GPG Reaper - Obtain/Steal/Restore GPG Private Keys from gpg-agent cache/memory (See Comment)
https://ift.tt/2qFDfVy
Submitted April 18, 2018 at 09:06AM by TechLord2
via reddit https://ift.tt/2JU3XlT
https://ift.tt/2qFDfVy
Submitted April 18, 2018 at 09:06AM by TechLord2
via reddit https://ift.tt/2JU3XlT
GitHub
kacperszurek/gpg_reaper
gpg_reaper - GPG Reaper - Obtain/Steal/Restore GPG Private Keys from gpg-agent cache/memory
GPG Reaper - Obtain/Steal/Restore GPG Private Keys from gpg-agent cache/memory (See Comment)
https://ift.tt/2qFDfVy
Submitted April 18, 2018 at 09:06AM by TechLord2
via reddit https://ift.tt/2JU3XlT
https://ift.tt/2qFDfVy
Submitted April 18, 2018 at 09:06AM by TechLord2
via reddit https://ift.tt/2JU3XlT
GitHub
kacperszurek/gpg_reaper
gpg_reaper - GPG Reaper - Obtain/Steal/Restore GPG Private Keys from gpg-agent cache/memory
Enumerate usernames on an internal network domain where you have no creds by using SMB Relay with low priv (Github Sources)
https://ift.tt/2qG5zqU
Submitted April 18, 2018 at 08:24AM by TechLord2
via reddit https://ift.tt/2qGz6R9
https://ift.tt/2qG5zqU
Submitted April 18, 2018 at 08:24AM by TechLord2
via reddit https://ift.tt/2qGz6R9
GitHub
skorov/ridrelay
ridrelay - Enumerate usernames on a domain where you have no creds by using SMB Relay with low priv.
Leaking ads
https://ift.tt/2vmzcTL
Submitted April 18, 2018 at 03:24AM by EvanConover
via reddit https://ift.tt/2qF7UlK
https://ift.tt/2vmzcTL
Submitted April 18, 2018 at 03:24AM by EvanConover
via reddit https://ift.tt/2qF7UlK
Securelist - Kaspersky Lab’s cyberthreat research and reports
Leaking ads
When we use popular apps with good ratings from official app stores we assume they are safe. This is partially true – usually these apps have been developed with security in mind and have been revie
Windows 10 Update Will Support More Password-Free Logins
https://ift.tt/2JUbTDG
Submitted April 18, 2018 at 10:56AM by Horus_Sirius
via reddit https://ift.tt/2HcFzKR
https://ift.tt/2JUbTDG
Submitted April 18, 2018 at 10:56AM by Horus_Sirius
via reddit https://ift.tt/2HcFzKR
TSecurity Portal
Windows 10 Update Will Support More Password-Free Logins
#0daytoday #Microsoft Windows - nt!NtQueryInformationProcess (ProcessImageFileName) Kernel 64-bit P [#0day #Exploit]
https://tsecurity.de/de/300398/Reverse-Engineering/Exploits/PoC/%2525230daytoday-%252523Microsoft-Windows-nt!NtQueryInformationProcess-(ProcessImageFileName)-Kernel-64-bit-P-[%2525230day-%252523Exploit]/#.WtbVP34lgyI.reddit
Submitted April 18, 2018 at 10:49AM by Horus_Sirius
via reddit https://ift.tt/2EUblKD
https://tsecurity.de/de/300398/Reverse-Engineering/Exploits/PoC/%2525230daytoday-%252523Microsoft-Windows-nt!NtQueryInformationProcess-(ProcessImageFileName)-Kernel-64-bit-P-[%2525230day-%252523Exploit]/#.WtbVP34lgyI.reddit
Submitted April 18, 2018 at 10:49AM by Horus_Sirius
via reddit https://ift.tt/2EUblKD
TSecurity Portal
#0daytoday #Microsoft Windows - nt!NtQueryInformationProcess (ProcessImageFileName) Kernel 64-bit P [#0day #Exploit]
#0daytoday #Microsoft Windows - nt!NtQueryVirtualMemory (MemoryImageInformation) Kernel 64-bit Stac [#0day #Exploit]
https://tsecurity.de/de/300397/Reverse-Engineering/Exploits/PoC/%2525230daytoday-%252523Microsoft-Windows-nt!NtQueryVirtualMemory-(MemoryImageInformation)-Kernel-64-bit-Stac-[%2525230day-%252523Exploit]/#.WtbVIeX1QTE.reddit
