CVE-2018-1000136 - Electron nodeIntegration Bypass
https://ift.tt/2Icnm0h
Submitted May 12, 2018 at 04:41PM by glumaproasta
via reddit https://ift.tt/2IxHnBN
https://ift.tt/2Icnm0h
Submitted May 12, 2018 at 04:41PM by glumaproasta
via reddit https://ift.tt/2IxHnBN
Trustwave
CVE-2018-1000136 - Electron nodeIntegration Bypass
A few weeks ago, I came across a vulnerability that affected all current versions of Electron at the time (
Edward Snowden: WikiLeaks document dump on CIA hacking capability 'looks authentic'
https://ift.tt/2lUmZLN
Submitted May 12, 2018 at 10:26PM by dengorilla1
via reddit https://ift.tt/2rF5Pqm
https://ift.tt/2lUmZLN
Submitted May 12, 2018 at 10:26PM by dengorilla1
via reddit https://ift.tt/2rF5Pqm
Washington Examiner
Edward Snowden: WikiLeaks document dump on CIA hacking capability 'looks authentic'
Former NSA contractor Edward Snowden said on Tuesday that the WikiLeaks dump of what it claims to be more than 8,700 documents from the CIA's Center for Cyber Intelligence "looks authentic" and "is genuinely a big deal."
Vega Stealer Malware Takes Aim at Chrome, Firefox
https://ift.tt/2rCK6QI
Submitted May 13, 2018 at 12:33AM by volci
via reddit https://ift.tt/2KX7pgq
https://ift.tt/2rCK6QI
Submitted May 13, 2018 at 12:33AM by volci
via reddit https://ift.tt/2KX7pgq
Threatpost | The first stop for security news
Vega Stealer Malware Takes Aim at Chrome, Firefox
A malware dubbed Vega Stealer has been uncovered, looking to make off with saved credentials and credit-card information in the Chrome and Firefox browsers. While it's a simple payload for now, resear
Malware Found In The Ubuntu Snap Store
https://ift.tt/2Gb6PaV
Submitted May 13, 2018 at 04:15AM by Chris911
via reddit https://ift.tt/2KSJLkV
https://ift.tt/2Gb6PaV
Submitted May 13, 2018 at 04:15AM by Chris911
via reddit https://ift.tt/2KSJLkV
Linux Uprising Blog
Malware Found In The Ubuntu Snap Store
Oh, snap! Just because some packages are available to install directly from the Ubuntu Software Center doesn't make them safe. This is proved by a recent discovery of malware in some snap packages from the Ubuntu Snaps Store.
Backdooring with Metadata (Applicable to Linux, FreeBSD, Oracle Solaris, macOS etc.)
https://ift.tt/2IeFaaV
Submitted May 13, 2018 at 07:49AM by ikotler
via reddit https://ift.tt/2rEcQJ3
https://ift.tt/2IeFaaV
Submitted May 13, 2018 at 07:49AM by ikotler
via reddit https://ift.tt/2rEcQJ3
Sex toy inventor hacks Amazon Echo smart speaker to create dominatrix
https://dailym.ai/2I2JNc7
Submitted May 13, 2018 at 11:58AM by Iot_Security
via reddit https://ift.tt/2jQzMR0
https://dailym.ai/2I2JNc7
Submitted May 13, 2018 at 11:58AM by Iot_Security
via reddit https://ift.tt/2jQzMR0
Mail Online
Alexa, punish! Sex toy inventor hacks Amazon Echo
A British engineer based in Milton Keynes has used an Amazon speaker to build a device that issues electric shocks to its wearer's genitals following a short conversation with the device.
PRB-Backdoor - A Fully Loaded PowerShell Backdoor with Evil Intentions - A Study
https://ift.tt/2Kjljbr
Submitted May 13, 2018 at 11:04AM by Prav123
via reddit https://ift.tt/2Kj2R2E
https://ift.tt/2Kjljbr
Submitted May 13, 2018 at 11:04AM by Prav123
via reddit https://ift.tt/2Kj2R2E
sec0wn.blogspot.co.uk
PRB-Backdoor - A Fully Loaded PowerShell Backdoor with Evil Intentions
INTRODUCTION The great people at ClearSky reached out to me a couple of days ago regarding a sample that they suspected could be related...
