T-Mobile digs their own grave
https://ift.tt/2qe2ldV
Submitted April 07, 2018 at 11:38AM by fr34k83
via reddit https://ift.tt/2GFkxIn
https://ift.tt/2qe2ldV
Submitted April 07, 2018 at 11:38AM by fr34k83
via reddit https://ift.tt/2GFkxIn
CVE-2017-17405: Identifying a Vulnerability in Ruby’s FTP Implementation
https://ift.tt/2GDzYkb
Submitted April 07, 2018 at 04:37PM by cji
via reddit https://ift.tt/2H0dDg7
https://ift.tt/2GDzYkb
Submitted April 07, 2018 at 04:37PM by cji
via reddit https://ift.tt/2H0dDg7
Heroku
A Dive into Ruby CVE-2017-17405: Identifying a Vulnerability in Ruby’s FTP Implementation
At Heroku we consistently monitor vulnerability feeds for new issues. Once something drops, we jump into action to triage and determine how our platform...
130,000 Finnish user data exposed in third largest data breach ever happened in the country
https://ift.tt/2qeEbkf
Submitted April 07, 2018 at 08:12PM by Horus_Sirius
via reddit https://ift.tt/2GGx0rd
https://ift.tt/2qeEbkf
Submitted April 07, 2018 at 08:12PM by Horus_Sirius
via reddit https://ift.tt/2GGx0rd
TSecurity Portal
130,000 Finnish user data exposed in third largest data breach ever happened in the country
New variant of the Mirai Botnet targets the financial industry
https://ift.tt/2GJeVwQ
Submitted April 07, 2018 at 08:17PM by Horus_Sirius
via reddit https://ift.tt/2qhElqq
https://ift.tt/2GJeVwQ
Submitted April 07, 2018 at 08:17PM by Horus_Sirius
via reddit https://ift.tt/2qhElqq
TSecurity Portal
New variant of the Mirai Botnet targets the financial industry
the beep command can be used to probe for existence of files owned by other users including root
https://ift.tt/2IAAADS
Submitted April 07, 2018 at 10:09PM by rain5
via reddit https://ift.tt/2GKsurP
https://ift.tt/2IAAADS
Submitted April 07, 2018 at 10:09PM by rain5
via reddit https://ift.tt/2GKsurP
LineageOS 14.1 Blueborne Remote Code Execution
https://ift.tt/2qcF8bW
Submitted April 07, 2018 at 10:48PM by Horus_Sirius
via reddit https://ift.tt/2GELJam
https://ift.tt/2qcF8bW
Submitted April 07, 2018 at 10:48PM by Horus_Sirius
via reddit https://ift.tt/2GELJam
TSecurity Portal
LineageOS 14.1 Blueborne Remote Code Execution
Phishing emails: how to fight back?
Hello, Typically when I receive phishing emails I try and do a few things for the greater good. What else does everyone else do when they receive phishing emails?I block the email domain. They usually spoof the domain and almost never re use but it's a good best practice. If they actually legitimately used someone's email, sometimes based on the SPF/DKIM records, I'll try and email the company to let them know they've been compromised.I click the link in a sandboxed environment to inspect the attack. If it's a password phishing type email, I'll fill it up with a bunch of junk data. This is for fun and usually futile, I just like to see what they are attempting. Like, have they updated their scam to include the new Office365 page finally? I'll also block that URL on the firewall.I'll look up the domain registration and IP address of the server and then reach out to both hosting companies with the information. That usually is pretty effective in having the site shut down. Sometimes when I click the link, the page is already offline meaning either someone else reported it or the hosting company figured it out.I send out some reminders to staff with some examples periodically.note: I am not interested in prevention strategies such as Email filters, Multifactor, Simulated campaigns, etc.
