Is my Kingston MicroSD Legit ? Is it safe if not?
https://ift.tt/2qQtGTE
Submitted April 22, 2018 at 02:10PM by aymanbt
via reddit https://ift.tt/2JiDJs7
https://ift.tt/2qQtGTE
Submitted April 22, 2018 at 02:10PM by aymanbt
via reddit https://ift.tt/2JiDJs7
Book review: "OAuth 2 In Action" by Justin Richer and Antonio Sanso
https://ift.tt/2F6BS7A
Submitted April 22, 2018 at 03:36PM by alexandertsvetkov
via reddit https://ift.tt/2K4QRT7
https://ift.tt/2F6BS7A
Submitted April 22, 2018 at 03:36PM by alexandertsvetkov
via reddit https://ift.tt/2K4QRT7
Surfing the code
Book review: OAuth 2 In Action by Justin Richer and Antonio Sanso
“Drupalgeddon2” touches off arms race to mass-exploit powerful Web servers
https://ift.tt/2K24G4J
Submitted April 22, 2018 at 06:22PM by NISMO1968
via reddit https://ift.tt/2HiL3HT
https://ift.tt/2K24G4J
Submitted April 22, 2018 at 06:22PM by NISMO1968
via reddit https://ift.tt/2HiL3HT
Ars Technica
“Drupalgeddon2” touches off arms race to mass-exploit powerful Web servers
Bug patched in March is still being exploited to take full control of servers.
Is Psono password manager worth it?
https://psono.com/
Submitted April 23, 2018 at 01:39AM by DotJersh
via reddit https://ift.tt/2K8P1Rg
https://psono.com/
Submitted April 23, 2018 at 01:39AM by DotJersh
via reddit https://ift.tt/2K8P1Rg
Psono
Psono - Self Hosted and Open Source Password Manager for Companies
Free open-source password manager for businesses with SAML, LDAP, audit logs, and compliance policy features. Supports Windows, Linux, Mac.
Breaking bad to make good: Firefox CVE-2017–7843
https://ift.tt/2qSwgIN
Submitted April 23, 2018 at 02:27AM by kmodi
via reddit https://ift.tt/2HKbIgk
https://ift.tt/2qSwgIN
Submitted April 23, 2018 at 02:27AM by kmodi
via reddit https://ift.tt/2HKbIgk
Medium
Breaking bad to make good: Firefox CVE-2017–7843
Private Browsing Mode (PBM) is one of the most widely known and used feature in not just Firefox but any major browser. Browsers are…
[Question] Selfies in order to turn off 2FA? Tumblr account retrieval dilemma
So, my desktop went kaputz one day and I had to re-login to my regularly used sites/services after fixing it.Unfortunately, due to some sort of error on Google Authenticator, the codes given were not working when I tried to log into Tumblr. I contacted Tumblr support and these were their directions:We can go ahead and remove your old two factor mobile account so you can gain access again to add your new number. For security reasons though, we just need a little more info from you.Is there a photo of you on the blog? If so, please send us the URL of the specific blog post. We can also use your avatar/portrait photo if it’s a clear picture of you or you don’t have another picture.The other thing we need from you is a photo of yourself for comparison. Please take a picture of yourself holding a piece of paper that says “Tumblr, this is literally me,” then send the photo in a reply to this email. You can send both of these items, the photo and the permalinks, in the same email. We need to be able to clearly see your face in both photos for comparison.In a world where deepfakes exists, is this really the best way identify a user trying to reclaim their account? It just sounds so ridiculous. Is this really secure?Note: Tumblr has 2FA, but it's not very good. Kind of like it was slapped on because everyone else was doing some sort of MFA. There are no backup codes, there are no backup security questions, and there is no backup sending the code to your phone. A poor attempt at a good concept.Thank you so much for reading. Please let me know if there is a better security-oriented sub I can discuss this issue on.