Submitted April 18, 2018 at 10:48AM by Horus_Sirius
via reddit https://ift.tt/2qHAWC0
https://tsecurity.de/de/300397/Reverse-Engineering/Exploits/PoC/%2525230daytoday-%252523Microsoft-Windows-nt!NtQueryVirtualMemory-(MemoryImageInformation)-Kernel-64-bit-Stac-[%2525230day-%252523Exploit]/#.WtbVIeX1QTE.reddit
Submitted April 18, 2018 at 10:48AM by Horus_Sirius
via reddit https://ift.tt/2qHAWC0
TSecurity Portal
#0daytoday #Microsoft Windows - nt!NtQueryVirtualMemory (MemoryImageInformation) Kernel 64-bit Stac [#0day #Exploit]
#0daytoday #Microsoft Window Manager (Windows 7 x86) - Menu Management Component UAF Privilege Elev [#0day #Exploit]
https://tsecurity.de/de/300396/Reverse-Engineering/Exploits/PoC/%2525230daytoday-%252523Microsoft-Window-Manager-(Windows-7-x86)-Menu-Management-Component-UAF-Privilege-Elev-[%2525230day-%252523Exploit]/#.WtbU8ab4ZPQ.reddit
Submitted April 18, 2018 at 10:47AM by Horus_Sirius
via reddit https://ift.tt/2vqOyqa
https://tsecurity.de/de/300396/Reverse-Engineering/Exploits/PoC/%2525230daytoday-%252523Microsoft-Window-Manager-(Windows-7-x86)-Menu-Management-Component-UAF-Privilege-Elev-[%2525230day-%252523Exploit]/#.WtbU8ab4ZPQ.reddit
Submitted April 18, 2018 at 10:47AM by Horus_Sirius
via reddit https://ift.tt/2vqOyqa
TSecurity Portal
#0daytoday #Microsoft Window Manager (Windows 7 x86) - Menu Management Component UAF Privilege Elev [#0day #Exploit]
Raspberry Pi was hacked!
Hi all, I did a bad thing. I ran some code on my headless raspberry pi via ssh that sends a series of web requests over a long period (3+ hrs) a few separate times last week. I did not change the factory password/username combo (I know, I know). This weekend, I noticed I couldn't ssh in because it was claiming my password was incorrect. Tonight, I hooked it up to a monitor/keyboard and as soon as I turn it on, it performs a series of unfamiliar operations that I can't interrupt, some of which seem to be connecting to IP addresses that are not in my network. SO my questions are these: 1. Have I been hacked? 2. My raspberry pi is unplugged. Is it possible they have compromised my router/network security in general?tl;dr I think my raspberry pi was accessed by someone else via ssh. Is it possible they have compromised my router/network security in general?
Submitted April 18, 2018 at 08:43AM by chp_130
via reddit https://ift.tt/2qLw2n1
Hi all, I did a bad thing. I ran some code on my headless raspberry pi via ssh that sends a series of web requests over a long period (3+ hrs) a few separate times last week. I did not change the factory password/username combo (I know, I know). This weekend, I noticed I couldn't ssh in because it was claiming my password was incorrect. Tonight, I hooked it up to a monitor/keyboard and as soon as I turn it on, it performs a series of unfamiliar operations that I can't interrupt, some of which seem to be connecting to IP addresses that are not in my network. SO my questions are these: 1. Have I been hacked? 2. My raspberry pi is unplugged. Is it possible they have compromised my router/network security in general?tl;dr I think my raspberry pi was accessed by someone else via ssh. Is it possible they have compromised my router/network security in general?