Submitted April 08, 2018 at 02:38AM by mactalker
via reddit https://ift.tt/2ErgMAo
Hello, Typically when I receive phishing emails I try and do a few things for the greater good. What else does everyone else do when they receive phishing emails?I block the email domain. They usually spoof the domain and almost never re use but it's a good best practice. If they actually legitimately used someone's email, sometimes based on the SPF/DKIM records, I'll try and email the company to let them know they've been compromised.I click the link in a sandboxed environment to inspect the attack. If it's a password phishing type email, I'll fill it up with a bunch of junk data. This is for fun and usually futile, I just like to see what they are attempting. Like, have they updated their scam to include the new Office365 page finally? I'll also block that URL on the firewall.I'll look up the domain registration and IP address of the server and then reach out to both hosting companies with the information. That usually is pretty effective in having the site shut down. Sometimes when I click the link, the page is already offline meaning either someone else reported it or the hosting company figured it out.I send out some reminders to staff with some examples periodically.note: I am not interested in prevention strategies such as Email filters, Multifactor, Simulated campaigns, etc.
Submitted April 08, 2018 at 02:38AM by mactalker
via reddit https://ift.tt/2ErgMAo
Reddit
reddit: the front page of the internet
r/security: A friendly and professional place for discussing computer security.
My computer was used in sleep mode
(I hoping this is the correct subreddit for this, if not I do apologize, and I'd like to know where I should ask this instead.)I left my laptop (a Surface Pro 4, if that helps) in sleep mode all last night and this morning, leaving only Microsoft Edge and Krita (drawing program) open. I only had Reddit and a YouTube video open on Edge, and a quick sketch open on Krita. When I pulled up my laptop just now, I had three YouTube videos and a page to download an ebook open on Edge and my drawing had been tampered with. The YouTube videos and ebook were from an MLM scheme, and the canvas was zoomed into another part of the image and the line tool and selection tools had been used (and I never use the line tool myself).I checked the browser history and the tabs were opened last night between 11:30pm and midnight, when my husband and I were watching a movie and the laptop was in sleep mode in the other room (and we are the only people that live in our residence). Has anyone heard of this happening? As far as I can tell, none of my accounts were tampered with and nothing was downloaded, but is there any way I can be sure? I have the laptop off for the time being.Thank you in advance for your help!
Submitted April 08, 2018 at 04:36AM by racecarart
via reddit https://ift.tt/2qgvnJJ
(I hoping this is the correct subreddit for this, if not I do apologize, and I'd like to know where I should ask this instead.)I left my laptop (a Surface Pro 4, if that helps) in sleep mode all last night and this morning, leaving only Microsoft Edge and Krita (drawing program) open. I only had Reddit and a YouTube video open on Edge, and a quick sketch open on Krita. When I pulled up my laptop just now, I had three YouTube videos and a page to download an ebook open on Edge and my drawing had been tampered with. The YouTube videos and ebook were from an MLM scheme, and the canvas was zoomed into another part of the image and the line tool and selection tools had been used (and I never use the line tool myself).I checked the browser history and the tabs were opened last night between 11:30pm and midnight, when my husband and I were watching a movie and the laptop was in sleep mode in the other room (and we are the only people that live in our residence). Has anyone heard of this happening? As far as I can tell, none of my accounts were tampered with and nothing was downloaded, but is there any way I can be sure? I have the laptop off for the time being.Thank you in advance for your help!
Submitted April 08, 2018 at 04:36AM by racecarart
via reddit https://ift.tt/2qgvnJJ
reddit
My computer was used in sleep mode • r/security
(I hoping this is the correct subreddit for this, if not I do apologize, and I'd like to know where I should ask this instead.) I left my laptop...
