The untold story of a 17 year old kid fighting for his innocence with Facebook (2009)
https://ift.tt/2rDnlfD
Submitted May 13, 2018 at 03:58PM by itsmemikeyy
via reddit https://ift.tt/2wDr41x
https://ift.tt/2rDnlfD
Submitted May 13, 2018 at 03:58PM by itsmemikeyy
via reddit https://ift.tt/2wDr41x
Bugs in Logitech Harmony Hub Put Connected IoT Devices at 'High Risk'
https://ift.tt/2wq36qH
Submitted May 13, 2018 at 03:24PM by Iot_Security
via reddit https://ift.tt/2Ifsc13
https://ift.tt/2wq36qH
Submitted May 13, 2018 at 03:24PM by Iot_Security
via reddit https://ift.tt/2Ifsc13
Threatpost | The first stop for security news
Bugs in Logitech Harmony Hub Put Connected IoT Devices at ‘High Risk’
Vulnerabilities found in the Logitech Harmony Hub can give adversaries root access to the device – allowing attackers to control other smart home devices linked to it, such as smart locks and connec
Weak Security and Vulnerabilities in the Portuguese Government's Authentication System
https://ift.tt/2GcQgeW
Submitted May 13, 2018 at 10:18PM by Kitty_Cent
via reddit https://ift.tt/2IEQAZg
https://ift.tt/2GcQgeW
Submitted May 13, 2018 at 10:18PM by Kitty_Cent
via reddit https://ift.tt/2IEQAZg
The Codeumentary
The Weak Security Of The Portuguese Government's Authentication System
The weak security of Autenticacao.gov.pt and Chave Movel Digital. This is part one of a series of blog posts that explores the weak security and various vulnerabilities found in the Portuguese Government's secure authenticate system.
“Client-Side” CSRF
https://ift.tt/2IiffPU
Submitted May 14, 2018 at 01:24PM by albinowax
via reddit https://ift.tt/2L0es7N
https://ift.tt/2IiffPU
Submitted May 14, 2018 at 01:24PM by albinowax
via reddit https://ift.tt/2L0es7N
EFF: Attention PGP Users: New Vulnerabilities Require You To Take Action Now
https://ift.tt/2Ge66G4
Submitted May 14, 2018 at 11:50AM by kevinday
via reddit https://ift.tt/2IGMa4c
https://ift.tt/2Ge66G4
Submitted May 14, 2018 at 11:50AM by kevinday
via reddit https://ift.tt/2IGMa4c
Electronic Frontier Foundation
Attention PGP Users: New Vulnerabilities Require You To Take Action Now
A group of European security researchers have released a warning about a set of vulnerabilities affecting users of PGP and S/MIME. EFF has been in communication with the research team, and can confirm that these vulnerabilities pose an immediate risk to those…
aws_public_ips - fetch all public IP addresses tied to your AWS account
https://ift.tt/2KXCBfq
Submitted May 14, 2018 at 10:33AM by arkadiyt
via reddit https://ift.tt/2KZEyIn
https://ift.tt/2KXCBfq
Submitted May 14, 2018 at 10:33AM by arkadiyt
via reddit https://ift.tt/2KZEyIn
GitHub
arkadiyt/aws_public_ips
aws_public_ips - Fetch all public IP addresses tied to your AWS account. Works with IPv4/IPv6, Classic/VPC networking, and across all AWS services
Google under investigation for using Android phone data to secretly track users
https://ift.tt/2GaQhQJ
Submitted May 14, 2018 at 10:32AM by FollowSteph
via reddit https://ift.tt/2Ge05cs
https://ift.tt/2GaQhQJ
Submitted May 14, 2018 at 10:32AM by FollowSteph
via reddit https://ift.tt/2Ge05cs
reddit
r/netsec - Google under investigation for using Android phone data to secretly track users
18 votes and 0 so far on reddit
Any way to get a phone number by using social accounts?
I've been trying to contact my sister for 4 weeks and now I am worried about her. She lives in another town and apparently she changed her number. The only contacts that I've got are her Facebook and Instagram accounts, but she wasn't online this month either. Can I somehow get her new number by using social accounts? I would like to know some free and fast services or websites for this, if it's possible.
