift.tt/2G999n1
Submitted March 19, 2018 at 08:19PM by volci
via reddit http://ift.tt/2HIAolB
http://ift.tt/2G999n1
Submitted March 19, 2018 at 08:19PM by volci
via reddit http://ift.tt/2HIAolB
AlienVault
DNS Poisoning and How To Prevent It
DNS poisoning. Simply the name conjures up the kind of thoughts that keep network admins up at night. What if my RNDC key gets leaked? Could there be a rogue DHCP server within my perimeter? Are the Lizard Squad planning an attack on for Christmas?Much of…
The Machine Learning and Artificial Intelligence (AI) wiki
http://ift.tt/2FLeqC2
Submitted March 19, 2018 at 10:02PM by Chouma
via reddit http://ift.tt/2u5zq0W
http://ift.tt/2FLeqC2
Submitted March 19, 2018 at 10:02PM by Chouma
via reddit http://ift.tt/2u5zq0W
Peerlyst
The Machine Learning and Artificial Intelligence (AI) wiki
A wiki for posts about machine learning and artificial intelligence.Basics of Machine Learning:Infosec Basics: Definition of and understanding Machine Learning by Gina Robertson Whats AI and Machine Learning? And How Can We Take Advantage Of It. (
Reversing iBank Trojan [Injection Phase]
http://ift.tt/2FNBkZz
Submitted March 19, 2018 at 10:43PM by khasaia
via reddit http://ift.tt/2IAQ9fB
http://ift.tt/2FNBkZz
Submitted March 19, 2018 at 10:43PM by khasaia
via reddit http://ift.tt/2IAQ9fB
secrary[dot]com
Reversing iBank Trojan [Injection Phase]
This blog is about malware analysis and reverse engineering. I’m Lasha Khasaia
Recovering plaintext passwords from Azure VMs like it's the 1990s
http://ift.tt/2IDB7pl
Submitted March 19, 2018 at 09:17PM by yoniyoniyoni
via reddit http://ift.tt/2G3a8VV
http://ift.tt/2IDB7pl
Submitted March 19, 2018 at 09:17PM by yoniyoniyoni
via reddit http://ift.tt/2G3a8VV
GuardiCore - Data Center and Cloud Security
Recovering Plaintext Passwords from Azure Virtual Machines | GuardiCore
Security design flaw in the VM Access plugin that may enable a cross platform attack impacting every machine type provided by Azure. Read More...
Reversing iBank Trojan [Injection Phase]
http://ift.tt/2FNBkZz
Submitted March 19, 2018 at 10:43PM by khasaia
via reddit http://ift.tt/2IAQ9fB
http://ift.tt/2FNBkZz
Submitted March 19, 2018 at 10:43PM by khasaia
via reddit http://ift.tt/2IAQ9fB
secrary[dot]com
Reversing iBank Trojan [Injection Phase]
This blog is about malware analysis and reverse engineering. I’m Lasha Khasaia
Analysis of a Kubernetes hack — Backdooring through kubelet
http://ift.tt/2GoAmzO
Submitted March 19, 2018 at 11:15PM by speckz
via reddit http://ift.tt/2G6wUMk
http://ift.tt/2GoAmzO
Submitted March 19, 2018 at 11:15PM by speckz
via reddit http://ift.tt/2G6wUMk
Medium
Analysis of a Kubernetes hack — Backdooring through kubelet
Unless you’ve been living under a rock for the past three years, you’ve probably heard about Kubernetes. At Handy, our infrastructure is…
Firefox Master Password System Has Been Poorly Secured for the Past 9 Years
http://ift.tt/2IyvVDf
Submitted March 19, 2018 at 10:48PM by dabshitty
via reddit http://ift.tt/2HNcaXx
http://ift.tt/2IyvVDf
Submitted March 19, 2018 at 10:48PM by dabshitty
via reddit http://ift.tt/2HNcaXx
BleepingComputer
Firefox Master Password System Has Been Poorly Secured for the Past 9 Years
For at past nine years, Mozilla has been using an insufficiently strong encryption mechanism for the "master password" feature.
Ending DNS Hijacking with DNSCrypt
http://ift.tt/2ICfvtI
Submitted March 19, 2018 at 11:05PM by nykzhang
via reddit http://ift.tt/2Gb2Ijc
http://ift.tt/2ICfvtI
Submitted March 19, 2018 at 11:05PM by nykzhang
via reddit http://ift.tt/2Gb2Ijc
Medium
Ending DNS Hijacking with DNSCrypt
I was at a Marriot hotel last week with my family and I noticed that they were doing DNS hijacking and redirecting all my DNS requests to…