Netsec – Telegram
Netsec
@RNetsec
7.38K subscribers
22.4K links
This channel posts the feed from r/netsec.
For any suggestions dm @streaak
Donate to keep the bot running https://www.paypal.me/akhilgv
Download Telegram
About
Blog
Apps
Platform
Join
Netsec
7.38K subscribers
Netsec
First Case of X-Ray Malware Revealed
https://ift.tt/2JnV5nC

Submitted April 25, 2018 at 05:51PM by htbridgedigital
via reddit https://ift.tt/2HpE2Fo
Htbridge
First Case of X-Ray Malware Revealed?
Security nightmare as new attack campaign targets healthcare providers - and even high-end medical scanning machines...
99 views
Netsec
Security In 5: Episode 224 - Mini Series - Top 10 Reasons To Pen Test - 5 - Understand If Awareness Is Needed
https://ift.tt/2qXPs90

Submitted April 25, 2018 at 06:33PM by BinaryBlog
via reddit https://ift.tt/2vMM4ma
Libsyn
Security In Five Podcast: Episode 224 - Mini Series - Top 10 Reasons To Pen Test - 5 - Understand If Awareness Is Needed
Continuing with the mini series Top 10 Reason Why You Should Run Pen Tests we hit number 5. Number 5 is about using Pen tests to see if your security awareness programs are effective and if they need improvements. This episode goes into the details.    Be…
101 views
Netsec
NSA encryption plan (SIMON/SPECK) for ‘internet of things’ rejected by international body
https://ift.tt/2K7SXBP

Submitted April 25, 2018 at 09:19PM by RFC-1925
via reddit https://ift.tt/2JtuUMy
WikiTribune
Exclusive: NSA encryption plan for ‘internet of things’ rejected by international body
An attempt by the U.S. National Security Agency (NSA) to set two types of encryption as global standards suffered a major setback on Tuesday, after online security experts from countries
97 views
Netsec
British security start-up launches lip-sync authentication technology
https://ift.tt/2qYDhYE

Submitted April 25, 2018 at 08:42PM by moooooky
via reddit https://ift.tt/2qXsY89
http://www.v3.co.uk
British security start-up launches lip-sync authentication technology | V3
AimBrain adds lip-sync capabilities to its biometrics system
96 views
Netsec
Found vulnerability at work. Not sysadmin or security engineer. How should I bring this up without looking like Chicken Little?
I work in IT for a (somewhat) small company. It’s still large enough to pull in big revenue, so I consider this issue to be something that could really harm the company. Anyway, I don’t want to go too deep into detail as I’m not sure what I can publicly disclose. What I can say is that this vulnerability is easy enough to notice that somebody with little computer knowledge could easily bypass this and gain access to unauthorized systems.I went to school for a 4 year degree in infosec, so I am fairly confident this is something to be considered a big deal. However, I’m new to this company and I was not hired in an infosec role (they don’t have one and there is currently nobody who manages vulnerabilities). I really like the company I work for and I really want to help them since I have the knowledge and I am aware that what I am seeing very likely could cause issues, if it hasn’t already.What would you recommend I do?TL;DR: New guy. Hired in IT (general position, sort of do a little bit of everything). Went to school for infosec. Found vulnerability. Don’t want to be “chicken little”, but want to let company know about the vulnerability without looking like a fool. What do I do?

Submitted April 25, 2018 at 09:55PM by woolymangaming
via reddit https://ift.tt/2Htujtk
reddit
r/security - Found vulnerability at work. Not sysadmin or security engineer. How should I bring this up without looking like Chicken…
0 votes and 1 so far on reddit
99 views
Netsec
Hackers built a "master key" for millions of hotel door locks
https://ift.tt/2qWuGq3

Submitted April 25, 2018 at 09:49PM by DuncanIdahos8thClone
via reddit https://ift.tt/2HOg7Pk
ZDNet
Hackers built a 'master key' for millions of hotel rooms
New research shows how hackers can manipulate hotel room key cards to gain access to an entire building.
93 views
Netsec
Fuzzing Adobe Reader for exploitable vulns (fun != profit)
https://ift.tt/2vKHi8I

Submitted April 25, 2018 at 10:15PM by kciredor_
via reddit https://ift.tt/2JqJKTN
kciredor’s information security blog
Fuzzing Adobe Reader for exploitable vulns (fun != profit)
Binaries vs websites It has been half a year since my last blog post covering an IDOR in a website API. About time to write about something new and hopefully interesting! Having switched my focus from websites to binaries a new world opened up to me.
94 views
Netsec
Fuzzing Adobe Reader for exploitable vulns (fun != profit)
https://ift.tt/2vKHi8I

Submitted April 25, 2018 at 10:15PM by kciredor_
via reddit https://ift.tt/2JqJKTN
kciredor’s information security blog
Fuzzing Adobe Reader for exploitable vulns (fun != profit)
Binaries vs websites It has been half a year since my last blog post covering an IDOR in a website API. About time to write about something new and hopefully interesting! Having switched my focus from websites to binaries a new world opened up to me.
94 views
Netsec
Protecting RSA-based Protocols Against Adaptive Chosen-Ciphertext Attacks
https://ift.tt/2vGkJSL

