You weren't hacked, Google tells Gmail users who received spam from themselves
https://ift.tt/2F9dJxd
Submitted April 27, 2018 at 08:11PM by yourbasicgeek
via reddit https://ift.tt/2vRcC5K
https://ift.tt/2F9dJxd
Submitted April 27, 2018 at 08:11PM by yourbasicgeek
via reddit https://ift.tt/2vRcC5K
TechRepublic
You weren't hacked, Google tells Gmail users who received spam from themselves
The method behind the spam glitch was spotted last year but ignored by Google
Malwarebytes CrackMe 2: try another challenge
https://ift.tt/2Hvgw9L
Submitted April 27, 2018 at 09:04PM by EvanConover
via reddit https://ift.tt/2HSYAp4
https://ift.tt/2Hvgw9L
Submitted April 27, 2018 at 09:04PM by EvanConover
via reddit https://ift.tt/2HSYAp4
Malwarebytes Labs
Malwarebytes CrackMe 2: try another challenge - Malwarebytes Labs
Last November, we launched the first Malwarebytes CrackMe. Encouraged by an overwhelmingly positive response, we decided to repeat the game—this time making it even harder and more fun.
Moving in the Right Direction: New NIST Best Practices for Cyber
https://ift.tt/2HC24Zx
Submitted April 27, 2018 at 08:42PM by DEAF-LAMONT
via reddit https://ift.tt/2HSYBt8
https://ift.tt/2HC24Zx
Submitted April 27, 2018 at 08:42PM by DEAF-LAMONT
via reddit https://ift.tt/2HSYBt8
CyberScout
Moving in the Right Direction: New NIST Best Practices for Cyber
The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) has released its first major revision to their standards and best practices for cybersecurity policy this month.
I want to buy an IP network based camera that can be LAN only (no cloud connected services) what do I look for?
I just want to look for an average/lowish cost camera that I can access over the LAN network but one that does not reach out to the internet, because frankly there is no brand that I trust enough to use their cloud solutions for surveillance recording of the house. I just want to be able to have VLC or something open on the computer and see what is going on near our front yard.I just do not know what search terms to look for because the market is flooded with rubbish and lots of it is cloud based "easy set up" "access anywhere in the world" kinds of things that I absolutely do not want.Thanks.
Submitted April 27, 2018 at 10:36PM by morthawt
via reddit https://ift.tt/2I4dKFy
I just want to look for an average/lowish cost camera that I can access over the LAN network but one that does not reach out to the internet, because frankly there is no brand that I trust enough to use their cloud solutions for surveillance recording of the house. I just want to be able to have VLC or something open on the computer and see what is going on near our front yard.I just do not know what search terms to look for because the market is flooded with rubbish and lots of it is cloud based "easy set up" "access anywhere in the world" kinds of things that I absolutely do not want.Thanks.
Submitted April 27, 2018 at 10:36PM by morthawt
via reddit https://ift.tt/2I4dKFy
reddit
r/security - I want to buy an IP network based camera that can be LAN only (no cloud connected services) what do I look for?
1 votes and 0 so far on reddit
DLink DCS-5020L Day n’ Night Camera Remote Code Execution Walkthrough - CVE-2017-17020
https://ift.tt/2HQlOfF
Submitted April 27, 2018 at 11:23PM by JustAPenTester
via reddit https://ift.tt/2HyxjVt
https://ift.tt/2HQlOfF
Submitted April 27, 2018 at 11:23PM by JustAPenTester
via reddit https://ift.tt/2HyxjVt
Fidus InfoSecurity | Cyber Security, Penetration Testing, Red Teaming
DLink DCS-5020L Remote Code Execution - CVE-2017-17020
Finding exploits in Internet of Things (IOT) devices doesn't need to be difficult. In this post we step through a DLink Camera and walk you through how we identified a remote code execution vulnerability.
Breaking into an iOS app
Let’s say someone breaks into your iPhone. How easy would it be the break into a locked app (mainly Keeply) where you store certain things you wouldn’t want other people to know about (maybe say a large collection of suggestive Speedo photos)? Thanks for the help!
Submitted April 28, 2018 at 12:30AM by MuffinsMcSassyPants
via reddit https://ift.tt/2HwmQ0P
Let’s say someone breaks into your iPhone. How easy would it be the break into a locked app (mainly Keeply) where you store certain things you wouldn’t want other people to know about (maybe say a large collection of suggestive Speedo photos)? Thanks for the help!
