Filtering out top 1 million domains from corporate network traffic
https://ift.tt/2GPSa6e
Submitted April 11, 2018 at 07:02PM by daanraman
via reddit https://ift.tt/2v7QtzM
https://ift.tt/2GPSa6e
Submitted April 11, 2018 at 07:02PM by daanraman
via reddit https://ift.tt/2v7QtzM
NVISO LABS - blog
Filtering out top 1 million domains from corporate network traffic
During network traffic analysis and malware investigations, we often use IP and domain reputation lists to quickly filter out traffic we can expect to be benign. This typically includes filtering o…
A few weeks ago my computer got hacked and 7500$ worth of Bitcoin were stolen. Here are few things I learned:
I'm writing this post with a hope that it might help other people to start thinking about their security & also to understand that it can happen to anyone.Here are few things I wish I knew before:Don't download a torrent from risky websites (I tried to download a software from a website I never saw before, a few weeks ago and I think that's where I got the malware)If you hold any Bitcoin, Ethereum or any other cryptocurrency, Buy Nano ledger, Don't be cheap with your self, It doesn't worth the risk.https://www.ledgerwallet.com/products/ledger-nano-sUse MetaMask, It's a must for every crypto trader.In few minutes you can educate your self and prevent things like that from happening. I learned few useful stuff at this article, I believe it might be useful for youhttps://medium.com/swarmdotmarket/5-ways-to-prevent-your-crypto-wallet-from-being-hacked-981acd86bc43
Submitted April 11, 2018 at 07:48PM by chanfle
via reddit https://ift.tt/2GOAmfL
I'm writing this post with a hope that it might help other people to start thinking about their security & also to understand that it can happen to anyone.Here are few things I wish I knew before:Don't download a torrent from risky websites (I tried to download a software from a website I never saw before, a few weeks ago and I think that's where I got the malware)If you hold any Bitcoin, Ethereum or any other cryptocurrency, Buy Nano ledger, Don't be cheap with your self, It doesn't worth the risk.https://www.ledgerwallet.com/products/ledger-nano-sUse MetaMask, It's a must for every crypto trader.In few minutes you can educate your self and prevent things like that from happening. I learned few useful stuff at this article, I believe it might be useful for youhttps://medium.com/swarmdotmarket/5-ways-to-prevent-your-crypto-wallet-from-being-hacked-981acd86bc43
Submitted April 11, 2018 at 07:48PM by chanfle
via reddit https://ift.tt/2GOAmfL
Ledger
Buy Ledger Nano S Plus Hardware Wallet | Ledger
Our No-Brainer Entry-Level Ledger with all Essentials to Secure your Digital Assets. #1 Hardware Wallet Provider. Over 8 million Customers Trust Ledger.
Introducing Snallygaster - a Tool to Scan for Secrets on Web Servers
https://ift.tt/2JCkrzd
Submitted April 11, 2018 at 08:01PM by speckz
via reddit https://ift.tt/2GQ7JLb
https://ift.tt/2JCkrzd
Submitted April 11, 2018 at 08:01PM by speckz
via reddit https://ift.tt/2GQ7JLb
reddit
Introducing Snallygaster - a Tool to Scan for Secrets... • r/security
1 points and 1 comments so far on reddit
Experienced first ransomware episode - need advice on go forward business strategy
Hello all,Long time lurker to this subreddit, first time poster :)I manage IT and marketing for a company that acquires smaller companies that align with our overall strategy. The companies that we acquire are much smaller than us (usually 15-40 employees) and are kind of "mom and pop" owned and operated.From an IT perspective, we have tried to create somewhat of an "in the cloud" technology approach that we can plug these smaller companies into so that we can get everyone on the same basic systems and speed up the process of overall integration.We use Google for business for our email and "file server" solution. Each "division" (company we acquire) has their own folder in the drive that contains all of their related files and folders.WELL - 2 weeks ago one of our divisions that we recently purchased (2 months ago) was victim of a brute force attack which resulted in all files on the file server, the ERP server, and the CRM server to be encrypted with ransomware. Being that we just bought the company 2 months ago, we had not moved their files from their file server to our Google Drive just yet (we don't like to just go in guns a' blazin and make the employees