USB Malware
Hey fellow redditors, I'm a very paranoid person so please be easy on me.My uncle bought this device, he plugged in the device, I opened a video file which he recorded using the device and I'm questioning if it could have had a virus preloaded onto it?
Submitted April 02, 2018 at 12:28AM by yAmW1lO4aKNv
via reddit https://ift.tt/2q0b9DQ
Hey fellow redditors, I'm a very paranoid person so please be easy on me.My uncle bought this device, he plugged in the device, I opened a video file which he recorded using the device and I'm questioning if it could have had a virus preloaded onto it?
Submitted April 02, 2018 at 12:28AM by yAmW1lO4aKNv
via reddit https://ift.tt/2q0b9DQ
Amazon
Mini Portable Spy Hidden Camera-Conbrov 720P HD Pocket Digital Video Recorder Small Wearable Camcorder DV for Personal Body Security…
Features: ●This hidden camera is portable and is able to record and capture anything at any time ●This wearable body cam: pocket and handheld small covert camera ●HD mini body camera 1280 x 720P high definition camera with 75 degree wide ●Built-in high…
The 500M hashlist from haveibeenpwned.com is now fully available on Hashes.org with more than 99% cracked.
https://ift.tt/2J74XCR
Submitted April 02, 2018 at 01:16AM by s3inlc
via reddit https://ift.tt/2pVzoDm
https://ift.tt/2J74XCR
Submitted April 02, 2018 at 01:16AM by s3inlc
via reddit https://ift.tt/2pVzoDm
hashes.org
Hashes.org - Leak 'Have I been Pwned V2'
Hashes.org is a community recovering password from submitted hashes.
Executing Commands and Bypassing AppLocker with PowerShell Diagnostic Scripts
https://ift.tt/2mla6xm
Submitted April 02, 2018 at 03:00AM by TechLord2
via reddit https://ift.tt/2GpnPiJ
https://ift.tt/2mla6xm
Submitted April 02, 2018 at 03:00AM by TechLord2
via reddit https://ift.tt/2GpnPiJ
| bohops |
Executing Commands and Bypassing AppLocker with PowerShell Diagnostic Scripts
Introduction Last week, I was hunting around the Windows Operating System for interesting noscripts and binaries that may be useful for future penetration tests and Red Team engagements. With increa…
Looking For Security Guard Services London
https://ift.tt/2pUuV4C
Submitted April 02, 2018 at 04:45AM by guardsace07
via reddit https://ift.tt/2uHjcv4
https://ift.tt/2pUuV4C
Submitted April 02, 2018 at 04:45AM by guardsace07
via reddit https://ift.tt/2uHjcv4
Chinese smugglers use drones to transport $80M worth of iPhones - iParanoid
https://ift.tt/2Jb0q2c
Submitted April 02, 2018 at 04:49AM by majorllama
via reddit https://ift.tt/2uEE6Lb
https://ift.tt/2Jb0q2c
Submitted April 02, 2018 at 04:49AM by majorllama
via reddit https://ift.tt/2uEE6Lb
iParanoid
Chinese smugglers use drones to transport $80M worth of iPhones - iParanoid
Chinese smugglers were recently busted in Shenzhen after attempting to illegally transport $79.8 million worth of refurbished iPhones across the border using drones, the Legal Daily reported Friday. As reported by Reuters, some 26 suspects...
computer security and penetration testing 2nd edition pdf download [request]
computer security and penetration testing 2nd edition pdf download
Submitted April 02, 2018 at 08:37AM by rajwec
via reddit https://ift.tt/2H501O8
computer security and penetration testing 2nd edition pdf download
Submitted April 02, 2018 at 08:37AM by rajwec
via reddit https://ift.tt/2H501O8
reddit
computer security and penetration testing 2nd edition... • r/security
computer security and penetration testing 2nd edition pdf download
A new kind of email
I'm tired of having my email address sold/stolen from different sources. I'm wondering if it's not time to add revocable keys to email. Each recipient receives their own key. If someone other than recipient tries to send an email without a key I can revoke it and issue a new key. Would something like this work?
