Equifax confirms Apache Struts flaw it failed to patch was to blame for data breach
http://ift.tt/2y6MCQM
Submitted September 14, 2017 at 03:49PM by Hamm3rH3ad
via reddit http://ift.tt/2y8Nu7I
http://ift.tt/2y6MCQM
Submitted September 14, 2017 at 03:49PM by Hamm3rH3ad
via reddit http://ift.tt/2y8Nu7I
ZDNet
Equifax confirms Apache Struts security flaw it failed to patch is to blame for hack
The company said the March vulnerability was exploited by hackers.
Mathias Bynens Hacking with Unicode
http://ift.tt/2y7Pxcf
Submitted September 14, 2017 at 03:45PM by iamhabibone
via reddit http://ift.tt/2x1SkDm
http://ift.tt/2y7Pxcf
Submitted September 14, 2017 at 03:45PM by iamhabibone
via reddit http://ift.tt/2x1SkDm
IAMHABIB.NET
[Video] Mathias Bynens Hacking with Unicode - IAMHABIB.NET
IAMHABIB.NET is the videos tube site on Hacking, Security, Reverse Engineering and Social Engineeering
Using D-Link routers for a botnet
http://ift.tt/2fi75ut
Submitted September 14, 2017 at 05:25PM by Embedi
via reddit http://ift.tt/2f8O0xH
http://ift.tt/2fi75ut
Submitted September 14, 2017 at 05:25PM by Embedi
via reddit http://ift.tt/2f8O0xH
Embedi
Enlarge your botnet with: top D-Link routers (DIR8xx D-Link routers cruisin' for a bruisin')
In this article, we are going to discuss vulnerabilities detected in the top D-Link routers: DIR890L DIR885L DIR895L and other DIR8xx D-Link routers cruising for a bruising. The devices use the same code, thus giving a magnificent and quite tempting opportunity…
Anatomy of a hack SQLI to enterprise admin
http://ift.tt/2vVDH3g
Submitted September 14, 2017 at 06:32PM by pm_me_your_findings
via reddit http://ift.tt/2xmT8VQ
http://ift.tt/2vVDH3g
Submitted September 14, 2017 at 06:32PM by pm_me_your_findings
via reddit http://ift.tt/2xmT8VQ
NotSoSecure
Anatomy of a Hack: SQLi to Enterprise Admin
A story of corporate domain compromise featuring SQLi, OSINT, weak creds, password cracking, insecure configs, pivoting, AV & pure pwnage.
Read on the Web: Thousands of Elasticsearch Servers Hijacked to Host PoS Malware
http://ift.tt/2xByxhg
Submitted September 14, 2017 at 06:49PM by MicheeLengronne
via reddit http://ift.tt/2fleZTL
http://ift.tt/2xByxhg
Submitted September 14, 2017 at 06:49PM by MicheeLengronne
via reddit http://ift.tt/2fleZTL
Limawi
Read on the Web: Thousands of Elasticsearch Servers Hijacked to Host PoS Malware
Read on the Web: Thousands of insecure Elasticsearch servers are hosting point-of-sale malware, according to an analysis by Kromtech Security Center. In total, researchers found 15,000...
Read on the Web: Thousands of Elasticsearch Servers Hijacked to Host PoS Malware
http://ift.tt/2xByxhg
Submitted September 14, 2017 at 06:50PM by MicheeLengronne
via reddit http://ift.tt/2y8KdFd
http://ift.tt/2xByxhg
Submitted September 14, 2017 at 06:50PM by MicheeLengronne
via reddit http://ift.tt/2y8KdFd
Limawi
Read on the Web: Thousands of Elasticsearch Servers Hijacked to Host PoS Malware
Read on the Web: Thousands of insecure Elasticsearch servers are hosting point-of-sale malware, according to an analysis by Kromtech Security Center. In total, researchers found 15,000...
What Necessary Measures can be Adopted by the Schools for Student Security?
http://ift.tt/2xByxOi
Submitted September 14, 2017 at 06:47PM by surveillancekart
via reddit http://ift.tt/2y8KeZN
http://ift.tt/2xByxOi
Submitted September 14, 2017 at 06:47PM by surveillancekart
via reddit http://ift.tt/2y8KeZN
SurveillanceKart
What Necessary Measures can be Adopted by the Schools for Student Security?
