FREE RING DOORBELL - Just download app with my referral link then post your referral link, You'll get $10 every time someone signs up..
https://ift.tt/2qXCPtE
Submitted April 25, 2018 at 07:51AM by MoeMJK
via reddit https://ift.tt/2KaqMlA
https://ift.tt/2qXCPtE
Submitted April 25, 2018 at 07:51AM by MoeMJK
via reddit https://ift.tt/2KaqMlA
Ring
Join the New Neighborhood Watch
Get the free Ring app and join the New Neighborhood Watch. Ring will keep you up-to-date with crime and safety alerts from your neighbors. Use the button below, and get $10 in Ring Credit.
Heads up: Total Meltdown exploit code now available on GitHub
https://ift.tt/2FbxeoB
Submitted April 25, 2018 at 08:28AM by antdude
via reddit https://ift.tt/2r2UrEL
https://ift.tt/2FbxeoB
Submitted April 25, 2018 at 08:28AM by antdude
via reddit https://ift.tt/2r2UrEL
Computerworld
Heads up: Total Meltdown exploit code now available on GitHub
The massive security hole introduced by Microsoft for 64-bit Win7 and Server 2008 R2 now has working proof-of-concept code — and it’s freely available on GitHub. While we haven’t seen exploits in the wild, it’s only a matter of days.
Guilty plea for Canadian charged in 2014 Yahoo hacking case - CyberScoop
https://ift.tt/2idwnP3
Submitted April 25, 2018 at 09:31AM by SuccessfulOperation
via reddit https://ift.tt/2qWda5k
https://ift.tt/2idwnP3
Submitted April 25, 2018 at 09:31AM by SuccessfulOperation
via reddit https://ift.tt/2qWda5k
Cyberscoop
Guilty plea for Canadian charged in 2014 Yahoo hacking case
Karim Baratov was arrested in Toronto in March before waiving his right to fight extradition to the U.S. earlier this year.
Disposable Kali Linux Docker containers with X support
https://ift.tt/2HMAlZy
Submitted April 25, 2018 at 10:17AM by gszathmari
via reddit https://ift.tt/2HrTbBI
https://ift.tt/2HMAlZy
Submitted April 25, 2018 at 10:17AM by gszathmari
via reddit https://ift.tt/2HrTbBI
GitHub
ac-mercury/mercuryiss-kali
mercuryiss-kali - Disposable Kali Linux containers for Mercury ISS / pentesting engagements.
Hijack of Amazon’s internet domain service used to reroute web traffic for two hours unnoticed
https://ift.tt/2I0dM1m
Submitted April 25, 2018 at 10:07AM by sidcool1234
via reddit https://ift.tt/2Hqrsp4
https://ift.tt/2I0dM1m
Submitted April 25, 2018 at 10:07AM by sidcool1234
via reddit https://ift.tt/2Hqrsp4
DoublePulsar
Hijack of Amazon’s internet domain service used to reroute web traffic for two hours unnoticed
Between 11am until 1pm UTC today, DNS traffic — the phone book of the internet, routing you to your favourite websites — was hijacked by…
Cryptomining Campaign Returns Coal and Not Diamond
https://ift.tt/2K8JuKd
Submitted April 25, 2018 at 04:17PM by zelyahzub
via reddit https://ift.tt/2qX8T0Q
https://ift.tt/2K8JuKd
Submitted April 25, 2018 at 04:17PM by zelyahzub
via reddit https://ift.tt/2qX8T0Q
Talosintelligence
Cryptomining Campaign Returns Coal and Not Diamond
A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group
Xiaomi routers and personal data
Hi, i am looking to buy a xiaomi router but i am concerned about the data it might share. Is there anyone with a xiaomi router and sufficient knowledge that can tell me if my concerns are valid? Do you see any strange connections to Chinese servers?
Submitted April 25, 2018 at 06:03PM by makisp
via reddit https://ift.tt/2qZkbBQ
Hi, i am looking to buy a xiaomi router but i am concerned about the data it might share. Is there anyone with a xiaomi router and sufficient knowledge that can tell me if my concerns are valid? Do you see any strange connections to Chinese servers?
Submitted April 25, 2018 at 06:03PM by makisp
via reddit https://ift.tt/2qZkbBQ
reddit
r/security - Xiaomi routers and personal data
1 votes and 0 so far on reddit
First Case of X-Ray Malware Revealed
https://ift.tt/2JnV5nC
Submitted April 25, 2018 at 05:51PM by htbridgedigital
via reddit https://ift.tt/2HpE2Fo
https://ift.tt/2JnV5nC
Submitted April 25, 2018 at 05:51PM by htbridgedigital
via reddit https://ift.tt/2HpE2Fo
Htbridge
First Case of X-Ray Malware Revealed?
Security nightmare as new attack campaign targets healthcare providers - and even high-end medical scanning machines...