feel like we are changing EVERYTHING at once lol). A backup solution was in place both locally (which was deleted via the hack) and in the cloud - so everything was ok.Being that it was my first experience with ransomware it got me thinking about how we are currently do things and what we should be doing on a go forward. IF that division had been on our Google Drive...that ransomware could have spread to the rest of the company...So I am really just trying to understand what "best practice" is for utilizing/structuring/securing Google Drive for business as a "file server" solution on a go forward, AND best practice for backing the Google Drive up for the entire company so that we can be as full proof as we can be for a potential ransomware situation.Our users currently use Google File Stream on their local PC's. We are running a daily backup to a local PC at our corporate location, and a weekly backup to an external hard drive that is then disconnected and moved off-site.I definitely see the need for a completely restructured approach - I just need some direction :) I appreciate any advice in advance!Thanks guys,-R
Submitted April 11, 2018 at 07:59PM by Machinegamer
via reddit https://ift.tt/2Hfbq0w
Hello all,Long time lurker to this subreddit, first time poster :)I manage IT and marketing for a company that acquires smaller companies that align with our overall strategy. The companies that we acquire are much smaller than us (usually 15-40 employees) and are kind of "mom and pop" owned and operated.From an IT perspective, we have tried to create somewhat of an "in the cloud" technology approach that we can plug these smaller companies into so that we can get everyone on the same basic systems and speed up the process of overall integration.We use Google for business for our email and "file server" solution. Each "division" (company we acquire) has their own folder in the drive that contains all of their related files and folders.WELL - 2 weeks ago one of our divisions that we recently purchased (2 months ago) was victim of a brute force attack which resulted in all files on the file server, the ERP server, and the CRM server to be encrypted with ransomware. Being that we just bought the company 2 months ago, we had not moved their files from their file server to our Google Drive just yet (we don't like to just go in guns a' blazin and make the employees feel like we are changing EVERYTHING at once lol). A backup solution was in place both locally (which was deleted via the hack) and in the cloud - so everything was ok.Being that it was my first experience with ransomware it got me thinking about how we are currently do things and what we should be doing on a go forward. IF that division had been on our Google Drive...that ransomware could have spread to the rest of the company...So I am really just trying to understand what "best practice" is for utilizing/structuring/securing Google Drive for business as a "file server" solution on a go forward, AND best practice for backing the Google Drive up for the entire company so that we can be as full proof as we can be for a potential ransomware situation.Our users currently use Google File Stream on their local PC's. We are running a daily backup to a local PC at our corporate location, and a weekly backup to an external hard drive that is then disconnected and moved off-site.I definitely see the need for a completely restructured approach - I just need some direction :) I appreciate any advice in advance!Thanks guys,-R
Submitted April 11, 2018 at 07:59PM by Machinegamer
via reddit https://ift.tt/2Hfbq0w
reddit
Experienced first ransomware episode - need advice on... • r/security
Hello all, Long time lurker to this subreddit, first time poster :) I manage IT and marketing for a company that acquires smaller companies that...
New techniques for adding data to Alternate Data Streams and executing it
https://ift.tt/2qniGO3
Submitted April 11, 2018 at 07:57PM by oddvarmoe
via reddit https://ift.tt/2EGInOg
https://ift.tt/2qniGO3
Submitted April 11, 2018 at 07:57PM by oddvarmoe
via reddit https://ift.tt/2EGInOg
Oddvar Moe's Blog
Putting data in Alternate data streams and how to execute it – part 2
I wrote a blogpost a while back about Alternate data streams that you can find here: After I wrote that post I have made some new discoveries that I wanted to share around Alternate data streams. …
Anyone at ISC West 2018?
