Baltimore Police Can't Explain Why Their All-Seeing Spy Planes Were Kept Secret
https://ift.tt/2bYI33a
Submitted May 12, 2018 at 04:12AM by dengorilla1
via reddit https://ift.tt/2IhdJgK
https://ift.tt/2bYI33a
Submitted May 12, 2018 at 04:12AM by dengorilla1
via reddit https://ift.tt/2IhdJgK
Motherboard
Baltimore Police Can't Explain Why Their All-Seeing Spy Planes Were Kept Secret
Baltimore has had “Google Earth With TiVo capability” since January, but avoided public scrutiny thanks to a private donation from two Texas billionaires.
CVE-2018-1000136 - Electron nodeIntegration Bypass (RCE)
https://ift.tt/2Icnm0h
Submitted May 12, 2018 at 07:44AM by Gallus
via reddit https://ift.tt/2Ictgyt
https://ift.tt/2Icnm0h
Submitted May 12, 2018 at 07:44AM by Gallus
via reddit https://ift.tt/2Ictgyt
Trustwave
CVE-2018-1000136 - Electron nodeIntegration Bypass
A few weeks ago, I came across a vulnerability that affected all current versions of Electron at the time (
Google Duplex Abuse
With all great technology comes the dark side. The demo was pretty impressive but I could imagine this being used for mass scale nefarious activities. A call spammer was just slapped with a big fine for a pretty simple recorded message. Imagine the level of sophistication these attacks could now leverage using something like Duplex for their robo calls.Google mentioned they would have a notification system to ensure the receiver knows the call is being recorded and their interacting with AI but if this becomes adopted for consumer services most people will become numb to that warning.Thoughts? :)
Submitted May 12, 2018 at 06:19AM by mactalker
via reddit https://ift.tt/2IfJvLa
With all great technology comes the dark side. The demo was pretty impressive but I could imagine this being used for mass scale nefarious activities. A call spammer was just slapped with a big fine for a pretty simple recorded message. Imagine the level of sophistication these attacks could now leverage using something like Duplex for their robo calls.Google mentioned they would have a notification system to ensure the receiver knows the call is being recorded and their interacting with AI but if this becomes adopted for consumer services most people will become numb to that warning.Thoughts? :)
Submitted May 12, 2018 at 06:19AM by mactalker
via reddit https://ift.tt/2IfJvLa
reddit
Google Duplex Abuse • r/security
With all great technology comes the dark side. The demo was pretty impressive but I could imagine this being used for mass scale nefarious...
Disclosing a security issue to the public
A major hosting company has a security issue that, in certain circumstances, leaves it's customer's data on it's filesystem even after the data should have been deleted. I found a way to access that "deleted" data, by mistake. I reported the issue via email, but considering the "we don't keep the data" answer, I guess that my report was not taken seriously. Should I keep bugging them or just make the issue public?
Submitted May 12, 2018 at 12:01PM by sorin-mihai
via reddit https://ift.tt/2IbLxzQ
A major hosting company has a security issue that, in certain circumstances, leaves it's customer's data on it's filesystem even after the data should have been deleted. I found a way to access that "deleted" data, by mistake. I reported the issue via email, but considering the "we don't keep the data" answer, I guess that my report was not taken seriously. Should I keep bugging them or just make the issue public?
Submitted May 12, 2018 at 12:01PM by sorin-mihai
via reddit https://ift.tt/2IbLxzQ
reddit
r/security - Disclosing a security issue to the public
1 votes and 0 so far on reddit
CVE-2018-1000136 - Electron nodeIntegration Bypass
https://ift.tt/2Icnm0h
Submitted May 12, 2018 at 04:41PM by glumaproasta
via reddit https://ift.tt/2IxHnBN
https://ift.tt/2Icnm0h
Submitted May 12, 2018 at 04:41PM by glumaproasta
via reddit https://ift.tt/2IxHnBN
Trustwave
CVE-2018-1000136 - Electron nodeIntegration Bypass
A few weeks ago, I came across a vulnerability that affected all current versions of Electron at the time (
Edward Snowden: WikiLeaks document dump on CIA hacking capability 'looks authentic'
https://ift.tt/2lUmZLN
Submitted May 12, 2018 at 10:26PM by dengorilla1
via reddit https://ift.tt/2rF5Pqm
https://ift.tt/2lUmZLN
Submitted May 12, 2018 at 10:26PM by dengorilla1
via reddit https://ift.tt/2rF5Pqm
Washington Examiner
Edward Snowden: WikiLeaks document dump on CIA hacking capability 'looks authentic'
Former NSA contractor Edward Snowden said on Tuesday that the WikiLeaks dump of what it claims to be more than 8,700 documents from the CIA's Center for Cyber Intelligence "looks authentic" and "is genuinely a big deal."