Submitted May 14, 2018 at 03:03PM by Nicholas_Tudeski
via reddit https://ift.tt/2rHL65p
I've been trying to contact my sister for 4 weeks and now I am worried about her. She lives in another town and apparently she changed her number. The only contacts that I've got are her Facebook and Instagram accounts, but she wasn't online this month either. Can I somehow get her new number by using social accounts? I would like to know some free and fast services or websites for this, if it's possible.
Submitted May 14, 2018 at 03:03PM by Nicholas_Tudeski
via reddit https://ift.tt/2rHL65p
reddit
Any way to get a phone number by using social accounts? • r/security
I've been trying to contact my sister for 4 weeks and now I am worried about her. She lives in another town and apparently she changed her number....
Efail: Breaking S/MIME and OpenPGP Email Encryption using Exfiltration Channels [Paper and Blog Article]
https://ift.tt/2IjxoNh
Submitted May 14, 2018 at 03:52PM by Prav123
via reddit https://ift.tt/2jSFQZ0
https://ift.tt/2IjxoNh
Submitted May 14, 2018 at 03:52PM by Prav123
via reddit https://ift.tt/2jSFQZ0
Arbitrary Code Execution at Ring 0 using CVE-2018-8897
https://ift.tt/2IjUGTg
Submitted May 14, 2018 at 05:15PM by 6793746895F62C0E447A
via reddit https://ift.tt/2rFUd6I
https://ift.tt/2IjUGTg
Submitted May 14, 2018 at 05:15PM by 6793746895F62C0E447A
via reddit https://ift.tt/2rFUd6I
IBM bans all removable storage, for all staff, everywhere
https://ift.tt/2jJSYQb
Submitted May 14, 2018 at 05:35PM by speckz
via reddit https://ift.tt/2GcYnba
https://ift.tt/2jJSYQb
Submitted May 14, 2018 at 05:35PM by speckz
via reddit https://ift.tt/2GcYnba
www.theregister.co.uk
IBM bans all removable storage, for all staff, everywhere
Risk of ‘financial and reputational damage’ is too high, says CISO
EFAIL: vulnerability in email encryption
https://efail.de/
Submitted May 14, 2018 at 05:03PM by cym13
via reddit https://ift.tt/2KXVCyp
https://efail.de/
Submitted May 14, 2018 at 05:03PM by cym13
via reddit https://ift.tt/2KXVCyp
reddit
r/security - EFAIL: vulnerability in email encryption
5 votes and 3 so far on reddit
File level encryption and full disc encryption?
I'm thinking about employing some encryption on a set of some files. I already have a HDD that is full disc encrypted, a virtual drive encryption on another HDD, and utilized zip files ability to encrypt at file level.I've read this postTowards the end, someone suggested doing both file level and full disc encryption. Is this a little OTT? And if not, why would someone use both?
Submitted May 14, 2018 at 04:31PM by reddit_user33
via reddit https://ift.tt/2jZrJl3
I'm thinking about employing some encryption on a set of some files. I already have a HDD that is full disc encrypted, a virtual drive encryption on another HDD, and utilized zip files ability to encrypt at file level.I've read this postTowards the end, someone suggested doing both file level and full disc encryption. Is this a little OTT? And if not, why would someone use both?
Submitted May 14, 2018 at 04:31PM by reddit_user33
via reddit https://ift.tt/2jZrJl3
The Spiceworks Community
encrypt folders on Windows file server?
Our biggest client is now requiring that we ensure that their data is encrypted while stored. Currently the data is stored in a shared folder on Windows 2008 R2 file server.This...
