Beep privilege escalation
https://ift.tt/2JgL9x9
Submitted April 03, 2018 at 11:18PM by sarascha
via reddit https://ift.tt/2q2EZrv
https://ift.tt/2JgL9x9
Submitted April 03, 2018 at 11:18PM by sarascha
via reddit https://ift.tt/2q2EZrv
Flashpoint - Compromised Magento Sites Delivering Malware
https://ift.tt/2JcwbrR
Submitted April 04, 2018 at 12:25AM by EvanConover
via reddit https://ift.tt/2H8410A
https://ift.tt/2JcwbrR
Submitted April 04, 2018 at 12:25AM by EvanConover
via reddit https://ift.tt/2H8410A
Flashpoint
Flashpoint - Compromised Magento Sites Delivering Malware
Ecommerce websites running on the popular open-source Magento platform are being targeted by attackers who are using brute-force password attacks to access administration panels to scrape credit card numbers and install malware that mines cryptocurrency.
Malicious gaming extensions: a child's play to infection
https://ift.tt/2Gx9nRP
Submitted April 04, 2018 at 12:53AM by EvanConover
via reddit https://ift.tt/2q2VTpX
https://ift.tt/2Gx9nRP
Submitted April 04, 2018 at 12:53AM by EvanConover
via reddit https://ift.tt/2q2VTpX
Malwarebytes Labs
Malicious gaming extensions: a child's play to infection - Malwarebytes Labs
Some gaming portals have been preying on children to get their malicious extensions installed. They use targeted advertizing and offer (already) free games as a reward for installing their adware.
Need help to Pen test REST APIs and nosql inject dynamodb.
For rest api, are tools like Burp Suite, ZAP enough ? Have no clues for nosql injection to dynamodb.Appreciate any ideas on list of tools and strategy.
Submitted April 04, 2018 at 12:59AM by py3148
via reddit https://ift.tt/2IrmGUH
For rest api, are tools like Burp Suite, ZAP enough ? Have no clues for nosql injection to dynamodb.Appreciate any ideas on list of tools and strategy.
Submitted April 04, 2018 at 12:59AM by py3148
via reddit https://ift.tt/2IrmGUH
reddit
Need help to Pen test REST APIs and nosql inject... • r/security
For rest api, are tools like Burp Suite, ZAP enough ? Have no clues for nosql injection to dynamodb. Appreciate any ideas on list of tools and...
New Michigan Law Makes Possession of Ransomware Illegal
https://ift.tt/2GTPM1F
Submitted April 04, 2018 at 12:48AM by alessiodelv
via reddit https://ift.tt/2GuFgi2
https://ift.tt/2GTPM1F
Submitted April 04, 2018 at 12:48AM by alessiodelv
via reddit https://ift.tt/2GuFgi2
BleepingComputer
New Michigan Law Makes Possession of Ransomware Illegal
On Monday, Michigan Governor Rick Snyder signed two bills into law that criminalize the possession of ransomware "with the intent to introduce it into a computer or computer network without authorization" and punish offenders with a three-year prison sentence…
It’s time for a new approach to segmentation -- GCN
https://ift.tt/2GxNcLj
Submitted April 04, 2018 at 02:04AM by SecurityTrust
via reddit https://ift.tt/2IqNXX2
https://ift.tt/2GxNcLj
Submitted April 04, 2018 at 02:04AM by SecurityTrust
via reddit https://ift.tt/2IqNXX2
GCN
It’s time for a new approach to segmentation -- GCN
Inserting a trust-aware boundary between corporate access networks and servers creates zero-trust partitions that strands adversaries before they can reach critical assets.
