An OWASP-like top 10 for smart contract vulnerabilities
https://www.dasp.co
Submitted April 11, 2018 at 11:38PM by davidw_-
via reddit https://ift.tt/2EEyW1D
https://www.dasp.co
Submitted April 11, 2018 at 11:38PM by davidw_-
via reddit https://ift.tt/2EEyW1D
reddit
An OWASP-like top 10 for smart contract vulnerabilities • r/netsec
3 points and 0 comments so far on reddit
Breaking RSA OAEP with Manger’s attack
https://ift.tt/2GBcXyF
Submitted April 11, 2018 at 04:46AM by dgryski
via reddit https://ift.tt/2qqmYDM
https://ift.tt/2GBcXyF
Submitted April 11, 2018 at 04:46AM by dgryski
via reddit https://ift.tt/2qqmYDM
Kudelskisecurity
Breaking RSA OAEP with Manger’s attack
The RSA cryptosystem has had its fair share of attacks over the years, but among the most impressive, you can find the infamous Bleichenbacher attack [Ble98], which doomed PKCS v1.5 in 1998. Ninete…
Highlights of the Verizon 2018 Data Breach Investigations Report
https://ift.tt/2GStZIE
Submitted April 12, 2018 at 12:08AM by zinsi-
via reddit https://ift.tt/2qs1rua
https://ift.tt/2GStZIE
Submitted April 12, 2018 at 12:08AM by zinsi-
via reddit https://ift.tt/2qs1rua
Templarbit Inc.
Highlights of the Verizon 2018 Data Breach Investigations Report
Verizon just published the 11th edition of its Data Breach...
USB Detective - USB Device Forensics
https://ift.tt/2H62CHQ
Submitted April 11, 2018 at 11:58PM by 13Cubed
via reddit https://ift.tt/2HhGUDk
https://ift.tt/2H62CHQ
Submitted April 11, 2018 at 11:58PM by 13Cubed
via reddit https://ift.tt/2HhGUDk
An OWASP-like top 10 for smart contract vulnerabilities
https://www.dasp.co
Submitted April 11, 2018 at 11:38PM by davidw_-
via reddit https://ift.tt/2EEyW1D
https://www.dasp.co
Submitted April 11, 2018 at 11:38PM by davidw_-
via reddit https://ift.tt/2EEyW1D
reddit
An OWASP-like top 10 for smart contract vulnerabilities • r/netsec
3 points and 0 comments so far on reddit
Thousands of hacked websites are infecting visitors with malware
https://ift.tt/2Jy6XUV
Submitted April 12, 2018 at 01:29AM by DJRWolf
via reddit https://ift.tt/2JBA21M
https://ift.tt/2Jy6XUV
Submitted April 12, 2018 at 01:29AM by DJRWolf
via reddit https://ift.tt/2JBA21M
Ars Technica
Thousands of hacked websites are infecting visitors with malware
Unusually advanced campaign infects people visiting a variety of poorly secured sites.
I found a nice tool that lets you extract and view the source code of Chrome, Firefox and Opera extensions .. for those of you who want to know what your extensions are doing in the background.
Long story short.. I just went through a little ordeal where I wanted to install a very basic Firefox extension, but the extension requires full access to all websites I visit, including access to usernames and passwords that I input. I couldn't understand why, and didn't trust it. It was MPL v2 licensed, but no source code was provided.So... I went search for ways to extract the source and ran across this tool:https://robwu.nl/crxviewer/It's meant to be the demo site for an open source browser extension which has the same functionality (here), but I thought it works just as well as a standalone tool. And it turned out it's able to extract source from not only Firefox, but also Chrome and Opera extensions too.For those of you who are as paranoid as I am about what the extensions may or may not be doing without your knowledge, this is a great little tool. Has a built in JS beautifier as well, which is really nice.
Submitted April 12, 2018 at 01:00AM by NessInOnett
via reddit https://ift.tt/2HxK97r
Long story short.. I just went through a little ordeal where I wanted to install a very basic Firefox extension, but the extension requires full access to all websites I visit, including access to usernames and passwords that I input. I couldn't understand why, and didn't trust it. It was MPL v2 licensed, but no source code was provided.So... I went search for ways to extract the source and ran across this tool:https://robwu.nl/crxviewer/It's meant to be the demo site for an open source browser extension which has the same functionality (here), but I thought it works just as well as a standalone tool. And it turned out it's able to extract source from not only Firefox, but also Chrome and Opera extensions too.For those of you who are as paranoid as I am about what the extensions may or may not be doing without your knowledge, this is a great little tool. Has a built in JS beautifier as well, which is really nice.
