Is an anti-virus tool for Linux (ex. Sophos) necessary?
Many Linux users claim they have nothing to fear as hackers primarily create viruses for Windows machines, but is that a good enough reason to not install an anti-virus tool?Sophos came out a few years ago making the claim that no machine was safe. They claimed that Linux was susceptible to viruses/attacks and has been attacked in the past. Many people thought they were BSing and asked Sophos to "put up or shut up" with proof of their claims and I'm unsure if they ever came around to providing that proof.What do you guys think? Is it worth the download?
Submitted April 21, 2018 at 08:10AM by JFKfanboi
via reddit https://ift.tt/2qR7k4r
Many Linux users claim they have nothing to fear as hackers primarily create viruses for Windows machines, but is that a good enough reason to not install an anti-virus tool?Sophos came out a few years ago making the claim that no machine was safe. They claimed that Linux was susceptible to viruses/attacks and has been attacked in the past. Many people thought they were BSing and asked Sophos to "put up or shut up" with proof of their claims and I'm unsure if they ever came around to providing that proof.What do you guys think? Is it worth the download?
Submitted April 21, 2018 at 08:10AM by JFKfanboi
via reddit https://ift.tt/2qR7k4r
reddit
Is an anti-virus tool for Linux (ex. Sophos) necessary? • r/security
Many Linux users claim they have nothing to fear as hackers primarily create viruses for Windows machines, but is that a good enough reason to not...
Malspam pushing ransomware using two layers of password protection to avoid detection
https://ift.tt/2HETfl3
Submitted April 21, 2018 at 09:17AM by TechLord2
via reddit https://ift.tt/2qO2o1f
https://ift.tt/2HETfl3
Submitted April 21, 2018 at 09:17AM by TechLord2
via reddit https://ift.tt/2qO2o1f
Reddit
reddit: the front page of the internet
r/netsec: A community for technical news and discussion of information security and closely related topics.
Anyone seen this? (IE with green border and "Encrypting" keyboard symbol bottom right). Not sure if malware or some keystroke masking software.
https://ift.tt/2Jg05uj
Submitted April 21, 2018 at 09:34AM by comedybill
via reddit https://ift.tt/2qN3lGT
https://ift.tt/2Jg05uj
Submitted April 21, 2018 at 09:34AM by comedybill
via reddit https://ift.tt/2qN3lGT
Secured and unsecured home environments
Hi all,I am leaning toward buying or building a windows machine dedicated strictly to processing sensitive personal transactions. Does anyone else do this?How I would protect:-Dedicated network interface and network -wired connection -Security suite (Bit Defender or Norton, leaning toward Norton) -dedicated printer/scanner -strict firewall rules to lock down egress in addition to the default implicit deny. -Geo IP range blocking -Dedicated e-mail address used only for services to be used on the secured networkAnything obvious I am missing?If you do this, what sort of activity do you classify as sensitive or to be processed on the secured network/device?I am thinking anything that involves obvious PII/HIPPA type Information.Banking, brokerage, health insurance/medical issues. I would consider possibly shopping but part of me is a little hesitant to include it there. There must be a point at which there is a cut off otherwise one could argue everything is important including social media, YouTube searching and general googling. At that point there would be no difference between the unsecured and secured networks since I would generally set them up in almost the same way anyway, aside from strict egress lockdown.
Submitted April 21, 2018 at 12:03PM by NewUsername258
via reddit https://ift.tt/2vxwTgG
Hi all,I am leaning toward buying or building a windows machine dedicated strictly to processing sensitive personal transactions. Does anyone else do this?How I would protect:-Dedicated network interface and network -wired connection -Security suite (Bit Defender or Norton, leaning toward Norton) -dedicated printer/scanner -strict firewall rules to lock down egress in addition to the default implicit deny. -Geo IP range blocking -Dedicated e-mail address used only for services to be used on the secured networkAnything obvious I am missing?If you do this, what sort of activity do you classify as sensitive or to be processed on the secured network/device?I am thinking anything that involves obvious PII/HIPPA type Information.Banking, brokerage, health insurance/medical issues. I would consider possibly shopping but part of me is a little hesitant to include it there. There must be a point at which there is a cut off otherwise one could argue everything is important including social media, YouTube searching and general googling. At that point there would be no difference between the unsecured and secured networks since I would generally set them up in almost the same way anyway, aside from strict egress lockdown.
