DOM-based CSRF in Facebook
https://ift.tt/2pSQGB7
Submitted April 13, 2018 at 03:37PM by albinowax
via reddit https://ift.tt/2quYqcR
https://ift.tt/2pSQGB7
Submitted April 13, 2018 at 03:37PM by albinowax
via reddit https://ift.tt/2quYqcR
Hey Dave, next time your mate tells you to change your password in the University PC suite, don’t read it out loud as you type it. Oh, and capital D, ave3333 isn’t very secure.
No text found
Submitted April 13, 2018 at 04:41PM by po30555
via reddit https://ift.tt/2HyGlCy
No text found
Submitted April 13, 2018 at 04:41PM by po30555
via reddit https://ift.tt/2HyGlCy
reddit
Hey Dave, next time your mate tells you to change... • r/security
4 points and 2 comments so far on reddit
PoC Code for demonstrating CVE-2018-0886 [See Comment]
https://ift.tt/2GV4INV
Submitted April 13, 2018 at 05:10PM by TechLord2
via reddit https://ift.tt/2EIrTVM
https://ift.tt/2GV4INV
Submitted April 13, 2018 at 05:10PM by TechLord2
via reddit https://ift.tt/2EIrTVM
GitHub
preempt/credssp
credssp - A code demonstrating CVE-2018-0886
50 VPNs share data on their users with Facebook
https://ift.tt/2Hz5ltx
Submitted April 13, 2018 at 05:31PM by KingHeenrry
via reddit https://ift.tt/2JITslE
https://ift.tt/2Hz5ltx
Submitted April 13, 2018 at 05:31PM by KingHeenrry
via reddit https://ift.tt/2JITslE
vpnMentor
Report: 50 VPNs share data on their users with Facebook | vpnMentor
Is your VPN running the Facebook pixel, thus putting a dent in your privacy? We tested almost 300 — check out the results and see if it’s time you had a word with your provider.
Kubernetes Security - Best Practice Guide
https://ift.tt/2JiTKz8
Submitted April 13, 2018 at 06:08PM by speckz
via reddit https://ift.tt/2qtiEna
https://ift.tt/2JiTKz8
Submitted April 13, 2018 at 06:08PM by speckz
via reddit https://ift.tt/2qtiEna
GitHub
freach/kubernetes-security-best-practice
Kubernetes Security - Best Practice Guide. Contribute to freach/kubernetes-security-best-practice development by creating an account on GitHub.
Bug hunters: The hackers earning big bucks... ethically
https://ift.tt/2IRKEIz
Submitted April 13, 2018 at 06:31PM by sassanix
via reddit https://ift.tt/2IPzjJa
https://ift.tt/2IRKEIz
Submitted April 13, 2018 at 06:31PM by sassanix
via reddit https://ift.tt/2IPzjJa
BBC News
Bug hunters: The hackers earning big bucks... ethically
Big rewards are available for hackers who can spot when websites have got their coding wrong.
Security In 5: Episode 216 - Cloudflare DNS - Why You Should Start Using It Today
https://ift.tt/2ISxM5j
Submitted April 13, 2018 at 06:36PM by BinaryBlog
via reddit https://ift.tt/2qvaUBO
https://ift.tt/2ISxM5j
Submitted April 13, 2018 at 06:36PM by BinaryBlog
via reddit https://ift.tt/2qvaUBO
Libsyn
Security In Five Podcast: Episode 216 - Cloudflare DNS - Why You Should Start Using It Today
This week's Tools, Tips and Tricks episode is the one you should use starting today. Cloudflare released a new, private and public DNS that anyone can use. In the growing concern around privacy and the rest of the Internet users waking up to how companies…
Is cyber insurance the solution to GDPR liability?
https://ift.tt/2GVs3uS
Submitted April 13, 2018 at 07:03PM by htbridgedigital
via reddit https://ift.tt/2EIKe54
https://ift.tt/2GVs3uS
Submitted April 13, 2018 at 07:03PM by htbridgedigital
via reddit https://ift.tt/2EIKe54
Htbridge
Is cyber insurance the solution to GDPR liability?
The enforcement of GDPR is imminent (25 May 2018). Companies have already spent millions of dollars, euros and pounds reinforcing their security and adapting their processes to ensure compliance.
Cross-Protocol Request Forgery
https://ift.tt/2qtGgYV
Submitted April 13, 2018 at 07:14PM by digicat
via reddit https://ift.tt/2HkF8kB
https://ift.tt/2qtGgYV
Submitted April 13, 2018 at 07:14PM by digicat
via reddit https://ift.tt/2HkF8kB
Snow Day Calculator XSS
https://ift.tt/2GZxwRn
Submitted April 13, 2018 at 04:21AM by veggiedefender
via reddit https://ift.tt/2HwmbJy
https://ift.tt/2GZxwRn
Submitted April 13, 2018 at 04:21AM by veggiedefender
via reddit https://ift.tt/2HwmbJy
Android phone makers skip Google security updates without telling users – study
https://ift.tt/2HxQwr5
Submitted April 13, 2018 at 09:46PM by imr2017
via reddit https://ift.tt/2qvJLhw
https://ift.tt/2HxQwr5
Submitted April 13, 2018 at 09:46PM by imr2017
via reddit https://ift.tt/2qvJLhw
the Guardian
Android phone makers skip Google security updates without telling users – study
Users told smartphone’s software has been updated with monthly patches when it hasn’t, new research claims
Linux Deepin Is Spyware
https://www.youtube.com/watch?v=v25Dy66AtNI
Submitted April 13, 2018 at 10:21PM by Boyboyroy
via reddit https://ift.tt/2qu4UcN
https://www.youtube.com/watch?v=v25Dy66AtNI
Submitted April 13, 2018 at 10:21PM by Boyboyroy
via reddit https://ift.tt/2qu4UcN
YouTube
Linux Deepin Is Spyware
Update: Linux Deepin removed CNZZ tracking as of 20 July 2018: https://youtu.be/WSr6iwVd2RE
As of version 15.5 Linux Deepin carries out spying, with the App store making unencrypted connections to known Chinese tracker CNZZ.
