Miami Cell-Phone Company Agrees to Stop Secretly Sharing Users' Data With Chinese Firm
https://ift.tt/2JVJf4D
Submitted May 05, 2018 at 03:08AM by SuccessfulOperation
via reddit https://ift.tt/2FKQPwh
https://ift.tt/2JVJf4D
Submitted May 05, 2018 at 03:08AM by SuccessfulOperation
via reddit https://ift.tt/2FKQPwh
Miami New Times
Miami Cell-Phone Company Agrees to Stop Secretly Sharing Users' Data With Chinese Firm
Most cell-phone-using Americans might not be familiar with BLU, a Miami-based tech company that makes budget-level Android phones and sells them at markedly cheap prices. But the Federal Trade Commission (FTC) alleges some third-party Chinese data-collection…
Exclusive: Spectre-NG - Multiple new Intel CPU flaws revealed, several serious
https://ift.tt/2HKkMT0
Submitted May 05, 2018 at 12:07PM by fireh7nter
via reddit https://ift.tt/2HPZ6F5
https://ift.tt/2HKkMT0
Submitted May 05, 2018 at 12:07PM by fireh7nter
via reddit https://ift.tt/2HPZ6F5
c't
Exclusive: Spectre-NG - Multiple new Intel CPU flaws revealed, several serious
New flaws and even more patches - "Spectre Next Generation" is just around the corner. According to information exclusively available to c't, researchers have already found eight new security holes in Intel processors.
10 Ways to Encourage Employees to Use GPS Monitoring Systems
https://ift.tt/2FLmQ7p
Submitted May 05, 2018 at 12:23PM by bernadeth1116
via reddit https://ift.tt/2jwWoWx
https://ift.tt/2FLmQ7p
Submitted May 05, 2018 at 12:23PM by bernadeth1116
via reddit https://ift.tt/2jwWoWx
ArticleCube
10 Ways to Encourage Employees to Use GPS Monitoring Systems
In recent years, a small number of cases highlighting the potential dangers of GPS tracking in the workplace have made the Irish headlines. For example, one company was ordered to pay 40,000 EUR in compensation to a former employee when they were found guilty…
Is Aria2 downloads detectable by web servers?
A couple of months ago I signed up for a paid online course. Their terms of service indicate that these video lectures are for streamed viewing and not to be downloaded. There's a 2 hour commute from my home to work and back. Recently I've been downloading these videos and watching a lecture a day during commute.I've been using
Submitted May 05, 2018 at 04:11PM by endofline786
via reddit https://ift.tt/2HSdcWD
A couple of months ago I signed up for a paid online course. Their terms of service indicate that these video lectures are for streamed viewing and not to be downloaded. There's a 2 hour commute from my home to work and back. Recently I've been downloading these videos and watching a lecture a day during commute.I've been using
FlashGot add-on in FireFox with aria2 downloader installed in Ubuntu to download the video lectures. I've set the max-connection-per-server=1 option in aria2. My question is:Will the web servers be able to detect my downloads?Submitted May 05, 2018 at 04:11PM by endofline786
via reddit https://ift.tt/2HSdcWD
reddit
Is Aria2 downloads detectable by web servers? • r/security
A couple of months ago I signed up for a paid online course. Their terms of service indicate that these video lectures are for streamed viewing...
Domain Fronting - Manipulating Host Headers!
https://ift.tt/2jygJe4
Submitted May 05, 2018 at 10:02PM by vysec
via reddit https://ift.tt/2KDQgba
https://ift.tt/2jygJe4
Submitted May 05, 2018 at 10:02PM by vysec
via reddit https://ift.tt/2KDQgba
Vincent Yiu
Host Header Manipulation
TLDR; Host header obfuscation When attacking a target, you never know what sort of rules the blue team has in place to detect you. With a rise in Domain Fronting, which meant that more people were manipuating host headers, I decided to look a bit more into…
Trading on phone LTE network with VPN - Is this secure?
Not sure if im posting in right place - new to reddit. I would like to start trading on iphone LTE and would like to know if VPN secure enough. Thank you.
Submitted May 06, 2018 at 12:06AM by redditor_r
via reddit https://ift.tt/2rnfmTH
Not sure if im posting in right place - new to reddit. I would like to start trading on iphone LTE and would like to know if VPN secure enough. Thank you.
Submitted May 06, 2018 at 12:06AM by redditor_r
via reddit https://ift.tt/2rnfmTH
reddit
Trading on phone LTE network with VPN - Is this secure? • r/security
Not sure if im posting in right place - new to reddit. I would like to start trading on iphone LTE and would like to know if VPN secure enough. ...
