Anyone at ISC West 2018?
I'm here in Las Vegas from Los Angeles. Would love to connect with any redditors that happen to be here! I'm here just for the day. (April 11th 2018)

Submitted April 11, 2018 at 10:36PM by bugnuker
via reddit https://ift.tt/2GQfTDo

News Flash: Great Western Railway, Sears and Delta, Despacito Video Deleted in Hack
https://youtu.be/G97ihMBUKj8

Submitted April 11, 2018 at 10:31PM by GlassHouseSystems
via reddit https://ift.tt/2HuVGEw

I found this in my banking app's username field. Security hole or random keyboard presses?
I have Chase save my username for faster logins. Today when I open the app, where the username would be I find this:

v6YDPBiQ+Y1wHZ+boAkMypifMD3KCHTZz6105o/3bUTrS5+CjJiyP9a9MS5gcgYMZcJvQ4MnDbin GmEEAg12z1WXXQ1gGCAFw4077l1lHeBgBRwJfTmbdDL4AEFN6CAPUSKbLQ0xRiEktedBgAdHvXb7 gyv/v8BkvIw5fSrixh0IRIzeS3ppO5pm+ugfOoDaLLajrc1uCRvCOtbWqsH8l5ydvRJ4RuxbwRAz45ptbpTGHm9wqH6+BPscOpXQpbI088o4heNTL3fviEXmwFaJMWZDwyitiJL1aRfidpk3Wbnd+HNo9VsPBy7yWsgbPEvkKLwnJw5d13oamcPbXDKpg== 

I doubt my phone turned on in my pocket. It seems too randomized for that. Maybe it did, but I thought I'd get y'all's opinion. Does this resemble anything concerning? Or should I just learn to turn my screen off?

Submitted April 11, 2018 at 11:13PM by alextheracer
via reddit https://ift.tt/2INFnBX

An OWASP-like top 10 for smart contract vulnerabilities
https://www.dasp.co

Submitted April 11, 2018 at 11:38PM by davidw_-
via reddit https://ift.tt/2EEyW1D

Breaking RSA OAEP with Manger’s attack
https://ift.tt/2GBcXyF

Submitted April 11, 2018 at 04:46AM by dgryski
via reddit https://ift.tt/2qqmYDM

Highlights of the Verizon 2018 Data Breach Investigations Report
https://ift.tt/2GStZIE

Submitted April 12, 2018 at 12:08AM by zinsi-
via reddit https://ift.tt/2qs1rua

USB Detective - USB Device Forensics
https://ift.tt/2H62CHQ

Submitted April 11, 2018 at 11:58PM by 13Cubed
via reddit https://ift.tt/2HhGUDk

An OWASP-like top 10 for smart contract vulnerabilities
https://www.dasp.co

Submitted April 11, 2018 at 11:38PM by davidw_-
via reddit https://ift.tt/2EEyW1D

Thousands of hacked websites are infecting visitors with malware
https://ift.tt/2Jy6XUV

Submitted April 12, 2018 at 01:29AM by DJRWolf
via reddit https://ift.tt/2JBA21M

I found a nice tool that lets you extract and view the source code of Chrome, Firefox and Opera extensions .. for those of you who want to know what your extensions are doing in the background.
Long story short.. I just went through a little ordeal where I wanted to install a very basic Firefox extension, but the extension requires full access to all websites I visit, including access to usernames and passwords that I input. I couldn't understand why, and didn't trust it. It was MPL v2 licensed, but no source code was provided.So... I went search for ways to extract the source and ran across this tool:https://robwu.nl/crxviewer/It's meant to be the demo site for an open source browser extension which has the same functionality (here), but I thought it works just as well as a standalone tool. And it turned out it's able to extract source from not only Firefox, but also Chrome and Opera extensions too.For those of you who are as paranoid as I am about what the extensions may or may not be doing without your knowledge, this is a great little tool. Has a built in JS beautifier as well, which is really nice.

Submitted April 12, 2018 at 01:00AM by NessInOnett
via reddit https://ift.tt/2HxK97r

Cant remove keylogger, but i know my PC is infected with one.
ANY help is needed right now. I'm desperate since my bank account has been compromised now... Malwarebytes or Avast wont detect ANYTHING. And i cant find any suspicious programs in "msconfig".

Submitted April 12, 2018 at 03:30AM by Mikllasp
via reddit https://ift.tt/2JFdzAO

Security awareness talk in SF Tuesday next week - learn how to mitigate the wetware risk
https://ift.tt/2EFtuLY

Submitted April 12, 2018 at 03:08AM by Chouma
via reddit https://ift.tt/2JDhP3O

Manned guard services in India I Armed Guard |Security guards for Office
https://ift.tt/2EFGNvT

Submitted April 12, 2018 at 11:40AM by onlinecleansweep
via reddit https://ift.tt/2JEF4L9

Web App Security 101: Keep Calm and Do Threat Modeling
https://ift.tt/2qprfYb

Submitted April 12, 2018 at 02:25PM by Slavos17
via reddit https://ift.tt/2GPqXoi

Is WAF a must?
Thinking now about security hardening our web app (Google cloud, K8S as a service, API that is exposed to the web), considering to use some web application firewall (WAF) but it seems to have significant costs. How critical is having this vs plain ELB + nginx basic security measures like limiter

Submitted April 12, 2018 at 02:57PM by yonatannn
via reddit https://ift.tt/2Hwu2XK

Slack channel for InfoSec Write-up followers – InfoSec Writeups – Medium
https://ift.tt/2JChgrj

Submitted April 12, 2018 at 03:42PM by Eta-Meson
via reddit https://ift.tt/2INH8iv

Please email me your password
https://ift.tt/2Hiitp6

Submitted April 12, 2018 at 03:25PM by albinowax
via reddit https://ift.tt/2HuqbKp

ASP.NET View State Decoding
https://ift.tt/2GVrTDG

Submitted April 12, 2018 at 03:03PM by folliez
via reddit https://ift.tt/2HuRcNV

Penetrating Pays: The Pornhub Story
https://ift.tt/2v7W1KD

Submitted April 12, 2018 at 04:50PM by ZephrX112
via reddit https://ift.tt/2GPFTmm

JSON Web Tokens for Burp Proxy
https://ift.tt/2HrYVw9

Submitted April 12, 2018 at 05:30PM by CoolUsernamesAreGone
via reddit https://ift.tt/2qoZkbw

Securing DNS across all of my devices with Pi-Hole + DNS-over-HTTPS + 1.1.1.1
https://ift.tt/2EFJk9j

Submitted April 12, 2018 at 05:24PM by Sjoerder
via reddit https://ift.tt/2IOc7Lq