Who’s Watching the Watchers (Vol. II): Norton Core Secure WiFi Router
https://ift.tt/2KqNbv4
Submitted May 02, 2018 at 01:07AM by cbolat
via reddit https://ift.tt/2Fz1QAz
https://ift.tt/2KqNbv4
Submitted May 02, 2018 at 01:07AM by cbolat
via reddit https://ift.tt/2Fz1QAz
Embedi
Who’s Watching the Watchers (Vol. II): Norton Core Secure WiFi Router
Recently, the articles on hacking IoT devices and their poor security are whirling over the media. In conjunction with that, Trustwave has published its report. There, it is stated that the number of those enterprises that use IoT devices is growing, and…
Finding a Privilege Escalation Vulnerability in CylancePROTECT
https://ift.tt/2KvOgBE
Submitted May 02, 2018 at 12:58AM by ryhanson
via reddit https://ift.tt/2FxGOTc
https://ift.tt/2KvOgBE
Submitted May 02, 2018 at 12:58AM by ryhanson
via reddit https://ift.tt/2FxGOTc
Atredis Partners
Escalating Privileges with CylancePROTECT
CylancePROTECT contains a privilege escalation vulnerability due to the update service granting Users Modify permissions on the log folder, as well as any log file it writes. This allows any user to empty the folder and use it as a Mount Point, which can…
AWS considers domain fronting a ToS violation and threatens to suspend accounts
https://ift.tt/2FvO0yV
Submitted May 02, 2018 at 01:48AM by kpcyrd
via reddit https://ift.tt/2HHUA7v
https://ift.tt/2FvO0yV
Submitted May 02, 2018 at 01:48AM by kpcyrd
via reddit https://ift.tt/2HHUA7v
signal.org
Amazon threatens to suspend Signal's AWS account over censorship circumvention
Last week, we received the following email from Amazon: From: Wong, [redacted] Subject: Notification of potential account suspension regarding AWS Service Terms Moxie, Yesterday AWS became aware of your Github and Hacker News/ycombinator posts describing…
What security concerns should you have at conferences? A semi-humorous view...
https://ift.tt/2vYCz3r
Submitted May 02, 2018 at 02:14AM by bowyers_lime
via reddit https://ift.tt/2HKxqNL
https://ift.tt/2vYCz3r
Submitted May 02, 2018 at 02:14AM by bowyers_lime
via reddit https://ift.tt/2HKxqNL
Alice, Eve and Bob - a security blog
Security at conferences – a semi-humorous view
Next week, I’ll be attending and speaking at Red Hat Summit in San Francisco. I’ve written before about how annoying I find it when people don’t stay on topic at conferences, so…
GitHub bug exposes plaintext passwords to internal logging system
https://imgur.com/a/NwM57Bn
Submitted May 02, 2018 at 02:43AM by cefel
via reddit https://ift.tt/2HKuyAC
https://imgur.com/a/NwM57Bn
Submitted May 02, 2018 at 02:43AM by cefel
via reddit https://ift.tt/2HKuyAC
reddit
GitHub bug exposes plaintext passwords to internal... • r/security
[https://imgur.com/a/NwM57Bn](https://imgur.com/a/NwM57Bn)
Monthly IoT Security News Roundup, April 2018
https://ift.tt/2rdwrzy
Submitted May 02, 2018 at 02:21AM by Iot_Security
via reddit https://ift.tt/2jm6jhG
https://ift.tt/2rdwrzy
Submitted May 02, 2018 at 02:21AM by Iot_Security
via reddit https://ift.tt/2jm6jhG
SecuriThings
Monthly IoT Security News Roundup, April 2018
When the masses start to use industry terminology, things have clearly gone mainstream. IoT is now mainstream, and there is no turning back. But, is security ready to move ahead at the speed of [...]
What is the best way to check whether my laptop has been hacked?
Does anyone know if there is any way to check 100% whether my laptop has been hacked or not (besides simply running antivirus software)? Are there any tools or a combination of tools available (preferably free) to do that?It is an Apple laptop.