Vega Stealer Malware Takes Aim at Chrome, Firefox
https://ift.tt/2rCK6QI
Submitted May 13, 2018 at 12:33AM by volci
via reddit https://ift.tt/2KX7pgq
https://ift.tt/2rCK6QI
Submitted May 13, 2018 at 12:33AM by volci
via reddit https://ift.tt/2KX7pgq
Threatpost | The first stop for security news
Vega Stealer Malware Takes Aim at Chrome, Firefox
A malware dubbed Vega Stealer has been uncovered, looking to make off with saved credentials and credit-card information in the Chrome and Firefox browsers. While it's a simple payload for now, resear
Malware Found In The Ubuntu Snap Store
https://ift.tt/2Gb6PaV
Submitted May 13, 2018 at 04:15AM by Chris911
via reddit https://ift.tt/2KSJLkV
https://ift.tt/2Gb6PaV
Submitted May 13, 2018 at 04:15AM by Chris911
via reddit https://ift.tt/2KSJLkV
Linux Uprising Blog
Malware Found In The Ubuntu Snap Store
Oh, snap! Just because some packages are available to install directly from the Ubuntu Software Center doesn't make them safe. This is proved by a recent discovery of malware in some snap packages from the Ubuntu Snaps Store.
Backdooring with Metadata (Applicable to Linux, FreeBSD, Oracle Solaris, macOS etc.)
https://ift.tt/2IeFaaV
Submitted May 13, 2018 at 07:49AM by ikotler
via reddit https://ift.tt/2rEcQJ3
https://ift.tt/2IeFaaV
Submitted May 13, 2018 at 07:49AM by ikotler
via reddit https://ift.tt/2rEcQJ3
Sex toy inventor hacks Amazon Echo smart speaker to create dominatrix
https://dailym.ai/2I2JNc7
Submitted May 13, 2018 at 11:58AM by Iot_Security
via reddit https://ift.tt/2jQzMR0
https://dailym.ai/2I2JNc7
Submitted May 13, 2018 at 11:58AM by Iot_Security
via reddit https://ift.tt/2jQzMR0
Mail Online
Alexa, punish! Sex toy inventor hacks Amazon Echo
A British engineer based in Milton Keynes has used an Amazon speaker to build a device that issues electric shocks to its wearer's genitals following a short conversation with the device.
PRB-Backdoor - A Fully Loaded PowerShell Backdoor with Evil Intentions - A Study
https://ift.tt/2Kjljbr
Submitted May 13, 2018 at 11:04AM by Prav123
via reddit https://ift.tt/2Kj2R2E
https://ift.tt/2Kjljbr
Submitted May 13, 2018 at 11:04AM by Prav123
via reddit https://ift.tt/2Kj2R2E
sec0wn.blogspot.co.uk
PRB-Backdoor - A Fully Loaded PowerShell Backdoor with Evil Intentions
INTRODUCTION The great people at ClearSky reached out to me a couple of days ago regarding a sample that they suspected could be related...
The untold story of a 17 year old kid fighting for his innocence with Facebook (2009)
https://ift.tt/2rDnlfD
Submitted May 13, 2018 at 03:58PM by itsmemikeyy
via reddit https://ift.tt/2wDr41x
https://ift.tt/2rDnlfD
Submitted May 13, 2018 at 03:58PM by itsmemikeyy
via reddit https://ift.tt/2wDr41x
Bugs in Logitech Harmony Hub Put Connected IoT Devices at 'High Risk'
https://ift.tt/2wq36qH
Submitted May 13, 2018 at 03:24PM by Iot_Security
via reddit https://ift.tt/2Ifsc13
https://ift.tt/2wq36qH
Submitted May 13, 2018 at 03:24PM by Iot_Security
via reddit https://ift.tt/2Ifsc13
Threatpost | The first stop for security news
Bugs in Logitech Harmony Hub Put Connected IoT Devices at ‘High Risk’
Vulnerabilities found in the Logitech Harmony Hub can give adversaries root access to the device – allowing attackers to control other smart home devices linked to it, such as smart locks and connec
Weak Security and Vulnerabilities in the Portuguese Government's Authentication System
https://ift.tt/2GcQgeW
Submitted May 13, 2018 at 10:18PM by Kitty_Cent
via reddit https://ift.tt/2IEQAZg
https://ift.tt/2GcQgeW
Submitted May 13, 2018 at 10:18PM by Kitty_Cent
via reddit https://ift.tt/2IEQAZg
The Codeumentary
The Weak Security Of The Portuguese Government's Authentication System
The weak security of Autenticacao.gov.pt and Chave Movel Digital. This is part one of a series of blog posts that explores the weak security and various vulnerabilities found in the Portuguese Government's secure authenticate system.