Security In 5: Episode 224 - Mini Series - Top 10 Reasons To Pen Test - 5 - Understand If Awareness Is Needed
https://ift.tt/2qXPs90
Submitted April 25, 2018 at 06:33PM by BinaryBlog
via reddit https://ift.tt/2vMM4ma
https://ift.tt/2qXPs90
Submitted April 25, 2018 at 06:33PM by BinaryBlog
via reddit https://ift.tt/2vMM4ma
Libsyn
Security In Five Podcast: Episode 224 - Mini Series - Top 10 Reasons To Pen Test - 5 - Understand If Awareness Is Needed
Continuing with the mini series Top 10 Reason Why You Should Run Pen Tests we hit number 5. Number 5 is about using Pen tests to see if your security awareness programs are effective and if they need improvements. This episode goes into the details. Be…
NSA encryption plan (SIMON/SPECK) for ‘internet of things’ rejected by international body
https://ift.tt/2K7SXBP
Submitted April 25, 2018 at 09:19PM by RFC-1925
via reddit https://ift.tt/2JtuUMy
https://ift.tt/2K7SXBP
Submitted April 25, 2018 at 09:19PM by RFC-1925
via reddit https://ift.tt/2JtuUMy
WikiTribune
Exclusive: NSA encryption plan for ‘internet of things’ rejected by international body
An attempt by the U.S. National Security Agency (NSA) to set two types of encryption as global standards suffered a major setback on Tuesday, after online security experts from countries
British security start-up launches lip-sync authentication technology
https://ift.tt/2qYDhYE
Submitted April 25, 2018 at 08:42PM by moooooky
via reddit https://ift.tt/2qXsY89
https://ift.tt/2qYDhYE
Submitted April 25, 2018 at 08:42PM by moooooky
via reddit https://ift.tt/2qXsY89
http://www.v3.co.uk
British security start-up launches lip-sync authentication technology | V3
AimBrain adds lip-sync capabilities to its biometrics system
Found vulnerability at work. Not sysadmin or security engineer. How should I bring this up without looking like Chicken Little?
I work in IT for a (somewhat) small company. It’s still large enough to pull in big revenue, so I consider this issue to be something that could really harm the company. Anyway, I don’t want to go too deep into detail as I’m not sure what I can publicly disclose. What I can say is that this vulnerability is easy enough to notice that somebody with little computer knowledge could easily bypass this and gain access to unauthorized systems.I went to school for a 4 year degree in infosec, so I am fairly confident this is something to be considered a big deal. However, I’m new to this company and I was not hired in an infosec role (they don’t have one and there is currently nobody who manages vulnerabilities). I really like the company I work for and I really want to help them since I have the knowledge and I am aware that what I am seeing very likely could cause issues, if it hasn’t already.What would you recommend I do?TL;DR: New guy. Hired in IT (general position, sort of do a little bit of everything). Went to school for infosec. Found vulnerability. Don’t want to be “chicken little”, but want to let company know about the vulnerability without looking like a fool. What do I do?
Submitted April 25, 2018 at 09:55PM by woolymangaming
via reddit https://ift.tt/2Htujtk
I work in IT for a (somewhat) small company. It’s still large enough to pull in big revenue, so I consider this issue to be something that could really harm the company. Anyway, I don’t want to go too deep into detail as I’m not sure what I can publicly disclose. What I can say is that this vulnerability is easy enough to notice that somebody with little computer knowledge could easily bypass this and gain access to unauthorized systems.I went to school for a 4 year degree in infosec, so I am fairly confident this is something to be considered a big deal. However, I’m new to this company and I was not hired in an infosec role (they don’t have one and there is currently nobody who manages vulnerabilities). I really like the company I work for and I really want to help them since I have the knowledge and I am aware that what I am seeing very likely could cause issues, if it hasn’t already.What would you recommend I do?TL;DR: New guy. Hired in IT (general position, sort of do a little bit of everything). Went to school for infosec. Found vulnerability. Don’t want to be “chicken little”, but want to let company know about the vulnerability without looking like a fool. What do I do?
Submitted April 25, 2018 at 09:55PM by woolymangaming
via reddit https://ift.tt/2Htujtk
reddit
r/security - Found vulnerability at work. Not sysadmin or security engineer. How should I bring this up without looking like Chicken…
0 votes and 1 so far on reddit
Hackers built a "master key" for millions of hotel door locks
https://ift.tt/2qWuGq3
Submitted April 25, 2018 at 09:49PM by DuncanIdahos8thClone
via reddit https://ift.tt/2HOg7Pk
https://ift.tt/2qWuGq3
Submitted April 25, 2018 at 09:49PM by DuncanIdahos8thClone
via reddit https://ift.tt/2HOg7Pk
ZDNet
Hackers built a 'master key' for millions of hotel rooms
New research shows how hackers can manipulate hotel room key cards to gain access to an entire building.
