The US Is Unprepared for Election-Related Hacking in 2018
https://ift.tt/2jHXZJa
Submitted May 08, 2018 at 10:16PM by volci
via reddit https://ift.tt/2K54Rvj
https://ift.tt/2jHXZJa
Submitted May 08, 2018 at 10:16PM by volci
via reddit https://ift.tt/2K54Rvj
reddit
The US Is Unprepared for Election-Related Hacking in 2018 • r/security
1 points and 0 comments so far on reddit
NTLMv1 Multitool - Modifies NTLMv1/NTLMv1-ESS/MSCHAPv2 Hashes so they can be cracked with DES Mode 14000 in Hashcat
https://ift.tt/2FDRfUZ
Submitted May 08, 2018 at 10:58PM by TechLord2
via reddit https://ift.tt/2K0rSzt
https://ift.tt/2FDRfUZ
Submitted May 08, 2018 at 10:58PM by TechLord2
via reddit https://ift.tt/2K0rSzt
GitHub
evilmog/ntlmv1-multi
ntlmv1-multi - NTLMv1 Multitool
Any options like #VeraCrypt that don't require a GUI?
I love using VeraCrypt on various desktop systems I have.I'd like to be able to use it (or something like it) on headless devices - but it seems it requires a GUI to setup and run.What tools like it exist that are usable via the commandline?
Submitted May 08, 2018 at 11:02PM by volci
via reddit https://ift.tt/2FUWJv3
I love using VeraCrypt on various desktop systems I have.I'd like to be able to use it (or something like it) on headless devices - but it seems it requires a GUI to setup and run.What tools like it exist that are usable via the commandline?
Submitted May 08, 2018 at 11:02PM by volci
via reddit https://ift.tt/2FUWJv3
veracrypt.io
VeraCrypt - Free Open source disk encryption with strong security for the Paranoid
VeraCrypt is free open-source disk encryption software for Windows, Mac OS X and Linux. In case an attacker forces you to reveal the password, VeraCrypt provides plausible deniability. In contrast to file encryption, data encryption performed by VeraCrypt…
[Analysis + How-to] OffensiveSplunk vs Grep: Utilising Splunk on the Red Team!
https://ift.tt/2wkKLLz
Submitted May 08, 2018 at 11:59PM by vysec
via reddit https://ift.tt/2I1cjea
https://ift.tt/2wkKLLz
Submitted May 08, 2018 at 11:59PM by vysec
via reddit https://ift.tt/2I1cjea
Vincent Yiu
OffensiveSplunk vs. Grep
TLDR; Using Splunk for Offensive security data analysis has advantages over the traditional Grep when trifling through and analysing data. Why Splunk and not ELK? ELK is a fantastic open source project, and made even easier thanks to the HELK project by Cyb3rward0g.…
Hiding Metasploit Shellcode to Evade Windows Defender
https://ift.tt/2HMiKlv
Submitted May 09, 2018 at 12:27AM by PeterG45
via reddit https://ift.tt/2FW0f88
https://ift.tt/2HMiKlv
Submitted May 09, 2018 at 12:27AM by PeterG45
via reddit https://ift.tt/2FW0f88
Rapid7 Blog
Hiding Metasploit Shellcode to Evade Windows Defender
Being on the offensive side in the security field, I personally have a lot of respect for the researchers and engineers in the antivirus industry, and the companies dedicated to investing so much in them. If malware development is a cat-and-mouse game, then…
GDI Data-Only Attack from Win32k TypeIsolation Resurrected Again in Windows 10 RS3
https://ift.tt/2Ii1nZ1
Submitted May 09, 2018 at 12:26AM by PeterG45
via reddit https://ift.tt/2Iptky0
https://ift.tt/2Ii1nZ1
Submitted May 09, 2018 at 12:26AM by PeterG45
via reddit https://ift.tt/2Iptky0
reddit
GDI Data-Only Attack from Win32k TypeIsolation... • r/netsec
2 points and 0 comments so far on reddit
Android Things 1.0 launches, Google promises 3 years of updates for every device
https://ift.tt/2I1YKY3
Submitted May 09, 2018 at 12:48AM by DJRWolf
via reddit https://ift.tt/2rrmL4E
https://ift.tt/2I1YKY3
Submitted May 09, 2018 at 12:48AM by DJRWolf
via reddit https://ift.tt/2rrmL4E
Ars Technica
Android Things 1.0 launches, Google promises 3 years of updates for every device
Google's solution to IoT security is to do all the updates itself, for free.