IT and Information Security Cheat Sheets
https://ift.tt/1c7PDnV
Submitted April 04, 2018 at 01:56AM by 0xdea
via reddit https://ift.tt/2JcWn5z
https://ift.tt/1c7PDnV
Submitted April 04, 2018 at 01:56AM by 0xdea
via reddit https://ift.tt/2JcWn5z
Zeltser
IT and Information Security Cheat Sheets
As much as we try to be proactive about information security, IT planning, or project management, we get distracted, or procrastinate. These information security cheat sheets, checklists and templates
Does Norse Attack Map actually capture anything real?
https://ift.tt/2EhNeoA
Submitted April 04, 2018 at 01:37AM by melonochelo
via reddit https://ift.tt/2GSDZkg
https://ift.tt/2EhNeoA
Submitted April 04, 2018 at 01:37AM by melonochelo
via reddit https://ift.tt/2GSDZkg
reddit
Norse Attack Map showing real-time cyber attacks on... • r/security
5 points and 2 comments so far on reddit
Nearly 2,000 domains taken over due to vulnerable CloudFront configurations. Automated scanning tool released along with the report.
https://ift.tt/2IsKeIJ
Submitted April 04, 2018 at 03:14AM by disloops
via reddit https://ift.tt/2GNTOc1
https://ift.tt/2IsKeIJ
Submitted April 04, 2018 at 03:14AM by disloops
via reddit https://ift.tt/2GNTOc1
Dont use lightshot upload to cloud feature for sensitive information, virtually all files are accesible by anyone.
Even just after few seconds of replacing 6 digit end of their URLs for links of images, i found some pretty sensitive stuff - from full personal info - adresses. credit status, phone numbers, everything, some personal ID cards.Is it wise to message the people using the lightshot to stop using it for sensitive info? or should I message Lightshot directly to alert them to this issue? cause This can be abused a lot if someone wanted.EDIT: I know that its just stupidity from the side of careless users who share sensitive stuff via random image sharing service, but still, I feel like I have to do something to help prevent it, since I noticed it.
Submitted April 04, 2018 at 03:45AM by m44ever
via reddit https://ift.tt/2uJSySn
Even just after few seconds of replacing 6 digit end of their URLs for links of images, i found some pretty sensitive stuff - from full personal info - adresses. credit status, phone numbers, everything, some personal ID cards.Is it wise to message the people using the lightshot to stop using it for sensitive info? or should I message Lightshot directly to alert them to this issue? cause This can be abused a lot if someone wanted.EDIT: I know that its just stupidity from the side of careless users who share sensitive stuff via random image sharing service, but still, I feel like I have to do something to help prevent it, since I noticed it.
Submitted April 04, 2018 at 03:45AM by m44ever
via reddit https://ift.tt/2uJSySn
reddit
Dont use lightshot upload to cloud feature for... • r/security
Even just after few seconds of replacing 6 digit end of their URLs for links of images, i found some pretty sensitive stuff - from full personal...
I'm getting random ITunes charges and I don't even have an ITunes account.
Is anybody else having this problem? I am getting random 1 - 5 dollar ITunes charges on my card and I don't even have an ITunes account or any other Apple account or device.
Submitted April 04, 2018 at 07:54AM by aaronth07
via reddit https://ift.tt/2Jh8O09
Is anybody else having this problem? I am getting random 1 - 5 dollar ITunes charges on my card and I don't even have an ITunes account or any other Apple account or device.
Submitted April 04, 2018 at 07:54AM by aaronth07
via reddit https://ift.tt/2Jh8O09
reddit
I'm getting random ITunes charges and I don't even... • r/security
Is anybody else having this problem? I am getting random 1 - 5 dollar ITunes charges on my card and I don't even have an ITunes account or any...
Beware the looming Google Chrome HTTPS certificate apocalypse (coming April 17)
https://ift.tt/2E8O87V
Submitted April 04, 2018 at 09:50AM by satyenshah
via reddit https://ift.tt/2Gx1DPN
https://ift.tt/2E8O87V
Submitted April 04, 2018 at 09:50AM by satyenshah
via reddit https://ift.tt/2Gx1DPN
www.theregister.co.uk
Beware the looming Google Chrome HTTPS certificate apocalypse!
Well, melee. Dust-up? Minor inconvenience? But it's coming!!