Submitted April 12, 2018 at 01:00AM by NessInOnett
via reddit https://ift.tt/2HxK97r
GitHub
GitHub - Rob--W/crxviewer: Add-on / web app to view the source code of Chrome / Firefox / Opera 15 extensions and zip files.
Add-on / web app to view the source code of Chrome / Firefox / Opera 15 extensions and zip files. - Rob--W/crxviewer
Cant remove keylogger, but i know my PC is infected with one.
ANY help is needed right now. I'm desperate since my bank account has been compromised now... Malwarebytes or Avast wont detect ANYTHING. And i cant find any suspicious programs in "msconfig".
Submitted April 12, 2018 at 03:30AM by Mikllasp
via reddit https://ift.tt/2JFdzAO
ANY help is needed right now. I'm desperate since my bank account has been compromised now... Malwarebytes or Avast wont detect ANYTHING. And i cant find any suspicious programs in "msconfig".
Submitted April 12, 2018 at 03:30AM by Mikllasp
via reddit https://ift.tt/2JFdzAO
reddit
Cant remove keylogger, but i know my PC is infected... • r/security
ANY help is needed right now. I'm desperate since my bank account has been compromised now... Malwarebytes or Avast wont detect ANYTHING. And i...
Security awareness talk in SF Tuesday next week - learn how to mitigate the wetware risk
https://ift.tt/2EFtuLY
Submitted April 12, 2018 at 03:08AM by Chouma
via reddit https://ift.tt/2JDhP3O
https://ift.tt/2EFtuLY
Submitted April 12, 2018 at 03:08AM by Chouma
via reddit https://ift.tt/2JDhP3O
Peerlyst
[Training] Secure the Unsecurable: 3 Tips for CISOs to Control for Employee Behavior
IBM estimated that a staggering 95% of all security breaches involve human error. A moment’s lapse of judgement by just one employee can defeat your entire security spend. Learn why employees make security mistakes, how GDPR impacts your ability t
Manned guard services in India I Armed Guard |Security guards for Office
https://ift.tt/2EFGNvT
Submitted April 12, 2018 at 11:40AM by onlinecleansweep
via reddit https://ift.tt/2JEF4L9
https://ift.tt/2EFGNvT
Submitted April 12, 2018 at 11:40AM by onlinecleansweep
via reddit https://ift.tt/2JEF4L9
groupl.in
Manned guard services in India I Armed Guard |Security guards for Office
GroupL manned guarding division provides: private security guards, armed guards, lady guards, body guards, bouncers, security supervisors & personal security guard.
Web App Security 101: Keep Calm and Do Threat Modeling
https://ift.tt/2qprfYb
Submitted April 12, 2018 at 02:25PM by Slavos17
via reddit https://ift.tt/2GPqXoi
https://ift.tt/2qprfYb
Submitted April 12, 2018 at 02:25PM by Slavos17
via reddit https://ift.tt/2GPqXoi
Kruschecompany
Threat Modeling: Basic Web Application Security Steps | K&C Blog
It's always a challenge to keep up with this growth and always know what app does, why and when, and what needs extra security measures on your part. This kind of a holistic analysis of security is known as threat modeling. There are different methods or…
Is WAF a must?
Thinking now about security hardening our web app (Google cloud, K8S as a service, API that is exposed to the web), considering to use some web application firewall (WAF) but it seems to have significant costs. How critical is having this vs plain ELB + nginx basic security measures like limiter
Submitted April 12, 2018 at 02:57PM by yonatannn
via reddit https://ift.tt/2Hwu2XK
Thinking now about security hardening our web app (Google cloud, K8S as a service, API that is exposed to the web), considering to use some web application firewall (WAF) but it seems to have significant costs. How critical is having this vs plain ELB + nginx basic security measures like limiter
Submitted April 12, 2018 at 02:57PM by yonatannn
via reddit https://ift.tt/2Hwu2XK
reddit
Is WAF a must? • r/security
Thinking now about security hardening our web app (Google cloud, K8S as a service, API that is exposed to the web), considering to use some web...
Slack channel for InfoSec Write-up followers – InfoSec Writeups – Medium
https://ift.tt/2JChgrj
Submitted April 12, 2018 at 03:42PM by Eta-Meson
via reddit https://ift.tt/2INH8iv
https://ift.tt/2JChgrj
Submitted April 12, 2018 at 03:42PM by Eta-Meson
via reddit https://ift.tt/2INH8iv
Medium
Slack channel for InfoSec Write-up followers
Hello fellow hacking enthusiasts, we were amazed by the response we are getting from you.