Georgia Governor Nathan Deal has vetoed SB 315, the awful computer crime bill that would have threatened independent security research
https://ift.tt/2I3Rhrr
Submitted May 09, 2018 at 02:02AM by wouldshouldcouldhave
via reddit https://ift.tt/2I04NAf
https://ift.tt/2I3Rhrr
Submitted May 09, 2018 at 02:02AM by wouldshouldcouldhave
via reddit https://ift.tt/2I04NAf
gov.georgia.gov
Deal issues 2018 veto statements | Governor Nathan Deal Office of the Governor
Veto Number 1 - HB 354
Spurious #DB exceptions with the "POP SS" instruction (CVE-2018-8897)
https://ift.tt/2I6TgLu
Submitted May 09, 2018 at 01:42AM by 0xNemi
via reddit https://ift.tt/2wuUaQy
https://ift.tt/2I6TgLu
Submitted May 09, 2018 at 01:42AM by 0xNemi
via reddit https://ift.tt/2wuUaQy
www.triplefault.io
Spurious #DB exceptions with the "POP SS" instruction (CVE-2018-8897)
A blog about general reverse engineering, security research, poking around Windows internals, and messing with the Intel x86/AMD64 architecture.
May Patch Tuesday Fixes Two Bugs Under Active Attack | Threatpost
https://ift.tt/2rs98lA
Submitted May 09, 2018 at 02:18AM by LindseyOD123
via reddit https://ift.tt/2wuqoMa
https://ift.tt/2rs98lA
Submitted May 09, 2018 at 02:18AM by LindseyOD123
via reddit https://ift.tt/2wuqoMa
Threatpost | The first stop for security news
May Patch Tuesday Fixes Two Bugs Under Active Attack
Microsoft's May Patch Tuesday fixes include two critical remote code-execution vulnerabilities, both of which are under active attack.The most serious of the two is tied to a Windows 10 VBScript e
Sierra Wireless Patches Critical Vulns in Range of Wireless Routers | Threatpost
https://ift.tt/2jHcpcv
Submitted May 09, 2018 at 02:03AM by LindseyOD123
via reddit https://ift.tt/2KL7kw5
https://ift.tt/2jHcpcv
Submitted May 09, 2018 at 02:03AM by LindseyOD123
via reddit https://ift.tt/2KL7kw5
Threatpost | The first stop for security news
Sierra Wireless Patches Critical Vulns in Hundreds of Thousands of Wireless Routers
Sierra Wireless has patched two critical vulnerabilities for its range of wireless gateways that would leave the enterprise devices helpless to an array of remote threats, including the charms of the
Kuik: a simple yet annoying piece of adware
https://ift.tt/2ryaESC
Submitted May 09, 2018 at 02:52AM by EvanConover
via reddit https://ift.tt/2rsWEdl
https://ift.tt/2ryaESC
Submitted May 09, 2018 at 02:52AM by EvanConover
via reddit https://ift.tt/2rsWEdl
Malwarebytes Labs
Kuik: a simple yet annoying piece of adware - Malwarebytes Labs
Kuik adware, which forces affected machines to join a domain controller, is using this unusual technique to push Google Chrome extensions and coin miner applications. In this blog, we'll provide technical analysis of the adware and custom removal instructions.
Privilege Escalation Through AWS IAM Instance Profile Role
https://ift.tt/2FXkNNx
Submitted May 09, 2018 at 05:33AM by gauravphoenix
via reddit https://ift.tt/2K4wUec
https://ift.tt/2FXkNNx
Submitted May 09, 2018 at 05:33AM by gauravphoenix
via reddit https://ift.tt/2K4wUec
blog.redlock.io
RedTalk: Privilege Escalation Through IAM Instance Profile Role
In our new series, RedTalk, RedLock's CTO Gaurav Kumar explores what can happen during a privilege escalation attack to users with privileged AWS IAM account policies.
Xen Security Advisory CVE-2018-8897
https://ift.tt/2rvKoYH
Submitted May 09, 2018 at 05:09AM by Zolmeister1
via reddit https://ift.tt/2K6cz8e
https://ift.tt/2rvKoYH
Submitted May 09, 2018 at 05:09AM by Zolmeister1
via reddit https://ift.tt/2K6cz8e
reddit
r/netsec - Xen Security Advisory CVE-2018-8897
1 votes and 0 so far on reddit
Android OAT, VDEX, DEX, ART formats: How it works and how to use them with LIEF
https://ift.tt/2KP4XrU
Submitted May 09, 2018 at 07:14AM by str4k3
via reddit https://ift.tt/2jJjpFT
https://ift.tt/2KP4XrU
Submitted May 09, 2018 at 07:14AM by str4k3
via reddit https://ift.tt/2jJjpFT
Raptor School Check-in System Security?
