#0daytoday #Microsoft Windows - nt!NtQueryVirtualMemory (MemoryImageInformation) Kernel 64-bit Stac [#0day #Exploit]
https://tsecurity.de/de/300397/Reverse-Engineering/Exploits/PoC/%2525230daytoday-%252523Microsoft-Windows-nt!NtQueryVirtualMemory-(MemoryImageInformation)-Kernel-64-bit-Stac-[%2525230day-%252523Exploit]/#.WtbVIeX1QTE.reddit
Submitted April 18, 2018 at 10:48AM by Horus_Sirius
via reddit https://ift.tt/2qHAWC0
https://tsecurity.de/de/300397/Reverse-Engineering/Exploits/PoC/%2525230daytoday-%252523Microsoft-Windows-nt!NtQueryVirtualMemory-(MemoryImageInformation)-Kernel-64-bit-Stac-[%2525230day-%252523Exploit]/#.WtbVIeX1QTE.reddit
Submitted April 18, 2018 at 10:48AM by Horus_Sirius
via reddit https://ift.tt/2qHAWC0
TSecurity Portal
#0daytoday #Microsoft Windows - nt!NtQueryVirtualMemory (MemoryImageInformation) Kernel 64-bit Stac [#0day #Exploit]
#0daytoday #Microsoft Window Manager (Windows 7 x86) - Menu Management Component UAF Privilege Elev [#0day #Exploit]
https://tsecurity.de/de/300396/Reverse-Engineering/Exploits/PoC/%2525230daytoday-%252523Microsoft-Window-Manager-(Windows-7-x86)-Menu-Management-Component-UAF-Privilege-Elev-[%2525230day-%252523Exploit]/#.WtbU8ab4ZPQ.reddit
Submitted April 18, 2018 at 10:47AM by Horus_Sirius
via reddit https://ift.tt/2vqOyqa
https://tsecurity.de/de/300396/Reverse-Engineering/Exploits/PoC/%2525230daytoday-%252523Microsoft-Window-Manager-(Windows-7-x86)-Menu-Management-Component-UAF-Privilege-Elev-[%2525230day-%252523Exploit]/#.WtbU8ab4ZPQ.reddit
Submitted April 18, 2018 at 10:47AM by Horus_Sirius
via reddit https://ift.tt/2vqOyqa
TSecurity Portal
#0daytoday #Microsoft Window Manager (Windows 7 x86) - Menu Management Component UAF Privilege Elev [#0day #Exploit]
Raspberry Pi was hacked!
Hi all, I did a bad thing. I ran some code on my headless raspberry pi via ssh that sends a series of web requests over a long period (3+ hrs) a few separate times last week. I did not change the factory password/username combo (I know, I know). This weekend, I noticed I couldn't ssh in because it was claiming my password was incorrect. Tonight, I hooked it up to a monitor/keyboard and as soon as I turn it on, it performs a series of unfamiliar operations that I can't interrupt, some of which seem to be connecting to IP addresses that are not in my network. SO my questions are these: 1. Have I been hacked? 2. My raspberry pi is unplugged. Is it possible they have compromised my router/network security in general?tl;dr I think my raspberry pi was accessed by someone else via ssh. Is it possible they have compromised my router/network security in general?
Submitted April 18, 2018 at 08:43AM by chp_130
via reddit https://ift.tt/2qLw2n1
Hi all, I did a bad thing. I ran some code on my headless raspberry pi via ssh that sends a series of web requests over a long period (3+ hrs) a few separate times last week. I did not change the factory password/username combo (I know, I know). This weekend, I noticed I couldn't ssh in because it was claiming my password was incorrect. Tonight, I hooked it up to a monitor/keyboard and as soon as I turn it on, it performs a series of unfamiliar operations that I can't interrupt, some of which seem to be connecting to IP addresses that are not in my network. SO my questions are these: 1. Have I been hacked? 2. My raspberry pi is unplugged. Is it possible they have compromised my router/network security in general?tl;dr I think my raspberry pi was accessed by someone else via ssh. Is it possible they have compromised my router/network security in general?
Submitted April 18, 2018 at 08:43AM by chp_130
via reddit https://ift.tt/2qLw2n1
reddit
Raspberry Pi was hacked! • r/security
Hi all, I did a bad thing. I ran some code on my headless raspberry pi via ssh that sends a series of web requests over a long period (3+ hrs) a...
