Why do banking websites insist on continuing these insecure password requirements? Screenshot taken from Merrill Lynch
https://ift.tt/2G5T6TH
Submitted March 23, 2018 at 10:32PM by peepeeopi
via reddit https://ift.tt/2DPU6JL
https://ift.tt/2G5T6TH
Submitted March 23, 2018 at 10:32PM by peepeeopi
via reddit https://ift.tt/2DPU6JL
What all web application security testing cases can be completed just by using browsers
https://ift.tt/2ILab7i
Submitted March 23, 2018 at 10:37PM by assliekthat
via reddit https://ift.tt/2G6mbyz
https://ift.tt/2ILab7i
Submitted March 23, 2018 at 10:37PM by assliekthat
via reddit https://ift.tt/2G6mbyz
Getmantra
Web app security testing with browsers
A guide on using browser dev-tools for performing web app pentesting
KSMA: Breaking Android kernel isolation and Rooting with ARM MMU features [Blackhat Asia 2018]
https://ift.tt/2GlDoqQ
Submitted March 23, 2018 at 11:41PM by TechLord2
via reddit https://ift.tt/2pDPDVg
https://ift.tt/2GlDoqQ
Submitted March 23, 2018 at 11:41PM by TechLord2
via reddit https://ift.tt/2pDPDVg
return-to-csu: A New Method to Bypass 64-bit Linux ASLR [Paper - Blackhat Asia 2018]
https://ift.tt/2Gm0YE6
Submitted March 23, 2018 at 11:34PM by TechLord2
via reddit https://ift.tt/2G4eKI4
https://ift.tt/2Gm0YE6
Submitted March 23, 2018 at 11:34PM by TechLord2
via reddit https://ift.tt/2G4eKI4
SSRF - Exploiting URL Parser in Trending Programming Languages [Blackhat Asia 2018 Presentation]
https://ift.tt/2GfEkgu
Submitted March 23, 2018 at 11:30PM by TechLord2
via reddit https://ift.tt/2pzoZgs
https://ift.tt/2GfEkgu
Submitted March 23, 2018 at 11:30PM by TechLord2
via reddit https://ift.tt/2pzoZgs
Syntia: Breaking State-of-the-Art Binary Code Obfuscation via Program Synthesis
https://ift.tt/2pAS3UR
Submitted March 23, 2018 at 11:26PM by TechLord2
via reddit https://ift.tt/2IMwsBD
https://ift.tt/2pAS3UR
Submitted March 23, 2018 at 11:26PM by TechLord2
via reddit https://ift.tt/2IMwsBD
Breach Detection at Scale with AWS Honey Tokens [Blackhat Asia 2018]
https://ift.tt/2FYuY9C
Submitted March 23, 2018 at 11:22PM by TechLord2
via reddit https://ift.tt/2Gi98gv
https://ift.tt/2FYuY9C
Submitted March 23, 2018 at 11:22PM by TechLord2
via reddit https://ift.tt/2Gi98gv
AES Wireless Keyboard - Template Attack for Eavesdropping [Blackhat Asia 2018]
https://ift.tt/2pA9nKp
Submitted March 23, 2018 at 11:20PM by TechLord2
via reddit https://ift.tt/2ueLrRx
https://ift.tt/2pA9nKp
Submitted March 23, 2018 at 11:20PM by TechLord2
via reddit https://ift.tt/2ueLrRx
DoJ indicts Iranian hackers for stealing data from 144 US universities
https://ift.tt/2GhzYFz
Submitted March 23, 2018 at 11:55PM by Temptunes48
via reddit https://ift.tt/2pCnBtn
https://ift.tt/2GhzYFz
Submitted March 23, 2018 at 11:55PM by Temptunes48
via reddit https://ift.tt/2pCnBtn
ZDNet
DoJ indicts Iranian hackers for stealing data from 144 US universities | ZDNet
In all, 320 universities around the world were attacked and the 31.5 terabytes of stolen data was sold for profit in Iran.
Shadow-Box v2: The Practical and Omnipotent Sandbox for ARM [BlackHat Asia 2018 - with Github Sources]
https://ift.tt/2pyV4pg
Submitted March 23, 2018 at 11:48PM by TechLord2
via reddit https://ift.tt/2HZWVum
https://ift.tt/2pyV4pg
Submitted March 23, 2018 at 11:48PM by TechLord2
via reddit https://ift.tt/2HZWVum
DNC “lone hacker” Guccifer 2.0 pegged as Russian spy after opsec fail – Ars Technica
http://ift.tt/2pzRI5z
Submitted March 24, 2018 at 12:05AM by nmgreddit
via reddit https://ift.tt/2G6aUOx
http://ift.tt/2pzRI5z
Submitted March 24, 2018 at 12:05AM by nmgreddit
via reddit https://ift.tt/2G6aUOx
Ars Technica
DNC “lone hacker” Guccifer 2.0 pegged as Russian spy after opsec fail
"Hacktivist" logged into a social media account from an IP address at GRU HQ in Moscow.
