Security In 5: Episode 203 - Facebook Fail - How To See What Facebook Knows About You
https://ift.tt/2IXMI2z
Submitted March 27, 2018 at 06:35PM by BinaryBlog
via reddit https://ift.tt/2upgHNY
https://ift.tt/2IXMI2z
Submitted March 27, 2018 at 06:35PM by BinaryBlog
via reddit https://ift.tt/2upgHNY
Libsyn
Security In Five Podcast: Episode 203 - Facebook Fail - How To See What Facebook Knows About You
Facebook gathers more data about you than you realize. However, you can download almost everything from Facebook to review it. This episode goes into how to do it and why you should. Take control of your data and privacy. Be aware, be safe. -----------…
VirusBay Aims To Make Malware Analysis More Social
https://ift.tt/2I7t3fH
Submitted March 27, 2018 at 06:26PM by alessiodelv
via reddit https://ift.tt/2IYJM66
https://ift.tt/2I7t3fH
Submitted March 27, 2018 at 06:26PM by alessiodelv
via reddit https://ift.tt/2IYJM66
BleepingComputer
VirusBay Aims To Make Malware Analysis More Social
For those looking to learn about and share malware samples, a site called VirusBay may be what you are looking for. VirusBay's goal is to make malware analysis more social by providing a place for researchers to upload samples, request samples, and discuss…
Grey Heron, the new Co in the surveillance industry that promises to spy on Signal and Telegram
https://ift.tt/2pJWooN
Submitted March 27, 2018 at 07:10PM by CasperVPN
via reddit https://ift.tt/2Gb9MND
https://ift.tt/2pJWooN
Submitted March 27, 2018 at 07:10PM by CasperVPN
via reddit https://ift.tt/2Gb9MND
Security Affairs
Grey Heron, the new Co in the surveillance industry that promises to spy on Signal and Telegram
Who is behind the newborn Grey Heron surveillance company? According to an investigation conducted by Motherboard, the firm is linked to the Italian surveillance firm Hacking Team.
Top Five Ways the Red Team breached the External Perimeter
https://ift.tt/2GeBKbC
Submitted March 27, 2018 at 07:51PM by wootock
via reddit https://ift.tt/2uu0S8I
https://ift.tt/2GeBKbC
Submitted March 27, 2018 at 07:51PM by wootock
via reddit https://ift.tt/2uu0S8I
Medium
Top Five Ways the Red Team breached the External Perimeter
I have been performing “red team” breach assessments for many years. Often the goal is penetrating an external network, and gaining access…
Apache Struts Security Issue Announced. Medium severity, DoS concern
https://ift.tt/2pNT0JI
Submitted March 27, 2018 at 08:11PM by sheepfiend
via reddit https://ift.tt/2pJ4ONX
https://ift.tt/2pNT0JI
Submitted March 27, 2018 at 08:11PM by sheepfiend
via reddit https://ift.tt/2pJ4ONX
The Complete Beginner Guide to Learn Ethical Hacking
https://ift.tt/2HMRtuq
Submitted March 27, 2018 at 08:37PM by houseisbuilt
via reddit https://ift.tt/2pIjQ6r
https://ift.tt/2HMRtuq
Submitted March 27, 2018 at 08:37PM by houseisbuilt
via reddit https://ift.tt/2pIjQ6r
Medium
The Complete Beginner Guide to Learn Ethical Hacking
If you want to learn ethical hacking so that you can hack computer systems like black hat hackers and secure them like security experts…
How to get your new 5 GHz wireless penetration gear up and working
https://ift.tt/2GfhySE
Submitted March 27, 2018 at 10:05PM by wootock
via reddit https://ift.tt/2I5cn8A
https://ift.tt/2GfhySE
Submitted March 27, 2018 at 10:05PM by wootock
via reddit https://ift.tt/2I5cn8A
Medium
How to get your new 5 GHz wireless penetration gear up and working
What new wireless .ac cards work with the latest rolling Kali release
To Illustrate the Dangers of Cyberwarfare, the Army Is Turning to Sci-fi
https://ift.tt/2G3EUKR
Submitted March 27, 2018 at 10:06PM by yourbasicgeek
via reddit https://ift.tt/2GfzK2I
https://ift.tt/2G3EUKR