Unit Testing Framework for SHA256
https://ift.tt/2IhtLKY
Submitted May 06, 2018 at 04:35AM by Tazebr123
via reddit https://ift.tt/2JTLxRt
https://ift.tt/2IhtLKY
Submitted May 06, 2018 at 04:35AM by Tazebr123
via reddit https://ift.tt/2JTLxRt
WebAssemblyCode
Unit Testing Framework for SHA256 - WebAssemblyCode
Comfort, peace of mind, relieve. Unit testing can bring this kind of emotion. I forgot to mention, it brings dividends too. This article shows that creating a unit testing infrastructure can be very simple....
BetterCap 2.5 - The Swiss Army knife for 802.11, BLE and Ethernet networks reconnaissance and attacks (Full Sources, Blog Article and Docs)
https://ift.tt/2HFXOsC
Submitted May 06, 2018 at 06:18AM by TechLord2
via reddit https://ift.tt/2FNXXI5
https://ift.tt/2HFXOsC
Submitted May 06, 2018 at 06:18AM by TechLord2
via reddit https://ift.tt/2FNXXI5
GitHub
GitHub - bettercap/bettercap: The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks.
The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks. - GitHub - bettercap/bettercap: The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaiss...
Visual Recon – A beginners guide
https://ift.tt/2IkWazX
Submitted May 06, 2018 at 06:48AM by itsecurityguard
via reddit https://ift.tt/2jyXVv4
https://ift.tt/2IkWazX
Submitted May 06, 2018 at 06:48AM by itsecurityguard
via reddit https://ift.tt/2jyXVv4
Bomb Blast Window Film Applications and Benefits for Colorado Springs Properties
https://ift.tt/2rq1ebo
Submitted May 06, 2018 at 09:46AM by COSpringsWindowFilm
via reddit https://ift.tt/2KEumor
https://ift.tt/2rq1ebo
Submitted May 06, 2018 at 09:46AM by COSpringsWindowFilm
via reddit https://ift.tt/2KEumor
Colorado Springs Window Tinting & Film
Bomb Blast Window Film Applications and Benefits for Colorado Springs Properties - Colorado Springs Window Tinting & Film
With so many government buildings, military bases, and secured properties throughout the Colorado Springs area, finding the right security measures is vital. Bomb blast film presents a budget-friendly opportunity for a wide array of buildings to protect employees…
Police Notebook Cover Canada
https://youtu.be/2tRE7HhNlxY
Submitted May 06, 2018 at 02:17PM by gear911
via reddit https://ift.tt/2KFK6rl
https://youtu.be/2tRE7HhNlxY
Submitted May 06, 2018 at 02:17PM by gear911
via reddit https://ift.tt/2KFK6rl
YouTube
Police Notebook Cover Canada
Buy best Police Notebook Cover in Canada from 911gear.ca,here we sell silicone note page bands printed in YORK REGIONAL POLICE PEEL REGIONAL POLICE TRANSIT E...
Security Feed OPML
https://ift.tt/2Fk6TER
Submitted May 06, 2018 at 02:02PM by MrTouchHK
via reddit https://ift.tt/2KFK8iX
https://ift.tt/2Fk6TER
Submitted May 06, 2018 at 02:02PM by MrTouchHK
via reddit https://ift.tt/2KFK8iX
Pastebin
[XML] Infosec OPML - Pastebin.com
FDA provides regulatory guidance for SMART technology used in medical devices
https://ift.tt/2wjOCse
Submitted May 06, 2018 at 12:43PM by Iot_Security
via reddit https://ift.tt/2HUkTLI
https://ift.tt/2wjOCse
Submitted May 06, 2018 at 12:43PM by Iot_Security
via reddit https://ift.tt/2HUkTLI
reddit
r/security - FDA provides regulatory guidance for SMART technology used in medical devices
1 votes and 0 so far on reddit
"Your password is too weak". (funny)
https://twitter.com/cibercrimen/status/992796640368054272/photo/1
Submitted May 06, 2018 at 03:12PM by antdude
via reddit https://ift.tt/2rn9tpC
https://twitter.com/cibercrimen/status/992796640368054272/photo/1
Submitted May 06, 2018 at 03:12PM by antdude
via reddit https://ift.tt/2rn9tpC
Twitter
Andrés Velázquez
#Contraseñas
Any once else experienced this automatic sync warning with a Microsoft account? Denoscription in comments.