Submitted April 23, 2018 at 03:32AM by throwawayrants
via reddit https://ift.tt/2Hn2Qxq
So, my desktop went kaputz one day and I had to re-login to my regularly used sites/services after fixing it.Unfortunately, due to some sort of error on Google Authenticator, the codes given were not working when I tried to log into Tumblr. I contacted Tumblr support and these were their directions:We can go ahead and remove your old two factor mobile account so you can gain access again to add your new number. For security reasons though, we just need a little more info from you.Is there a photo of you on the blog? If so, please send us the URL of the specific blog post. We can also use your avatar/portrait photo if it’s a clear picture of you or you don’t have another picture.The other thing we need from you is a photo of yourself for comparison. Please take a picture of yourself holding a piece of paper that says “Tumblr, this is literally me,” then send the photo in a reply to this email. You can send both of these items, the photo and the permalinks, in the same email. We need to be able to clearly see your face in both photos for comparison.In a world where deepfakes exists, is this really the best way identify a user trying to reclaim their account? It just sounds so ridiculous. Is this really secure?Note: Tumblr has 2FA, but it's not very good. Kind of like it was slapped on because everyone else was doing some sort of MFA. There are no backup codes, there are no backup security questions, and there is no backup sending the code to your phone. A poor attempt at a good concept.Thank you so much for reading. Please let me know if there is a better security-oriented sub I can discuss this issue on.
Submitted April 23, 2018 at 03:32AM by throwawayrants
via reddit https://ift.tt/2Hn2Qxq
Should I setup my Fido U2F key in a way that it needs to be used every time I login to my gmail?
I'm a newbie so this might be a dumb question...but:So I bought a fido U2f key a while back, and set it up with my gmail account and removed any text recovery (as easier to have my phone compromised, than them having my fido u2f key).However, on my personal laptop I have it set to never ask for my Fido U2f key. My question is: isn't my Gmail still easily succeptible to hacks if I get keylogged? All the hacker needs to do is to get me to open an exe file and get control of my computer (forget the name of this type of hack), and thus in control of my gmail without my Fido U2f key.Is this correct, or am I missing something?
Submitted April 23, 2018 at 10:24AM by SurfaceCuriosity
via reddit https://ift.tt/2HGVNz1
I'm a newbie so this might be a dumb question...but:So I bought a fido U2f key a while back, and set it up with my gmail account and removed any text recovery (as easier to have my phone compromised, than them having my fido u2f key).However, on my personal laptop I have it set to never ask for my Fido U2f key. My question is: isn't my Gmail still easily succeptible to hacks if I get keylogged? All the hacker needs to do is to get me to open an exe file and get control of my computer (forget the name of this type of hack), and thus in control of my gmail without my Fido U2f key.Is this correct, or am I missing something?
Submitted April 23, 2018 at 10:24AM by SurfaceCuriosity
via reddit https://ift.tt/2HGVNz1
reddit
Should I setup my Fido U2F key in a way that it needs... • r/security
I'm a newbie so this might be a dumb question...but: So I bought a fido U2f key a while back, and set it up with my gmail account and removed any...
GDPR. Practical tips
https://ift.tt/2F7mXKn
Submitted April 23, 2018 at 12:39PM by DhoundSecurity
via reddit https://ift.tt/2HSt2NH
https://ift.tt/2F7mXKn
Submitted April 23, 2018 at 12:39PM by DhoundSecurity
via reddit https://ift.tt/2HSt2NH
Medium
GDPR. Practical tips
Everyone has heard about the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679), which enters into force on May 25, 2018…
Exploiting CVE-2018-1038 aka TotalMeltdown
https://ift.tt/2vHZ6kG
Submitted April 23, 2018 at 12:54PM by xpnsecurity
via reddit https://ift.tt/2F8TLlW
https://ift.tt/2vHZ6kG
Submitted April 23, 2018 at 12:54PM by xpnsecurity
via reddit https://ift.tt/2F8TLlW
XPN InfoSec Blog
Exploiting CVE-2018-1038 - Total Meltdown
This week I had some free time to look into CVE-2018-1038 aka Total Meltdown. The aim was to create a quick exploit which could be used to elevate privileges during an assessment. I ended up delving into Windows memory management more than I had before.