The untold story of a 17 year old kid fighting for his innocence with Facebook (2009)
https://ift.tt/2rDnlfD
Submitted May 13, 2018 at 03:58PM by itsmemikeyy
via reddit https://ift.tt/2wDr41x
https://ift.tt/2rDnlfD
Submitted May 13, 2018 at 03:58PM by itsmemikeyy
via reddit https://ift.tt/2wDr41x
Bugs in Logitech Harmony Hub Put Connected IoT Devices at 'High Risk'
https://ift.tt/2wq36qH
Submitted May 13, 2018 at 03:24PM by Iot_Security
via reddit https://ift.tt/2Ifsc13
https://ift.tt/2wq36qH
Submitted May 13, 2018 at 03:24PM by Iot_Security
via reddit https://ift.tt/2Ifsc13
Threatpost | The first stop for security news
Bugs in Logitech Harmony Hub Put Connected IoT Devices at ‘High Risk’
Vulnerabilities found in the Logitech Harmony Hub can give adversaries root access to the device – allowing attackers to control other smart home devices linked to it, such as smart locks and connec
Weak Security and Vulnerabilities in the Portuguese Government's Authentication System
https://ift.tt/2GcQgeW
Submitted May 13, 2018 at 10:18PM by Kitty_Cent
via reddit https://ift.tt/2IEQAZg
https://ift.tt/2GcQgeW
Submitted May 13, 2018 at 10:18PM by Kitty_Cent
via reddit https://ift.tt/2IEQAZg
The Codeumentary
The Weak Security Of The Portuguese Government's Authentication System
The weak security of Autenticacao.gov.pt and Chave Movel Digital. This is part one of a series of blog posts that explores the weak security and various vulnerabilities found in the Portuguese Government's secure authenticate system.
“Client-Side” CSRF
https://ift.tt/2IiffPU
Submitted May 14, 2018 at 01:24PM by albinowax
via reddit https://ift.tt/2L0es7N
https://ift.tt/2IiffPU
Submitted May 14, 2018 at 01:24PM by albinowax
via reddit https://ift.tt/2L0es7N
EFF: Attention PGP Users: New Vulnerabilities Require You To Take Action Now
https://ift.tt/2Ge66G4
Submitted May 14, 2018 at 11:50AM by kevinday
via reddit https://ift.tt/2IGMa4c
https://ift.tt/2Ge66G4
Submitted May 14, 2018 at 11:50AM by kevinday
via reddit https://ift.tt/2IGMa4c
Electronic Frontier Foundation
Attention PGP Users: New Vulnerabilities Require You To Take Action Now
A group of European security researchers have released a warning about a set of vulnerabilities affecting users of PGP and S/MIME. EFF has been in communication with the research team, and can confirm that these vulnerabilities pose an immediate risk to those…
aws_public_ips - fetch all public IP addresses tied to your AWS account
https://ift.tt/2KXCBfq
Submitted May 14, 2018 at 10:33AM by arkadiyt
via reddit https://ift.tt/2KZEyIn
https://ift.tt/2KXCBfq
Submitted May 14, 2018 at 10:33AM by arkadiyt
via reddit https://ift.tt/2KZEyIn
GitHub
arkadiyt/aws_public_ips
aws_public_ips - Fetch all public IP addresses tied to your AWS account. Works with IPv4/IPv6, Classic/VPC networking, and across all AWS services
Google under investigation for using Android phone data to secretly track users
https://ift.tt/2GaQhQJ
Submitted May 14, 2018 at 10:32AM by FollowSteph
via reddit https://ift.tt/2Ge05cs
https://ift.tt/2GaQhQJ
Submitted May 14, 2018 at 10:32AM by FollowSteph
via reddit https://ift.tt/2Ge05cs
reddit
r/netsec - Google under investigation for using Android phone data to secretly track users
18 votes and 0 so far on reddit
Any way to get a phone number by using social accounts?
I've been trying to contact my sister for 4 weeks and now I am worried about her. She lives in another town and apparently she changed her number. The only contacts that I've got are her Facebook and Instagram accounts, but she wasn't online this month either. Can I somehow get her new number by using social accounts? I would like to know some free and fast services or websites for this, if it's possible.