Israeli sites hacked to display: ‘Jerusalem is the capital of Palestine’
https://ift.tt/2q3tRL6
Submitted April 04, 2018 at 11:03AM by Iot_Security
via reddit https://ift.tt/2q3YCAt
https://ift.tt/2q3tRL6
Submitted April 04, 2018 at 11:03AM by Iot_Security
via reddit https://ift.tt/2q3YCAt
Timesofisrael
Israeli sites hacked to display: ‘Jerusalem is the capital of Palestine’
'Anonymous' collective targets a handful of municipality websites as annual anti-Israel cyberattack gets underway
Monthly IoT Security News Roundup, March 2018
https://ift.tt/2JiOiwv
Submitted April 04, 2018 at 12:54PM by Iot_Security
via reddit https://ift.tt/2q2WQyH
https://ift.tt/2JiOiwv
Submitted April 04, 2018 at 12:54PM by Iot_Security
via reddit https://ift.tt/2q2WQyH
SecuriThings
Monthly IoT Security News Roundup, March 2018
When the masses start to use industry terminology, things have clearly gone mainstream. IoT is now mainstream, and there is no turning back. But, is security ready to move ahead at the speed of [...]
DHS has detected possible cellphone surveillance in D.C. — and doesn’t know who’s doing it
https://ift.tt/2q5r5EZ
Submitted April 04, 2018 at 12:10PM by Temptunes48
via reddit https://ift.tt/2Gwrvzd
https://ift.tt/2q5r5EZ
Submitted April 04, 2018 at 12:10PM by Temptunes48
via reddit https://ift.tt/2Gwrvzd
reddit
DHS has detected possible cellphone surveillance in... • r/security
1 points and 2 comments so far on reddit
Handsomerob - An Android App CTF Write up
https://ift.tt/2EhYxgD
Submitted April 04, 2018 at 11:55AM by TheRealest_Me
via reddit https://ift.tt/2IqPOLv
https://ift.tt/2EhYxgD
Submitted April 04, 2018 at 11:55AM by TheRealest_Me
via reddit https://ift.tt/2IqPOLv
reddit
Handsomerob - An Android App CTF Write up • r/netsec
5 points and 0 comments so far on reddit
Be careful what you copy: Invisibly inserting usernames into text with Zero-Width Characters
https://ift.tt/2IpMxft
Submitted April 04, 2018 at 01:31PM by matoas7
via reddit https://ift.tt/2uJYLh8
https://ift.tt/2IpMxft
Submitted April 04, 2018 at 01:31PM by matoas7
via reddit https://ift.tt/2uJYLh8
Medium
Be careful what you copy: Invisibly inserting usernames into text with Zero-Width Characters
Don’t want to read? Try the demo
Security Guards Delhi/NCR | G.I. Group
http://www.getgi.com/
Submitted April 04, 2018 at 03:04PM by monalikhanna
via reddit https://ift.tt/2GPLQ25
http://www.getgi.com/
Submitted April 04, 2018 at 03:04PM by monalikhanna
via reddit https://ift.tt/2GPLQ25
Getgi
Top Security Guard Services Provider Company in Delhi NCR | Best Security Companies
G.I. Group is one of the best security guard company in Delhi NCR, Privete & personal Security Guard companies Delhi. INDIA'S Top MOST TRUSTED SECURITY GROUP 24 hour security services Provider
Practical Attacks with DNS Rebinding
https://ift.tt/2IucP09
Submitted April 04, 2018 at 02:49PM by nanooonanooo
via reddit https://ift.tt/2GPLYi5
https://ift.tt/2IucP09
Submitted April 04, 2018 at 02:49PM by nanooonanooo
via reddit https://ift.tt/2GPLYi5
The State of Security
Practical Attacks with DNS Rebinding
One of the tools I expect to see gain in popularity in the wild is DNS rebinding. DNS rebinding is a technique that turns a victim’s browser into a proxy.
WhatsApp Forensics: Decryption of Encrypted WhatsApp Databases on Non-Rooted Android Devices
https://ift.tt/2GQy5jD
Submitted April 04, 2018 at 04:02PM by TechLord2
via reddit https://ift.tt/2Itibsm
https://ift.tt/2GQy5jD
Submitted April 04, 2018 at 04:02PM by TechLord2
via reddit https://ift.tt/2Itibsm
Leveraging *.google.com domains to Obfuscate C2 Traffic via Domain Fronting
https://ift.tt/2GybgSk
Submitted April 04, 2018 at 03:49PM by karmicSec
via reddit https://ift.tt/2uHmqi6
https://ift.tt/2GybgSk
Submitted April 04, 2018 at 03:49PM by karmicSec
via reddit https://ift.tt/2uHmqi6