DrayTek Vigor ACS unauth RCE via Java deserialisation / write-up + exploit
https://ift.tt/2HaDQJX
Submitted April 19, 2018 at 04:32PM by jose_boneh
via reddit https://ift.tt/2qJtW6U
https://ift.tt/2HaDQJX
Submitted April 19, 2018 at 04:32PM by jose_boneh
via reddit https://ift.tt/2qJtW6U
reddit
DrayTek Vigor ACS unauth RCE via Java deserialisation /... • r/netsec
1 points and 0 comments so far on reddit
Block Buster: How A Private Intelligence Platform Leaked 48 Million Personal Data Records
https://ift.tt/2qG6Vmd
Submitted April 19, 2018 at 05:33PM by Tony49UK
via reddit https://ift.tt/2vs2SyD
https://ift.tt/2qG6Vmd
Submitted April 19, 2018 at 05:33PM by Tony49UK
via reddit https://ift.tt/2vs2SyD
Upguard
Block Buster: How A Private Intelligence Platform Leaked 48 Million Personal Data Records
Learn how over 48 million records containing personal data leaked from within the systems of a private intelligence search service.
Security In 5: Episode 220 - IoT Strikes Again - The Worst Is Yet To Come
https://ift.tt/2F0g9ho
Submitted April 19, 2018 at 06:33PM by BinaryBlog
via reddit https://ift.tt/2HtWTyj
https://ift.tt/2F0g9ho
Submitted April 19, 2018 at 06:33PM by BinaryBlog
via reddit https://ift.tt/2HtWTyj
Libsyn
Security In Five Podcast: Episode 220 - IoT Strikes Again - The Worst Is Yet To Come
Internet of Things (IoT) is a security nightmare. Millions of devices are out on the open Internet with 10 year old vulnerabilities that are being exploited. This episode goes into the problems of why IoT devices are so insecure and what this could mean in…
The Science and Art of File Reputation
https://ift.tt/2qI4Wh0
Submitted April 19, 2018 at 07:34PM by volci
via reddit https://ift.tt/2HzkiOS
https://ift.tt/2qI4Wh0
Submitted April 19, 2018 at 07:34PM by volci
via reddit https://ift.tt/2HzkiOS
Recorded Future
The Science and Art of File Reputation
The CCleaner and NotPetya malware attacks in 2017 show how vulnerable even the biggest companies can be. Defenders need threat intelligence for faster vulnerability management.
Employee from hell busted by VPN logs
https://ift.tt/2qJdOmS
Submitted April 19, 2018 at 07:50PM by volci
via reddit https://ift.tt/2qL1GAT
https://ift.tt/2qJdOmS
Submitted April 19, 2018 at 07:50PM by volci
via reddit https://ift.tt/2qL1GAT
Naked Security
Employee from hell busted by VPN logs
Before retiring from PenAir airline, Suzette Kugler set herself up with fake, high-privilege VPN user accounts that didn’t keep her secrets.
seeking help from the experienced ones
so i'm 22, graduating this July. I did my bachelors degree in telecommunications and my masters degree in network security. I literally only enjoyed this year's courses only which are focused on security: Digital forensics, VoIP security, secure network architectures... I'm basically aiming to be a cyber security consultant in the near future and, I'd like to know how i can strengthen my knowledge in the field to be able to get to my goals
Submitted April 19, 2018 at 07:49PM by FrancisAsks
via reddit https://ift.tt/2HfAYLS
so i'm 22, graduating this July. I did my bachelors degree in telecommunications and my masters degree in network security. I literally only enjoyed this year's courses only which are focused on security: Digital forensics, VoIP security, secure network architectures... I'm basically aiming to be a cyber security consultant in the near future and, I'd like to know how i can strengthen my knowledge in the field to be able to get to my goals
Submitted April 19, 2018 at 07:49PM by FrancisAsks
via reddit https://ift.tt/2HfAYLS
reddit
seeking help from the experienced ones • r/security
so i'm 22, graduating this July. I did my bachelors degree in telecommunications and my masters degree in network security. I literally only...