Schools have become vulnerable for children and it is high time to re-evaluate the security measures taken by the schools. The latest incident of Praduman Thakur has shaken parents to the core and …
Security In 5: Episode 68 - The Top Ransomware Protection Tips
http://ift.tt/2xB61MY
Submitted September 14, 2017 at 06:33PM by BinaryBlog
via reddit http://ift.tt/2y8Kgkn
http://ift.tt/2xB61MY
Submitted September 14, 2017 at 06:33PM by BinaryBlog
via reddit http://ift.tt/2y8Kgkn
Libsyn
Security In Five Podcast: Episode 68 - The Top Ransomware Protection Tips
Ransomware is a nasty piece of malware that can destroy all your data. There are a few things you can do that will greatly reduce the risk of you and your company getting infected by a ransomware attack. This episode goes through them. Be aware, be safe.…
Face ID, Touch ID, No ID, PINs and Pragmatic Security
http://ift.tt/2xA83N4
Submitted September 14, 2017 at 06:27PM by srikavig
via reddit http://ift.tt/2xBOXWU
http://ift.tt/2xA83N4
Submitted September 14, 2017 at 06:27PM by srikavig
via reddit http://ift.tt/2xBOXWU
Troy Hunt
Face ID, Touch ID, No ID, PINs and Pragmatic Security
I was wondering recently after poring through yet another data breach how many people actually use multi-step verification. I mean here we have a construct where even if the attacker has the victim's credentials, they're rendered useless once challenged for…
Week 36 in Information Security, 2017
http://ift.tt/2y13kQP
Submitted September 14, 2017 at 07:47PM by undercomm
via reddit http://ift.tt/2h3TeLX
http://ift.tt/2y13kQP
Submitted September 14, 2017 at 07:47PM by undercomm
via reddit http://ift.tt/2h3TeLX
Malgregator
Week 36, 2017
The security researcher Pierre Kim has discovered ten critical zero-day vulnerabilities in D-Link routers....
When passwords aren't totally strong - Credit agencies.
I went to freeze my credit at the big 3 today and Equifax was down (but only after you enter all your private stuff!) and the other two make you create an account. The passwords at Experian and Transunion failed when I used a - and a & character, so I had to dumb down my password scheme due to these weaknesses. Does anyone know what authentication systems they use that cant use ANY character, only a select few?
Submitted September 14, 2017 at 08:15PM by sexuallyactivepope
via reddit http://ift.tt/2x1NciT
I went to freeze my credit at the big 3 today and Equifax was down (but only after you enter all your private stuff!) and the other two make you create an account. The passwords at Experian and Transunion failed when I used a - and a & character, so I had to dumb down my password scheme due to these weaknesses. Does anyone know what authentication systems they use that cant use ANY character, only a select few?
Submitted September 14, 2017 at 08:15PM by sexuallyactivepope
via reddit http://ift.tt/2x1NciT
reddit
When passwords aren't totally strong - Credit agencies. • r/security
I went to freeze my credit at the big 3 today and Equifax was down (but only after you enter all your private stuff!) and the other two make you...
The EQUIFAX hackers are trying to crowd fund the release of all the data
http://ift.tt/2xmEU7a
Submitted September 14, 2017 at 09:13PM by westondeboer
via reddit http://ift.tt/2xnkI55
http://ift.tt/2xmEU7a
Submitted September 14, 2017 at 09:13PM by westondeboer
via reddit http://ift.tt/2xnkI55
Krypt3ia
EQUIHAX
Trawling the darknet as one does, I came across this little simple page this morning. It claims to be the real EQUIFAX hackers, unlike the last darknet site that was soon taken down by morons. I ha…
Don't Delay: Replace Symantec TLS/SSL Certs Now
http://ift.tt/2f3h75v
Submitted September 15, 2017 at 12:33AM by dc352
via reddit http://ift.tt/2x5aaXV
http://ift.tt/2f3h75v
Submitted September 15, 2017 at 12:33AM by dc352
via reddit http://ift.tt/2x5aaXV
Bankinfosecurity
Don't Delay: Replace Symantec TLS/SSL Certs Now
A major operation to cleanse websites of digital certificates created under questionable circumstances is underway. Google has issued the orders: Purge digital
A Rudimentary Threat Model Framework for Password vs. TouchID vs. FaceID
http://ift.tt/2x3FLI0
Submitted September 15, 2017 at 12:19AM by danielrm26
via reddit http://ift.tt/2h5gARs
http://ift.tt/2x3FLI0
Submitted September 15, 2017 at 12:19AM by danielrm26
via reddit http://ift.tt/2h5gARs
danielmiessler.com
A Rudimentary Threat Model Framework for Password vs. TouchID vs. FaceID
There's been a lot of discussion around Apple's replacement of TouchID with FaceID on the new iPhone X. There's conversation around the overall security of
(Podcast)Beers with Talos Ep12 now available
http://ift.tt/2vWGucx
Submitted September 15, 2017 at 01:41AM by WorksAtCisco
via reddit http://ift.tt/2wdgj5x
http://ift.tt/2vWGucx
Submitted September 15, 2017 at 01:41AM by WorksAtCisco
via reddit http://ift.tt/2wdgj5x
Talosintelligence
Beers with Talos EP12 - IrmaGerd! The Internet Ate Our Podcast!