Submitted April 28, 2018 at 12:30AM by MuffinsMcSassyPants
via reddit https://ift.tt/2HwmQ0P
reddit
r/security - Breaking into an iOS app
2 votes and 1 so far on reddit
Gpnoscript.exe - another #LOLBin
https://ift.tt/2Fn5bCW
Submitted April 28, 2018 at 12:46AM by oddvarmoe
via reddit https://ift.tt/2HzUoqG
https://ift.tt/2Fn5bCW
Submitted April 28, 2018 at 12:46AM by oddvarmoe
via reddit https://ift.tt/2HzUoqG
Oddvar Moe's Blog
GPnoscript.exe – another LOLBin to the list
TL;DR – GPO noscripts can be defined for user and started with GPScript.exe /Logon – Logonnoscripts do not show up in Autoruns.exe I started to play around with GPnoscript.exe here the…
Gpnoscript.exe - another #LOLBin
https://ift.tt/2Fn5bCW
Submitted April 28, 2018 at 12:46AM by oddvarmoe
via reddit https://ift.tt/2HzUoqG
https://ift.tt/2Fn5bCW
Submitted April 28, 2018 at 12:46AM by oddvarmoe
via reddit https://ift.tt/2HzUoqG
Oddvar Moe's Blog
GPnoscript.exe – another LOLBin to the list
TL;DR – GPO noscripts can be defined for user and started with GPScript.exe /Logon – Logonnoscripts do not show up in Autoruns.exe I started to play around with GPnoscript.exe here the…
A few thoughts on Ray Ozzie’s “Clear” Key Escrow Proposal
https://ift.tt/2vNaCvf
Submitted April 28, 2018 at 01:17AM by speckz
via reddit https://ift.tt/2Fn9TjO
https://ift.tt/2vNaCvf
Submitted April 28, 2018 at 01:17AM by speckz
via reddit https://ift.tt/2Fn9TjO
A Few Thoughts on Cryptographic Engineering
A few thoughts on Ray Ozzie’s “Clear” Proposal
Yesterday I happened upon a Wired piece by Steven Levy that covers Ray Ozzie’s proposal for “CLEAR”. I’m quoted at the end of the piece (saying nothing much), so I knew the piece was coming. …
Cybersecurity teams that don't interact much perform best
https://ift.tt/2r3oigU
Submitted April 28, 2018 at 03:02AM by EvanConover
via reddit https://ift.tt/2Fm5i1F
https://ift.tt/2r3oigU
Submitted April 28, 2018 at 03:02AM by EvanConover
via reddit https://ift.tt/2Fm5i1F
EurekAlert!
Cybersecurity teams that don't interact much perform best
Army scientists recently found that the best, high-performing cybersecurity teams have relatively few interactions with their team-members and team captain.
Army researchers find the best cyber teams are antisocial cyber teams
https://ift.tt/2HWDaao
Submitted April 28, 2018 at 03:39AM by CrankyBear
via reddit https://ift.tt/2JyYy2Z
https://ift.tt/2HWDaao
Submitted April 28, 2018 at 03:39AM by CrankyBear
via reddit https://ift.tt/2JyYy2Z
Ars Technica
Army researchers find the best cyber teams are antisocial cyber teams
High-performing blue teams are "purposive social systems"—they shut up and work.
PoC Code Published for Triggering an Instant BSOD on All Recent Windows Versions
https://ift.tt/2JveJ0U
Submitted April 28, 2018 at 10:42AM by Horus_Sirius
via reddit https://ift.tt/2HYQjjk
https://ift.tt/2JveJ0U
Submitted April 28, 2018 at 10:42AM by Horus_Sirius
via reddit https://ift.tt/2HYQjjk
TSecurity Portal
PoC Code Published for Triggering an Instant BSOD on All Recent Windows Versions
Three Ways to Remove ESET Internet Security! Get What You Want!