Please email me your password
https://ift.tt/2Hiitp6
Submitted April 12, 2018 at 03:25PM by albinowax
via reddit https://ift.tt/2HuqbKp
https://ift.tt/2Hiitp6
Submitted April 12, 2018 at 03:25PM by albinowax
via reddit https://ift.tt/2HuqbKp
Jr0Ch17
Please email me your password
I decided to do a write up about what I think is a unique account takeover bug that I recently found. I was really surprised on the ending and I must say I got extremely lucky as you’ll see later on. This is on a private program so I apologize for everything…
ASP.NET View State Decoding
https://ift.tt/2GVrTDG
Submitted April 12, 2018 at 03:03PM by folliez
via reddit https://ift.tt/2HuRcNV
https://ift.tt/2GVrTDG
Submitted April 12, 2018 at 03:03PM by folliez
via reddit https://ift.tt/2HuRcNV
GitHub
yuvadm/viewstate
ASP.NET View State Decoder. Contribute to yuvadm/viewstate development by creating an account on GitHub.
Penetrating Pays: The Pornhub Story
https://ift.tt/2v7W1KD
Submitted April 12, 2018 at 04:50PM by ZephrX112
via reddit https://ift.tt/2GPFTmm
https://ift.tt/2v7W1KD
Submitted April 12, 2018 at 04:50PM by ZephrX112
via reddit https://ift.tt/2GPFTmm
ZeroSec - Adventures In Information Security
Penetrating Pays: The Pornhub Story
This post is to explain the techniques I've used to get to where I am and how I found my most recent $2500 bug on pornhub.
JSON Web Tokens for Burp Proxy
https://ift.tt/2HrYVw9
Submitted April 12, 2018 at 05:30PM by CoolUsernamesAreGone
via reddit https://ift.tt/2qoZkbw
https://ift.tt/2HrYVw9
Submitted April 12, 2018 at 05:30PM by CoolUsernamesAreGone
via reddit https://ift.tt/2qoZkbw
GitHub
mvetsch/JWT4B
JWT4B - JWT Support for Burp
Securing DNS across all of my devices with Pi-Hole + DNS-over-HTTPS + 1.1.1.1
https://ift.tt/2EFJk9j
Submitted April 12, 2018 at 05:24PM by Sjoerder
via reddit https://ift.tt/2IOc7Lq
https://ift.tt/2EFJk9j
Submitted April 12, 2018 at 05:24PM by Sjoerder
via reddit https://ift.tt/2IOc7Lq
Scott Helme
Securing DNS across all of my devices with Pi-Hole + DNS-over-HTTPS + 1.1.1.1
DNS is the protocol that makes the web work. It's how we convert easy to remember names like facebook.com into hard to remember IP addresses like 157.240.1.35 and others. Without it, the web wouldn't work but DNS has a problem, it's not secure. The Problem…
Introducing Snallygaster - a Tool to Scan for Secrets on Web Servers
https://ift.tt/2JCkrzd
Submitted April 12, 2018 at 06:28PM by al-maisan
via reddit https://ift.tt/2JF3vb2
https://ift.tt/2JCkrzd
Submitted April 12, 2018 at 06:28PM by al-maisan
via reddit https://ift.tt/2JF3vb2
reddit
Introducing Snallygaster - a Tool to Scan for Secrets... • r/netsec
1 points and 0 comments so far on reddit
Visual VPC Flow
https://ift.tt/2IjXiRu
Submitted April 12, 2018 at 06:56PM by tech-tramp
via reddit https://ift.tt/2JDqRhm
https://ift.tt/2IjXiRu
Submitted April 12, 2018 at 06:56PM by tech-tramp
via reddit https://ift.tt/2JDqRhm
Visual VPC Flow Logs | TotalCloud
Sign-up for TotalCloud closed beta to visualize AWS VPC flow logs
Scan For Security - is a professional penetration testing and security standards guiding portal. We will provide you with all required information and do our best to make your application secure and compliant with modern security standards.
https://ift.tt/2HyJouM
Submitted April 12, 2018 at 06:39PM by TechnologiesHive
via reddit https://ift.tt/2qqOXEe
https://ift.tt/2HyJouM
Submitted April 12, 2018 at 06:39PM by TechnologiesHive
via reddit https://ift.tt/2qqOXEe