Fuzzing Adobe Reader for exploitable vulns (fun != profit)
https://ift.tt/2vKHi8I
Submitted April 25, 2018 at 10:15PM by kciredor_
via reddit https://ift.tt/2JqJKTN
https://ift.tt/2vKHi8I
Submitted April 25, 2018 at 10:15PM by kciredor_
via reddit https://ift.tt/2JqJKTN
kciredor’s information security blog
Fuzzing Adobe Reader for exploitable vulns (fun != profit)
Binaries vs websites It has been half a year since my last blog post covering an IDOR in a website API. About time to write about something new and hopefully interesting! Having switched my focus from websites to binaries a new world opened up to me.
Fuzzing Adobe Reader for exploitable vulns (fun != profit)
https://ift.tt/2vKHi8I
Submitted April 25, 2018 at 10:15PM by kciredor_
via reddit https://ift.tt/2JqJKTN
https://ift.tt/2vKHi8I
Submitted April 25, 2018 at 10:15PM by kciredor_
via reddit https://ift.tt/2JqJKTN
kciredor’s information security blog
Fuzzing Adobe Reader for exploitable vulns (fun != profit)
Binaries vs websites It has been half a year since my last blog post covering an IDOR in a website API. About time to write about something new and hopefully interesting! Having switched my focus from websites to binaries a new world opened up to me.
Protecting RSA-based Protocols Against Adaptive Chosen-Ciphertext Attacks
https://ift.tt/2vGkJSL
Submitted April 25, 2018 at 09:41PM by sarciszewski
via reddit https://ift.tt/2r0dn6H
https://ift.tt/2vGkJSL
Submitted April 25, 2018 at 09:41PM by sarciszewski
via reddit https://ift.tt/2r0dn6H
Paragonie
Protecting RSA-based Protocols Against Adaptive Chosen-Ciphertext Attacks - Paragon Initiative Enterprises Blog
A deep dive into preventing chosen-ciphertext (e.g. padding oracle) attacks against RSA in custom encrypted transport protocols.
Nintendo Switches Hacked to Run Linux—Unpatchable Exploit Released
https://ift.tt/2KbPEJM
Submitted April 25, 2018 at 10:01PM by NISMO1968
via reddit https://ift.tt/2JnnxWU
https://ift.tt/2KbPEJM
Submitted April 25, 2018 at 10:01PM by NISMO1968
via reddit https://ift.tt/2JnnxWU
The Hacker News
Nintendo Switches Hacked to Run Linux—Unpatchable Exploit Released
Security researchers released exploit for Tegra X1 Nintendo Switches, Fusée Gelée and ShofEL2, which allows device owners to install Linux or run unofficial games.
Details on a Java type confusion bug recently patched by Oracle. It could allow an attacker with low execution privileges to bypass the SecurityManager and escalate privileges.
https://ift.tt/2FgNLrq
Submitted April 25, 2018 at 10:26PM by RedmondSecGnome
via reddit https://ift.tt/2HqM8NP
https://ift.tt/2FgNLrq
Submitted April 25, 2018 at 10:26PM by RedmondSecGnome
via reddit https://ift.tt/2HqM8NP
Zero Day Initiative
When Java throws you a Lemon, make Limenade: Sandbox escape by type confusion
Last week, Oracle released their quarterly Critical Patch Update (CPU) . Seven of these bugs were submitted through the Zero Day Initiative (ZDI) program, and one of these bugs was quite reminiscent of the Java submissions in late 2012 and early 2013. The…
Hotel door locks worldwide were vulnerable to hack
https://ift.tt/2vPKIXE
Submitted April 25, 2018 at 10:16PM by kitaree00
via reddit https://ift.tt/2qY1u16
https://ift.tt/2vPKIXE
Submitted April 25, 2018 at 10:16PM by kitaree00
via reddit https://ift.tt/2qY1u16
BBC News
Hotel door locks worldwide were vulnerable to hack
Cyber-security researchers found a way to unlock rooms across the world without leaving a trace.
Suspicious Activity Is Being Detected?… Right?…
https://ift.tt/2Hr4RsB
Submitted April 26, 2018 at 12:42AM by JustAPenTester
via reddit https://ift.tt/2r0GLtB
https://ift.tt/2Hr4RsB
Submitted April 26, 2018 at 12:42AM by JustAPenTester
via reddit https://ift.tt/2r0GLtB
Fidus InfoSecurity | Cyber Security, Penetration Testing, Red Teaming
Suspicious Activity Is Being Detected?... Right?...
We take a look at how the big names who are handling your data are detecting suspicious activity on your account(s) and keeping you safe, or not.
Drupal core - Critical - Remote Code Execution - SA-CORE-2018-004
https://ift.tt/2HRgQyY
Submitted April 26, 2018 at 01:14AM by grepnork
via reddit https://ift.tt/2FflsKb
https://ift.tt/2HRgQyY
Submitted April 26, 2018 at 01:14AM by grepnork
via reddit https://ift.tt/2FflsKb