I'm here in Las Vegas from Los Angeles. Would love to connect with any redditors that happen to be here! I'm here just for the day. (April 11th 2018)
Submitted April 11, 2018 at 10:36PM by bugnuker
via reddit https://ift.tt/2GQfTDo
I'm here in Las Vegas from Los Angeles. Would love to connect with any redditors that happen to be here! I'm here just for the day. (April 11th 2018)
Submitted April 11, 2018 at 10:36PM by bugnuker
via reddit https://ift.tt/2GQfTDo
reddit
Anyone at ISC West 2018? • r/security
I'm here in Las Vegas from Los Angeles. Would love to connect with any redditors that happen to be here! I'm here just for the day. (April 11th 2018)
News Flash: Great Western Railway, Sears and Delta, Despacito Video Deleted in Hack
https://youtu.be/G97ihMBUKj8
Submitted April 11, 2018 at 10:31PM by GlassHouseSystems
via reddit https://ift.tt/2HuVGEw
https://youtu.be/G97ihMBUKj8
Submitted April 11, 2018 at 10:31PM by GlassHouseSystems
via reddit https://ift.tt/2HuVGEw
YouTube
Data Breaches: Great Western Railway, Sears and Delta, Despacito Video Deleted in Hack
In this video, we cover the data breaches at UK's Great Western Railway, [24]7.ai, Sears, Delta Airlines, Best Buy, KMart, and Luis Fonsi's "Despacito" music...
I found this in my banking app's username field. Security hole or random keyboard presses?
I have Chase save my username for faster logins. Today when I open the app, where the username would be I find this:
Submitted April 11, 2018 at 11:13PM by alextheracer
via reddit https://ift.tt/2INFnBX
I have Chase save my username for faster logins. Today when I open the app, where the username would be I find this:
v6YDPBiQ+Y1wHZ+boAkMypifMD3KCHTZz6105o/3bUTrS5+CjJiyP9a9MS5gcgYMZcJvQ4MnDbin GmEEAg12z1WXXQ1gGCAFw4077l1lHeBgBRwJfTmbdDL4AEFN6CAPUSKbLQ0xRiEktedBgAdHvXb7 gyv/v8BkvIw5fSrixh0IRIzeS3ppO5pm+ugfOoDaLLajrc1uCRvCOtbWqsH8l5ydvRJ4RuxbwRAz45ptbpTGHm9wqH6+BPscOpXQpbI088o4heNTL3fviEXmwFaJMWZDwyitiJL1aRfidpk3Wbnd+HNo9VsPBy7yWsgbPEvkKLwnJw5d13oamcPbXDKpg==I doubt my phone turned on in my pocket. It seems too randomized for that. Maybe it did, but I thought I'd get y'all's opinion. Does this resemble anything concerning? Or should I just learn to turn my screen off?
Submitted April 11, 2018 at 11:13PM by alextheracer
via reddit https://ift.tt/2INFnBX
reddit
I found this in my banking app's username field.... • r/security
I have Chase save my username for faster logins. Today when I open the app, where the username would be I find this: ...
An OWASP-like top 10 for smart contract vulnerabilities
https://www.dasp.co
Submitted April 11, 2018 at 11:38PM by davidw_-
via reddit https://ift.tt/2EEyW1D
https://www.dasp.co
Submitted April 11, 2018 at 11:38PM by davidw_-
via reddit https://ift.tt/2EEyW1D
reddit
An OWASP-like top 10 for smart contract vulnerabilities • r/netsec
3 points and 0 comments so far on reddit
Breaking RSA OAEP with Manger’s attack
https://ift.tt/2GBcXyF
Submitted April 11, 2018 at 04:46AM by dgryski
via reddit https://ift.tt/2qqmYDM
https://ift.tt/2GBcXyF
Submitted April 11, 2018 at 04:46AM by dgryski
via reddit https://ift.tt/2qqmYDM
Kudelskisecurity
Breaking RSA OAEP with Manger’s attack
The RSA cryptosystem has had its fair share of attacks over the years, but among the most impressive, you can find the infamous Bleichenbacher attack [Ble98], which doomed PKCS v1.5 in 1998. Ninete…
Highlights of the Verizon 2018 Data Breach Investigations Report
https://ift.tt/2GStZIE
Submitted April 12, 2018 at 12:08AM by zinsi-
via reddit https://ift.tt/2qs1rua
https://ift.tt/2GStZIE
Submitted April 12, 2018 at 12:08AM by zinsi-
via reddit https://ift.tt/2qs1rua
Templarbit Inc.