Over 20,000,000 of Chrome Users are Victims of Fake Ad Blockers
https://ift.tt/2qApHdQ
Submitted April 18, 2018 at 07:22AM by speckz
via reddit https://ift.tt/2J3m87y
https://ift.tt/2qApHdQ
Submitted April 18, 2018 at 07:22AM by speckz
via reddit https://ift.tt/2J3m87y
AdGuard Blog
Over 20,000,000 of Chrome Users are Victims of Fake Ad Blockers
According to the PageFair 2014 report, Google Chrome is a major driver of adblock growth. 20% of users discovered ad blocking by browsing “available browser extensions”. Given how popular ad blocking is, it is quite a lot. This also explains why "cloning"…
The physical security industry is now cyber-aware and ready to act
https://ift.tt/2HKoCIM
Submitted April 18, 2018 at 11:48AM by Iot_Security
via reddit https://ift.tt/2EXnH4y
https://ift.tt/2HKoCIM
Submitted April 18, 2018 at 11:48AM by Iot_Security
via reddit https://ift.tt/2EXnH4y
Linkedin
ISC West 2018:
The physical security industry is now cyber-aware and ready to act
The physical security industry is now cyber-aware and ready to act
Last week, SecuriThings had the pleasure of exhibiting at ISC West, the largest physical security trade show in the U.S. We presented as part of
A nice tool to scan the security of your OwnCloud/NextCloud installation
https://ift.tt/2mMF9E8
Submitted April 18, 2018 at 01:55PM by DerFette88
via reddit https://ift.tt/2HHcpUT
https://ift.tt/2mMF9E8
Submitted April 18, 2018 at 01:55PM by DerFette88
via reddit https://ift.tt/2HHcpUT
reddit
A nice tool to scan the security of your... • r/security
1 points and 0 comments so far on reddit
An example of the public sector's lack of tech knowledge and the family that is now suffering because of it.
https://ift.tt/2J2xrwX
Submitted April 18, 2018 at 02:06PM by ubidubi4EVR
via reddit https://ift.tt/2EViOJn
https://ift.tt/2J2xrwX
Submitted April 18, 2018 at 02:06PM by ubidubi4EVR
via reddit https://ift.tt/2EViOJn
CBC
Teen charged in Nova Scotia government breach says he had 'no malicious intent' | CBC News
The 19-year-old says he believed the documents he plucked from Nova Scotia's Freedom of Information and Protection of Privacy Act web portal were "free to just download."
News: An example of the public sector's lack of tech knowledge and the family that is now suffering because of it.
https://ift.tt/2J2xrwX
Submitted April 18, 2018 at 02:16PM by ubidubi4EVR
via reddit https://ift.tt/2vrFAZO
https://ift.tt/2J2xrwX
Submitted April 18, 2018 at 02:16PM by ubidubi4EVR
via reddit https://ift.tt/2vrFAZO
CBC
Teen charged in Nova Scotia government breach says he had 'no malicious intent' | CBC News
The 19-year-old says he believed the documents he plucked from Nova Scotia's Freedom of Information and Protection of Privacy Act web portal were "free to just download."
GitHub Pages generated a TLS cert for custom, non *.github.io domain
https://ift.tt/2qGIrZb
Submitted April 18, 2018 at 05:41PM by suixo
via reddit https://ift.tt/2H7XJBn
https://ift.tt/2qGIrZb
Submitted April 18, 2018 at 05:41PM by suixo
via reddit https://ift.tt/2H7XJBn
A Student Hacker's Life
GitHub Pages generated a (rogue) TLS cert for my own domain!
How the hell is this blog served over HTTPS by GitHub Pages?
Whatsapp user’s IP disclosure with Link Preview feature
https://ift.tt/2JXDjJ8
Submitted April 18, 2018 at 05:36PM by 0v3rl04d
via reddit https://ift.tt/2qIEjI2
https://ift.tt/2JXDjJ8
Submitted April 18, 2018 at 05:36PM by 0v3rl04d
via reddit https://ift.tt/2qIEjI2
Medium
Whatsapp user’s IP disclosure with Link Preview feature
Simple php code can disclose Whatsapp users ip and app version and save disclosed information to attackers server.
Solving The Security Risk Puzzle, State Of The Union
https://ift.tt/2qIbDPl
Submitted April 18, 2018 at 05:23PM by Uminekoshi
via reddit https://ift.tt/2EX7pbM
https://ift.tt/2qIbDPl
Submitted April 18, 2018 at 05:23PM by Uminekoshi
via reddit https://ift.tt/2EX7pbM
Nehemiah Security
Guest Post: Solving the Security Risk Puzzle, State of the Union - Nehemiah Security
This blog is the second in a three part series discussing how to solve the security risk puzzle. Previously, we took a brief look at the history of the security risk gap…or as Gartner dubbed it, “above the line” and “below the line.” Historically, the industry…
Security In 5: Episode 219 - Firefox Releases Privacy Protection By Default In iOS
https://ift.tt/2H8hZ1D
Submitted April 18, 2018 at 06:33PM by BinaryBlog
via reddit https://ift.tt/2JWFIUm
https://ift.tt/2H8hZ1D
Submitted April 18, 2018 at 06:33PM by BinaryBlog
via reddit https://ift.tt/2JWFIUm
Libsyn
Security In Five Podcast: Episode 219 - Firefox Releases Privacy Protection By Default In iOS
Mozilla has been stepping up their privacy centric approach for users. Earlier this week they released a feature in Firefox for Facebook isolation. Now they have released a feature in the iOS Firefox browser to have privacy protections turned on by default.…
Security report : Hackers can take full control of online compilers through a common exploit
https://ift.tt/2qHC1sY
Submitted April 18, 2018 at 07:03PM by serhack
via reddit https://ift.tt/2vmcivD
https://ift.tt/2qHC1sY
Submitted April 18, 2018 at 07:03PM by serhack
via reddit https://ift.tt/2vmcivD
serhack.me
Security report : Hackers can take full control of online compilers through a common exploit
Online compilers are a handy tool to save time and resources for coders, and are freely available for a variety of programming languages. But what's happen if they aren't built so secure?