“Client-Side” CSRF
https://ift.tt/2IiffPU
Submitted May 14, 2018 at 01:24PM by albinowax
via reddit https://ift.tt/2L0es7N
https://ift.tt/2IiffPU
Submitted May 14, 2018 at 01:24PM by albinowax
via reddit https://ift.tt/2L0es7N
EFF: Attention PGP Users: New Vulnerabilities Require You To Take Action Now
https://ift.tt/2Ge66G4
Submitted May 14, 2018 at 11:50AM by kevinday
via reddit https://ift.tt/2IGMa4c
https://ift.tt/2Ge66G4
Submitted May 14, 2018 at 11:50AM by kevinday
via reddit https://ift.tt/2IGMa4c
Electronic Frontier Foundation
Attention PGP Users: New Vulnerabilities Require You To Take Action Now
A group of European security researchers have released a warning about a set of vulnerabilities affecting users of PGP and S/MIME. EFF has been in communication with the research team, and can confirm that these vulnerabilities pose an immediate risk to those…
aws_public_ips - fetch all public IP addresses tied to your AWS account
https://ift.tt/2KXCBfq
Submitted May 14, 2018 at 10:33AM by arkadiyt
via reddit https://ift.tt/2KZEyIn
https://ift.tt/2KXCBfq
Submitted May 14, 2018 at 10:33AM by arkadiyt
via reddit https://ift.tt/2KZEyIn
GitHub
arkadiyt/aws_public_ips
aws_public_ips - Fetch all public IP addresses tied to your AWS account. Works with IPv4/IPv6, Classic/VPC networking, and across all AWS services
Google under investigation for using Android phone data to secretly track users
https://ift.tt/2GaQhQJ
Submitted May 14, 2018 at 10:32AM by FollowSteph
via reddit https://ift.tt/2Ge05cs
https://ift.tt/2GaQhQJ
Submitted May 14, 2018 at 10:32AM by FollowSteph
via reddit https://ift.tt/2Ge05cs
reddit
r/netsec - Google under investigation for using Android phone data to secretly track users
18 votes and 0 so far on reddit
Any way to get a phone number by using social accounts?
I've been trying to contact my sister for 4 weeks and now I am worried about her. She lives in another town and apparently she changed her number. The only contacts that I've got are her Facebook and Instagram accounts, but she wasn't online this month either. Can I somehow get her new number by using social accounts? I would like to know some free and fast services or websites for this, if it's possible.
Submitted May 14, 2018 at 03:03PM by Nicholas_Tudeski
via reddit https://ift.tt/2rHL65p
I've been trying to contact my sister for 4 weeks and now I am worried about her. She lives in another town and apparently she changed her number. The only contacts that I've got are her Facebook and Instagram accounts, but she wasn't online this month either. Can I somehow get her new number by using social accounts? I would like to know some free and fast services or websites for this, if it's possible.
Submitted May 14, 2018 at 03:03PM by Nicholas_Tudeski
via reddit https://ift.tt/2rHL65p
reddit
Any way to get a phone number by using social accounts? • r/security
I've been trying to contact my sister for 4 weeks and now I am worried about her. She lives in another town and apparently she changed her number....
Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels [Paper and Blog Article]
https://ift.tt/2IjxoNh
Submitted May 14, 2018 at 03:52PM by Prav123
via reddit https://ift.tt/2jSFQZ0
https://ift.tt/2IjxoNh
Submitted May 14, 2018 at 03:52PM by Prav123
via reddit https://ift.tt/2jSFQZ0
Arbitrary Code Execution at Ring 0 using CVE-2018-8897
https://ift.tt/2IjUGTg
Submitted May 14, 2018 at 05:15PM by 6793746895F62C0E447A
via reddit https://ift.tt/2rFUd6I
https://ift.tt/2IjUGTg
Submitted May 14, 2018 at 05:15PM by 6793746895F62C0E447A
via reddit https://ift.tt/2rFUd6I