Submitted April 02, 2018 at 09:12AM by ImprobableIT
via reddit https://ift.tt/2GtB662
I'm tired of having my email address sold/stolen from different sources. I'm wondering if it's not time to add revocable keys to email. Each recipient receives their own key. If someone other than recipient tries to send an email without a key I can revoke it and issue a new key. Would something like this work?
Submitted April 02, 2018 at 09:12AM by ImprobableIT
via reddit https://ift.tt/2GtB662
reddit
A new kind of email • r/security
I'm tired of having my email address sold/stolen from different sources. I'm wondering if it's not time to add revocable keys to email. Each...
DNS Performance: Comparing CloudFlare's 1.1.1.1 x Google's 8.8.8.8 x Quad9's 9.9.9.9 and others.
https://ift.tt/2H2r4d7
Submitted April 02, 2018 at 10:48AM by nykzhang
via reddit https://ift.tt/2H3BtFz
https://ift.tt/2H2r4d7
Submitted April 02, 2018 at 10:48AM by nykzhang
via reddit https://ift.tt/2H3BtFz
Medium
DNS Resolvers Performance compared: CloudFlare x Google x Quad9 x OpenDNS
A couple of months ago I did a performance comparison between some of the top free DNS Resolvers available. It was just after Quad9 had…
DNS Performance compared: CloudFlare 1.1.1.1 x Google 8.8.8.8 x Quad9 x OpenDNS
https://ift.tt/2H2r4d7
Submitted April 02, 2018 at 10:54AM by nykzhang
via reddit https://ift.tt/2q21j4K
https://ift.tt/2H2r4d7
Submitted April 02, 2018 at 10:54AM by nykzhang
via reddit https://ift.tt/2q21j4K
Medium
DNS Resolvers Performance compared: CloudFlare x Google x Quad9 x OpenDNS
A couple of months ago I did a performance comparison between some of the top free DNS Resolvers available. It was just after Quad9 had…
PHPGGC: PHP Generic Gadget Chains
https://ift.tt/2sLT5Sj
Submitted April 02, 2018 at 10:20AM by tiger6700
via reddit https://ift.tt/2H2zZvd
https://ift.tt/2sLT5Sj
Submitted April 02, 2018 at 10:20AM by tiger6700
via reddit https://ift.tt/2H2zZvd
GitHub
ambionics/phpggc
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically. - ambionics/phpggc
Dangers of Stray Flash Drives
https://ift.tt/2JbMfdf
Submitted April 02, 2018 at 09:54AM by saltmaster7
via reddit https://ift.tt/2Il4DiB
https://ift.tt/2JbMfdf
Submitted April 02, 2018 at 09:54AM by saltmaster7
via reddit https://ift.tt/2Il4DiB
www.docdroid.net
JJ Physical Security.pdf
MARCH 31 2018. The Dangers of Stray Flash Drives AN GLIMPSE INSIDE OF SCRIPTS. Joseph Jasper Imagine you are walking to your place of work and you spot a random flash drive on the ground. Curiosity gets the better of you and you take it back to your workstation…
Changing my Phone
I have an iPhone which I want to upgrade. Will my Google Authenticator app(Which have lot of my credentials) work with new phone or do I have to import my stored passwords from Authenticator app first before erasing my phone?
Submitted April 02, 2018 at 03:06PM by saqibcpe06
via reddit https://ift.tt/2GpID9L
I have an iPhone which I want to upgrade. Will my Google Authenticator app(Which have lot of my credentials) work with new phone or do I have to import my stored passwords from Authenticator app first before erasing my phone?
Submitted April 02, 2018 at 03:06PM by saqibcpe06
via reddit https://ift.tt/2GpID9L
reddit
Changing my Phone • r/security
I have an iPhone which I want to upgrade. Will my Google Authenticator app(Which have lot of my credentials) work with new phone or do I have to...