Submitted April 18, 2018 at 08:43AM by chp_130
via reddit https://ift.tt/2qLw2n1
reddit
Raspberry Pi was hacked! • r/security
Hi all, I did a bad thing. I ran some code on my headless raspberry pi via ssh that sends a series of web requests over a long period (3+ hrs) a...
Over 20,000,000 of Chrome Users are Victims of Fake Ad Blockers
https://ift.tt/2qApHdQ
Submitted April 18, 2018 at 07:22AM by speckz
via reddit https://ift.tt/2J3m87y
https://ift.tt/2qApHdQ
Submitted April 18, 2018 at 07:22AM by speckz
via reddit https://ift.tt/2J3m87y
AdGuard Blog
Over 20,000,000 of Chrome Users are Victims of Fake Ad Blockers
According to the PageFair 2014 report, Google Chrome is a major driver of adblock growth. 20% of users discovered ad blocking by browsing “available browser extensions”. Given how popular ad blocking is, it is quite a lot. This also explains why "cloning"…
The physical security industry is now cyber-aware and ready to act
https://ift.tt/2HKoCIM
Submitted April 18, 2018 at 11:48AM by Iot_Security
via reddit https://ift.tt/2EXnH4y
https://ift.tt/2HKoCIM
Submitted April 18, 2018 at 11:48AM by Iot_Security
via reddit https://ift.tt/2EXnH4y
Linkedin
ISC West 2018:
The physical security industry is now cyber-aware and ready to act
The physical security industry is now cyber-aware and ready to act
Last week, SecuriThings had the pleasure of exhibiting at ISC West, the largest physical security trade show in the U.S. We presented as part of
A nice tool to scan the security of your OwnCloud/NextCloud installation
https://ift.tt/2mMF9E8
Submitted April 18, 2018 at 01:55PM by DerFette88
via reddit https://ift.tt/2HHcpUT
https://ift.tt/2mMF9E8
Submitted April 18, 2018 at 01:55PM by DerFette88
via reddit https://ift.tt/2HHcpUT
reddit
A nice tool to scan the security of your... • r/security
1 points and 0 comments so far on reddit
An example of the public sector's lack of tech knowledge and the family that is now suffering because of it.
https://ift.tt/2J2xrwX
Submitted April 18, 2018 at 02:06PM by ubidubi4EVR
via reddit https://ift.tt/2EViOJn
https://ift.tt/2J2xrwX
Submitted April 18, 2018 at 02:06PM by ubidubi4EVR
via reddit https://ift.tt/2EViOJn
CBC
Teen charged in Nova Scotia government breach says he had 'no malicious intent' | CBC News
The 19-year-old says he believed the documents he plucked from Nova Scotia's Freedom of Information and Protection of Privacy Act web portal were "free to just download."
News: An example of the public sector's lack of tech knowledge and the family that is now suffering because of it.
https://ift.tt/2J2xrwX
Submitted April 18, 2018 at 02:16PM by ubidubi4EVR
via reddit https://ift.tt/2vrFAZO
https://ift.tt/2J2xrwX
Submitted April 18, 2018 at 02:16PM by ubidubi4EVR
via reddit https://ift.tt/2vrFAZO
CBC
Teen charged in Nova Scotia government breach says he had 'no malicious intent' | CBC News
The 19-year-old says he believed the documents he plucked from Nova Scotia's Freedom of Information and Protection of Privacy Act web portal were "free to just download."
GitHub Pages generated a TLS cert for custom, non *.github.io domain
https://ift.tt/2qGIrZb
Submitted April 18, 2018 at 05:41PM by suixo
via reddit https://ift.tt/2H7XJBn
https://ift.tt/2qGIrZb
Submitted April 18, 2018 at 05:41PM by suixo
via reddit https://ift.tt/2H7XJBn
A Student Hacker's Life
GitHub Pages generated a (rogue) TLS cert for my own domain!