Submitted April 25, 2018 at 09:41PM by sarciszewski
via reddit https://ift.tt/2r0dn6H
Paragonie
Protecting RSA-based Protocols Against Adaptive Chosen-Ciphertext Attacks - Paragon Initiative Enterprises Blog
A deep dive into preventing chosen-ciphertext (e.g. padding oracle) attacks against RSA in custom encrypted transport protocols.
94 views
Netsec
Nintendo Switches Hacked to Run Linux—Unpatchable Exploit Released
https://ift.tt/2KbPEJM

Submitted April 25, 2018 at 10:01PM by NISMO1968
via reddit https://ift.tt/2JnnxWU
The Hacker News
Nintendo Switches Hacked to Run Linux—Unpatchable Exploit Released
Security researchers released exploit for Tegra X1 Nintendo Switches, Fusée Gelée and ShofEL2, which allows device owners to install Linux or run unofficial games.
89 views
Netsec
Details on a Java type confusion bug recently patched by Oracle. It could allow an attacker with low execution privileges to bypass the SecurityManager and escalate privileges.
https://ift.tt/2FgNLrq

Submitted April 25, 2018 at 10:26PM by RedmondSecGnome
via reddit https://ift.tt/2HqM8NP
Zero Day Initiative
When Java throws you a Lemon, make Limenade: Sandbox escape by type confusion
Last week, Oracle released their quarterly Critical Patch Update (CPU) . Seven of these bugs were submitted through the Zero Day Initiative (ZDI) program, and one of these bugs was quite reminiscent of the Java submissions in late 2012 and early 2013. The…
84 views
Netsec
Hotel door locks worldwide were vulnerable to hack
https://ift.tt/2vPKIXE

Submitted April 25, 2018 at 10:16PM by kitaree00
via reddit https://ift.tt/2qY1u16
BBC News
Hotel door locks worldwide were vulnerable to hack
Cyber-security researchers found a way to unlock rooms across the world without leaving a trace.
83 views
Netsec
Suspicious Activity Is Being Detected?… Right?…
https://ift.tt/2Hr4RsB

Submitted April 26, 2018 at 12:42AM by JustAPenTester
via reddit https://ift.tt/2r0GLtB
Fidus InfoSecurity | Cyber Security, Penetration Testing, Red Teaming
Suspicious Activity Is Being Detected?... Right?...
We take a look at how the big names who are handling your data are detecting suspicious activity on your account(s) and keeping you safe, or not.
82 views
Netsec
Drupal core - Critical - Remote Code Execution - SA-CORE-2018-004
https://ift.tt/2HRgQyY

Submitted April 26, 2018 at 01:14AM by grepnork
via reddit https://ift.tt/2FflsKb
80 views
Netsec
DDoS-for-Hire Service Webstresser Dismantled
https://ift.tt/2vJsozs

Submitted April 26, 2018 at 01:19AM by volci
via reddit https://ift.tt/2qWG2uy
reddit
r/security - DDoS-for-Hire Service Webstresser Dismantled
1 votes and 0 so far on reddit
81 views
Netsec
With Drupalgeddon2 still under attack, Drupal fixes a new critical flaw
https://ift.tt/2HqZOnV

Submitted April 26, 2018 at 01:05AM by campuscodi
via reddit https://ift.tt/2HvbSEW
Ars Technica
Drupal warns of new remote-code bug, the second in four weeks
The risk this time is lower, but the threat is still real.
83 views
Netsec
Open, Closed, and Privacy
https://ift.tt/2vNn7Hg

Submitted April 26, 2018 at 01:59AM by volci
via reddit https://ift.tt/2Hw6i9q
Stratechery by Ben Thompson
Open, Closed, and Privacy
Just as encryption is only viable on closed systems, so it is that increased privacy regulations will only entrench walled gardens. That should affect thinking on regulation.
87 views
Netsec
[x-post] Cybersecurity expert with 14 years of experience gives advice about how to break into the field.
https://ift.tt/2vMaxrN

Submitted April 26, 2018 at 03:43AM by barmalade
via reddit https://ift.tt/2HPjbL4
reddit
I am an expert with 14 years of experience in... • r/cybersecurity
Greetings r/cybersecurity! Brief background on myself: I originally transitioned into this field from an IT role, and have extensive experience...
90 views
Netsec
Fuze Multi-Card Technology Security Review
https://ift.tt/2JqW32l

Submitted April 26, 2018 at 07:03AM by Gallus
via reddit https://ift.tt/2I02F8l
90 views
Netsec
GUI Application for Aircrack, Airodump, Aireplay, MDK3 and Reaver Tools [Android] with Full Sources (See Comment)
https://ift.tt/2iqPSxS

Submitted April 26, 2018 at 07:17AM by TechLord2
via reddit https://ift.tt/2r5C5np
GitHub
chrisk44/Hijacker
Hijacker - Aircrack, Airodump, Aireplay, MDK3 and Reaver GUI Application for Android
91 views
Netsec
How to get your first job as a hacker
https://ift.tt/2K2lJ6y

Submitted April 26, 2018 at 08:37AM by hakluke
via reddit https://ift.tt/2I0zNgj
Medium
How to Get Your First Job as a Hacker
As it happens, the company I work for is currently hiring cyber people on the Australian east coast. If that sounds like something you’re…
91 views