Time for Password Expiration to Die
https://ift.tt/2zT9eYD
Submitted March 26, 2018 at 12:54AM by yourbasicgeek
via reddit https://ift.tt/2G9XnFU
https://ift.tt/2zT9eYD
Submitted March 26, 2018 at 12:54AM by yourbasicgeek
via reddit https://ift.tt/2G9XnFU
er.educause.edu
Time for Password Expiration to Die
Here are three reasons why password expiration is a dated concept that needs to go away, plus a few ways to provide stronger security for high-risk ac
TR-EN | Acrolinx Dashboard Directory Traversal (CVE 2018-7719)
https://ift.tt/2DRT9kf
Submitted March 26, 2018 at 03:33AM by tiger6700
via reddit https://ift.tt/2pEkimj
https://ift.tt/2DRT9kf
Submitted March 26, 2018 at 03:33AM by tiger6700
via reddit https://ift.tt/2pEkimj
www.berkdusunur.net
TR-EN | Acrolinx Dashboard Directory Traversal (CVE 2018-7719)
Hello everyone :) In this article I will publish the vulnerability I found on acrolinx dashboard. What Is Acrolinx Acrolinx ...
0day Vulnerability at Acrolinx CVE-2018-7719
https://ift.tt/2pGIapi
Submitted March 26, 2018 at 03:53AM by berkdusunurx
via reddit https://ift.tt/2GouDfK
https://ift.tt/2pGIapi
Submitted March 26, 2018 at 03:53AM by berkdusunurx
via reddit https://ift.tt/2GouDfK
www.berkdusunur.net
TR-EN | Acrolinx Dashboard Directory Traversal (CVE 2018-7719)
Hello everyone :) In this article I will publish the vulnerability I found on acrolinx dashboard. What Is Acrolinx Acrolinx ...
Possible zero-day malware samples through image files and other documents along with possible privilege escalation vulnerabilities in Windows 10 default applications. Adds explorer.exe OLE32 Extensions and modifies services, all signed binaries by M$, maybe a DLL injection. Was told to post here.
https://ift.tt/2GnbtHc
Submitted March 26, 2018 at 08:57AM by PseudoSecuritay
via reddit https://ift.tt/2DUlarj
https://ift.tt/2GnbtHc
Submitted March 26, 2018 at 08:57AM by PseudoSecuritay
via reddit https://ift.tt/2DUlarj
Sendspace
Download multiple files from Sendspace.com - send big files the easy way
File groups | Free file hosting. Email large files for free.
Slides on the security of JSON Web Tokens
https://ift.tt/2pD4Oiu
Submitted March 26, 2018 at 02:11AM by nohohC0i
via reddit https://ift.tt/2IPwKYo
https://ift.tt/2pD4Oiu
Submitted March 26, 2018 at 02:11AM by nohohC0i
via reddit https://ift.tt/2IPwKYo
www.slideshare.net
Jwt == insecurity?
Slides for my recent talk at Ruxmon on the security of JSON Web Token. Covers patterns, CVE-2018-0114, example of issues in usage of JOSE libraries...
#BugBounty @ Linkedln-How I was able to bypass Open Redirection Protection
https://ift.tt/2GlnWLw
Submitted March 25, 2018 at 08:48PM by logicbomb_1
via reddit https://ift.tt/2uoeX7k
https://ift.tt/2GlnWLw
Submitted March 25, 2018 at 08:48PM by logicbomb_1
via reddit https://ift.tt/2uoeX7k
Medium
#BugBounty @ Linkedln-How I was able to bypass Open Redirection Protection
Hi Guys,
How to secure your data on social media? Facebook-Cambridge Analytica data scandal explained!
https://youtu.be/PhJDouvd-fs
Submitted March 26, 2018 at 08:59AM by iamparameswaran
via reddit https://ift.tt/2GsfDgX
https://youtu.be/PhJDouvd-fs
Submitted March 26, 2018 at 08:59AM by iamparameswaran
via reddit https://ift.tt/2GsfDgX
YouTube
How to protect your privacy & data in social media? Facebook & Cambridge Analytica scandal explained
With the data breach issue from Facebook and Cambridge analytica this week, a lot of people are really concerned about their privacy being stolen. Let's anal...