Highlights of the Verizon 2018 Data Breach Investigations Report
Verizon just published the 11th edition of its Data Breach...
USB Detective - USB Device Forensics
https://ift.tt/2H62CHQ
Submitted April 11, 2018 at 11:58PM by 13Cubed
via reddit https://ift.tt/2HhGUDk
https://ift.tt/2H62CHQ
Submitted April 11, 2018 at 11:58PM by 13Cubed
via reddit https://ift.tt/2HhGUDk
An OWASP-like top 10 for smart contract vulnerabilities
https://www.dasp.co
Submitted April 11, 2018 at 11:38PM by davidw_-
via reddit https://ift.tt/2EEyW1D
https://www.dasp.co
Submitted April 11, 2018 at 11:38PM by davidw_-
via reddit https://ift.tt/2EEyW1D
reddit
An OWASP-like top 10 for smart contract vulnerabilities • r/netsec
3 points and 0 comments so far on reddit
Thousands of hacked websites are infecting visitors with malware
https://ift.tt/2Jy6XUV
Submitted April 12, 2018 at 01:29AM by DJRWolf
via reddit https://ift.tt/2JBA21M
https://ift.tt/2Jy6XUV
Submitted April 12, 2018 at 01:29AM by DJRWolf
via reddit https://ift.tt/2JBA21M
Ars Technica
Thousands of hacked websites are infecting visitors with malware
Unusually advanced campaign infects people visiting a variety of poorly secured sites.
I found a nice tool that lets you extract and view the source code of Chrome, Firefox and Opera extensions .. for those of you who want to know what your extensions are doing in the background.
Long story short.. I just went through a little ordeal where I wanted to install a very basic Firefox extension, but the extension requires full access to all websites I visit, including access to usernames and passwords that I input. I couldn't understand why, and didn't trust it. It was MPL v2 licensed, but no source code was provided.So... I went search for ways to extract the source and ran across this tool:https://robwu.nl/crxviewer/It's meant to be the demo site for an open source browser extension which has the same functionality (here), but I thought it works just as well as a standalone tool. And it turned out it's able to extract source from not only Firefox, but also Chrome and Opera extensions too.For those of you who are as paranoid as I am about what the extensions may or may not be doing without your knowledge, this is a great little tool. Has a built in JS beautifier as well, which is really nice.
Submitted April 12, 2018 at 01:00AM by NessInOnett
via reddit https://ift.tt/2HxK97r
Long story short.. I just went through a little ordeal where I wanted to install a very basic Firefox extension, but the extension requires full access to all websites I visit, including access to usernames and passwords that I input. I couldn't understand why, and didn't trust it. It was MPL v2 licensed, but no source code was provided.So... I went search for ways to extract the source and ran across this tool:https://robwu.nl/crxviewer/It's meant to be the demo site for an open source browser extension which has the same functionality (here), but I thought it works just as well as a standalone tool. And it turned out it's able to extract source from not only Firefox, but also Chrome and Opera extensions too.For those of you who are as paranoid as I am about what the extensions may or may not be doing without your knowledge, this is a great little tool. Has a built in JS beautifier as well, which is really nice.
Submitted April 12, 2018 at 01:00AM by NessInOnett
via reddit https://ift.tt/2HxK97r
GitHub
GitHub - Rob--W/crxviewer: Add-on / web app to view the source code of Chrome / Firefox / Opera 15 extensions and zip files.
Add-on / web app to view the source code of Chrome / Firefox / Opera 15 extensions and zip files. - Rob--W/crxviewer
Cant remove keylogger, but i know my PC is infected with one.
ANY help is needed right now. I'm desperate since my bank account has been compromised now... Malwarebytes or Avast wont detect ANYTHING. And i cant find any suspicious programs in "msconfig".