Inside the Unnerving Supply Chain Attack That Corrupted CCleaner
https://ift.tt/2HanpJm
Submitted April 19, 2018 at 07:48PM by doors_1
via reddit https://ift.tt/2qJ6Flq
https://ift.tt/2HanpJm
Submitted April 19, 2018 at 07:48PM by doors_1
via reddit https://ift.tt/2qJ6Flq
WIRED
Inside the Unnerving Supply Chain Attack That Corrupted CCleaner
CCleaner owner Avast is sharing more details on the malware attackers used to infect legitimate software updates with malware.
[Cfrg] RFC Draft: PASETO - Platform-Agnotic SEcurity TOkens
https://ift.tt/2F0oz8C
Submitted April 19, 2018 at 08:43PM by sarciszewski
via reddit https://ift.tt/2JYv67r
https://ift.tt/2F0oz8C
Submitted April 19, 2018 at 08:43PM by sarciszewski
via reddit https://ift.tt/2JYv67r
Cisco WebEx Clients Remote Code Execution Vulnerability
https://ift.tt/2HdefQA
Submitted April 19, 2018 at 09:40PM by EvanConover
via reddit https://ift.tt/2HhPL4o
https://ift.tt/2HdefQA
Submitted April 19, 2018 at 09:40PM by EvanConover
via reddit https://ift.tt/2HhPL4o
Cisco
Cisco Security Threat and Vulnerability Intelligence
The Cisco Security portal provides actionable intelligence for security threats and vulnerabilities in Cisco products and services and third-party products.
No boundaries for Facebook data: third-party trackers abuse Facebook Login
https://ift.tt/2J5VFpP
Submitted April 19, 2018 at 09:43PM by EvanConover
via reddit https://ift.tt/2HdK7jS
https://ift.tt/2J5VFpP
Submitted April 19, 2018 at 09:43PM by EvanConover
via reddit https://ift.tt/2HdK7jS
reddit
No boundaries for Facebook data: third-party trackers... • r/netsec
11 points and 0 comments so far on reddit
Critical Webex vulnerability patched today.
https://ift.tt/2HdefQA
Submitted April 19, 2018 at 10:03PM by modernmonkeyy
via reddit https://ift.tt/2HftcxB
https://ift.tt/2HdefQA
Submitted April 19, 2018 at 10:03PM by modernmonkeyy
via reddit https://ift.tt/2HftcxB
Cisco
Cisco Security Threat and Vulnerability Intelligence
The Cisco Security portal provides actionable intelligence for security threats and vulnerabilities in Cisco products and services and third-party products.
No boundaries for Facebook data: third-party trackers abuse Facebook Login
https://ift.tt/2J5VFpP
Submitted April 19, 2018 at 09:43PM by EvanConover
via reddit https://ift.tt/2HdK7jS
https://ift.tt/2J5VFpP
Submitted April 19, 2018 at 09:43PM by EvanConover
via reddit https://ift.tt/2HdK7jS
reddit
No boundaries for Facebook data: third-party trackers... • r/netsec
11 points and 0 comments so far on reddit
Your own employees are the weakest link in your defenses
https://ift.tt/2EYIyVh
Submitted April 19, 2018 at 10:01PM by vcruz911
via reddit https://ift.tt/2HzDLio
https://ift.tt/2EYIyVh
Submitted April 19, 2018 at 10:01PM by vcruz911
via reddit https://ift.tt/2HzDLio
Forbes
Your Own Employees Are The Weakest Link In Your Defenses
Follow these tips for tightening cybersecurity through employee training, smarter policy and the right tools.
Do most team password managers allow export?
We're trying to select a team password manager and we're having a lot of problems figuring out which ones allow exporting the data. If the password company goes out of business or if, for whatever reason, we need to stop using the product then we want to be able to get our passwords out.We've had a hard time finding companies that advertise export capability on their web site or sales materials. Do we assume that no advertising == no capability or is this such a common feature that nobody bothers to advertise it but everyone has it?
Submitted April 19, 2018 at 11:32PM by CorrectCite
via reddit https://ift.tt/2K1qBsU
We're trying to select a team password manager and we're having a lot of problems figuring out which ones allow exporting the data. If the password company goes out of business or if, for whatever reason, we need to stop using the product then we want to be able to get our passwords out.We've had a hard time finding companies that advertise export capability on their web site or sales materials. Do we assume that no advertising == no capability or is this such a common feature that nobody bothers to advertise it but everyone has it?