Australia ranks 8th as a global target for cryptomining attacks
https://ift.tt/2G84liE
Submitted March 26, 2018 at 01:21PM by Iot_Security
via reddit https://ift.tt/2GrkFKM
https://ift.tt/2G84liE
Submitted March 26, 2018 at 01:21PM by Iot_Security
via reddit https://ift.tt/2GrkFKM
securitybrief.com.au
Australia ranks 8th as a global target for cryptomining attacks
“Cryptomining is a rising threat to cyber and personal security,” comments Symantec’s chief technology officer – Pacific region, Nick Savvides.
Orchestrator: Respond to security alerts completely within one web UI
https://ift.tt/2pHdiVK
Submitted March 26, 2018 at 09:42AM by yaraz
via reddit https://ift.tt/2I4vGyI
https://ift.tt/2pHdiVK
Submitted March 26, 2018 at 09:42AM by yaraz
via reddit https://ift.tt/2I4vGyI
reddit
Orchestrator: Respond to security alerts completely... • r/netsec
2 points and 1 comments so far on reddit
Credit Card Fraud Detection
https://ift.tt/2pF6xUs
Submitted March 26, 2018 at 02:55PM by semi23
via reddit https://ift.tt/2GdM4MR
https://ift.tt/2pF6xUs
Submitted March 26, 2018 at 02:55PM by semi23
via reddit https://ift.tt/2GdM4MR
Kaggle
Credit Card Fraud Detection
Anonymized credit card transactions labeled as fraudulent or genuine
Facebook Keeps Tabs on Android SMS and calls
https://ift.tt/2DVVkTQ
Submitted March 26, 2018 at 03:17PM by CasperVPN
via reddit https://ift.tt/2pKRKI7
https://ift.tt/2DVVkTQ
Submitted March 26, 2018 at 03:17PM by CasperVPN
via reddit https://ift.tt/2pKRKI7
Security Affairs
Facebook collected call and SMS data from Android users if not explicitly forbidden
After the Cambridge Analytica scandal, Facebook made the headlines again, the company collected users' Android call and SMS metadata for years.
CSP implementations are broken
https://ift.tt/2I7ozWq
Submitted March 26, 2018 at 04:12PM by paintbrushbill
via reddit https://ift.tt/2DVBDvk
https://ift.tt/2I7ozWq
Submitted March 26, 2018 at 04:12PM by paintbrushbill
via reddit https://ift.tt/2DVBDvk
JellyHive
CSP implementations are broken
TL;DR frame-src is inconsistent cross browser block-all-mixed-content is broken in Chrome and Opera CSP reports are inconsitent Edge has some weird edge cases (no pun intended) IntroThere has been a
Reddit banned the biggest Darknet markets subreddit /R/DarkNetmarkets
https://ift.tt/2DVQtC0
Submitted March 26, 2018 at 05:00PM by CasperVPN
via reddit https://ift.tt/2ISuijZ
https://ift.tt/2DVQtC0
Submitted March 26, 2018 at 05:00PM by CasperVPN
via reddit https://ift.tt/2ISuijZ
Security Affairs
Reddit has banned the biggest Darknet markets subreddit
Recently Reddit decided to ban the biggest darknet subreddit, /r/darknetmarkets, used by crime communities to discuss producta and services in the most popular darknet markets.
What can I do against bots failing login attempts on my account resulting in it being temporarily locked?
So I now got messages by Epic Games 3 days in a row, that someone tried too many times to log into my account but failed. This is resulting in the account being locked for 2 hours each.Is there anything that I can do to prevent this and similar attacks (other than maybe writing the support and them blocking the IP or something)?Thanks in advance...
Submitted March 26, 2018 at 04:41PM by Hiro3212
via reddit https://ift.tt/2DZihFS
So I now got messages by Epic Games 3 days in a row, that someone tried too many times to log into my account but failed. This is resulting in the account being locked for 2 hours each.Is there anything that I can do to prevent this and similar attacks (other than maybe writing the support and them blocking the IP or something)?Thanks in advance...
