How critical is MFA for production?
Our team is now configuring a production site (kS8 at Google Cloud) and had a discussion - how critical is having MFA/VPN access to production vs using only strong passwords with single factor auth?p.s. I understand the implications of these configuration, just curious practically in real world what people are doing
Submitted March 27, 2018 at 04:54PM by yonatannn
via reddit https://ift.tt/2pKOIn1
Our team is now configuring a production site (kS8 at Google Cloud) and had a discussion - how critical is having MFA/VPN access to production vs using only strong passwords with single factor auth?p.s. I understand the implications of these configuration, just curious practically in real world what people are doing
Submitted March 27, 2018 at 04:54PM by yonatannn
via reddit https://ift.tt/2pKOIn1
reddit
How critical is MFA for production? • r/security
Our team is now configuring a production site (kS8 at Google Cloud) and had a discussion - how critical is having MFA/VPN access to production vs...
Justifying Security Spend, a Response Pt 4
https://www.youtube.com/watch?v=h4ltexlBuPA
Submitted March 27, 2018 at 05:31PM by Uminekoshi
via reddit https://ift.tt/2I9PwZx
https://www.youtube.com/watch?v=h4ltexlBuPA
Submitted March 27, 2018 at 05:31PM by Uminekoshi
via reddit https://ift.tt/2I9PwZx
YouTube
Justifying Security Spend, a Response from Nehemiah Security: Part 4
In this video, Jerry Caponera responds to an entry in our eBook about "7 Experts on Justifying Security Spend" written by Heath Taylor. If your friend was pu...
The phenomenon of smart contract honeypots
https://ift.tt/2pwrZe8
Submitted March 27, 2018 at 05:13PM by fagnerbrack
via reddit https://ift.tt/2pLfNpf
https://ift.tt/2pwrZe8
Submitted March 27, 2018 at 05:13PM by fagnerbrack
via reddit https://ift.tt/2pLfNpf
Medium
The phenomenon of smart contract honeypots
Hardly a week passes without large scale hacks in the crypto world. It’s not just centralised exchanges that are targets of attackers…
[How-To] Use CloudFront? Check if your Domain got Hijacked by a Third Party
https://ift.tt/2pKzYUt
Submitted March 27, 2018 at 05:05PM by vysec
via reddit https://ift.tt/2pJ56Vd
https://ift.tt/2pKzYUt
Submitted March 27, 2018 at 05:05PM by vysec
via reddit https://ift.tt/2pJ56Vd
Medium
CloudFront Domain Hijacks under Attack
TLDR; As of 27th March 2018, I found that an entity or malicious actor has exploited the following vulnerability that allows for subdomain…
A website that lets you guess how often a password was pwned
https://ift.tt/2utqToE
Submitted March 27, 2018 at 04:36PM by OrdisLux
via reddit https://ift.tt/2GtflXj
https://ift.tt/2utqToE
Submitted March 27, 2018 at 04:36PM by OrdisLux
via reddit https://ift.tt/2GtflXj
Checkpoint vs fortinet 60e
Hello reddit, i have a question I have a option to buy checkpoint 750 or fortinet 60eI terms of performens whitch will be the best?
Submitted March 27, 2018 at 05:37PM by oOMrYairOo
via reddit https://ift.tt/2GBbc3k
Hello reddit, i have a question I have a option to buy checkpoint 750 or fortinet 60eI terms of performens whitch will be the best?
Submitted March 27, 2018 at 05:37PM by oOMrYairOo
via reddit https://ift.tt/2GBbc3k
reddit
Checkpoint vs fortinet 60e • r/security
Hello reddit, i have a question I have a option to buy checkpoint 750 or fortinet 60e I terms of performens whitch will be the best?
