How is SSL encryption maintained between AWS CloudFront and EC2?
So I recently set up an API on an AWS EC2 instance. To be able to serve responses over HTTPS I used Route 53 to redirect my custom domain to a CloudFront distribution which points to the EC2 instance. My CloudFront distribution is served over HTTPS with a custom certificate. I am not restricting traffic at all to the API.So my question is, is this actually a secure setup or does it give the illusion of security (I would assume the former since Amazon knows what they're doing, but I'm just wondering how)? From my understanding, serving secure content over HTTP is bad because attackers could potentially intercept requests and decode them. HTTPS prevents this by encrypting requests so that only the sender and intended receiver can understand them.So if I make a request over HTTPS from my frontend, here's the path of the request (in my head): from the frontend, to the CF distribution, then to the EC2 instance. Now I know that sending from the frontend to the CloudFront distribution is secure because both of these are secured with SSL. However, as far as I know the connection between the CF distribution and my EC2 instance is insecure, as the EC2 serves content over HTTP.Wouldn't an attacker (theoretically) be able to execute a man-in-the-middle attack between the CF distribution and EC2? But when I connect to my API directly from my browser, I don't get any security warnings and it shows up as SSL encrypted.

Submitted April 27, 2018 at 08:13AM by theasianpianist
via reddit https://ift.tt/2r3WNmD

Can an ISP detect that you're using a VPN?
I'm using a VPN. Can my ISP detect the endpoint for my data and throttle me/lock me out because all or a majority of my transactions are bound for the same (potentially known) endpoint?I have noticed when I use a VPN my internet gets extra spotty and drops out within 20 minutes. Issue is immediately fixed when I close the VPN, reconnect and then restart the VPN--but it eventually happens again.FYI: I use Comcast XFINITY.Are my fears unfounded? Or am I potentially being throttled for real?

Submitted April 27, 2018 at 11:53AM by djarnexus
via reddit https://ift.tt/2FkyDtn

PowerUpSQL: A PowerShell Toolkit for SQL Server discovery, Auditing Config, Privilege Escalation on scale, and Post-Exploitation actions incl OS command execution
https://ift.tt/2cJD2ZD

Submitted April 27, 2018 at 11:52AM by TechLord2
via reddit https://ift.tt/2r2tDEt

Running system commands through Nvidia signed binaries
https://ift.tt/2vLAQOK

Submitted April 26, 2018 at 03:25PM by cr1ys
via reddit https://ift.tt/2r3n858

Week 17 in Information Security, 2018
https://ift.tt/2qZ4XN4

Submitted April 27, 2018 at 01:39PM by undercomm
via reddit https://ift.tt/2Hx8Q2J

Public charging protection. Stay away from data theft.
Once you plug in your device in public charging USB port, data theft can simply access ALL your data.For those who don't know, some charging stations are more than they appear to be and suck your personal information off your phone simply.It is terrifying that some sophisticated malware can also be installed on your smart device while charging.Data blocker assures you just get your battery charged, not your credit cards.Data BlockerAs a traveler, sometimes I do plug in my device into the USB port on plane, airport or the hotel room etc.It's the kind of thing that you should grab one before traveling.This handy data "condom" is perfect. It blocks all the data transfers and only allows charging.

Submitted April 27, 2018 at 02:23PM by MotorZombie
via reddit https://ift.tt/2vPLwMh

Protecting Your Information: Businesses Need File Protection, Especially When Sensitive Policies and Data are Involved www.justwebworld.com
https://ift.tt/2JyK9Uh

Submitted April 27, 2018 at 02:11PM by ashleyjudd
via reddit https://ift.tt/2KkXuAL

NEMESIS - A Command-line Network Packet Crafting and Injection Utility UPDATED (Full Sources) [See Comment]
https://ift.tt/2KiH5Nj

Submitted April 27, 2018 at 07:08PM by TechLord2
via reddit https://ift.tt/2I7dMwA

Question about certs instead of a degree
I got most of my IT security degree done but never finished it, however, I am fully competent in many areas of system administration and security. Now, for a number of reasons I can't go back to finish my degree, would getting a couple of certs (RHCSA, Security+) be the best idea for me to prove to an employer that I know what I'm doing, or do I need a degree of some kind? Also what certs would you recommend?