Our school is installing this. Anyone visiting the school will have to scan their govt. issued ID card to visit. Raptor says they only scan the part that has name, DOB and part of the ID number, to compare to the national sex offender database. I find this hard to believe. Once scanned, wouldn't Raptor have ALL the info contained on the card in their database? Raptor says they don't sell to 3rd parties. What about the US govt. accessing info - what about this info being subpoena'd? I don't feel good about this system, a web-based system. I don't have a good understanding on all this, though. Any insight on this?
Submitted May 09, 2018 at 10:05AM by cat_fox
via reddit https://ift.tt/2FZGs7Q
Our school is installing this. Anyone visiting the school will have to scan their govt. issued ID card to visit. Raptor says they only scan the part that has name, DOB and part of the ID number, to compare to the national sex offender database. I find this hard to believe. Once scanned, wouldn't Raptor have ALL the info contained on the card in their database? Raptor says they don't sell to 3rd parties. What about the US govt. accessing info - what about this info being subpoena'd? I don't feel good about this system, a web-based system. I don't have a good understanding on all this, though. Any insight on this?
Submitted May 09, 2018 at 10:05AM by cat_fox
via reddit https://ift.tt/2FZGs7Q
reddit
Raptor School Check-in System Security? • r/security
Our school is installing this. Anyone visiting the school will have to scan their govt. issued ID card to visit. Raptor says they only scan the...
SIEM Management - High Level IT Security Management
https://ift.tt/2K2UEQ8
Submitted May 09, 2018 at 12:45PM by i_RobertJones
via reddit https://ift.tt/2rujjWU
https://ift.tt/2K2UEQ8
Submitted May 09, 2018 at 12:45PM by i_RobertJones
via reddit https://ift.tt/2rujjWU
Ciowhitepapersreview
5 Approaches to a Consistently Evolving Security Program
The difficulty and the expense of IT security can place a heavy burden on enterprises and their security teams. These approaches to a consistently evolving security program can help your security...
Hacker Shuts Down Copenhagen’s Public City Bikes System
https://ift.tt/2KPqkts
Submitted May 09, 2018 at 02:00PM by Iot_Security
via reddit https://ift.tt/2rxhwPV
https://ift.tt/2KPqkts
Submitted May 09, 2018 at 02:00PM by Iot_Security
via reddit https://ift.tt/2rxhwPV
BleepingComputer
Hacker Shuts Down Copenhagen’s Public City Bikes System
An unidentified hacker has breached Bycyklen —Copenhagen's city bikes network— and deleted the organization's entire database, disabling the public's access to bicycles over the weekend.
Every major OS maker misread Intel's docs. Now their kernels can be hijacked or crashed
https://ift.tt/2wqCndq
Submitted May 09, 2018 at 03:39PM by wfpoulet
via reddit https://ift.tt/2I712oJ
https://ift.tt/2wqCndq
Submitted May 09, 2018 at 03:39PM by wfpoulet
via reddit https://ift.tt/2I712oJ
www.theregister.co.uk
Every major OS maker misread Intel's docs. Now their kernels can be hijacked or crashed
Grab those patches while Chipzilla updates its manuals
POP SS Vulnerability - Spurious #DB exceptions with the "POP SS" instruction (CVE-2018-8897)
https://ift.tt/2IrtNjk
Submitted May 09, 2018 at 06:37PM by TechLord2
via reddit https://ift.tt/2rwgLr2
https://ift.tt/2IrtNjk
Submitted May 09, 2018 at 06:37PM by TechLord2
via reddit https://ift.tt/2rwgLr2
Security In 5: Episode 234 - Tips For Patch Management
https://ift.tt/2I71of2
Submitted May 09, 2018 at 06:40PM by BinaryBlog
via reddit https://ift.tt/2rvbm3N
https://ift.tt/2I71of2
Submitted May 09, 2018 at 06:40PM by BinaryBlog
via reddit https://ift.tt/2rvbm3N
Libsyn
Security In Five Podcast: Episode 234 - Tips For Patch Management
Patching your software and equipment is one of the most important functions in your environment and it's one of the most time consuming. Missing patches can expose great risk to your company and data, past breaches show this time and time again. This episode…