Submitted March 26, 2018 at 04:41PM by Hiro3212
via reddit https://ift.tt/2DZihFS
reddit
What can I do against bots failing login attempts on... • r/security
So I now got messages by Epic Games 3 days in a row, that someone tried too many times to log into my account but failed. This is resulting in the...
www.wolframalpha.com use unsecure server (Take a look at server 140.177.17.102 with grade F!)
https://ift.tt/2GrTtv6
Submitted March 26, 2018 at 04:55PM by rediii123
via reddit https://ift.tt/2DUe5XR
https://ift.tt/2GrTtv6
Submitted March 26, 2018 at 04:55PM by rediii123
via reddit https://ift.tt/2DUe5XR
CSP implementations are broken
https://ift.tt/2I7ozWq
Submitted March 26, 2018 at 04:22PM by smatsson
via reddit https://ift.tt/2I4jgqy
https://ift.tt/2I7ozWq
Submitted March 26, 2018 at 04:22PM by smatsson
via reddit https://ift.tt/2I4jgqy
JellyHive
CSP implementations are broken
TL;DR frame-src is inconsistent cross browser block-all-mixed-content is broken in Chrome and Opera CSP reports are inconsitent Edge has some weird edge cases (no pun intended) IntroThere has been a
Security In 5: Episode 202 - Facebook Fail - Their Business Is Your Private Data
https://ift.tt/2G7bpfd
Submitted March 26, 2018 at 06:34PM by BinaryBlog
via reddit https://ift.tt/2I6XGl5
https://ift.tt/2G7bpfd
Submitted March 26, 2018 at 06:34PM by BinaryBlog
via reddit https://ift.tt/2I6XGl5
Libsyn
Security In Five Podcast: Episode 202 - Facebook Fail - Their Business Is Your Private Data
After the week Facebook had I decided to commit a week's worth of episodes to talk about the various Facebook practices that are ultimately at your expense. The first episode talks about Facebook's business and at the core it's all about your private data.…
Apache 2.4.33 released with 6 medium/low security fixes
https://ift.tt/YDgT7x
Submitted March 26, 2018 at 08:10PM by sheepfiend
via reddit https://ift.tt/2IUeBca
https://ift.tt/YDgT7x
Submitted March 26, 2018 at 08:10PM by sheepfiend
via reddit https://ift.tt/2IUeBca
httpd.apache.org
httpd 2.4 vulnerabilities - The Apache HTTP Server Project
A Scammer Tried to Scare Me into Buying Their Security Services - Here's How It Went Down
https://ift.tt/2pHnWek
Submitted March 26, 2018 at 08:40PM by volci
via reddit https://ift.tt/2ITpISl
https://ift.tt/2pHnWek
Submitted March 26, 2018 at 08:40PM by volci
via reddit https://ift.tt/2ITpISl
Troy Hunt
A Scammer Tried to Scare Me into Buying Their Security Services - Here's How It Went Down
Here's the tl;dr - someone named "Md. Shofiur R" found troyhunt.com on a "free online malware scanner" and tried to scare me into believing my site had security vulnerabilities then shake me down for a penetration test. It didn't work out so well for
PowerShell noscript that can replace Anti-Virus be using Virus Total database
https://ift.tt/2G7QgBH
Submitted March 26, 2018 at 09:40PM by placidblood
via reddit https://ift.tt/2pIo5hP
https://ift.tt/2G7QgBH
Submitted March 26, 2018 at 09:40PM by placidblood
via reddit https://ift.tt/2pIo5hP
Medium
PowerShell Anti-Virus with VirusTotal API
tl;dr We use PowerShell to continuously monitor any executed .exe files then get the file locations and pass it to the VirusTotal API to…
10 Steps to Develop an Incident Response Plan You’ll ACTUALLY Use
https://ift.tt/2pFZb2V
Submitted March 26, 2018 at 11:37PM by speckz
via reddit https://ift.tt/2unM1MQ
https://ift.tt/2pFZb2V
Submitted March 26, 2018 at 11:37PM by speckz
via reddit https://ift.tt/2unM1MQ
Salesforce Engineering
10 Steps to Develop an Incident Response Plan You’ll ACTUALLY Use
Let’s face it, most companies have an incident response plan (IRP) sitting somewhere that was based on some template that is on the…