CDNs are starting to become a new way of spreading Malware in Brazil
http://ift.tt/2f6veXP
Submitted September 13, 2017 at 08:32PM by majorllama
via reddit http://ift.tt/2eVKZNE
http://ift.tt/2f6veXP
Submitted September 13, 2017 at 08:32PM by majorllama
via reddit http://ift.tt/2eVKZNE
WeLiveSecurity
CDNs are starting to become a new way of spreading Malware in Brazil
Services like Netflix use content delivery networks (CDNs) to maximize bandwidth usage. However, the CDNs might be finding a new way of spreading malware.
Backdoor found in WordPress plugin with 200K installs
http://ift.tt/2jiM6Mj
Submitted September 13, 2017 at 05:45PM by campuscodi
via reddit http://ift.tt/2jo2fjE
http://ift.tt/2jiM6Mj
Submitted September 13, 2017 at 05:45PM by campuscodi
via reddit http://ift.tt/2jo2fjE
They're Trying to Hack Your PayPal Account: Analyzing a Real Phishing Email
http://ift.tt/2xxMj4t
Submitted September 13, 2017 at 10:54PM by sh_tomer
via reddit http://ift.tt/2y6mFkw
http://ift.tt/2xxMj4t
Submitted September 13, 2017 at 10:54PM by sh_tomer
via reddit http://ift.tt/2y6mFkw
dzone.com
They're Trying to Hack Your Account: Analyzing a Real Phishing Email - DZone Security
A DZone MVB breaks down a suspicious email he received to demonstrate how phishing attempts work, and certain key elements of phishing attempts to look out for.
Army Wargames Against Russia
http://ift.tt/2xyVHVO
Submitted September 13, 2017 at 10:49PM by rec0d3
via reddit http://ift.tt/2y6mGVC
http://ift.tt/2xyVHVO
Submitted September 13, 2017 at 10:49PM by rec0d3
via reddit http://ift.tt/2y6mGVC
WarriorScout.com
Army Wargames Russian Electronic Warfare & Cyber Attacks
Army soldiers tried to detect and fend off simulated Russian electronic warfare and cyberattacks in a Cyber Quest exercise aimed at preparing the service for
How do you share your secrets after death or inability?
Hi,so i am trying to set up a method(without relying on some proprietary service) to give an individual or group of people access to my passwords, accounts etc. after i die or am somehow not able to remember anything.I looked into Shamir's Secret Sharing, but my problem is that i would like to keep my side of the equation able to update the information i share. Let's say i change the master password of my favorite password sharing app, or change my Bitcoin seed phrase and so on. Has anybody implemented a system in which relatives or significant others can access this information by giving them an envelope or similar? Also, a somewhat automated way of updating the information i want to share would be perfect. I thought about creating an encrypted archive or text and sharing the password via envelopes using SSSS. But then a problem is how people would be able to restore the phrase in 1000 years, without having the tools we use today or advanced knowledge in computers. I would like to leave simple instructions in a sealed envelope, requiring multiple share holders to group in order to gain access.I think this is a situation in which a lot of people find themselves and i would appreciate any feedback!
Submitted September 13, 2017 at 11:21PM by daywalkerdha
via reddit http://ift.tt/2w9nVWM
Hi,so i am trying to set up a method(without relying on some proprietary service) to give an individual or group of people access to my passwords, accounts etc. after i die or am somehow not able to remember anything.I looked into Shamir's Secret Sharing, but my problem is that i would like to keep my side of the equation able to update the information i share. Let's say i change the master password of my favorite password sharing app, or change my Bitcoin seed phrase and so on. Has anybody implemented a system in which relatives or significant others can access this information by giving them an envelope or similar? Also, a somewhat automated way of updating the information i want to share would be perfect. I thought about creating an encrypted archive or text and sharing the password via envelopes using SSSS. But then a problem is how people would be able to restore the phrase in 1000 years, without having the tools we use today or advanced knowledge in computers. I would like to leave simple instructions in a sealed envelope, requiring multiple share holders to group in order to gain access.I think this is a situation in which a lot of people find themselves and i would appreciate any feedback!
Submitted September 13, 2017 at 11:21PM by daywalkerdha
via reddit http://ift.tt/2w9nVWM
reddit
How do you share your secrets after death or inability? • r/security
Hi, so i am trying to set up a method(without relying on some proprietary service) to give an individual or group of people access to my...