Submitted April 27, 2018 at 07:07PM by mx1701
via reddit https://ift.tt/2Jwciex

What Does iTunes Have to Do With Outlook?
I installed itunes on my work computer just now, and it prompted a message saying that Outlook was open and if I continued without closing it that it's highly recommended to restart Outlook once the installation is finished.What in the world does that have to do with Outlook? Makes me nervous.

Submitted April 27, 2018 at 06:35PM by jhf94uje897sb
via reddit https://ift.tt/2Ki2JBe

Security In 5: Episode 226 - Tools, Tips and Tricks - Macrium Reflect
https://ift.tt/2JvGHtw

Submitted April 27, 2018 at 06:33PM by BinaryBlog
via reddit https://ift.tt/2Ki2N3W

New C# Ransomware Compiles itself at Runtime
https://ift.tt/2r0YMsC

Submitted April 27, 2018 at 06:31PM by DuncanIdahos8thClone
via reddit https://ift.tt/2HyJhi1

You weren't hacked, Google tells Gmail users who received spam from themselves
https://ift.tt/2F9dJxd

Submitted April 27, 2018 at 08:11PM by yourbasicgeek
via reddit https://ift.tt/2vRcC5K

Malwarebytes CrackMe 2: try another challenge
https://ift.tt/2Hvgw9L

Submitted April 27, 2018 at 09:04PM by EvanConover
via reddit https://ift.tt/2HSYAp4

Moving in the Right Direction: New NIST Best Practices for Cyber
https://ift.tt/2HC24Zx

Submitted April 27, 2018 at 08:42PM by DEAF-LAMONT
via reddit https://ift.tt/2HSYBt8

I want to buy an IP network based camera that can be LAN only (no cloud connected services) what do I look for?
I just want to look for an average/lowish cost camera that I can access over the LAN network but one that does not reach out to the internet, because frankly there is no brand that I trust enough to use their cloud solutions for surveillance recording of the house. I just want to be able to have VLC or something open on the computer and see what is going on near our front yard.I just do not know what search terms to look for because the market is flooded with rubbish and lots of it is cloud based "easy set up" "access anywhere in the world" kinds of things that I absolutely do not want.Thanks.

Submitted April 27, 2018 at 10:36PM by morthawt
via reddit https://ift.tt/2I4dKFy

DLink DCS-5020L Day n’ Night Camera Remote Code Execution Walkthrough - CVE-2017-17020
https://ift.tt/2HQlOfF

Submitted April 27, 2018 at 11:23PM by JustAPenTester
via reddit https://ift.tt/2HyxjVt

Breaking into an iOS app
Let’s say someone breaks into your iPhone. How easy would it be the break into a locked app (mainly Keeply) where you store certain things you wouldn’t want other people to know about (maybe say a large collection of suggestive Speedo photos)? Thanks for the help!

Submitted April 28, 2018 at 12:30AM by MuffinsMcSassyPants
via reddit https://ift.tt/2HwmQ0P

Gpnoscript.exe - another #LOLBin
https://ift.tt/2Fn5bCW

Submitted April 28, 2018 at 12:46AM by oddvarmoe
via reddit https://ift.tt/2HzUoqG

Gpnoscript.exe - another #LOLBin
https://ift.tt/2Fn5bCW

Submitted April 28, 2018 at 12:46AM by oddvarmoe
via reddit https://ift.tt/2HzUoqG

A few thoughts on Ray Ozzie’s “Clear” Key Escrow Proposal
https://ift.tt/2vNaCvf

Submitted April 28, 2018 at 01:17AM by speckz
via reddit https://ift.tt/2Fn9TjO