Submitted May 02, 2018 at 02:50AM by crypto_pro585
via reddit https://ift.tt/2JFz2c4
Does anyone know if there is any way to check 100% whether my laptop has been hacked or not (besides simply running antivirus software)? Are there any tools or a combination of tools available (preferably free) to do that?It is an Apple laptop.
Submitted May 02, 2018 at 02:50AM by crypto_pro585
via reddit https://ift.tt/2JFz2c4
reddit
What is the best way to check whether my laptop has... • r/security
Does anyone know if there is any way to check 100% whether my laptop has been hacked or not \(besides simply running antivirus software\)? Are...
IoT Inspector Tool from Princeton
https://ift.tt/2rcDI1z
Submitted May 02, 2018 at 05:00AM by volci
via reddit https://ift.tt/2rjW6Xt
https://ift.tt/2rcDI1z
Submitted May 02, 2018 at 05:00AM by volci
via reddit https://ift.tt/2rjW6Xt
reddit
IoT Inspector Tool from Princeton • r/security
1 points and 0 comments so far on reddit
Tech giants urge governor to veto Georgia cybercrime bill
https://ift.tt/2IcmX0W
Submitted May 02, 2018 at 04:59AM by volci
via reddit https://ift.tt/2JGgzMQ
https://ift.tt/2IcmX0W
Submitted May 02, 2018 at 04:59AM by volci
via reddit https://ift.tt/2JGgzMQ
phys.org
Tech giants urge governor to veto Georgia cybercrime bill
Tech giants Google and Microsoft have joined a chorus or cybersecurity experts urging Georgia Gov. Nathan Deal to veto a bill that makes unauthorized computer access a crime punishable by up to a year ...
GitHub accidentally writes clear text user passwords to logs
https://ift.tt/2redigJ
Submitted May 02, 2018 at 04:53AM by Wruczek
via reddit https://ift.tt/2rfsfhK
https://ift.tt/2redigJ
Submitted May 02, 2018 at 04:53AM by Wruczek
via reddit https://ift.tt/2rfsfhK
BleepingComputer
GitHub Accidentally Recorded Some Plaintext Passwords in Its Internal Logs
In an email sent out today, GitHub has warned a select number of users that a bug in its password reset functionality has recorded users' passwords in plaintext format inside the company's internal logs.
I got hacked by malware service on window please help me
A few years ago I noticed my beloved ex laptop with A great space ram and everything else getting slowed down. I was a newbie but my instinct told me it's hacked.It was a service-based malware that runs whenever the pc runs too. It has deleted my user permission and added their user group and permissions as well to my pc.I have decided to step up and do something..it's my pc after all. I tried to locate the place of there server through the services and I was able to locate a few of them. However I am bored with the message access denied or the infamous "need permissions" to just delete their files off my pc. It is more infectious than HIV ( if we're able to compare ) as it is infectious after the 1st contact with any removable , where it goes totally undetected. You could only detect it after getting infected where you would be able to shut your eyes off the data that continue screaming at you saying " your pc is mine" by the gpu usage ram usage and even HDD Occupation. Other than that they use and override office services(Click to run) ..Netflix , Nvidia's cuda and update services ,along with sound capture (Realtek) and screen capture "smartscreen" [I'm just naming a few services that got my mind boggling over the past few years].I got one day so angry I tried to shut down their services manually However, they have studied and prepared everything. They have inherited permissions that renders my trials useless as their services inherit each other plus they have the ability to reproduce and reopen whenever I close them whike the Boss service keeps telling me Access denied. The irony is after closing a few of their services off my screen got manipulated! Whenever I open a folder .. the files names got (seemingly)erased and even the contents of a few of my other files got tampered besides the increase slow run of my ex laptop made me just frustrated by this daunting and never ending misery.Now I am using a laptop however I needed a few files my CV,and code programmed before thus I had to open the HDD that I once connected with my old one. And you know the rest. The symptoms of the deadly service based malware is back..and I got new news for you fellas.. remember the 99 do I usage I mentioned before now it's completely gone as the gpu usage number is manipulated too and it remains 7% whenever I take a look at it.Guys, How can I best this legendary beast that has been with me for years now? I really want to shut every thing but also there seemed to be lots of useful code that I can learn from too so that I could be as the same level of my predators at the aftermath (fingers crossed).