Did I just fuck up?
trying to pirate a windows iso, got lead to,http://windowsiso.net/windows-7-iso/windows-7-download/ultimate-iso-7/which let me select which service pack THEN re-directed me tohttps://login.microsoftonline.com/common/oauth2/authorize?client_id=499b84ac-1321-427f-aa17-267ca6975798&site_id=501446&response_mode=form_post&response_type=code+id_token&redirect_uri=https%3A%2F%2Fapp.vssps.visualstudio.com%2F_signedin&nonce=85a3a5f0-bfc6-4c42-b89d-723ece8b422d&state=realm%3Dapp.vssps.visualstudio.com%26allow_passthrough%3DTrue%26reply_to%3Dhttps%253A%252F%252Fmy.visualstudio.com%253A443%252F%253Fwt.mc_id%253Do%25257emsft%25257emsdn%25257eoldPortal%2526utm_source%253DMSDNPortal%2526auth_redirect%253Dtrue%26nonce%3D85a3a5f0-bfc6-4c42-b89d-723ece8b422d&resource=https%3A%2F%2Fmanagement.core.windows.net%2F&cid=85a3a5f0-bfc6-4c42-b89d-723ece8b422d&wsucxt=1&prompt=select_account#FileId=46948AND I TRIED SIGNING IN....WHAT DO I DO FROM HERE?, THINKING I JUST GOT PHISHED.
Submitted April 08, 2018 at 07:27AM by Hence4thtranscends
via reddit https://ift.tt/2JuOOHs
trying to pirate a windows iso, got lead to,http://windowsiso.net/windows-7-iso/windows-7-download/ultimate-iso-7/which let me select which service pack THEN re-directed me tohttps://login.microsoftonline.com/common/oauth2/authorize?client_id=499b84ac-1321-427f-aa17-267ca6975798&site_id=501446&response_mode=form_post&response_type=code+id_token&redirect_uri=https%3A%2F%2Fapp.vssps.visualstudio.com%2F_signedin&nonce=85a3a5f0-bfc6-4c42-b89d-723ece8b422d&state=realm%3Dapp.vssps.visualstudio.com%26allow_passthrough%3DTrue%26reply_to%3Dhttps%253A%252F%252Fmy.visualstudio.com%253A443%252F%253Fwt.mc_id%253Do%25257emsft%25257emsdn%25257eoldPortal%2526utm_source%253DMSDNPortal%2526auth_redirect%253Dtrue%26nonce%3D85a3a5f0-bfc6-4c42-b89d-723ece8b422d&resource=https%3A%2F%2Fmanagement.core.windows.net%2F&cid=85a3a5f0-bfc6-4c42-b89d-723ece8b422d&wsucxt=1&prompt=select_account#FileId=46948AND I TRIED SIGNING IN....WHAT DO I DO FROM HERE?, THINKING I JUST GOT PHISHED.
Submitted April 08, 2018 at 07:27AM by Hence4thtranscends
via reddit https://ift.tt/2JuOOHs
YNAB Direct Import provider has trouble with | ~ < > in passwords?
I've been considering using Mint or YNAB (You Need a Budget). Financial software that synchronizes my account transactions would be really nice. But the fact that they need to store your online banking credentials makes me really nervous.So I was looking into YNAB's Direct Import provider and found this: https://docs.youneedabudget.com/article/142-direct-import-troubleshootingRight now, our Direct Import partners are unable to support passwords that contain a pipe “|”, tilde “~”, or angle bracket "< or >". If you update your password to remove those characters, you should be able to connect.This seems like a huge red flag. Sounds like the password string is being interpreted in some way, which I can't see any reason for.Can anyone think of a legitimate reason for the restriction?
Submitted April 08, 2018 at 07:19AM by RestlessNeurons
via reddit https://ift.tt/2IBXOcV
I've been considering using Mint or YNAB (You Need a Budget). Financial software that synchronizes my account transactions would be really nice. But the fact that they need to store your online banking credentials makes me really nervous.So I was looking into YNAB's Direct Import provider and found this: https://docs.youneedabudget.com/article/142-direct-import-troubleshootingRight now, our Direct Import partners are unable to support passwords that contain a pipe “|”, tilde “~”, or angle bracket "< or >". If you update your password to remove those characters, you should be able to connect.This seems like a huge red flag. Sounds like the password string is being interpreted in some way, which I can't see any reason for.Can anyone think of a legitimate reason for the restriction?