https://ift.tt/2jbLe9l
Submitted April 28, 2018 at 02:55PM by nowhereweggo
via reddit https://ift.tt/2HysOtZ
https://ift.tt/2jbLe9l
Submitted April 28, 2018 at 02:55PM by nowhereweggo
via reddit https://ift.tt/2HysOtZ
Google Inbox spoofing vulnerability
https://ift.tt/2HWrVyU
Submitted April 28, 2018 at 04:43PM by ga-vu
via reddit https://ift.tt/2r1Q65p
https://ift.tt/2HWrVyU
Submitted April 28, 2018 at 04:43PM by ga-vu
via reddit https://ift.tt/2r1Q65p
reddit
r/security - Google Inbox spoofing vulnerability
1 votes and 0 so far on reddit
Heap History Viewer v0.5: A program to draw rectangles from heap traces
https://ift.tt/2FpeFNS
Submitted April 28, 2018 at 08:12PM by TheUglyStranger
via reddit https://ift.tt/2Ko5EZ9
https://ift.tt/2FpeFNS
Submitted April 28, 2018 at 08:12PM by TheUglyStranger
via reddit https://ift.tt/2Ko5EZ9
GitHub
thomasdullien/heap_history_viewer
heap_history_viewer - A program to draw rectangles from heap traces.
Rubella Macro Kit: Indicators of Compromise (IOCs)
https://ift.tt/2vSBjyC
Submitted April 28, 2018 at 09:40PM by digicat
via reddit https://ift.tt/2r77i9v
https://ift.tt/2vSBjyC
Submitted April 28, 2018 at 09:40PM by digicat
via reddit https://ift.tt/2r77i9v
A SOCless Detection Team at Netflix
https://ift.tt/2HEWiqo
Submitted April 28, 2018 at 09:21PM by digicat
via reddit https://ift.tt/2jdQNUJ
https://ift.tt/2HEWiqo
Submitted April 28, 2018 at 09:21PM by digicat
via reddit https://ift.tt/2jdQNUJ
Linkedin
A SOCless Detection Team at Netflix
I am excited to share that we are investing in additional detection capabilities as part of the SIRT mission. There are a number of existing detection
Password Protect Factory Reset
Is there a way to password protect factory resetting Windows PCs? Or is there a way to do a lockout so that even after a reset, a password would be needed to access the PC (like locking out a Mac)? If this is possible, how?
Submitted April 28, 2018 at 09:46PM by Averyoffthegrid
via reddit https://ift.tt/2JzGAgx
Is there a way to password protect factory resetting Windows PCs? Or is there a way to do a lockout so that even after a reset, a password would be needed to access the PC (like locking out a Mac)? If this is possible, how?
Submitted April 28, 2018 at 09:46PM by Averyoffthegrid
via reddit https://ift.tt/2JzGAgx
reddit
Password Protect Factory Reset • r/security
Is there a way to password protect factory resetting Windows PCs? Or is there a way to do a lockout so that even after a reset, a password would...
Abusing DCOM For Yet Another Lateral Movement Technique (Bohops)
https://ift.tt/2r6QbEK
Submitted April 28, 2018 at 11:41PM by TechLord2
via reddit https://ift.tt/2JzRnax
https://ift.tt/2r6QbEK
Submitted April 28, 2018 at 11:41PM by TechLord2
via reddit https://ift.tt/2JzRnax
| bohops |
Abusing DCOM For Yet Another Lateral Movement Technique
TL;DR This post discusses an alternate DCOM lateral movement discovery and payload execution method. The primary gist is to locate DCOM registry key/values that point to the path of a binary on th…
The Cloud Shadow Admin Threat: 10 Permissions to Protect (With Open Source Tool SkyArk - See Comment)
https://ift.tt/2HzINrP
Submitted April 29, 2018 at 12:05AM by TechLord2
via reddit https://ift.tt/2HDgYDe
https://ift.tt/2HzINrP
Submitted April 29, 2018 at 12:05AM by TechLord2
via reddit https://ift.tt/2HDgYDe
CyberArk
The Cloud Shadow Admin Threat: 10 Permissions to Protect - CyberArk
Organizations worldwide are moving to the cloud – and that migration is creating the threat of shadow admins. On-premises shadow admin accounts have sensitive privileges and are typically overlooked because they are not members of a privileged Active Directory…
Exploring Branch Target Injection (Google Project Zero PDF Slides)
https://ift.tt/2KmJgiH
Submitted April 28, 2018 at 11:51PM by TechLord2
via reddit https://ift.tt/2r6y8Pe
https://ift.tt/2KmJgiH
Submitted April 28, 2018 at 11:51PM by TechLord2
via reddit https://ift.tt/2r6y8Pe
Google Docs
branch injection infiltrate slides.pdf