Submitted March 27, 2018 at 10:06PM by yourbasicgeek
via reddit https://ift.tt/2GfzK2I
IEEE Spectrum: Technology, Engineering, and Science News
To Illustrate the Dangers of Cyberwarfare, the Army Is Turning to Sci-fi
Graphic novelettes issued by the U.S. Army Cyber Institute aim to educate soldiers about digital threats
Explain encrypted databases to me
I feel like I should get this, but somehow I don't. I don't understand how encrypting a database improves security. Let me explain my understanding of the process, and maybe you can tell me where my understanding is wrong.As I understand it, you encrypt a database by setting a key that is used to encrypt the data. Then you use the same key to decrypt data that you retrieve from the database.What doesn't make sense to me in that scenario is that you have the key sitting there on your server for both encryption and decryption. If someone hacks into your system, they can just get the key that's sitting there. So how does the encryption help?So I think I'm just missing something here. Explanations and teaching would be welcome.
Submitted March 27, 2018 at 09:29PM by tryingtobeconstructi
via reddit https://ift.tt/2DZO8WG
I feel like I should get this, but somehow I don't. I don't understand how encrypting a database improves security. Let me explain my understanding of the process, and maybe you can tell me where my understanding is wrong.As I understand it, you encrypt a database by setting a key that is used to encrypt the data. Then you use the same key to decrypt data that you retrieve from the database.What doesn't make sense to me in that scenario is that you have the key sitting there on your server for both encryption and decryption. If someone hacks into your system, they can just get the key that's sitting there. So how does the encryption help?So I think I'm just missing something here. Explanations and teaching would be welcome.
Submitted March 27, 2018 at 09:29PM by tryingtobeconstructi
via reddit https://ift.tt/2DZO8WG
reddit
Explain encrypted databases to me • r/security
I feel like I should get this, but somehow I don't. I don't understand how encrypting a database improves security. Let me explain my...
The Top Vulnerabilities Exploited by Cybercriminals
https://ift.tt/2upXJqb
Submitted March 27, 2018 at 11:16PM by Horus_Sirius
via reddit https://ift.tt/2pIWY77
https://ift.tt/2upXJqb
Submitted March 27, 2018 at 11:16PM by Horus_Sirius
via reddit https://ift.tt/2pIWY77
TSecurity Portal
The Top Vulnerabilities Exploited by Cybercriminals
New "ThreadKit" Office Exploit Builder Emerges
https://ift.tt/2uow6Ou
Submitted March 27, 2018 at 11:11PM by Horus_Sirius
via reddit https://ift.tt/2pJflIT
https://ift.tt/2uow6Ou
Submitted March 27, 2018 at 11:11PM by Horus_Sirius
via reddit https://ift.tt/2pJflIT
TSecurity Portal
New
614Con 2018 Information Security Hacking Conference
http://614con.org
Submitted March 27, 2018 at 09:49PM by technoglowstick
via reddit https://ift.tt/2pGerNy
http://614con.org
Submitted March 27, 2018 at 09:49PM by technoglowstick
via reddit https://ift.tt/2pGerNy
reddit
614Con 2018 Information Security Hacking Conference • r/netsec
4 points and 1 comments so far on reddit
Microcontroller Firmware Recovery Using Invasive Analysis
https://ift.tt/2GaYZDc
Submitted March 28, 2018 at 01:35AM by sirusdv
via reddit https://ift.tt/2GydMXW
https://ift.tt/2GaYZDc
Submitted March 28, 2018 at 01:35AM by sirusdv
via reddit https://ift.tt/2GydMXW
The Duo Security Bulletin
Microcontroller Firmware Recovery Using Invasive Analysis
Duo Labs security researchers show how to bypass microcontroller interfaces used for internet of things (IoT) devices - these invasive attacks require physical access to typical microcontrollers.