Submitted April 12, 2018 at 03:30AM by Mikllasp
via reddit https://ift.tt/2JFdzAO
ANY help is needed right now. I'm desperate since my bank account has been compromised now... Malwarebytes or Avast wont detect ANYTHING. And i cant find any suspicious programs in "msconfig".
Submitted April 12, 2018 at 03:30AM by Mikllasp
via reddit https://ift.tt/2JFdzAO
reddit
Cant remove keylogger, but i know my PC is infected... • r/security
ANY help is needed right now. I'm desperate since my bank account has been compromised now... Malwarebytes or Avast wont detect ANYTHING. And i...
Security awareness talk in SF Tuesday next week - learn how to mitigate the wetware risk
https://ift.tt/2EFtuLY
Submitted April 12, 2018 at 03:08AM by Chouma
via reddit https://ift.tt/2JDhP3O
https://ift.tt/2EFtuLY
Submitted April 12, 2018 at 03:08AM by Chouma
via reddit https://ift.tt/2JDhP3O
Peerlyst
[Training] Secure the Unsecurable: 3 Tips for CISOs to Control for Employee Behavior
IBM estimated that a staggering 95% of all security breaches involve human error. A moment’s lapse of judgement by just one employee can defeat your entire security spend. Learn why employees make security mistakes, how GDPR impacts your ability t
Manned guard services in India I Armed Guard |Security guards for Office
https://ift.tt/2EFGNvT
Submitted April 12, 2018 at 11:40AM by onlinecleansweep
via reddit https://ift.tt/2JEF4L9
https://ift.tt/2EFGNvT
Submitted April 12, 2018 at 11:40AM by onlinecleansweep
via reddit https://ift.tt/2JEF4L9
groupl.in
Manned guard services in India I Armed Guard |Security guards for Office
GroupL manned guarding division provides: private security guards, armed guards, lady guards, body guards, bouncers, security supervisors & personal security guard.
Web App Security 101: Keep Calm and Do Threat Modeling
https://ift.tt/2qprfYb
Submitted April 12, 2018 at 02:25PM by Slavos17
via reddit https://ift.tt/2GPqXoi
https://ift.tt/2qprfYb
Submitted April 12, 2018 at 02:25PM by Slavos17
via reddit https://ift.tt/2GPqXoi
Kruschecompany
Threat Modeling: Basic Web Application Security Steps | K&C Blog
It's always a challenge to keep up with this growth and always know what app does, why and when, and what needs extra security measures on your part. This kind of a holistic analysis of security is known as threat modeling. There are different methods or…
Is WAF a must?
Thinking now about security hardening our web app (Google cloud, K8S as a service, API that is exposed to the web), considering to use some web application firewall (WAF) but it seems to have significant costs. How critical is having this vs plain ELB + nginx basic security measures like limiter
Submitted April 12, 2018 at 02:57PM by yonatannn
via reddit https://ift.tt/2Hwu2XK
Thinking now about security hardening our web app (Google cloud, K8S as a service, API that is exposed to the web), considering to use some web application firewall (WAF) but it seems to have significant costs. How critical is having this vs plain ELB + nginx basic security measures like limiter
Submitted April 12, 2018 at 02:57PM by yonatannn
via reddit https://ift.tt/2Hwu2XK
reddit
Is WAF a must? • r/security
Thinking now about security hardening our web app (Google cloud, K8S as a service, API that is exposed to the web), considering to use some web...
Slack channel for InfoSec Write-up followers – InfoSec Writeups – Medium
https://ift.tt/2JChgrj
Submitted April 12, 2018 at 03:42PM by Eta-Meson
via reddit https://ift.tt/2INH8iv
https://ift.tt/2JChgrj
Submitted April 12, 2018 at 03:42PM by Eta-Meson
via reddit https://ift.tt/2INH8iv
Medium
Slack channel for InfoSec Write-up followers
Hello fellow hacking enthusiasts, we were amazed by the response we are getting from you.