If the light is on
then the door is unlockedhttps://www.reddit.com/user/ApatheticSaiyan/
Submitted April 02, 2018 at 04:08PM by ApatheticSaiyan
via reddit https://ift.tt/2pZ4Sbx
then the door is unlockedhttps://www.reddit.com/user/ApatheticSaiyan/
Submitted April 02, 2018 at 04:08PM by ApatheticSaiyan
via reddit https://ift.tt/2pZ4Sbx
reddit
Takushi Eternal (u/ApatheticSaiyan) - Reddit
https://www.patreon.com/NateAndBry
Are other parts of physical memory accessed during a segfault ?
As part of a learning project, I've worked a bit on Spectre and Meltdown PoCs to get myself more confortable with the concept. I have managed to recover previously accessed data using the clock timers, but now I'm wondering how do they actually read physical memory from that point.Which leads to my question : in a lot of Spectre v1\v2 examples, you can read this piece of toy-code example:
Submitted April 02, 2018 at 05:37PM by thejuror8
via reddit https://ift.tt/2uFquj1
As part of a learning project, I've worked a bit on Spectre and Meltdown PoCs to get myself more confortable with the concept. I have managed to recover previously accessed data using the clock timers, but now I'm wondering how do they actually read physical memory from that point.Which leads to my question : in a lot of Spectre v1\v2 examples, you can read this piece of toy-code example:
if (x<y) { z = array[x]; } with x supposedly being equal to : attacked_adress - adress_of_array, which will effectively lead to z getting the value at attacked_adress.In the example it's quite easy to understand, but in reality how do they even know what attacked_adress looks like ? Is it a virtual address with an offset, or a physical address, and how do they manage to find where is the "important memory" located in the first place ?Submitted April 02, 2018 at 05:37PM by thejuror8
via reddit https://ift.tt/2uFquj1
reddit
Are other parts of physical memory accessed during a... • r/security
As part of a learning project, I've worked a bit on Spectre and Meltdown PoCs to get myself more confortable with the concept. I have managed to...
Security In 5: Episode 207 - Alexa Is Recording What You Say, Here Is How You Delete It
https://ift.tt/2GsB5n3
Submitted April 02, 2018 at 06:32PM by BinaryBlog
via reddit https://ift.tt/2Guz0Tw
https://ift.tt/2GsB5n3
Submitted April 02, 2018 at 06:32PM by BinaryBlog
via reddit https://ift.tt/2Guz0Tw
Libsyn
Security In Five Podcast: Episode 207 - Alexa Is Recording What You Say, Here Is How You Delete It
With the inclusion of all these home automation, personal assistants into our lives we are adding more ears listening. Each one of the devices have microphones listening, some when you don't think they are, and your voices, conversations and lives are uploaded…
Fauxpersky Keylogger masqueraded as Kaspersky Antivirus and spreads via USB drives
https://ift.tt/2J4o6Ft
Submitted April 02, 2018 at 08:27PM by Eliad-Cybereason
via reddit https://ift.tt/2H4X9km
https://ift.tt/2J4o6Ft
Submitted April 02, 2018 at 08:27PM by Eliad-Cybereason
via reddit https://ift.tt/2H4X9km
Cybereason
Fauxpersky: CredStealer malware written in AutoHotKey masquerades as Kaspersky Antivirus, spreading through infecting USB drives
Cybereason researchers discovered a credstealer written with AutoHotKey that masquerades as Kaspersky Antivirus and spreads through infected USB drives. We’ve named it Fauxpersky.