PBot: a Python-based adware
https://ift.tt/2qGsEJW
Submitted April 18, 2018 at 09:23PM by EvanConover
via reddit https://ift.tt/2EUOJJH
https://ift.tt/2qGsEJW
Submitted April 18, 2018 at 09:23PM by EvanConover
via reddit https://ift.tt/2EUOJJH
Malwarebytes Labs
PBot: a Python-based adware - Malwarebytes Labs
Recently, we came across a Python-based sample dropped by an exploit kit. Although it arrives under the disguise of a MinerBlocker, it has nothing in common with miners. In fact, it seems to be PBot: a Python-based adware.
Let's Encrypt is now the largest SSL certificate issuer for websites with 51.21% domain usage
https://ift.tt/1s5CUuk
Submitted April 18, 2018 at 09:18PM by speckz
via reddit https://ift.tt/2vr1mN9
https://ift.tt/1s5CUuk
Submitted April 18, 2018 at 09:18PM by speckz
via reddit https://ift.tt/2vr1mN9
NetTrack - Anonymous Web Statistics
SSL Issuer Popularity
Statistics for SSL Issuers. World, TLD and country top lists.
Decoding network data from a Gh0st RAT variant
https://ift.tt/2vm0N7d
Submitted April 18, 2018 at 10:21PM by digicat
via reddit https://ift.tt/2JTISbz
https://ift.tt/2vm0N7d
Submitted April 18, 2018 at 10:21PM by digicat
via reddit https://ift.tt/2JTISbz
Bridge between Burp Suite and Frida - Manipulate applications’ own methods while tampering traffic between the applications and servers [Updated Apr 2018] - See Comment
https://ift.tt/2fvhVjF
Submitted April 18, 2018 at 10:55PM by TechLord2
via reddit https://ift.tt/2qG4cJg
https://ift.tt/2fvhVjF
Submitted April 18, 2018 at 10:55PM by TechLord2
via reddit https://ift.tt/2qG4cJg
GitHub
federicodotta/Brida
The new bridge between Burp Suite and Frida! Contribute to federicodotta/Brida development by creating an account on GitHub.
Gold Galleon Hacking Group Plunders Shipping Industry
https://ift.tt/2H9KQqq
Submitted April 18, 2018 at 10:41PM by volci
via reddit https://ift.tt/2H9YLNl
https://ift.tt/2H9KQqq
Submitted April 18, 2018 at 10:41PM by volci
via reddit https://ift.tt/2H9YLNl
Threatpost | The first stop for security news
Gold Galleon Hacking Group Plunders Shipping Industry
SAN FRANCISCO – Researchers have identified the hacking group behind several widescale business email compromise (BEC) attacks gouging the maritime shipping industry millions of dollars since last
Security needs Artificial Intelligence
https://ift.tt/2JXeM6M
Submitted April 18, 2018 at 11:45PM by zinsi-
via reddit https://ift.tt/2HeopfT
https://ift.tt/2JXeM6M
Submitted April 18, 2018 at 11:45PM by zinsi-
via reddit https://ift.tt/2HeopfT
Linkedin
Security needs Artificial Intelligence
When we founded Templarbit one of the first things we did was compile a list of all cyber security vendors. I wanted to know what and who we would be
Need good resource about Windows Hardening (books / tutorial)
I know that Linux is more secure but i also want to know some new think about Windows.Curently i am user of Avast (free i know that ESET is better but for now its seems to be ok with adwCleaner) I also use KeepassXS for make ~100 char. long passwords and store profiles (logins/passwords etc) I also turn off password and history save in browser (for Keepass reason)
Submitted April 19, 2018 at 01:32AM by XDF5
via reddit https://ift.tt/2qJ2hTz
I know that Linux is more secure but i also want to know some new think about Windows.Curently i am user of Avast (free i know that ESET is better but for now its seems to be ok with adwCleaner) I also use KeepassXS for make ~100 char. long passwords and store profiles (logins/passwords etc) I also turn off password and history save in browser (for Keepass reason)
Submitted April 19, 2018 at 01:32AM by XDF5
via reddit https://ift.tt/2qJ2hTz
reddit
Need good resource about Windows Hardening (books /... • r/security
I know that Linux is more secure but i also want to know some new think about Windows. Curently i am user of Avast (free i know that ESET is...
A Sobering Look at Fake Online Reviews
https://ift.tt/2J5MG8k
Submitted April 19, 2018 at 01:21AM by EvanConover
via reddit https://ift.tt/2H9Ims4
https://ift.tt/2J5MG8k
Submitted April 19, 2018 at 01:21AM by EvanConover
via reddit https://ift.tt/2H9Ims4
reddit
A Sobering Look at Fake Online Reviews • r/security
1 points and 0 comments so far on reddit