How the hell is this blog served over HTTPS by GitHub Pages?
Whatsapp user’s IP disclosure with Link Preview feature
https://ift.tt/2JXDjJ8
Submitted April 18, 2018 at 05:36PM by 0v3rl04d
via reddit https://ift.tt/2qIEjI2
https://ift.tt/2JXDjJ8
Submitted April 18, 2018 at 05:36PM by 0v3rl04d
via reddit https://ift.tt/2qIEjI2
Medium
Whatsapp user’s IP disclosure with Link Preview feature
Simple php code can disclose Whatsapp users ip and app version and save disclosed information to attackers server.
Solving The Security Risk Puzzle, State Of The Union
https://ift.tt/2qIbDPl
Submitted April 18, 2018 at 05:23PM by Uminekoshi
via reddit https://ift.tt/2EX7pbM
https://ift.tt/2qIbDPl
Submitted April 18, 2018 at 05:23PM by Uminekoshi
via reddit https://ift.tt/2EX7pbM
Nehemiah Security
Guest Post: Solving the Security Risk Puzzle, State of the Union - Nehemiah Security
This blog is the second in a three part series discussing how to solve the security risk puzzle. Previously, we took a brief look at the history of the security risk gap…or as Gartner dubbed it, “above the line” and “below the line.” Historically, the industry…
Security In 5: Episode 219 - Firefox Releases Privacy Protection By Default In iOS
https://ift.tt/2H8hZ1D
Submitted April 18, 2018 at 06:33PM by BinaryBlog
via reddit https://ift.tt/2JWFIUm
https://ift.tt/2H8hZ1D
Submitted April 18, 2018 at 06:33PM by BinaryBlog
via reddit https://ift.tt/2JWFIUm
Libsyn
Security In Five Podcast: Episode 219 - Firefox Releases Privacy Protection By Default In iOS
Mozilla has been stepping up their privacy centric approach for users. Earlier this week they released a feature in Firefox for Facebook isolation. Now they have released a feature in the iOS Firefox browser to have privacy protections turned on by default.…
Security report : Hackers can take full control of online compilers through a common exploit
https://ift.tt/2qHC1sY
Submitted April 18, 2018 at 07:03PM by serhack
via reddit https://ift.tt/2vmcivD
https://ift.tt/2qHC1sY
Submitted April 18, 2018 at 07:03PM by serhack
via reddit https://ift.tt/2vmcivD
serhack.me
Security report : Hackers can take full control of online compilers through a common exploit
Online compilers are a handy tool to save time and resources for coders, and are freely available for a variety of programming languages. But what's happen if they aren't built so secure?
PBot: a Python-based adware
https://ift.tt/2qGsEJW
Submitted April 18, 2018 at 09:23PM by EvanConover
via reddit https://ift.tt/2EUOJJH
https://ift.tt/2qGsEJW
Submitted April 18, 2018 at 09:23PM by EvanConover
via reddit https://ift.tt/2EUOJJH
Malwarebytes Labs
PBot: a Python-based adware - Malwarebytes Labs
Recently, we came across a Python-based sample dropped by an exploit kit. Although it arrives under the disguise of a MinerBlocker, it has nothing in common with miners. In fact, it seems to be PBot: a Python-based adware.
Let's Encrypt is now the largest SSL certificate issuer for websites with 51.21% domain usage
https://ift.tt/1s5CUuk
Submitted April 18, 2018 at 09:18PM by speckz
via reddit https://ift.tt/2vr1mN9
https://ift.tt/1s5CUuk
Submitted April 18, 2018 at 09:18PM by speckz
via reddit https://ift.tt/2vr1mN9
NetTrack - Anonymous Web Statistics
SSL Issuer Popularity
Statistics for SSL Issuers. World, TLD and country top lists.