What Computer Security Experts Wish You Knew: The Top Experts Speak
http://ift.tt/2wozJzv
Submitted September 13, 2017 at 11:04PM by InfoSecCrazy
via reddit http://ift.tt/2fi2A2P
http://ift.tt/2wozJzv
Submitted September 13, 2017 at 11:04PM by InfoSecCrazy
via reddit http://ift.tt/2fi2A2P
itsecuritycentral.teramind.co
What Computer Security Experts Wish You Knew: The Top Experts Speak | IT Security Central
When it comes to keeping our information secure, many of us seem to be at a loss. With technology rapidly changing like it does, it's difficult to stay aware of
U.S. to ban use of Kaspersky software in federal agencies amid concerns of Russian espionage
http://wapo.st/2vUhrXr
Submitted September 13, 2017 at 11:03PM by buildops
via reddit http://ift.tt/2xZZfMZ
http://wapo.st/2vUhrXr
Submitted September 13, 2017 at 11:03PM by buildops
via reddit http://ift.tt/2xZZfMZ
Washington Post
U.S. bans use of Kaspersky software in federal agencies amid concerns of Russian espionage
The Homeland Security department issued a directive Wednesday barring use of the Russian company’s product.
socksmon: a TCP interception proxy using BURP or ZAP
http://ift.tt/2f5OnJp
Submitted September 13, 2017 at 11:56PM by mrschyte
via reddit http://ift.tt/2y5YbId
http://ift.tt/2f5OnJp
Submitted September 13, 2017 at 11:56PM by mrschyte
via reddit http://ift.tt/2y5YbId
GitHub
mrschyte/socksmon
socksmon - Monitor arbitrary TCP traffic using your HTTP interception proxy of choice
The only safe email is text-only email
http://ift.tt/2w0OQ79
Submitted September 14, 2017 at 12:50AM by speckz
via reddit http://ift.tt/2f6g9pg
http://ift.tt/2w0OQ79
Submitted September 14, 2017 at 12:50AM by speckz
via reddit http://ift.tt/2f6g9pg
The Conversation
The only safe email is text-only email
It's impossible to be certain of safety while using Gmail, Yahoo mail and other web-based email systems. The best solution is a radical one: It's time to return to plain, text-only email.
Exploiting CVE-2017-8759: SOAP WSDL Parser Code Injection by MDSec ActiveBreach
http://ift.tt/2x1RYyw
Submitted September 14, 2017 at 01:10AM by mdsec
via reddit http://ift.tt/2wpVejw
http://ift.tt/2x1RYyw
Submitted September 14, 2017 at 01:10AM by mdsec
via reddit http://ift.tt/2wpVejw
www.mdsec.co.uk
Exploiting CVE-2017-8759: SOAP WSDL Parser Code Injection – MDSec
A walk through on how to exploit CVE-2017-8759
1.65 Million Attacks: Kaspersky Reveals New Data on Crypto Mining Malware
http://ift.tt/2h1RtPe
Submitted September 14, 2017 at 01:03AM by lazec
via reddit http://ift.tt/2x1SIni
http://ift.tt/2h1RtPe
Submitted September 14, 2017 at 01:03AM by lazec
via reddit http://ift.tt/2x1SIni
CoinDesk
1.65 Million Attacks: Kaspersky Reveals New Data on Crypto Mining Malware - CoinDesk
Kaspersky Labs revealed it protected more than 1.65 million computers from cryptocurrency mining malware in a report on Tuesday.
FireEye Security Bug: Connection to physical host and adjacent network possible during analysis in Live-Mode
http://ift.tt/2f5Ab32
Submitted September 14, 2017 at 12:47AM by FireFart
via reddit http://ift.tt/2jq2NWp
http://ift.tt/2f5Ab32
Submitted September 14, 2017 at 12:47AM by FireFart
via reddit http://ift.tt/2jq2NWp
Insinuator.net
FireEye Security Bug: Connection to physical host and adjacent network possible during analysis in Live-Mode
We recently identified a security issue in FireEye AX 5400, that also affected other products. We responsibly disclosed the bug to FireEye and a fix that addresses the issue has been released with version 7.7.7. The fix was also merged into the common core…
Equifax pulls their vulnerable mobile application from app stores
http://ift.tt/2h3Kl1k
Submitted September 14, 2017 at 01:54AM by patcheudor
via reddit http://ift.tt/2wXHnVS
http://ift.tt/2h3Kl1k
Submitted September 14, 2017 at 01:54AM by patcheudor
via reddit http://ift.tt/2wXHnVS
The Man Behind Plugin Spam: Mason Soiza
http://ift.tt/2wpPfv0
Submitted September 14, 2017 at 01:51AM by speckz
via reddit http://ift.tt/2h4ATun
http://ift.tt/2wpPfv0
Submitted September 14, 2017 at 01:51AM by speckz
via reddit http://ift.tt/2h4ATun
Wordfence
The Man Behind Plugin Spam: Mason Soiza
This is a follow-up to our story noscriptd “Display Widgets Plugin Includes Malicious Code to Publish Spam on WP Sites“. In this post, we explore who is behind the purchase and corruption of the Display Widgets plugin and at least two other popular WordPress…
Zerodium Offering $1M for Tor Browser Zero Days | Threatpost
http://ift.tt/2fjcT70
Submitted September 14, 2017 at 01:59AM by majorllama
via reddit http://ift.tt/2x2buuI
http://ift.tt/2fjcT70
Submitted September 14, 2017 at 01:59AM by majorllama
via reddit http://ift.tt/2x2buuI
Threatpost | The first stop for security news
Zerodium Offering $1M for Tor Browser Zero Days
Exploit acquisition vendor Zerodium said Wednesday it will pay up to $1M for an unknown Tor Browser zero day.