Cowrie Honeypot Analysis - 24hrs of Attacks
https://ift.tt/2DVD50L
Submitted March 28, 2018 at 01:34AM by thewanderer1999
via reddit https://ift.tt/2I7H8ts
https://ift.tt/2DVD50L
Submitted March 28, 2018 at 01:34AM by thewanderer1999
via reddit https://ift.tt/2I7H8ts
HackerTarget.com
Cowrie Honeypot Analysis - 24hrs of Attacks | HackerTarget.com
A review of Cowrie Honeypot logs after 24 hours. Includes source analysis from over 200 unique connections and an animated attack map (pewpew).
Tool to Scrape Bug Bounty Subdomains from HackerOne using GraphQL
https://ift.tt/2pL2C7P
Submitted March 28, 2018 at 01:20AM by bjorgein
via reddit https://ift.tt/2pO8lto
https://ift.tt/2pL2C7P
Submitted March 28, 2018 at 01:20AM by bjorgein
via reddit https://ift.tt/2pO8lto
GitHub
bonkc/BugBountySubdomains
BugBountySubdomains - Tools to gather subdomains from Bug Bounty programs
The latest, with technical detail, on the City of Atlanta ransomware hack.
https://ift.tt/E1zo56
Submitted March 28, 2018 at 01:15AM by usgmlp
via reddit https://ift.tt/2GbcXoJ
https://ift.tt/E1zo56
Submitted March 28, 2018 at 01:15AM by usgmlp
via reddit https://ift.tt/2GbcXoJ
Raxis
City of Atlanta 2018 Ransomware Hack: What We Know and What You Can Learn From It - Raxis
The 2018 City of Atlanta Ransomware attack is still unfolding. Raxis discusses what we know so far and the technology behind the scenes.
[New Podcast] Explore Robin Stuart's roundabout journey to becoming one of the best malware researchers
https://ift.tt/2ut7mER
Submitted March 28, 2018 at 01:45AM by ju1i3k
via reddit https://ift.tt/2pJ20jJ
https://ift.tt/2ut7mER
Submitted March 28, 2018 at 01:45AM by ju1i3k
via reddit https://ift.tt/2pJ20jJ
SoundCloud
Ep 3 Robin Stuart: A Malware Superhero
Paralegal, mountain cyclist, malicious code researcher at eBay, security operations at Wells Fargo, cybercrime novelist, and now a principal threat researcher at a Fortune 50 company, Robin Stuart tal
Computer wouldn't shut down and it might be hacked?
I was leaving for school at around 7 and I had forgotten to turn off my computer (I fell asleep finishing up work for 3rd quarter and forgot to turn it off for the night). I rushed over to my room and had gone into the menu and pressed 'shut down'. The computer turns off, but turns back on. I was in a rush so I asked my dad to turn it off for me and didn't think too much of it. When I came back from school, my dad told me that someone else was using my computer from a different location and that was the reason it didn't shut down (not too sure if this was true, but that's what happened according to him). I didn't really understand too much of it, but this was not the first time it had happened. It happened a couple of days ago, but my computer did shut down that time. My dad told me I might have been hacked, but I don't want to start assuming things. Not sure what to do, so i'm asking you guys.