Submitted May 14, 2018 at 03:03PM by Nicholas_Tudeski
via reddit https://ift.tt/2rHL65p
I've been trying to contact my sister for 4 weeks and now I am worried about her. She lives in another town and apparently she changed her number. The only contacts that I've got are her Facebook and Instagram accounts, but she wasn't online this month either. Can I somehow get her new number by using social accounts? I would like to know some free and fast services or websites for this, if it's possible.
Submitted May 14, 2018 at 03:03PM by Nicholas_Tudeski
via reddit https://ift.tt/2rHL65p
reddit
Any way to get a phone number by using social accounts? • r/security
I've been trying to contact my sister for 4 weeks and now I am worried about her. She lives in another town and apparently she changed her number....
Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels [Paper and Blog Article]
https://ift.tt/2IjxoNh
Submitted May 14, 2018 at 03:52PM by Prav123
via reddit https://ift.tt/2jSFQZ0
https://ift.tt/2IjxoNh
Submitted May 14, 2018 at 03:52PM by Prav123
via reddit https://ift.tt/2jSFQZ0
Arbitrary Code Execution at Ring 0 using CVE-2018-8897
https://ift.tt/2IjUGTg
Submitted May 14, 2018 at 05:15PM by 6793746895F62C0E447A
via reddit https://ift.tt/2rFUd6I
https://ift.tt/2IjUGTg
Submitted May 14, 2018 at 05:15PM by 6793746895F62C0E447A
via reddit https://ift.tt/2rFUd6I
IBM bans all removable storage, for all staff, everywhere
https://ift.tt/2jJSYQb
Submitted May 14, 2018 at 05:35PM by speckz
via reddit https://ift.tt/2GcYnba
https://ift.tt/2jJSYQb
Submitted May 14, 2018 at 05:35PM by speckz
via reddit https://ift.tt/2GcYnba
www.theregister.co.uk
IBM bans all removable storage, for all staff, everywhere
Risk of ‘financial and reputational damage’ is too high, says CISO
EFAIL: vulnerability in email encryption
https://efail.de/
Submitted May 14, 2018 at 05:03PM by cym13
via reddit https://ift.tt/2KXVCyp
https://efail.de/
Submitted May 14, 2018 at 05:03PM by cym13
via reddit https://ift.tt/2KXVCyp
reddit
r/security - EFAIL: vulnerability in email encryption
5 votes and 3 so far on reddit
File level encryption and full disc encryption?
I'm thinking about employing some encryption on a set of some files. I already have a HDD that is full disc encrypted, a virtual drive encryption on another HDD, and utilized zip files ability to encrypt at file level.I've read this postTowards the end, someone suggested doing both file level and full disc encryption. Is this a little OTT? And if not, why would someone use both?
Submitted May 14, 2018 at 04:31PM by reddit_user33
via reddit https://ift.tt/2jZrJl3
I'm thinking about employing some encryption on a set of some files. I already have a HDD that is full disc encrypted, a virtual drive encryption on another HDD, and utilized zip files ability to encrypt at file level.I've read this postTowards the end, someone suggested doing both file level and full disc encryption. Is this a little OTT? And if not, why would someone use both?
Submitted May 14, 2018 at 04:31PM by reddit_user33
via reddit https://ift.tt/2jZrJl3
The Spiceworks Community
encrypt folders on Windows file server?
Our biggest client is now requiring that we ensure that their data is encrypted while stored. Currently the data is stored in a shared folder on Windows 2008 R2 file server.This...
Cracking Java’s RNG for CSRF: Javax Faces and Why CSRF Token Randomness Matters
https://ift.tt/2rIDZtp
Submitted May 14, 2018 at 06:49PM by rramgattie
via reddit https://ift.tt/2L2Skto
https://ift.tt/2rIDZtp
Submitted May 14, 2018 at 06:49PM by rramgattie
via reddit https://ift.tt/2L2Skto
Independent Security Evaluators
Cracking Java’s RNG for CSRF – Independent Security Evaluators
Javax Faces and Why CSRF Token Randomness Matters