Security In 5: Episode 203 - Facebook Fail - How To See What Facebook Knows About You
https://ift.tt/2IXMI2z
Submitted March 27, 2018 at 06:35PM by BinaryBlog
via reddit https://ift.tt/2upgHNY
https://ift.tt/2IXMI2z
Submitted March 27, 2018 at 06:35PM by BinaryBlog
via reddit https://ift.tt/2upgHNY
Libsyn
Security In Five Podcast: Episode 203 - Facebook Fail - How To See What Facebook Knows About You
Facebook gathers more data about you than you realize. However, you can download almost everything from Facebook to review it. This episode goes into how to do it and why you should. Take control of your data and privacy. Be aware, be safe. -----------…
VirusBay Aims To Make Malware Analysis More Social
https://ift.tt/2I7t3fH
Submitted March 27, 2018 at 06:26PM by alessiodelv
via reddit https://ift.tt/2IYJM66
https://ift.tt/2I7t3fH
Submitted March 27, 2018 at 06:26PM by alessiodelv
via reddit https://ift.tt/2IYJM66
BleepingComputer
VirusBay Aims To Make Malware Analysis More Social
For those looking to learn about and share malware samples, a site called VirusBay may be what you are looking for. VirusBay's goal is to make malware analysis more social by providing a place for researchers to upload samples, request samples, and discuss…
Grey Heron, the new Co in the surveillance industry that promises to spy on Signal and Telegram
https://ift.tt/2pJWooN
Submitted March 27, 2018 at 07:10PM by CasperVPN
via reddit https://ift.tt/2Gb9MND
https://ift.tt/2pJWooN
Submitted March 27, 2018 at 07:10PM by CasperVPN
via reddit https://ift.tt/2Gb9MND
Security Affairs
Grey Heron, the new Co in the surveillance industry that promises to spy on Signal and Telegram
Who is behind the newborn Grey Heron surveillance company? According to an investigation conducted by Motherboard, the firm is linked to the Italian surveillance firm Hacking Team.
Top Five Ways the Red Team breached the External Perimeter
https://ift.tt/2GeBKbC
Submitted March 27, 2018 at 07:51PM by wootock
via reddit https://ift.tt/2uu0S8I
https://ift.tt/2GeBKbC
Submitted March 27, 2018 at 07:51PM by wootock
via reddit https://ift.tt/2uu0S8I
Medium
Top Five Ways the Red Team breached the External Perimeter
I have been performing “red team” breach assessments for many years. Often the goal is penetrating an external network, and gaining access…
Apache Struts Security Issue Announced. Medium severity, DoS concern
https://ift.tt/2pNT0JI
Submitted March 27, 2018 at 08:11PM by sheepfiend
via reddit https://ift.tt/2pJ4ONX
https://ift.tt/2pNT0JI
Submitted March 27, 2018 at 08:11PM by sheepfiend
via reddit https://ift.tt/2pJ4ONX
The Complete Beginner Guide to Learn Ethical Hacking
https://ift.tt/2HMRtuq
Submitted March 27, 2018 at 08:37PM by houseisbuilt
via reddit https://ift.tt/2pIjQ6r
https://ift.tt/2HMRtuq
Submitted March 27, 2018 at 08:37PM by houseisbuilt
via reddit https://ift.tt/2pIjQ6r
Medium
The Complete Beginner Guide to Learn Ethical Hacking
If you want to learn ethical hacking so that you can hack computer systems like black hat hackers and secure them like security experts…
How to get your new 5 GHz wireless penetration gear up and working
https://ift.tt/2GfhySE
Submitted March 27, 2018 at 10:05PM by wootock
via reddit https://ift.tt/2I5cn8A
https://ift.tt/2GfhySE
Submitted March 27, 2018 at 10:05PM by wootock
via reddit https://ift.tt/2I5cn8A
Medium
How to get your new 5 GHz wireless penetration gear up and working
What new wireless .ac cards work with the latest rolling Kali release
To Illustrate the Dangers of Cyberwarfare, the Army Is Turning to Sci-fi
https://ift.tt/2G3EUKR
Submitted March 27, 2018 at 10:06PM by yourbasicgeek
via reddit https://ift.tt/2GfzK2I
https://ift.tt/2G3EUKR
Submitted March 27, 2018 at 10:06PM by yourbasicgeek
via reddit https://ift.tt/2GfzK2I
IEEE Spectrum: Technology, Engineering, and Science News
To Illustrate the Dangers of Cyberwarfare, the Army Is Turning to Sci-fi
Graphic novelettes issued by the U.S. Army Cyber Institute aim to educate soldiers about digital threats
Explain encrypted databases to me
I feel like I should get this, but somehow I don't. I don't understand how encrypting a database improves security. Let me explain my understanding of the process, and maybe you can tell me where my understanding is wrong.As I understand it, you encrypt a database by setting a key that is used to encrypt the data. Then you use the same key to decrypt data that you retrieve from the database.What doesn't make sense to me in that scenario is that you have the key sitting there on your server for both encryption and decryption. If someone hacks into your system, they can just get the key that's sitting there. So how does the encryption help?So I think I'm just missing something here. Explanations and teaching would be welcome.