Privacy concerns when looking for a new smartphone
Greeting!I'm in the business of buying a new phone. I'm somewhat concerned about the general security and privacy of the biggest brands. I really don't like apple, so I'm mostly focusing on android.Does anyone have any suggestion on brands to look out for or to avoid?Any good resorces on things to think about after purchase in terms of configuration and what to install/uninstall?
Submitted April 23, 2018 at 02:11PM by artog
via reddit https://ift.tt/2vANkIS
Greeting!I'm in the business of buying a new phone. I'm somewhat concerned about the general security and privacy of the biggest brands. I really don't like apple, so I'm mostly focusing on android.Does anyone have any suggestion on brands to look out for or to avoid?Any good resorces on things to think about after purchase in terms of configuration and what to install/uninstall?
Submitted April 23, 2018 at 02:11PM by artog
via reddit https://ift.tt/2vANkIS
reddit
Privacy concerns when looking for a new smartphone • r/security
Greeting! I'm in the business of buying a new phone. I'm somewhat concerned about the general security and privacy of the biggest brands. I...
CVE 2017-7843 : Firefox Private windows
https://ift.tt/2HlqFWq
Submitted April 23, 2018 at 01:07PM by kmodi
via reddit https://ift.tt/2FaEpNM
https://ift.tt/2HlqFWq
Submitted April 23, 2018 at 01:07PM by kmodi
via reddit https://ift.tt/2FaEpNM
Reddit
reddit: the front page of the internet
r/firefox: The latest news and developments on Firefox and Mozilla, a global non-profit that strives to promote openness, innovation and opportunity on the web.
Security OS for Android
Hey, im searching for a security OS like Copperhead but i have a lg g6 and copperhead doesnt support lg g6. Could anyone help me?
Submitted April 23, 2018 at 03:09PM by TheSparkling
via reddit https://ift.tt/2JgY5Cc
Hey, im searching for a security OS like Copperhead but i have a lg g6 and copperhead doesnt support lg g6. Could anyone help me?
Submitted April 23, 2018 at 03:09PM by TheSparkling
via reddit https://ift.tt/2JgY5Cc
Reddit
reddit: the front page of the internet
r/security: A friendly and professional place for discussing computer security.
Pervert hacked people's CCTV systems to record them having sex
https://ift.tt/2HNcbOu
Submitted April 23, 2018 at 03:06PM by Iot_Security
via reddit https://ift.tt/2JgY80Q
https://ift.tt/2HNcbOu
Submitted April 23, 2018 at 03:06PM by Iot_Security
via reddit https://ift.tt/2JgY80Q
walesonline
Pervert hacked people's CCTV systems to record them having sex
Steven Hankers had a database of up to 3,000 passwords for people's home security systems
Survey Reveals Users Have No Clue About Router Security
https://ift.tt/2F8XUX5
Submitted April 23, 2018 at 03:49PM by Iot_Security
via reddit https://ift.tt/2Hkfyx3
https://ift.tt/2F8XUX5
Submitted April 23, 2018 at 03:49PM by Iot_Security
via reddit https://ift.tt/2Hkfyx3
BleepingComputer
Survey Reveals Users Have No Clue About Router Security
A recent survey of 2,205 regular users has proven once again that most people don't update router firmware, don't change default credentials, and don't generally know how to secure their devices.