Submitted April 21, 2018 at 12:03PM by NewUsername258
via reddit https://ift.tt/2vxwTgG
Reddit
reddit: the front page of the internet
r/security: A friendly and professional place for discussing computer security.
Virtual Machine for Adversary Emulation and Threat Hunting
https://ift.tt/2HkMVM6
Submitted April 21, 2018 at 01:37PM by chauh-s
via reddit https://ift.tt/2HgzfSw
https://ift.tt/2HkMVM6
Submitted April 21, 2018 at 01:37PM by chauh-s
via reddit https://ift.tt/2HgzfSw
GitHub
redhuntlabs/RedHunt-OS
RedHunt-OS - Virtual Machine for Adversary Emulation and Threat Hunting
Best open source software to crypt folders ?
Thanks !
Submitted April 21, 2018 at 02:07PM by aymanbt
via reddit https://ift.tt/2vxtb6D
Thanks !
Submitted April 21, 2018 at 02:07PM by aymanbt
via reddit https://ift.tt/2vxtb6D
reddit
Best open source software to crypt folders ? • r/security
Thanks !
Why Do We Need Security Network Audit
https://www.youtube.com/watch?v=eMqv2N72wfo
Submitted April 21, 2018 at 02:30PM by primeinfoserv
via reddit https://ift.tt/2HgIwxT
https://www.youtube.com/watch?v=eMqv2N72wfo
Submitted April 21, 2018 at 02:30PM by primeinfoserv
via reddit https://ift.tt/2HgIwxT
YouTube
Why Do We Need Network Audit
Our CEO Mr. Sushobhan Mukherjee discussed that Why do we need Network Audit. If any help needed on this types of issue, our experts can guide you the right r...
JavaScript that detect hosts in my local net
I am fallen in a web page (https://www.cleancss.com/router-default/ZyXEL/P-660H-D1) that "scan" (or try to) my local network looking for devices. Just for curiosity, i take a look to the source code and I found a javanoscript that seems to be able to scan my localnet:https://pastebin.com/7bvHaRwnThat's safe ? Is possibile to write down a JS that scan my localnet and send results to outside server ?A bit afraid.
Submitted April 21, 2018 at 05:25PM by o-zone1978
via reddit https://ift.tt/2vx0Z3L
I am fallen in a web page (https://www.cleancss.com/router-default/ZyXEL/P-660H-D1) that "scan" (or try to) my local network looking for devices. Just for curiosity, i take a look to the source code and I found a javanoscript that seems to be able to scan my localnet:https://pastebin.com/7bvHaRwnThat's safe ? Is possibile to write down a JS that scan my localnet and send results to outside server ?A bit afraid.
Submitted April 21, 2018 at 05:25PM by o-zone1978
via reddit https://ift.tt/2vx0Z3L
Cleancss
ZyXEL P-660H-D1 Default Router Login and Password
Find the default login, username, password, and ip address for your ZyXEL P-660H-D1 router. You will need to know then when you get a new router, or when you reset your router.
Penetration Testing and Vulnerability Assessments Are NOT Going Anywhere Anytime Soon. We Still Suck at Basics
https://ift.tt/2HgJeHh
Submitted April 21, 2018 at 09:14PM by dbalut
via reddit https://ift.tt/2HOf8fn
https://ift.tt/2HgJeHh
Submitted April 21, 2018 at 09:14PM by dbalut
via reddit https://ift.tt/2HOf8fn
Dawid Bałut
Penetration Testing and Vulnerability Assessments Are NOT Going Anywhere Anytime Soon. We Still Suck at Basics
I’ve seen following questions pop up very often, so decided to write some brief blogpost about it from my POV. For how long will the security testers’ work be required? What is the future of …
Provider storing passwords unencrypted/hashed
I was wondering, why my provider would verify my identity by asking for the 3 first signs of my password. So i asked them by email and they told me it would'nt be necessary. Only the first 3 signs are known to them. Is this plausible, or is my password stored in an unencrypted database which could potentially be hacked? How would i go on on convincing them to change this?
Submitted April 21, 2018 at 10:55PM by sffilk0908
via reddit https://ift.tt/2vxDhEC
I was wondering, why my provider would verify my identity by asking for the 3 first signs of my password. So i asked them by email and they told me it would'nt be necessary. Only the first 3 signs are known to them. Is this plausible, or is my password stored in an unencrypted database which could potentially be hacked? How would i go on on convincing them to change this?