Submitted May 02, 2018 at 12:29PM by adamwillis91
via reddit https://ift.tt/2Fyz1Vb
A few years ago I noticed my beloved ex laptop with A great space ram and everything else getting slowed down. I was a newbie but my instinct told me it's hacked.It was a service-based malware that runs whenever the pc runs too. It has deleted my user permission and added their user group and permissions as well to my pc.I have decided to step up and do something..it's my pc after all. I tried to locate the place of there server through the services and I was able to locate a few of them. However I am bored with the message access denied or the infamous "need permissions" to just delete their files off my pc. It is more infectious than HIV ( if we're able to compare ) as it is infectious after the 1st contact with any removable , where it goes totally undetected. You could only detect it after getting infected where you would be able to shut your eyes off the data that continue screaming at you saying " your pc is mine" by the gpu usage ram usage and even HDD Occupation. Other than that they use and override office services(Click to run) ..Netflix , Nvidia's cuda and update services ,along with sound capture (Realtek) and screen capture "smartscreen" [I'm just naming a few services that got my mind boggling over the past few years].I got one day so angry I tried to shut down their services manually However, they have studied and prepared everything. They have inherited permissions that renders my trials useless as their services inherit each other plus they have the ability to reproduce and reopen whenever I close them whike the Boss service keeps telling me Access denied. The irony is after closing a few of their services off my screen got manipulated! Whenever I open a folder .. the files names got (seemingly)erased and even the contents of a few of my other files got tampered besides the increase slow run of my ex laptop made me just frustrated by this daunting and never ending misery.Now I am using a laptop however I needed a few files my CV,and code programmed before thus I had to open the HDD that I once connected with my old one. And you know the rest. The symptoms of the deadly service based malware is back..and I got new news for you fellas.. remember the 99 do I usage I mentioned before now it's completely gone as the gpu usage number is manipulated too and it remains 7% whenever I take a look at it.Guys, How can I best this legendary beast that has been with me for years now? I really want to shut every thing but also there seemed to be lots of useful code that I can learn from too so that I could be as the same level of my predators at the aftermath (fingers crossed).
Submitted May 02, 2018 at 12:29PM by adamwillis91
via reddit https://ift.tt/2Fyz1Vb
reddit
r/security - I got hacked by malware service on window please help me
1 votes and 0 so far on reddit
Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords. Hope it helps!
https://ift.tt/2rfhhcb
Submitted May 02, 2018 at 10:49AM by initstring
via reddit https://ift.tt/2JHPAQW
https://ift.tt/2rfhhcb
Submitted May 02, 2018 at 10:49AM by initstring
via reddit https://ift.tt/2JHPAQW
GitHub
initstring/passphrase-wordlist
passphrase-wordlist - Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords
Linux early post boot low entropy in /dev/urandom
https://ift.tt/2HDO59I
Submitted May 02, 2018 at 10:35AM by fproulx
via reddit https://ift.tt/2KwPPiK
https://ift.tt/2HDO59I
Submitted May 02, 2018 at 10:35AM by fproulx
via reddit https://ift.tt/2KwPPiK
reddit
r/netsec - Linux early post boot low entropy in /dev/urandom
3 votes and 0 so far on reddit
Windows Commands Reference - An InfoSec Must Have (PDF Download)
https://ift.tt/2rccedh
Submitted May 02, 2018 at 02:09PM by TechLord2
via reddit https://ift.tt/2jkhKWW
https://ift.tt/2rccedh
Submitted May 02, 2018 at 02:09PM by TechLord2
via reddit https://ift.tt/2jkhKWW
Microsoft Download Center
Windows Commands Reference
A PDF containing an overview and alphabetical listing of Windows commands
Lojack Becomes a Double-Agent (See Comment)
https://ift.tt/2rcPo5r
Submitted May 02, 2018 at 01:48PM by TechLord2
via reddit https://ift.tt/2FB89nh
https://ift.tt/2rcPo5r
Submitted May 02, 2018 at 01:48PM by TechLord2
via reddit https://ift.tt/2FB89nh
Arbor Networks Threat Intelligence
Lojack Becomes a Double-Agent
Executive Summary ASERT recently discovered Lojack agents containing malicious C2s. These hijacked agents pointed to suspected Fancy Bear (a.k.a. APT28, Pawn Storm) domains. The InfoSec community and the U.S. government have both attributed Fancy Bear activity…
86% of Passwords are Terrible (and Other Statistics) *terrifying*
https://ift.tt/2HJcdUt
Submitted May 02, 2018 at 03:47PM by janvt
via reddit https://ift.tt/2rfinEJ
https://ift.tt/2HJcdUt
Submitted May 02, 2018 at 03:47PM by janvt
via reddit https://ift.tt/2rfinEJ
Troy Hunt
86% of Passwords are Terrible (and Other Statistics)
A couple of months ago, I launched version 2 of Pwned Passwords. This is a collection of over half a billion passwords which have previously appeared in data breaches and the intention is that they're used as a black list; these are the "secrets" that NIST…
SpookFlare v2.0 | Stay in shadows!