/r/netsec's Q2 2018 Information Security Hiring Thread
OverviewIf you have open positions at your company for information security professionals and would like to hire from the /r/netsec user base, please leave a comment detailing any open job listings at your company.We would also like to encourage you to post internship positions as well. Many of our readers are currently in school or are just finishing their education.Please reserve top level comments for those posting open positions.Rules & GuidelinesInclude the company name in the post. If you want to be topsykret, go recruit elsewhere.Include the geographic location of the position along with the availability of relocation assistance.If you are a third party recruiter, you must disclose this in your posting.Please be thorough and upfront with the position details.Use of non-hr'd (realistic) requirements is encouraged.While it's fine to link to the position on your companies website, provide the important details in the comment.Mention if applicants should apply officially through HR, or directly through you.Please clearly list citizenship, visa, and security clearance requirements.You can see an example of acceptable posts by perusing past hiring threads.FeedbackFeedback and suggestions are welcome, but please don't hijack this thread (use moderator mail instead.)
Submitted April 02, 2018 at 07:52PM by ranok
via reddit https://ift.tt/2H1gaEl
OverviewIf you have open positions at your company for information security professionals and would like to hire from the /r/netsec user base, please leave a comment detailing any open job listings at your company.We would also like to encourage you to post internship positions as well. Many of our readers are currently in school or are just finishing their education.Please reserve top level comments for those posting open positions.Rules & GuidelinesInclude the company name in the post. If you want to be topsykret, go recruit elsewhere.Include the geographic location of the position along with the availability of relocation assistance.If you are a third party recruiter, you must disclose this in your posting.Please be thorough and upfront with the position details.Use of non-hr'd (realistic) requirements is encouraged.While it's fine to link to the position on your companies website, provide the important details in the comment.Mention if applicants should apply officially through HR, or directly through you.Please clearly list citizenship, visa, and security clearance requirements.You can see an example of acceptable posts by perusing past hiring threads.FeedbackFeedback and suggestions are welcome, but please don't hijack this thread (use moderator mail instead.)
Submitted April 02, 2018 at 07:52PM by ranok
via reddit https://ift.tt/2H1gaEl
Cracking Cisco’s Sourcefire licensing system
https://ift.tt/2uBdevy
Submitted April 02, 2018 at 07:37PM by j-sevilleja
via reddit https://ift.tt/2GrR4RZ
https://ift.tt/2uBdevy
Submitted April 02, 2018 at 07:37PM by j-sevilleja
via reddit https://ift.tt/2GrR4RZ
hcn
Cracking Cisco’s Sourcefire licensing system
Free the Kraken!
Docker Portable Attack Suite
https://ift.tt/2pV6nso
Submitted April 02, 2018 at 07:26PM by ZephrX112
via reddit https://ift.tt/2IlX0Zk
https://ift.tt/2pV6nso
Submitted April 02, 2018 at 07:26PM by ZephrX112
via reddit https://ift.tt/2IlX0Zk
ZeroSec - Adventures In Information Security
LTR101 - Disposable Attack Containers (DAC)
My take on using docker for disposable attack images, basically leveraging docker images for Bug Bounties & Pentesting.
Georgia Senate Passes Bill That Criminalizes Unauthorized Pen-Tests
https://ift.tt/2IjzNXL
Submitted April 02, 2018 at 09:09PM by zexterio
via reddit https://ift.tt/2H3S4c8
https://ift.tt/2IjzNXL
Submitted April 02, 2018 at 09:09PM by zexterio
via reddit https://ift.tt/2H3S4c8
BleepingComputer
Georgia Senate Passes Bill That Criminalizes Unauthorized Pen-Tests
A bill was passed yesterday by the state of Georgia that causes any unauthorized access to a computer to be considered "Unauthorized Computer Access" & "shall be punished for a misdemeanor of a high and aggravated nature". This bill amends the Georgia code…
Here’s an idea.
A monthly paid suite/ecosystem of secure social networking apps
Submitted April 02, 2018 at 10:10PM by kendalpercimoney
via reddit https://ift.tt/2ImkRYS
A monthly paid suite/ecosystem of secure social networking apps
Submitted April 02, 2018 at 10:10PM by kendalpercimoney
via reddit https://ift.tt/2ImkRYS
reddit
Here’s an idea. • r/security
A monthly paid suite/ecosystem of secure social networking apps