Submitted April 19, 2018 at 11:32PM by CorrectCite
via reddit https://ift.tt/2K1qBsU
reddit
Do most team password managers allow export? • r/security
We're trying to select a team password manager and we're having a lot of problems figuring out which ones allow exporting the data. If the...
Crash Course to Blacklists
https://ift.tt/2Ja8XSu
Submitted April 19, 2018 at 11:21PM by ded1cated
via reddit https://ift.tt/2JX6c82
https://ift.tt/2Ja8XSu
Submitted April 19, 2018 at 11:21PM by ded1cated
via reddit https://ift.tt/2JX6c82
WebARX
What is Google blacklist and how to check if your website is there?
What is blacklist? Website blacklisting is when a search engine is expelling a site from their list. When a website is blacklisted, it loses almost 95% of its organic traffic, which can rapidly affect revenue. Read more, why you should secure your site...
A guide for amateurs pen testers to practice ethical hacking!
https://ift.tt/2qH2PKt
Submitted April 19, 2018 at 11:33PM by 6lowpan
via reddit https://ift.tt/2Hd2o50
https://ift.tt/2qH2PKt
Submitted April 19, 2018 at 11:33PM by 6lowpan
via reddit https://ift.tt/2Hd2o50
GitHub
SundownDEV/hacker-roadmap
hacker-roadmap - :pushpin: A guide for amateurs pen testers and a summary of hacking tools to practice ethical hacking, pen testing and web security.
Living Off The Land Binaries and Scripts documentation - #LOLBins and #LOLScripts
https://ift.tt/2HdTBj4
Submitted April 19, 2018 at 11:09PM by oddvarmoe
via reddit https://ift.tt/2qJyNFY
https://ift.tt/2HdTBj4
Submitted April 19, 2018 at 11:09PM by oddvarmoe
via reddit https://ift.tt/2qJyNFY
GitHub
api0cradle/LOLBAS
LOLBAS - Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Smart Contract Security CTF (Capture the Flag) on the Ropsten Testnet
https://ift.tt/2J5JsBu
Submitted April 20, 2018 at 12:48AM by mickayz
via reddit https://ift.tt/2qNHAWD
https://ift.tt/2J5JsBu
Submitted April 20, 2018 at 12:48AM by mickayz
via reddit https://ift.tt/2qNHAWD
LinkedIn AutoFill Exposes Visitor Name, Email to Third-Party Websites
https://ift.tt/2JYPrte
Submitted April 20, 2018 at 02:24AM by cablej
via reddit https://ift.tt/2HhfjyD
https://ift.tt/2JYPrte
Submitted April 20, 2018 at 02:24AM by cablej
via reddit https://ift.tt/2HhfjyD
lightningsecurity.io
LinkedIn AutoFill Exposed Visitor Name, Email to Third-Party Websites
What is the main difference between CEH and OSCP?
I'm trying to find a good certification that allows me to specialize in Security, I'm asking for the difference between this two because they're very recognized and complete, but maybe there are better options (and maybe cheaper(?)) that would allow me to do the same. Thank you in advance!.
Submitted April 20, 2018 at 02:48AM by candikan
via reddit https://ift.tt/2qLTKiI
I'm trying to find a good certification that allows me to specialize in Security, I'm asking for the difference between this two because they're very recognized and complete, but maybe there are better options (and maybe cheaper(?)) that would allow me to do the same. Thank you in advance!.
Submitted April 20, 2018 at 02:48AM by candikan
via reddit https://ift.tt/2qLTKiI
reddit
What is the main difference between CEH and OSCP? • r/security
I'm trying to find a good certification that allows me to specialize in Security, I'm asking for the difference between this two because they're...
LinkedIn AutoFill Exposed Visitor Name, Email to Third-Party Websites
https://ift.tt/2JYPrte
Submitted April 20, 2018 at 02:41AM by cablej
via reddit https://ift.tt/2vs7WDl
https://ift.tt/2JYPrte
Submitted April 20, 2018 at 02:41AM by cablej
via reddit https://ift.tt/2vs7WDl
lightningsecurity.io
LinkedIn AutoFill Exposed Visitor Name, Email to Third-Party Websites