Could Defense in Depth concpet Work for IoT Security?
http://ift.tt/2pptr24

Submitted March 20, 2018 at 04:49PM by Iot_Security
via reddit http://ift.tt/2DGxqf2

Razer keyboard software
Just got a razer keyboard and am hesitant on installing the customisation software in fear of it being comprised and turned into a keylogger. As an attack vector this would make sense.Am I being rational or is all of the above completely insane ?

Submitted March 20, 2018 at 05:10PM by Nickh898
via reddit http://ift.tt/2FQHfNu

Create your own Private Botnet with ProxyDock!
http://ift.tt/2u6xJjL

Submitted March 20, 2018 at 05:54PM by Evil1337
via reddit http://ift.tt/2FOt3EC

Security In 5: Episode 198 - Mini-Series Top 10 Reason To Pen-Test - 1 - Meet Security Regulations
http://ift.tt/2HOERD8

Submitted March 20, 2018 at 06:36PM by BinaryBlog
via reddit http://ift.tt/2GJRO1K

Breaking the Ledger Security Model
http://ift.tt/2FKrTK6

Submitted March 20, 2018 at 06:41PM by vamediah
via reddit http://ift.tt/2DGUCcQ

Telegram App Under The Gun In Russia After Supreme Court Ruling.
http://ift.tt/2pvtYin

Submitted March 20, 2018 at 08:03PM by RollingTorpedo
via reddit http://ift.tt/2IBUGi1

Researchers Show How Popular Text Editors Can Be Attacked Via Third-Party Plugins
http://ift.tt/2u1sJge

Submitted March 20, 2018 at 07:44PM by volci
via reddit http://ift.tt/2psNJXz

Security review of the Vilfo VPN router finds severe issues
http://ift.tt/2FXYU1B

Submitted March 20, 2018 at 07:48PM by Aeyoun
via reddit http://ift.tt/2ppVPjO

5 surefire cloud security certifications to boost your career (and your paycheck): They did the math
http://ift.tt/2GMI9rq

Submitted March 20, 2018 at 10:08PM by yourbasicgeek
via reddit http://ift.tt/2FOPiKF

2FA Best Practices: Why you shouldn’t use Google Authenticator and what to use instead
http://ift.tt/2u5GieG

Submitted March 20, 2018 at 09:07PM by ddusko
via reddit http://ift.tt/2GPTozq

6 tricky obstacles security teams face in GDPR compliance
http://ift.tt/2HKgS84

Submitted March 20, 2018 at 09:05PM by CrankyBear
via reddit http://ift.tt/2u2Xl0X

Implications and Mitigation Strategies When You Lose Your End-Entity PKI
http://ift.tt/2HMajCb

Submitted March 20, 2018 at 11:56PM by BillyPricePgh
via reddit http://ift.tt/2FNYE9w

Programs Controlling ICS Robotics Are 'Wide Open' to Vulnerabilities
http://ift.tt/2FNqgeJ

Submitted March 21, 2018 at 12:19AM by volci
via reddit http://ift.tt/2u4Bo1g

Yubikey NEO TOTP/U2F configuration and secret backup
Hello everyone, I purchased a Yubikey Neo and am a little confused. From what I understand, I do not need to use the desktop manager app and change any settings in order for my yubikey neo to function in CCID mode (this contains OATH-TOTP, which I want to use as a replacement for google authenticator) and by default, it also has u2f enabled. Is this correct, or do I need to change any configuration out-of-the-box to enable these features?Also, is there a way to backup my yubikey OTP and u2f secrets? I know the yubikey is write-only, but is there a way to basically generate the secrets/the whole configuration in the yubikey manager, and then write them to the device while also encrypting and saving them somewhere else so that I can restore these secrets if my yubikey fails? Thanks for any feedback!

Submitted March 21, 2018 at 12:56AM by RiBc_
via reddit http://ift.tt/2IEWkzp

Account Hacked or only Attempted compromise?
So I consider myself careful when it comes to internet security. Although today, some individual had managed to successfully get into my Macy's account (of which I never really use) to place an order to someone else within my state of residence, but different address and credit card number. It seems as though the only information used of mine was my email address.Now aside from this, my email address received ~100-200 new account creation/password reset emails from mom & pop ecom stores and affiliate programs. Basically stores I've never heard of but follow the same pattern for their emails (maybe had the same backend software between them all)Now none of these messages were read, I have 2FA enabled and checking my security on my Google account, I don't believe my email was compromised. I checked my credit cards/financials and nothing seems out of the ordinary.I called Macy's and they were no help. They said because only my email was used and none of the other information was my own, I could not cancel the order as it doesn't count as a fraud purchase. They said the address looks legitimate on their end, it just wasn't mine. I changed my password/email/security question on my account once that occurred, but that's all I seem to be able to do at this point.So my question is, has anyone dealt with this before? What the hell is going on, what are they trying to accomplish when creating hundreds of accounts with my email/password changes if they can't access my information? It was either a noscript or bot because no human could create that many accounts so quickly.What other security steps should I do? I am a bit alarmed as this never happened to me before.

Submitted March 21, 2018 at 02:36AM by curious_wanderer14
via reddit http://ift.tt/2FW1aX4

A look at which countries are ranked the worst in the world when it comes to Censorship and Surveillance
http://ift.tt/2HOH01I

Submitted March 21, 2018 at 03:14AM by ChenneGivenSunday
via reddit http://ift.tt/2G7bKhd

TeleRAT: Another Android Trojan Leveraging Telegram’s Bot API to Target Iranian Users
http://ift.tt/2HMrGCT

Submitted March 21, 2018 at 03:08AM by intelot
via reddit http://ift.tt/2FQX5aQ

DDoS Attacks Are $10 per Hour on the Dark Web
http://ift.tt/2HReEEi

Submitted March 21, 2018 at 04:01AM by alessiodelv
via reddit http://ift.tt/2pxeOtN

15-Year-old Finds Flaw in Ledger Crypto Wallet
http://ift.tt/2u2q1ah

Submitted March 21, 2018 at 03:59AM by alessiodelv
via reddit http://ift.tt/2DHSjX4

Final Year Project Ideas
Hi all I am currently studying Computer Forensics & Security and I will be going into my final year of college next year. Just making this post as I am trying to come up with ideas for a project as early as possible so I can mess around with different noscripts and programs over the summer. I want to do my project in Python and have it be focused in the area of Computer Forensics. The project has to be complex and challenging. I want to try have a foundation planned out before I go back to college. At the moment I want to use some of the following in my project:PythonBashMalware analysisComplex vulnerabilityLinuxForensics & Security basedAny help would be appreciated I have been on Forensics Focus but none of the project ideas they have there seem appealing or are extremely vague.

Submitted March 21, 2018 at 05:39AM by Irishladdoyle
via reddit http://ift.tt/2DGdQ2s

Th3inspector Tool - All in one tool for Information Gathering
http://ift.tt/2HIiQ99

Submitted March 21, 2018 at 03:47AM by TechLord2
via reddit http://ift.tt/2GaoofC