Submitted April 21, 2018 at 10:55PM by sffilk0908
via reddit https://ift.tt/2vxDhEC
reddit
Provider storing passwords unencrypted/hashed • r/security
I was wondering, why my provider would verify my identity by asking for the 3 first signs of my password. So i asked them by email and they told...
Overall Security Strategy
I'm looking to begin a new security strategy for my colo'd server. I'm very interested in cyber security overall and would like to explore some of the different areas within. I enjoy hands on experience and learn best from it as well.I have a colo'd server which publicly hosts stuff and also has my "lab" on it. I'm looking to develop a security plan to better protect the VMs and overall network. VMs range from linux variants to windows ~20-30VMs total.I want to be able to emulate an enterprise as close as possible to learn more about the different aspects. Of course this starts with AD and tieing in SSO for apps and stuff. I would like to know what type of software I should look into and what log aggregation stuff I should use (I've worked with Splunk a little). I also like the idea of Security Onion which uses ELK so that's an option too since I'm sure it'd easily ship the logs to a centralized server. That covers network IDS and packet logging etc. On the hosts for linux and windows, what should I use for HIDS or other malware scanners that can communicate to a "centralized" server. I saw something about OSSIM but would like community input.Aside from network and host based stuff talked about above, is there anything else I should look into? If you have a diagram that talks about the different security areas of a network (such as network and host based (and more) that I can use as a "checklist" that'd be great.
Submitted April 22, 2018 at 12:08AM by Gamerfanatic
via reddit https://ift.tt/2HgY1G2
I'm looking to begin a new security strategy for my colo'd server. I'm very interested in cyber security overall and would like to explore some of the different areas within. I enjoy hands on experience and learn best from it as well.I have a colo'd server which publicly hosts stuff and also has my "lab" on it. I'm looking to develop a security plan to better protect the VMs and overall network. VMs range from linux variants to windows ~20-30VMs total.I want to be able to emulate an enterprise as close as possible to learn more about the different aspects. Of course this starts with AD and tieing in SSO for apps and stuff. I would like to know what type of software I should look into and what log aggregation stuff I should use (I've worked with Splunk a little). I also like the idea of Security Onion which uses ELK so that's an option too since I'm sure it'd easily ship the logs to a centralized server. That covers network IDS and packet logging etc. On the hosts for linux and windows, what should I use for HIDS or other malware scanners that can communicate to a "centralized" server. I saw something about OSSIM but would like community input.Aside from network and host based stuff talked about above, is there anything else I should look into? If you have a diagram that talks about the different security areas of a network (such as network and host based (and more) that I can use as a "checklist" that'd be great.
Submitted April 22, 2018 at 12:08AM by Gamerfanatic
via reddit https://ift.tt/2HgY1G2
reddit
Overall Security Strategy • r/security
I'm looking to begin a new security strategy for my colo'd server. I'm very interested in cyber security overall and would like to explore some of...
Slow loris noscript not working properly
Hello everybody!So recently I learned about the Slow Loris attack and thought about testing it against my rpi server. So now matter how high I set the number of connections to be, the server still worked, it only worked slower, but for short intervals of time. Here is the code I used! Does anyone have an idea why it doesn't work properly?
Submitted April 22, 2018 at 12:16AM by daviddvd267
via reddit https://ift.tt/2vA3ja7
Hello everybody!So recently I learned about the Slow Loris attack and thought about testing it against my rpi server. So now matter how high I set the number of connections to be, the server still worked, it only worked slower, but for short intervals of time. Here is the code I used! Does anyone have an idea why it doesn't work properly?