Beers with Talos is a fast-paced, smart, and humorous podcast focused on security research topics. Staying abreast of security topics is difficult in this rapidly evolving threat landscape. Beers with Talos serves important security stories in a way that…
Bluetooth bug could expose billions of devices to attack, cyber experts warn
http://ift.tt/2xlTDPW
Submitted September 15, 2017 at 04:55AM by AnythingForSuccess
via reddit http://ift.tt/2fmjo8Y
http://ift.tt/2xlTDPW
Submitted September 15, 2017 at 04:55AM by AnythingForSuccess
via reddit http://ift.tt/2fmjo8Y
ABC News
BlueBorne: Bluetooth bug could expose billions of devices to attack, cyber experts warn
Internet security experts are urging people to update their software to protect against a serious vulnerability.
After Equifax: Why the US must finally outgrow SSNs as identifiers
https://mcafee.ly/2faf67P
Submitted September 15, 2017 at 05:42AM by jeffthechimp
via reddit http://ift.tt/2wt8h3Q
https://mcafee.ly/2faf67P
Submitted September 15, 2017 at 05:42AM by jeffthechimp
via reddit http://ift.tt/2wt8h3Q
McAfee Blogs
Equifax: Rethinking Social Security Numbers as Identifiers
Revelations about compromised social security numbers at Equifax remind us that the US needs to modernize the identification standard.
Malvertising Campaign Mines Cryptocurrency Right in Your Browser
http://ift.tt/2x4H0bk
Submitted September 15, 2017 at 06:34AM by majorllama
via reddit http://ift.tt/2y2F4hb
http://ift.tt/2x4H0bk
Submitted September 15, 2017 at 06:34AM by majorllama
via reddit http://ift.tt/2y2F4hb
BleepingComputer
Malvertising Campaign Mines Cryptocurrency Right in Your Browser
Malware authors are using JavaScript code delivered via malvertising campaigns to mine different cryptocurrencies inside people's browsers, without their knowledge.
Deep Dive in MarkLogic Exploitation Process via Argus PDF Converter
http://ift.tt/2x5yXv6
Submitted September 15, 2017 at 06:34AM by majorllama
via reddit http://ift.tt/2x3z2Oa
http://ift.tt/2x5yXv6
Submitted September 15, 2017 at 06:34AM by majorllama
via reddit http://ift.tt/2x3z2Oa
Talosintelligence
Deep Dive in MarkLogic Exploitation Process via Argus PDF Converter
A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group
Leti and Partners in PiezoMAT Project Develop New Fingerprint Technology
http://ift.tt/2gPpM8M's-On/Press%20release/leti-and-partners-in-piezomat-project-develop-new-fingerprint-technology-for-highly-reliable-security-and-id-applications.aspx
Submitted September 15, 2017 at 07:33AM by Chipdoc
via reddit http://ift.tt/2y9WEk9
http://ift.tt/2gPpM8M's-On/Press%20release/leti-and-partners-in-piezomat-project-develop-new-fingerprint-technology-for-highly-reliable-security-and-id-applications.aspx
Submitted September 15, 2017 at 07:33AM by Chipdoc
via reddit http://ift.tt/2y9WEk9
Ifttt
IFTTT helps you do more with the services you love. Connect Amazon Alexa, Facebook, Twitter, Instagram, Fitbit, Slack, Skype, and hundreds more.
Beat up an Android file transfer app with 10Million+ downloads. Check out the write up!
http://ift.tt/2x5E0vf
Submitted September 15, 2017 at 07:28AM by vincelasal
via reddit http://ift.tt/2yacMCv
http://ift.tt/2x5E0vf
Submitted September 15, 2017 at 07:28AM by vincelasal
via reddit http://ift.tt/2yacMCv
think_tank_sec
Latest Posts
mostly planetary things.