Submitted April 08, 2018 at 07:19AM by RestlessNeurons
via reddit https://ift.tt/2IBXOcV
Youneedabudget
Direct Import Troubleshooting - YNAB Help
Direct Import is amazing. But there are quite a few moving parts, and sometimes they need an adjustment.
In This Article
<
In This Article
<
Project Insecurity - New Infosec/Hacking/Bugbounty Forum Board and Security Research team.
https://ift.tt/2qgm2Sm
Submitted April 08, 2018 at 10:27AM by _MLT_
via reddit https://ift.tt/2HgZklc
https://ift.tt/2qgm2Sm
Submitted April 08, 2018 at 10:27AM by _MLT_
via reddit https://ift.tt/2HgZklc
forum.insecurity.sh
Project Insecurity
Project Insecurity - Security is an illusion
OPCDE 2018 Cyber Security Conference Material [PDF] - (See Comment for Content list)
https://ift.tt/2qg2nC6
Submitted April 08, 2018 at 11:45AM by TechLord2
via reddit https://ift.tt/2uT8jGL
https://ift.tt/2qg2nC6
Submitted April 08, 2018 at 11:45AM by TechLord2
via reddit https://ift.tt/2uT8jGL
GitHub
comaeio/OPCDE
OPCDE DXB 2017 + 2018 Materials
Windows Microsoft Office 2007 Security Question
I've been using Office 2007 for 10 years and am just fine with it. However, now that Microsoft is no longer supporting it, I am wondering if I am secure by merely using Malwarebytes and Bitdefender as there obviously will be no more security patches for Office 2007. Most important is protection for any crypto asset tasks that I need to do. I usually use Trezor or Ledger Nano S, but I'll have to register EOS soon and later probably Bytom, thus potentially exposing my private keys. I hate to stop using Office 2007 and fork out the money for the newest version, but protecting my precious crypto is the most important issue concerning my PC.
Submitted April 08, 2018 at 04:28PM by PunkIsBunk
via reddit https://ift.tt/2uSrtMY
I've been using Office 2007 for 10 years and am just fine with it. However, now that Microsoft is no longer supporting it, I am wondering if I am secure by merely using Malwarebytes and Bitdefender as there obviously will be no more security patches for Office 2007. Most important is protection for any crypto asset tasks that I need to do. I usually use Trezor or Ledger Nano S, but I'll have to register EOS soon and later probably Bytom, thus potentially exposing my private keys. I hate to stop using Office 2007 and fork out the money for the newest version, but protecting my precious crypto is the most important issue concerning my PC.
Submitted April 08, 2018 at 04:28PM by PunkIsBunk
via reddit https://ift.tt/2uSrtMY
reddit
Windows Microsoft Office 2007 Security Question • r/security
I've been using Office 2007 for 10 years and am just fine with it. However, now that Microsoft is no longer supporting it, I am wondering if I am...