Submitted April 22, 2018 at 12:16AM by daviddvd267
via reddit https://ift.tt/2vA3ja7
Pastebin
[Python] import socket, random, time, sys headers = [ "User-agent: Mozilla/5.0 (M - Pastebin.com
The CIA Wants To Compromise Your Router
https://ift.tt/2EFbSjv
Submitted April 22, 2018 at 12:55AM by Iot_Security
via reddit https://ift.tt/2HhH1eQ
https://ift.tt/2EFbSjv
Submitted April 22, 2018 at 12:55AM by Iot_Security
via reddit https://ift.tt/2HhH1eQ
KitGuru
The CIA Wants To Compromise Your Router - KitGuru
While WikiLeaks isn’t everyone’s cup of tea, if you’re in the IT field and haven’t investigated the
Millions of Chrome Users Have Installed Malware Posing as Ad Blockers
https://ift.tt/2Hcdnvu
Submitted April 22, 2018 at 05:55AM by OneSob
via reddit https://ift.tt/2qNuf1c
https://ift.tt/2Hcdnvu
Submitted April 22, 2018 at 05:55AM by OneSob
via reddit https://ift.tt/2qNuf1c
Motherboard
Millions of Chrome Users Have Installed Malware Posing as Ad Blockers
Andrey Meshkov, the cofounder of ad-blocker AdGuard, took a look at the noscript in some popular ad-blocking knockoffs and found some shady business.
Debugging Windows Services For Malware Analysis / Reverse Engineering
https://ift.tt/2vAXVna
Submitted April 22, 2018 at 11:57AM by khasaia
via reddit https://ift.tt/2HW9dVT
https://ift.tt/2vAXVna
Submitted April 22, 2018 at 11:57AM by khasaia
via reddit https://ift.tt/2HW9dVT
secrary[dot]com
Debugging Windows Services For Malware Analysis / Reverse Engineering
This blog is about malware analysis and reverse engineering. I’m Lasha Khasaia
New Version of Satan Ransomware Uses EternalBlue Exploit to Spread Via the Network and then Encrypt Files
https://ift.tt/2vHzBjR
Submitted April 22, 2018 at 02:06PM by TechLord2
via reddit https://ift.tt/2HiguSO
https://ift.tt/2vHzBjR
Submitted April 22, 2018 at 02:06PM by TechLord2
via reddit https://ift.tt/2HiguSO
bartblaze.blogspot.co.uk
Satan ransomware adds EternalBlue exploit
A blog about malware and information security.
Is my Kingston MicroSD Legit ? Is it safe if not?
https://ift.tt/2qQtGTE
Submitted April 22, 2018 at 02:10PM by aymanbt
via reddit https://ift.tt/2JiDJs7
https://ift.tt/2qQtGTE
Submitted April 22, 2018 at 02:10PM by aymanbt
via reddit https://ift.tt/2JiDJs7
Book review: "OAuth 2 In Action" by Justin Richer and Antonio Sanso
https://ift.tt/2F6BS7A
Submitted April 22, 2018 at 03:36PM by alexandertsvetkov
via reddit https://ift.tt/2K4QRT7
https://ift.tt/2F6BS7A
Submitted April 22, 2018 at 03:36PM by alexandertsvetkov
via reddit https://ift.tt/2K4QRT7
Surfing the code
Book review: OAuth 2 In Action by Justin Richer and Antonio Sanso
“Drupalgeddon2” touches off arms race to mass-exploit powerful Web servers
https://ift.tt/2K24G4J
Submitted April 22, 2018 at 06:22PM by NISMO1968
via reddit https://ift.tt/2HiL3HT
https://ift.tt/2K24G4J
Submitted April 22, 2018 at 06:22PM by NISMO1968
via reddit https://ift.tt/2HiL3HT
Ars Technica
“Drupalgeddon2” touches off arms race to mass-exploit powerful Web servers
Bug patched in March is still being exploited to take full control of servers.
Is Psono password manager worth it?
https://psono.com/
Submitted April 23, 2018 at 01:39AM by DotJersh
via reddit https://ift.tt/2K8P1Rg
https://psono.com/
Submitted April 23, 2018 at 01:39AM by DotJersh
via reddit https://ift.tt/2K8P1Rg
Psono
Psono - Self Hosted and Open Source Password Manager for Companies
Free open-source password manager for businesses with SAML, LDAP, audit logs, and compliance policy features. Supports Windows, Linux, Mac.
Breaking bad to make good: Firefox CVE-2017–7843
https://ift.tt/2qSwgIN
Submitted April 23, 2018 at 02:27AM by kmodi
via reddit https://ift.tt/2HKbIgk
https://ift.tt/2qSwgIN
Submitted April 23, 2018 at 02:27AM by kmodi
via reddit https://ift.tt/2HKbIgk
Medium
Breaking bad to make good: Firefox CVE-2017–7843
Private Browsing Mode (PBM) is one of the most widely known and used feature in not just Firefox but any major browser. Browsers are…