https://ift.tt/2AQnyyh
Submitted May 02, 2018 at 03:14PM by hlldz
via reddit https://ift.tt/2jnHUYZ
https://ift.tt/2AQnyyh
Submitted May 02, 2018 at 03:14PM by hlldz
via reddit https://ift.tt/2jnHUYZ
GitHub
hlldz/SpookFlare
SpookFlare - Loader, dropper generator with multiple features for bypassing client-side and network-side countermeasures.
Critical RCE Vulnerability Found in Over a Million GPON Home Routers
https://ift.tt/2HDtpih
Submitted May 02, 2018 at 02:48PM by PeterG45
via reddit https://ift.tt/2rgH4AR
https://ift.tt/2HDtpih
Submitted May 02, 2018 at 02:48PM by PeterG45
via reddit https://ift.tt/2rgH4AR
vpnMentor
Critical RCE Vulnerability Found in Over a Million GPON Home Routers | vpnMentor
Here at vpnMentor, we are concerned about your security and privacy. Our special team of hackers & researchers roam the internet to find security issues in sensitive products. We found this RCE vulnerability in the majority of GPON home routers. Read more…
U.S. Leads the World in the Origination of DDoS Attacks
https://ift.tt/2vrAJYq
Submitted May 02, 2018 at 04:13PM by whitehattracker
via reddit https://ift.tt/2FzLpE4
https://ift.tt/2vrAJYq
Submitted May 02, 2018 at 04:13PM by whitehattracker
via reddit https://ift.tt/2FzLpE4
SDxCentral
U.S. Leads the World in the Origination of DDoS Attacks, Says Cen
A CenturyLink security report finds that the United States leads the world in the origination of distributed denial of service (DDoS) attack
Windows Event Log to the Dark Side — Storing Payloads and Configurations
https://ift.tt/2FAg8Ru
Submitted May 02, 2018 at 05:08PM by 5yn74x
via reddit https://ift.tt/2jlIxlH
https://ift.tt/2FAg8Ru
Submitted May 02, 2018 at 05:08PM by 5yn74x
via reddit https://ift.tt/2jlIxlH
Medium
Windows Event Log to the Dark Side — Storing Payloads and Configurations
Storing Payloads and Configurations in Windows Event Log using Powershell…
Top 7 Strange Things We Saw at RSAC 2018
https://ift.tt/2KsipSu
Submitted May 02, 2018 at 05:23PM by Uminekoshi
via reddit https://ift.tt/2w4nDAJ
https://ift.tt/2KsipSu
Submitted May 02, 2018 at 05:23PM by Uminekoshi
via reddit https://ift.tt/2w4nDAJ
Nehemiah Security
Top 7 Strange Things We Saw at RSAC 2018 - Nehemiah Security
Along with the rest of the cyber world, we recently returned from RSAC 2018 (RSA) in San Francisco. RSA is one of the biggest security conferences in the United States. It’s no mystery why every vendor scrambles to promote their company and make it stand…