Submitted March 28, 2018 at 02:09AM by HurryingFawn
via reddit https://ift.tt/2uybDqH
I was leaving for school at around 7 and I had forgotten to turn off my computer (I fell asleep finishing up work for 3rd quarter and forgot to turn it off for the night). I rushed over to my room and had gone into the menu and pressed 'shut down'. The computer turns off, but turns back on. I was in a rush so I asked my dad to turn it off for me and didn't think too much of it. When I came back from school, my dad told me that someone else was using my computer from a different location and that was the reason it didn't shut down (not too sure if this was true, but that's what happened according to him). I didn't really understand too much of it, but this was not the first time it had happened. It happened a couple of days ago, but my computer did shut down that time. My dad told me I might have been hacked, but I don't want to start assuming things. Not sure what to do, so i'm asking you guys.
Submitted March 28, 2018 at 02:09AM by HurryingFawn
via reddit https://ift.tt/2uybDqH
reddit
Computer wouldn't shut down and it might be hacked? • r/security
I was leaving for school at around 7 and I had forgotten to turn off my computer (I fell asleep finishing up work for 3rd quarter and forgot to...
Thought Meltdown was bad? Here's Total Meltdown (Win7/2008R2)!
https://ift.tt/2DWtiYp
Submitted March 28, 2018 at 02:08AM by Jeoh
via reddit https://ift.tt/2GwmZjA
https://ift.tt/2DWtiYp
Submitted March 28, 2018 at 02:08AM by Jeoh
via reddit https://ift.tt/2GwmZjA
reddit
Thought Meltdown was bad? Here's Total Meltdown... • r/sysadmin
https://blog.frizk.net/2018/03/total-meltdown.html >Did you think Meltdown was bad? Unprivileged applications being able to read kernel memory at...
Video game account recovery via twitter. Is this secure?
Hello,When people update my app on android, andoid leaves no data behind from previous install to id the user on my server. So I need some sort of password recovery system. I am opting twitter integration to promote my game too with contests.Here is my system:
1) Someone logs in after an update
2) It asks them their Twitter handle
3) If the Twitter handle is already registered, it gives them a six digit id code.
4) They direct message @Battlemontrue that five digit code
5) @Battlemontrue direct messages them back a five digit code
6) They type this into their mobile device, and their account is recovered and stored.This is mostly just a temporary solution because twitter api doesn't scale well past a couple thousand users.
Submitted March 28, 2018 at 04:37AM by goodnewsjimdotcom
via reddit https://ift.tt/2pJJnwc
Hello,When people update my app on android, andoid leaves no data behind from previous install to id the user on my server. So I need some sort of password recovery system. I am opting twitter integration to promote my game too with contests.Here is my system:
1) Someone logs in after an update
2) It asks them their Twitter handle
3) If the Twitter handle is already registered, it gives them a six digit id code.
4) They direct message @Battlemontrue that five digit code
5) @Battlemontrue direct messages them back a five digit code
6) They type this into their mobile device, and their account is recovered and stored.This is mostly just a temporary solution because twitter api doesn't scale well past a couple thousand users.
Submitted March 28, 2018 at 04:37AM by goodnewsjimdotcom
via reddit https://ift.tt/2pJJnwc
reddit
Video game account recovery via twitter. Is this secure? • r/security
Hello, When people update my app on android, andoid leaves no data behind from previous install to id the user on my server. So I need some sort...
Automation and Orchestration tool to use?
I can't seem to find the differences between the various orchestration and Automation tools for security firms. I want to automate alot of the tasks in my CISO.Which do you recommend and why? Like what are the differences?I know about rapid7, alienvault, phantom and threatconnect
Submitted March 28, 2018 at 04:19AM by gorerillaz
via reddit https://ift.tt/2pM6llB
I can't seem to find the differences between the various orchestration and Automation tools for security firms. I want to automate alot of the tasks in my CISO.Which do you recommend and why? Like what are the differences?I know about rapid7, alienvault, phantom and threatconnect
Submitted March 28, 2018 at 04:19AM by gorerillaz
via reddit https://ift.tt/2pM6llB
reddit
Automation and Orchestration tool to use? • r/security
I can't seem to find the differences between the various orchestration and Automation tools for security firms. I want to automate alot of the...