They're Trying to Hack Your PayPal Account
http://ift.tt/2xxMj4t
Submitted September 14, 2017 at 02:30AM by sh_tomer
via reddit http://ift.tt/2f795Zm
http://ift.tt/2xxMj4t
Submitted September 14, 2017 at 02:30AM by sh_tomer
via reddit http://ift.tt/2f795Zm
dzone.com
They're Trying to Hack Your Account: Analyzing a Real Phishing Email - DZone Security
A DZone MVB breaks down a suspicious email he received to demonstrate how phishing attempts work, and certain key elements of phishing attempts to look out for.
Ayuda! (Help!) Equifax Has My Data!
http://ift.tt/2h1eKkx
Submitted September 14, 2017 at 02:42AM by dabshitty
via reddit http://ift.tt/2x2tfu0
http://ift.tt/2h1eKkx
Submitted September 14, 2017 at 02:42AM by dabshitty
via reddit http://ift.tt/2x2tfu0
reddit
Ayuda! (Help!) Equifax Has My Data! • r/security
1 points and 1 comments so far on reddit
Have you seen Halls-of-Valhalla.org? There are a ton of challenges including encryption, javanoscript, recon, SQLi, Steago and more– Here's the Beginners Challenge Levels 1-7 Walkthrough. Post your Halls of Valhalla Walkthrough below.
http://ift.tt/2wqKBgA
Submitted September 14, 2017 at 07:01AM by InfoSecJim
via reddit http://ift.tt/2wqMLN7
http://ift.tt/2wqKBgA
Submitted September 14, 2017 at 07:01AM by InfoSecJim
via reddit http://ift.tt/2wqMLN7
Jim Wilbur's Blog
Halls of Valhalla - Beginners Challenge 1-7 - Jim Wilbur's Blog
Here’s a walk-through for the Beginner Challenges on www.Halls-of-Valhalla.org Right click to view source and After a few minutes of perusing the source I found For this exercise we are using Burp Suite I flipped the Cookie: auth bit to true and…. After many…
US Gov orders all Kaspersky products removed in 90 days
http://ift.tt/2wqKth7
Submitted September 14, 2017 at 07:19AM by rhinoplzno
via reddit http://ift.tt/2eWg041
http://ift.tt/2wqKth7
Submitted September 14, 2017 at 07:19AM by rhinoplzno
via reddit http://ift.tt/2eWg041
Nytimes
Kaspersky Lab Antivirus Software Is Ordered Off U.S. Government Computers
The company’s origins in Russia have for years fueled suspicions about possible ties to Russian intelligence agencies. Kaspersky denies the allegations.
Red Hat JBoss EAP 3.0.7 - 4.0.0 vulnerable to server side cache poisoning
http://ift.tt/2fkuMlT
Submitted September 14, 2017 at 10:42AM by rhinoplzno
via reddit http://ift.tt/2jpQo4M
http://ift.tt/2fkuMlT
Submitted September 14, 2017 at 10:42AM by rhinoplzno
via reddit http://ift.tt/2jpQo4M
cve.mitre.org
CVE -
CVE-2017-7561
CVE-2017-7561
Common Vulnerabilities and Exposures (CVE®) is a dictionary of common names (i.e., CVE Identifiers) for publicly known cyber security vulnerabilities. Assigned by CVE Numbering Authorities from around the world, use of CVE Identifiers ensures confidence among…
Sharing is Caring: Why Cyber Security Needs to Be a United Sector
http://ift.tt/2y0bh90
Submitted September 14, 2017 at 02:18PM by InfoSecCrazy
via reddit http://ift.tt/2h2OqGt
http://ift.tt/2y0bh90
Submitted September 14, 2017 at 02:18PM by InfoSecCrazy
via reddit http://ift.tt/2h2OqGt
itsecuritycentral.teramind.co
Sharing is Caring: Why Cyber Security Needs to Be a United Sector | IT Security Central
As first responders and defenders of information infrastructure, cyber security professionals play an increasingly important role in maintaining the national