INTERIOR INCIDENT RESPONSE PROGRAM CALLS FOR IMPROVEMENT
https://ift.tt/2EuE5ZT
Submitted April 08, 2018 at 06:09PM by Mufassa810
via reddit https://ift.tt/2IADKY7
https://ift.tt/2EuE5ZT
Submitted April 08, 2018 at 06:09PM by Mufassa810
via reddit https://ift.tt/2IADKY7
DomLink - Automating Associated Domain Discovery
https://ift.tt/2GHMUBE
Submitted April 08, 2018 at 07:05PM by vysec
via reddit https://ift.tt/2GLIycG
https://ift.tt/2GHMUBE
Submitted April 08, 2018 at 07:05PM by vysec
via reddit https://ift.tt/2GLIycG
Medium
DomLink — Automating domain discovery
TLDR: Give DomLink a domain, it’ll go and find associated organization and e-mail registered then use this information to perform reverse…
Free Web Application Security Training. 5 Hours of Workshops Covering OWASP TOP 10 In Polish
https://ift.tt/2qhfgfb
Submitted April 08, 2018 at 07:43PM by dbalut
via reddit https://ift.tt/2GFZfdL
https://ift.tt/2qhfgfb
Submitted April 08, 2018 at 07:43PM by dbalut
via reddit https://ift.tt/2GFZfdL
Peerlyst
Free Web Application Security Training. 5 Hours of WorkShops Covering OWASP TOP 10 In Polish
I've created a 5h 17m long online training for polish software engineers, testers and pretty much anyone that wants to learn web application security.There are practical examples and I've tried to explain everything in such a way that anyone working
Snort Rule to Detect Slow Loris Attack
Hi All,Looking for a bit of help here...As part of my uni course I need to select an attack then develop a Snort rule to detect it and show it in action. I found a Python implementation of the Slowloris attack, which I ran and analyzed. I found a common theme of the attack is the partial GET headers always contained the text 'X-a:' followed by four random digits. I wrote the following rule utilizing regular expressions (I believed this would cut down on false positives):alert tcp any any -> any 80 (msg:"Possible Slowloris Attack Detected"; \ flow:to_server,established; pcre:"/X-a|3a| \d{4}../"; sid:10000005;)which detects the attack successfully with minimal false positives.My question is how I could improve upon the rule, or even if there is a better rule altogether. I understand it's not the best method of detecting the attack, as the 'X-a' in the Python noscript could easily be changed to something altogether (I think).Thanks in advance for any advice.
Submitted April 08, 2018 at 08:42PM by dinosaurdave88
via reddit https://ift.tt/2GLpYS4
Hi All,Looking for a bit of help here...As part of my uni course I need to select an attack then develop a Snort rule to detect it and show it in action. I found a Python implementation of the Slowloris attack, which I ran and analyzed. I found a common theme of the attack is the partial GET headers always contained the text 'X-a:' followed by four random digits. I wrote the following rule utilizing regular expressions (I believed this would cut down on false positives):alert tcp any any -> any 80 (msg:"Possible Slowloris Attack Detected"; \ flow:to_server,established; pcre:"/X-a|3a| \d{4}../"; sid:10000005;)which detects the attack successfully with minimal false positives.My question is how I could improve upon the rule, or even if there is a better rule altogether. I understand it's not the best method of detecting the attack, as the 'X-a' in the Python noscript could easily be changed to something altogether (I think).Thanks in advance for any advice.
Submitted April 08, 2018 at 08:42PM by dinosaurdave88
via reddit https://ift.tt/2GLpYS4
reddit
Snort Rule to Detect Slow Loris Attack • r/security
Hi All, Looking for a bit of help here... As part of my uni course I need to select an attack then develop a Snort rule to detect it and show it...
Help: Weird Spamming/Phishing Pattern
This morning I saw a flood of email in my gmail inbox that looked like spam. It was all addressed to Sheila in the email body. Most was health insurance related. However, one like was to a Rewardbee account that was setup using my email. Rewardbee looks legit, and I requested a password change. I then entered a new password, but one I’ve never used anywhere.After logging in, it looked like whoever it was did some surveys for discounts on magazines. On another health insurance email, I clicked unsubscribe like a dummy and was sent to some fake unsubscribe page. I closed the window and rebooted my Mac.I’ve run MalwareBytes and BitDefender. Both find nothing.However after a steady stream of spam/phishing emails to Sheila, they have now all stopped. That seems suspicious to me.Any idea what’s going on? Did I totally screw up by clicking the unsubscribe link?