TOP 10 COUNTRIES WITH MOST HACKERS IN THE WORLD
https://ift.tt/2F9Pejh
Submitted April 23, 2018 at 04:23PM by cywarelabs
via reddit https://ift.tt/2F9v88R
https://ift.tt/2F9Pejh
Submitted April 23, 2018 at 04:23PM by cywarelabs
via reddit https://ift.tt/2F9v88R
Cyware
TOP 10 COUNTRIES WITH MOST HACKERS IN THE WORLD
Cambridge, Massachusetts based cloud platform provider Akamai had studied the global cyber-attack traffic in last quarter of 2012 and published a report on the countries with maximum share in global cyber-attack. The countries in the order of maximum share…
Pornhub App | Cyware
https://ift.tt/2K8YxUz
Submitted April 23, 2018 at 04:22PM by cywarelabs
via reddit https://ift.tt/2HS1APV
https://ift.tt/2K8YxUz
Submitted April 23, 2018 at 04:22PM by cywarelabs
via reddit https://ift.tt/2HS1APV
Cyware
Pornhub App | Cyware
Check out top news and articles about cyber security, malware attack updates and more on Cyware.com. We provide machine learning based curation engine brings you the top and relevant cyber security content. Read More!
IP SMB Vulnerability Check Tool for Eternal Blue, Romance, Synergy, Champion (Video and Sources)
https://ift.tt/2qXf5H9
Submitted April 23, 2018 at 04:50PM by TechLord2
via reddit https://ift.tt/2HoaHaj
https://ift.tt/2qXf5H9
Submitted April 23, 2018 at 04:50PM by TechLord2
via reddit https://ift.tt/2HoaHaj
GitHub
peterpt/eternal_check
eternal_check - Ip Vulnerability check to Eternal Blue , Romance , Synergy , Champion
Using the Windows Firewall for Isolating and Securing Endpoints in an Active Directory Environment
https://ift.tt/2HkRhHg
Submitted April 23, 2018 at 05:25PM by TechLord2
via reddit https://ift.tt/2Fb0vQe
https://ift.tt/2HkRhHg
Submitted April 23, 2018 at 05:25PM by TechLord2
via reddit https://ift.tt/2Fb0vQe
Medium
Endpoint Isolation with the Windows Firewall
Over the last few weeks, I’ve had conversations with several individuals around mitigating lateral movement in a Windows environment. In…
Security In 5: Episode 222 - Why Every Parent Should Know What COPPA Is
https://ift.tt/2vCsWXX
Submitted April 23, 2018 at 06:38PM by BinaryBlog
via reddit https://ift.tt/2qTrcVm
https://ift.tt/2vCsWXX
Submitted April 23, 2018 at 06:38PM by BinaryBlog
via reddit https://ift.tt/2qTrcVm
Libsyn
Security In Five Podcast: Episode 222 - Why Every Parent Should Know What COPPA Is
COPPA - The Child Online Privacy Protection Act is a federal law that had been in place since 2000 and most parents aren't aware of it. This episode goes into what COPPA is, what websites that cater to kids have to do and more importantly what powers the…
Interest in VPNs in Russia Soar After Telegram Ban
https://ift.tt/2vCsYz3
Submitted April 23, 2018 at 06:02PM by KingHeenrry
via reddit https://ift.tt/2qOXlh2
https://ift.tt/2vCsYz3
Submitted April 23, 2018 at 06:02PM by KingHeenrry
via reddit https://ift.tt/2qOXlh2
vpnMentor
vpnMentor Study: Interest in VPNs in Russia Soar After Telegram Ban | vpnMentor
We analyzed web searches in Russia from the week before and after the government blocked Telegram. Our study reveals a huge spike in VPN interest and sales following the ban.
Security risks to IoT devices- worse than you thought
https://ift.tt/2K7vron
Submitted April 23, 2018 at 07:38PM by Iot_Security
via reddit https://ift.tt/2JjVyaB
https://ift.tt/2K7vron
Submitted April 23, 2018 at 07:38PM by Iot_Security
via reddit https://ift.tt/2JjVyaB
SecuriThings
Security risks to IoT devices
When the masses start to use industry terminology, things have clearly gone mainstream. IoT is now mainstream, and there is no turning back. But, is security ready to move ahead at the speed of [...]