Cracking Java’s RNG for CSRF: Javax Faces and Why CSRF Token Randomness Matters
https://ift.tt/2rIDZtp
Submitted May 14, 2018 at 06:49PM by rramgattie
via reddit https://ift.tt/2L2Skto
https://ift.tt/2rIDZtp
Submitted May 14, 2018 at 06:49PM by rramgattie
via reddit https://ift.tt/2L2Skto
Independent Security Evaluators
Cracking Java’s RNG for CSRF – Independent Security Evaluators
Javax Faces and Why CSRF Token Randomness Matters
Facebook has funds frozen in Brazil in another WhatsApp encrypted data dispute
https://ift.tt/29lb2LM
Submitted May 14, 2018 at 07:12PM by dengorilla1
via reddit https://ift.tt/2rG0bW3
https://ift.tt/29lb2LM
Submitted May 14, 2018 at 07:12PM by dengorilla1
via reddit https://ift.tt/2rG0bW3
TechCrunch
Facebook has funds frozen in Brazil in another WhatsApp encrypted data dispute
Around $6 million in Facebook’s Brazilian bank account has been frozen on court order in another dispute about encrypted data involving local police authorities and Facebook-owned messaging a…
Security In 5: Episode 237 - The Challenges Of PCI Compliance
https://ift.tt/2wEslFN
Submitted May 14, 2018 at 06:55PM by BinaryBlog
via reddit https://ift.tt/2KY7lwV
https://ift.tt/2wEslFN
Submitted May 14, 2018 at 06:55PM by BinaryBlog
via reddit https://ift.tt/2KY7lwV
Libsyn
Security In Five Podcast: Episode 237 - The Challenges Of PCI Compliance
The PCI regulation is one of the more security demanding regulations and it is also carries the heaviest penalties. This episode goes into the high level challenges that you need to do to prepare and maintain your environment to comply to PCI. Be aware…
Write-up by the researcher who discovered XSS in WordPress 4.8
https://ift.tt/2KYyEa4
Submitted May 14, 2018 at 08:07PM by ded1cated
via reddit https://ift.tt/2Ggbf0i
https://ift.tt/2KYyEa4
Submitted May 14, 2018 at 08:07PM by ded1cated
via reddit https://ift.tt/2Ggbf0i
WebARX
Cross-Site Scripting (XSS) in Wordpress 4.8
During our security researchers, Luka research on latest WordPress he found a vulnerability in Wordpress. Read more from WebARX blog to find out.
New Phishing Scam uses AES Encryption and Goes After Apple IDs
https://ift.tt/2rA5rtf
Submitted May 14, 2018 at 09:20PM by EvanConover
via reddit https://ift.tt/2IkioPd
https://ift.tt/2rA5rtf
Submitted May 14, 2018 at 09:20PM by EvanConover
via reddit https://ift.tt/2IkioPd
Trendmicro
New Phishing Scam uses AES Encryption and Goes After Apple IDs - TrendLabs Security Intelligence Blog
by Jindrich Karasek Recent data breaches and privacy scares, along with the upcoming General Data Protection Regulation (GDPR) from the European Union, have triggered a change in the way companies handle their users’ data. As a result, many of them have been…
Malicious Traffic in Port 7001 Surges as Cryptominers Target Patched 2017 Oracle WebLogic Vulnerability
https://ift.tt/2G5tmGk
Submitted May 14, 2018 at 09:19PM by EvanConover
via reddit https://ift.tt/2jTuRyK
https://ift.tt/2G5tmGk
Submitted May 14, 2018 at 09:19PM by EvanConover
via reddit https://ift.tt/2jTuRyK
Trendmicro
Malicious Traffic in Port 7001 Surges as Cryptominers Target Patched 2017 Oracle WebLogic Vulnerability - TrendLabs Security Intelligence…
We observed a large spike in the number of devices scanning the internet for port 7001/TCP since April 27, 2018. Our analysis found that it's increased activity was caused by cybercriminals engaging in cryptomining via exploiting CVE-2017-10271. The flaw…
efail: Official response from GnuPG
https://ift.tt/2KYLXHy
Submitted May 14, 2018 at 09:42PM by albinowax
via reddit https://ift.tt/2IgHcLZ
https://ift.tt/2KYLXHy
Submitted May 14, 2018 at 09:42PM by albinowax
via reddit https://ift.tt/2IgHcLZ
reddit
r/security - efail: Official response from GnuPG
1 votes and 0 so far on reddit
EFAIL explained.
https://twitter.com/oliverdunk_/status/996058634613338112
Submitted May 14, 2018 at 09:39PM by oliverdunk
via reddit https://ift.tt/2rHWKwZ
https://twitter.com/oliverdunk_/status/996058634613338112
Submitted May 14, 2018 at 09:39PM by oliverdunk
via reddit https://ift.tt/2rHWKwZ
Twitter
Oliver Dunk
EFAIL explained.