Submitted April 08, 2018 at 09:42PM by Omgwtf1001
via reddit https://ift.tt/2HifVoH
This morning I saw a flood of email in my gmail inbox that looked like spam. It was all addressed to Sheila in the email body. Most was health insurance related. However, one like was to a Rewardbee account that was setup using my email. Rewardbee looks legit, and I requested a password change. I then entered a new password, but one I’ve never used anywhere.After logging in, it looked like whoever it was did some surveys for discounts on magazines. On another health insurance email, I clicked unsubscribe like a dummy and was sent to some fake unsubscribe page. I closed the window and rebooted my Mac.I’ve run MalwareBytes and BitDefender. Both find nothing.However after a steady stream of spam/phishing emails to Sheila, they have now all stopped. That seems suspicious to me.Any idea what’s going on? Did I totally screw up by clicking the unsubscribe link?
Submitted April 08, 2018 at 09:42PM by Omgwtf1001
via reddit https://ift.tt/2HifVoH
reddit
Help: Weird Spamming/Phishing Pattern • r/security
This morning I saw a flood of email in my gmail inbox that looked like spam. It was all addressed to Sheila in the email body. Most was health...
Weird Spamming Pattern
This morning I saw a flood of email in my inbox that looked like spam. It was all addressed to Sheila in the email body. Most was health insurance related. However, one like was to a Rewardbee account that was setup using my email. Rewardbee looks legit, and I requested a password change. I then entered a new password, but one I’ve never used anywhere.After logging in, it looked like whoever it was did some surveys for discounts on magazines. On another health insurance email, I clicked unsubscribe like a dummy and was sent to some fake unsubscribe page. I closed the window and rebooted my Mac.I’ve run MalwareBytes and BitDefender. Both find nothing.However after a steady stream of spam/phishing emails to Sheila, they have now all stopped. That seems suspicious to me.Any idea what’s going on? Did I totally screw up by clicking the unsubscribe link?
Submitted April 08, 2018 at 09:32PM by Omgwtf1001
via reddit https://ift.tt/2uRmID2
This morning I saw a flood of email in my inbox that looked like spam. It was all addressed to Sheila in the email body. Most was health insurance related. However, one like was to a Rewardbee account that was setup using my email. Rewardbee looks legit, and I requested a password change. I then entered a new password, but one I’ve never used anywhere.After logging in, it looked like whoever it was did some surveys for discounts on magazines. On another health insurance email, I clicked unsubscribe like a dummy and was sent to some fake unsubscribe page. I closed the window and rebooted my Mac.I’ve run MalwareBytes and BitDefender. Both find nothing.However after a steady stream of spam/phishing emails to Sheila, they have now all stopped. That seems suspicious to me.Any idea what’s going on? Did I totally screw up by clicking the unsubscribe link?
Submitted April 08, 2018 at 09:32PM by Omgwtf1001
via reddit https://ift.tt/2uRmID2
reddit
Weird Spamming Pattern • r/security
This morning I saw a flood of email in my inbox that looked like spam. It was all addressed to Sheila in the email body. Most was health insurance...
best private messenger
So the noscript speaks for itself. Looking for a company with strict policies to not give info even to the police
Submitted April 08, 2018 at 10:00PM by safity
via reddit https://ift.tt/2uWgsdf
So the noscript speaks for itself. Looking for a company with strict policies to not give info even to the police
Submitted April 08, 2018 at 10:00PM by safity
via reddit https://ift.tt/2uWgsdf
reddit
best private messenger • r/security
So the noscript speaks for itself. Looking for a company with strict policies to not give info even to the police
best private messenger
So the noscript speaks for itself. Looking for a company with strict policies to not give info even to the police
Submitted April 08, 2018 at 10:00PM by safity
via reddit https://ift.tt/2uWgsdf
So the noscript speaks for itself. Looking for a company with strict policies to not give info even to the police
Submitted April 08, 2018 at 10:00PM by safity
via reddit https://ift.tt/2uWgsdf
reddit
best private messenger • r/security
So the noscript speaks for itself. Looking for a company with strict policies to not give info even to the police