Use our suite of Ethereum security tools
http://ift.tt/2pAq4Vl
Submitted March 24, 2018 at 12:19AM by AwesomeJosh
via reddit https://ift.tt/2pzRXNV
http://ift.tt/2pAq4Vl
Submitted March 24, 2018 at 12:19AM by AwesomeJosh
via reddit https://ift.tt/2pzRXNV
Trail of Bits Blog
Use our suite of Ethereum security tools
Two years ago, when we began taking on blockchain security engagements, there were no tools engineered for the work. No static analyzers, fuzzers, or reverse engineering tools for Ethereum. So, we …
Public-Private Cybersecurity Center Opens for Business in Sydney
http://ift.tt/2DMA0Af
Submitted March 24, 2018 at 12:47AM by techie_programmer
via reddit https://ift.tt/2pzWzUf
http://ift.tt/2DMA0Af
Submitted March 24, 2018 at 12:47AM by techie_programmer
via reddit https://ift.tt/2pzWzUf
Latest Hacking News
Public-Private Cybersecurity Center Opens for Business in Sydney
The 4th Joint Cyber-Security Center is now officially opened in Sydney, almost a year after the 1st was launched in Brisbane. The government of Australia has now officially opened the Sydney Joint Cyber Security Centre (JCSC). Angus Taylor, the Minister for…
Ransomware Attack Cripples Several Atlanta City Systems
http://ift.tt/2G4PYYp
Submitted March 24, 2018 at 01:20AM by volci
via reddit https://ift.tt/2G75OSf
http://ift.tt/2G4PYYp
Submitted March 24, 2018 at 01:20AM by volci
via reddit https://ift.tt/2G75OSf
Threatpost | The first stop for security news
Ransomware Attack Cripples Several Atlanta City Systems
The city of Atlanta is being extorted for $51,000 in a ransomware attack that occurred early Thursday that impacted several local government departments.
The bug that made free money
http://ift.tt/2udiYLQ
Submitted March 24, 2018 at 01:19AM by volci
via reddit https://ift.tt/2GlZCcg
http://ift.tt/2udiYLQ
Submitted March 24, 2018 at 01:19AM by volci
via reddit https://ift.tt/2GlZCcg
Naked Security
The bug that made free money
What would you do if you found a bug that could create money out of thin air?
A new data leak hits Aadhaar, India's national ID database with 1.1 billion enrolled
https://ift.tt/2INDWV8
Submitted March 24, 2018 at 02:55AM by almostfamous
via reddit https://ift.tt/2INqpNl
https://ift.tt/2INDWV8
Submitted March 24, 2018 at 02:55AM by almostfamous
via reddit https://ift.tt/2INqpNl
ZDNet
A new data leak hits Aadhaar, India's national ID database
Exclusive: The data leak affects potentially every Indian citizen subscribed to the database.
Public record of usernames linked to state-sponsored disinformation campaigns
http://ift.tt/2ufTNsc
Submitted March 24, 2018 at 03:14AM by EvanConover
via reddit https://ift.tt/2I1Zj3N
http://ift.tt/2ufTNsc
Submitted March 24, 2018 at 03:14AM by EvanConover
via reddit https://ift.tt/2I1Zj3N
Help Center
Public record of usernames linked to state-sponsored disinformation campaigns
Democracy requires transparency and an informed electorate, and we take our responsibilities very seriously. We aggressively monitor Tumblr for signs of state-sponsored disinformation campaigns, an...
DOSfuscation: Exploring the Depths of Cmd.exe Obfuscation and Detection Techniques [Whitepaper]
http://ift.tt/2HXEvtY
Submitted March 23, 2018 at 10:46PM by TechLord2
via reddit https://ift.tt/2pBWMWj
http://ift.tt/2HXEvtY
Submitted March 23, 2018 at 10:46PM by TechLord2
via reddit https://ift.tt/2pBWMWj
Revoke Obfuscation: PowerShell Obfuscation Detection Using Science [Whitepaper]
https://ift.tt/2vPmvwW
Submitted March 23, 2018 at 11:02PM by TechLord2
via reddit https://ift.tt/2pAi4Er
https://ift.tt/2vPmvwW
Submitted March 23, 2018 at 11:02PM by TechLord2
via reddit https://ift.tt/2pAi4Er
APT Attacks Targetting Financial Institutions [Blackhat Asia 2018 Study Presentation]
https://ift.tt/2Gg3ThD
Submitted March 23, 2018 at 11:37PM by TechLord2
via reddit https://ift.tt/2pCzpvE
https://ift.tt/2Gg3ThD
Submitted March 23, 2018 at 11:37PM by TechLord2
via reddit https://ift.tt/2pCzpvE
What to do if you can't delete Facebook because of work?
If your job requires you to use Facebook, what options do you have to help limit the social behemoth's intrusion into your personal details?I'm not an expert but here's what I've come up with so far:Use a separate browser (or at least a separate profile) for anything Facebook-related.For your primary, non-Facebook browser, log out of Facebook, delete all cookies, and use an extension that allows you to customize hosts entries. Here's one for Chrome. I've also heard about people setting up Ublock Origin for this purpose, although I haven't tried it.From within Facebook, delete absolutely everything that's not directly related to work.Unfriend everybody.Mark your profile as private.Go through your privacy settings and make sure only friends of friends can send you friend requests. Since you don't have any friends that takes care of that.What do you think? Am I missing anything?
Submitted March 24, 2018 at 05:54AM by njbair
via reddit https://ift.tt/2pFAHX4
If your job requires you to use Facebook, what options do you have to help limit the social behemoth's intrusion into your personal details?I'm not an expert but here's what I've come up with so far:Use a separate browser (or at least a separate profile) for anything Facebook-related.For your primary, non-Facebook browser, log out of Facebook, delete all cookies, and use an extension that allows you to customize hosts entries. Here's one for Chrome. I've also heard about people setting up Ublock Origin for this purpose, although I haven't tried it.From within Facebook, delete absolutely everything that's not directly related to work.Unfriend everybody.Mark your profile as private.Go through your privacy settings and make sure only friends of friends can send you friend requests. Since you don't have any friends that takes care of that.What do you think? Am I missing anything?
Submitted March 24, 2018 at 05:54AM by njbair
via reddit https://ift.tt/2pFAHX4