Submitted March 27, 2018 at 09:29PM by tryingtobeconstructi
via reddit https://ift.tt/2DZO8WG
I feel like I should get this, but somehow I don't. I don't understand how encrypting a database improves security. Let me explain my understanding of the process, and maybe you can tell me where my understanding is wrong.As I understand it, you encrypt a database by setting a key that is used to encrypt the data. Then you use the same key to decrypt data that you retrieve from the database.What doesn't make sense to me in that scenario is that you have the key sitting there on your server for both encryption and decryption. If someone hacks into your system, they can just get the key that's sitting there. So how does the encryption help?So I think I'm just missing something here. Explanations and teaching would be welcome.
Submitted March 27, 2018 at 09:29PM by tryingtobeconstructi
via reddit https://ift.tt/2DZO8WG
reddit
Explain encrypted databases to me • r/security
I feel like I should get this, but somehow I don't. I don't understand how encrypting a database improves security. Let me explain my...
The Top Vulnerabilities Exploited by Cybercriminals
https://ift.tt/2upXJqb
Submitted March 27, 2018 at 11:16PM by Horus_Sirius
via reddit https://ift.tt/2pIWY77
https://ift.tt/2upXJqb
Submitted March 27, 2018 at 11:16PM by Horus_Sirius
via reddit https://ift.tt/2pIWY77
TSecurity Portal
The Top Vulnerabilities Exploited by Cybercriminals
New "ThreadKit" Office Exploit Builder Emerges
https://ift.tt/2uow6Ou
Submitted March 27, 2018 at 11:11PM by Horus_Sirius
via reddit https://ift.tt/2pJflIT
https://ift.tt/2uow6Ou
Submitted March 27, 2018 at 11:11PM by Horus_Sirius
via reddit https://ift.tt/2pJflIT
TSecurity Portal
New
614Con 2018 Information Security Hacking Conference
http://614con.org
Submitted March 27, 2018 at 09:49PM by technoglowstick
via reddit https://ift.tt/2pGerNy
http://614con.org
Submitted March 27, 2018 at 09:49PM by technoglowstick
via reddit https://ift.tt/2pGerNy
reddit
614Con 2018 Information Security Hacking Conference • r/netsec
4 points and 1 comments so far on reddit
Microcontroller Firmware Recovery Using Invasive Analysis
https://ift.tt/2GaYZDc
Submitted March 28, 2018 at 01:35AM by sirusdv
via reddit https://ift.tt/2GydMXW
https://ift.tt/2GaYZDc
Submitted March 28, 2018 at 01:35AM by sirusdv
via reddit https://ift.tt/2GydMXW
The Duo Security Bulletin
Microcontroller Firmware Recovery Using Invasive Analysis
Duo Labs security researchers show how to bypass microcontroller interfaces used for internet of things (IoT) devices - these invasive attacks require physical access to typical microcontrollers.
Cowrie Honeypot Analysis - 24hrs of Attacks
https://ift.tt/2DVD50L
Submitted March 28, 2018 at 01:34AM by thewanderer1999
via reddit https://ift.tt/2I7H8ts
https://ift.tt/2DVD50L
Submitted March 28, 2018 at 01:34AM by thewanderer1999
via reddit https://ift.tt/2I7H8ts
HackerTarget.com
Cowrie Honeypot Analysis - 24hrs of Attacks | HackerTarget.com
A review of Cowrie Honeypot logs after 24 hours. Includes source analysis from over 200 unique connections and an animated attack map (pewpew).
Tool to Scrape Bug Bounty Subdomains from HackerOne using GraphQL
https://ift.tt/2pL2C7P
Submitted March 28, 2018 at 01:20AM by bjorgein
via reddit https://ift.tt/2pO8lto
https://ift.tt/2pL2C7P
Submitted March 28, 2018 at 01:20AM by bjorgein
via reddit https://ift.tt/2pO8lto
GitHub
bonkc/BugBountySubdomains
BugBountySubdomains - Tools to gather subdomains from Bug Bounty programs