Deepin 15.3 and 15.4 which I…
As of version 15.5 Linux Deepin carries out spying, with the App store making unencrypted connections to known Chinese tracker CNZZ.
Deepin 15.3 and 15.4 which I…
Google is always listening: Live Test
https://www.youtube.com/watch?v=zBnDWSvaQ1I
Submitted April 13, 2018 at 10:16PM by TallE74
via reddit https://ift.tt/2ITYaf9
https://www.youtube.com/watch?v=zBnDWSvaQ1I
Submitted April 13, 2018 at 10:16PM by TallE74
via reddit https://ift.tt/2ITYaf9
YouTube
Is Google always listening: Live Test
Follow up video: https://youtu.be/kv8gvXPwWjY
Does Google and Facebook listen in and record conversations and audio even when they're not open? I perform a live test using Google chrome on a Windows 10 PC to discover whether my microphone appears to be recording…
Does Google and Facebook listen in and record conversations and audio even when they're not open? I perform a live test using Google chrome on a Windows 10 PC to discover whether my microphone appears to be recording…
Windows Digital Forensics, Memory Forensics, Reverse Engineering Videos (X-Post)
https://www.youtube.com/13cubed
Submitted April 13, 2018 at 10:15PM by 13Cubed
via reddit https://ift.tt/2HpB02O
https://www.youtube.com/13cubed
Submitted April 13, 2018 at 10:15PM by 13Cubed
via reddit https://ift.tt/2HpB02O
YouTube
13Cubed
Digital Forensics. Hacking. Home Labs.
From Volatility to Graylog
https://ift.tt/2JJcTuv
Submitted April 13, 2018 at 11:48PM by SnortyMcShane
via reddit https://ift.tt/2vc9h0W
https://ift.tt/2JJcTuv
Submitted April 13, 2018 at 11:48PM by SnortyMcShane
via reddit https://ift.tt/2vc9h0W
#
From Volatility to Graylog
A quick way to ship Volatility JSON files to Graylog.
Hackers Can Steal Data from Air-Gapped Computers through Power Lines
https://ift.tt/2qrMNmT
Submitted April 14, 2018 at 12:10AM by TheDinosaurSmuggler
via reddit https://ift.tt/2JIzzel
https://ift.tt/2qrMNmT
Submitted April 14, 2018 at 12:10AM by TheDinosaurSmuggler
via reddit https://ift.tt/2JIzzel
The Hacker News
Hacker Can Steal Data from Air-Gapped Computers through Power Lines
PowerHammer: Researchers demonstrate how hackers can steal data from an air-gapped computer using power lines.
Routing Attacks on Internet Services
https://ift.tt/2JG3oMD
Submitted April 14, 2018 at 01:13AM by EvanConover
via reddit https://ift.tt/2EJhedw
https://ift.tt/2JG3oMD
Submitted April 14, 2018 at 01:13AM by EvanConover
via reddit https://ift.tt/2EJhedw
Circleid
Routing Attacks on Internet Services
This post was co-authored by Yixin Sun, Annie Edmundson, Henry Birge-Lee, Jennifer Rexford, and Prateek Mittal. In this post, we discuss a recent thread of research that highlights the insecurity of Internet services due to the underlying insecurity of Internet…
Hijacking User’s Private Information access_token from Microsoft Office360 facebook App
https://ift.tt/2HAVkMg
Submitted April 14, 2018 at 01:12AM by SymbianSyMoh
via reddit https://ift.tt/2JKeMqz
https://ift.tt/2HAVkMg
Submitted April 14, 2018 at 01:12AM by SymbianSyMoh
via reddit https://ift.tt/2JKeMqz
Drupalgeddon2 PoC
https://ift.tt/2HuVc0Q
Submitted April 14, 2018 at 01:28AM by sprkyco
via reddit https://ift.tt/2HhRPgl
https://ift.tt/2HuVc0Q
Submitted April 14, 2018 at 01:28AM by sprkyco
via reddit https://ift.tt/2HhRPgl
GitHub
a2u/CVE-2018-7600
Proof-of-Concept for CVE-2018-7600 Drupal SA-CORE-2018-002.
Using Deep Learning to detect malicious PowerShell Commands
https://ift.tt/2GYGw9s
Submitted April 14, 2018 at 12:38AM by k3170makan
via reddit https://ift.tt/2HoBl5Z
https://ift.tt/2GYGw9s
Submitted April 14, 2018 at 12:38AM by k3170makan
via reddit https://ift.tt/2HoBl5Z
reddit
Using Deep Learning to detect malicious PowerShell Commands • r/netsec
7 points and 0 comments so far on reddit
[Basics] Vultr DNS Service Domain Hijacking Abandoned Domains
https://ift.tt/2vbtHHf
Submitted April 14, 2018 at 12:20AM by vysec
via reddit https://ift.tt/2JKh5di
https://ift.tt/2vbtHHf
Submitted April 14, 2018 at 12:20AM by vysec
via reddit https://ift.tt/2JKh5di
Vincent Yiu
Vultr Domain Hijacking
TLDR: Vultr does not verify domain ownership when adding new domains. This allows the hijack of abandoned domains by pretty much anyone with an account and verified payment method Disclosure Timeline 2018/04/09: Reported to Vultr to see if they will fix and…