https://ift.tt/2HYC9f5
Submitted May 06, 2018 at 03:02PM by Bango-Fett
via reddit https://ift.tt/2jzXX6b
https://ift.tt/2HYC9f5
Submitted May 06, 2018 at 03:02PM by Bango-Fett
via reddit https://ift.tt/2jzXX6b
The most common vendor security control is also the most useless
https://ift.tt/2EB7545
Submitted May 06, 2018 at 05:54PM by Majortom80
via reddit https://ift.tt/2rsYLgK
https://ift.tt/2EB7545
Submitted May 06, 2018 at 05:54PM by Majortom80
via reddit https://ift.tt/2rsYLgK
Daniel Miessler
Third-party Questionnaires Are Security Theater
If you've been in InfoSec for a while you probably have significant experience with third-party security questionnaires. They're basically the new firewall. Everyone is asking everyone else if they have one. I've been troubled for years by the whole charade…
ShellPop - Generate Easy and Sophisticated Reverse or Bind Shell Commands for Penetration Tests
https://ift.tt/2wecj5d
Submitted May 06, 2018 at 07:59PM by TechLord2
via reddit https://ift.tt/2KFwhZV
https://ift.tt/2wecj5d
Submitted May 06, 2018 at 07:59PM by TechLord2
via reddit https://ift.tt/2KFwhZV
GitHub
0x00-0x00/ShellPop
ShellPop - Pop shells like a master.
Revoking read access to your passwords.
https://ift.tt/2rrenkD
Submitted May 07, 2018 at 12:01AM by jakehenri
via reddit https://ift.tt/2KIIaxU
https://ift.tt/2rrenkD
Submitted May 07, 2018 at 12:01AM by jakehenri
via reddit https://ift.tt/2KIIaxU
Medium
You don’t need read access to your passwords.
I run a small server that needs to be highly secure. I don’t have the luxury of a massive amount of free time.
Frida 11.0 is out with overhauled spawn() API and other goodies
https://ift.tt/2roCela
Submitted May 07, 2018 at 01:16AM by oleavr
via reddit https://ift.tt/2wifRDu
https://ift.tt/2roCela
Submitted May 07, 2018 at 01:16AM by oleavr
via reddit https://ift.tt/2wifRDu
Frida • A world-class dynamic instrumentation framework
Frida 11.0 Released
Inject JavaScript to explore native apps on Windows, macOS, GNU/Linux, iOS, Android, and QNX
I made a web extension to provide another 2FA possibility for websites - I would love any thoughts, technical and otherwise
The idea is pretty simple. You install this web extension and then when you go to a website that supports it (there are none yet, I just finished coding the extension), you can enter a secret in the web extension and on the site. Without this secret, you are denied access.Basically what it means is that if you set this up, the only people who will be able to access your account on supported websites is if they are on your device, using a browser with the web extension installed and the secret for the domain saved, or if they steal your secret.The project is at https://github.com/PalFed/2-FactorialTechnically how it works:You put the secret in the extension and on the site (different secrets per site)When you request a page, your browser sends two extra headers, one with a SHA256 hash, one with a saltThe website checks the hash and only allows access if it matches the same hash generated from the website's copy of the secret with the salt.I would love any thoughts as to whether this has value, how it could be improved or made more secure, where it might fail etc. etc. I mostly created it because I have been wanting to learn how to create web extensions, then I had this thought and ran with it!
Submitted May 07, 2018 at 04:52AM by lindymad
via reddit https://ift.tt/2winauX
The idea is pretty simple. You install this web extension and then when you go to a website that supports it (there are none yet, I just finished coding the extension), you can enter a secret in the web extension and on the site. Without this secret, you are denied access.Basically what it means is that if you set this up, the only people who will be able to access your account on supported websites is if they are on your device, using a browser with the web extension installed and the secret for the domain saved, or if they steal your secret.The project is at https://github.com/PalFed/2-FactorialTechnically how it works:You put the secret in the extension and on the site (different secrets per site)When you request a page, your browser sends two extra headers, one with a SHA256 hash, one with a saltThe website checks the hash and only allows access if it matches the same hash generated from the website's copy of the secret with the salt.I would love any thoughts as to whether this has value, how it could be improved or made more secure, where it might fail etc. etc. I mostly created it because I have been wanting to learn how to create web extensions, then I had this thought and ran with it!
Submitted May 07, 2018 at 04:52AM by lindymad
via reddit https://ift.tt/2winauX
GitHub
PalFed/2-Factorial
2-Factorial - 2 Factorial is a web extension to provide automated 2FA
The npm Blog — Reported malicious module: getcookies
https://ift.tt/2rgRDo6
Submitted May 07, 2018 at 07:15AM by shaunRiles
via reddit https://ift.tt/2HTJBvU
https://ift.tt/2rgRDo6
Submitted May 07, 2018 at 07:15AM by shaunRiles
via reddit https://ift.tt/2HTJBvU
The npm Blog
Reported malicious module: getcookies
Early May 2nd, the npm security team received and responded to reports of a package that masqueraded as a cookie parsing library but contained a malicious backdoor. The result of the investigation...