Write-up by the researcher who discovered XSS in WordPress 4.8
https://ift.tt/2KYyEa4
Submitted May 14, 2018 at 08:07PM by ded1cated
via reddit https://ift.tt/2Ggbf0i
https://ift.tt/2KYyEa4
Submitted May 14, 2018 at 08:07PM by ded1cated
via reddit https://ift.tt/2Ggbf0i
WebARX
Cross-Site Scripting (XSS) in Wordpress 4.8
During our security researchers, Luka research on latest WordPress he found a vulnerability in Wordpress. Read more from WebARX blog to find out.
New Phishing Scam uses AES Encryption and Goes After Apple IDs
https://ift.tt/2rA5rtf
Submitted May 14, 2018 at 09:20PM by EvanConover
via reddit https://ift.tt/2IkioPd
https://ift.tt/2rA5rtf
Submitted May 14, 2018 at 09:20PM by EvanConover
via reddit https://ift.tt/2IkioPd
Trendmicro
New Phishing Scam uses AES Encryption and Goes After Apple IDs - TrendLabs Security Intelligence Blog
by Jindrich Karasek Recent data breaches and privacy scares, along with the upcoming General Data Protection Regulation (GDPR) from the European Union, have triggered a change in the way companies handle their users’ data. As a result, many of them have been…
Malicious Traffic in Port 7001 Surges as Cryptominers Target Patched 2017 Oracle WebLogic Vulnerability
https://ift.tt/2G5tmGk
Submitted May 14, 2018 at 09:19PM by EvanConover
via reddit https://ift.tt/2jTuRyK
https://ift.tt/2G5tmGk
Submitted May 14, 2018 at 09:19PM by EvanConover
via reddit https://ift.tt/2jTuRyK
Trendmicro
Malicious Traffic in Port 7001 Surges as Cryptominers Target Patched 2017 Oracle WebLogic Vulnerability - TrendLabs Security Intelligence…
We observed a large spike in the number of devices scanning the internet for port 7001/TCP since April 27, 2018. Our analysis found that it's increased activity was caused by cybercriminals engaging in cryptomining via exploiting CVE-2017-10271. The flaw…
efail: Official response from GnuPG
https://ift.tt/2KYLXHy
Submitted May 14, 2018 at 09:42PM by albinowax
via reddit https://ift.tt/2IgHcLZ
https://ift.tt/2KYLXHy
Submitted May 14, 2018 at 09:42PM by albinowax
via reddit https://ift.tt/2IgHcLZ
reddit
r/security - efail: Official response from GnuPG
1 votes and 0 so far on reddit
EFAIL explained.
https://twitter.com/oliverdunk_/status/996058634613338112
Submitted May 14, 2018 at 09:39PM by oliverdunk
via reddit https://ift.tt/2rHWKwZ
https://twitter.com/oliverdunk_/status/996058634613338112
Submitted May 14, 2018 at 09:39PM by oliverdunk
via reddit https://ift.tt/2rHWKwZ
Twitter
Oliver Dunk
EFAIL explained.
Anatomy of a Missed Opportunity to Stop a Cyber Threat Infographic
https://ift.tt/2jQysgJ
Submitted May 14, 2018 at 09:36PM by volci
via reddit https://ift.tt/2rNsX6r
https://ift.tt/2jQysgJ
Submitted May 14, 2018 at 09:36PM by volci
via reddit https://ift.tt/2rNsX6r
Secureworks
Anatomy of a Missed Opportunity to Stop a Cyber Threat Infographic
In this infographic, learn how visibility in your environment can stop threats sooner and improve incident response outcomes.
efail: Official press release of the GnuPG developers
https://ift.tt/2KYLXHy
Submitted May 14, 2018 at 09:26PM by the_gnarts
via reddit https://ift.tt/2IhV3BC
https://ift.tt/2KYLXHy
Submitted May 14, 2018 at 09:26PM by the_gnarts
via reddit https://ift.tt/2IhV3BC
reddit
r/netsec - efail: Official press release of the GnuPG developers
3 votes and 3 so far on reddit
A Deep Dive Into RIG Exploit Kit Delivering Grobios Trojan
https://ift.tt/2jXmpP2
Submitted May 14, 2018 at 09:22PM by EvanConover
via reddit https://ift.tt/2GertqI
https://ift.tt/2jXmpP2
Submitted May 14, 2018 at 09:22PM by EvanConover
via reddit https://ift.tt/2GertqI
reddit
r/netsec - A Deep Dive Into RIG Exploit Kit Delivering Grobios Trojan
1 votes and 0 so far on reddit
Concord: Student accused of hacking system to change grades is arrested
https://ift.tt/2KjxXar
Submitted May 15, 2018 at 12:20AM by EvanConover
via reddit https://ift.tt/2rFVL15
https://ift.tt/2KjxXar
Submitted May 15, 2018 at 12:20AM by EvanConover
via reddit https://ift.tt/2rFVL15
KTVU
Concord: Student accused of hacking system to change grades is arrested
Concord Police say a student at Ygnacio Valley High School targeted teachers with a phishing scam and hacked into the Mount Diablo Unified School District computer system in order to change his grades as well as those of other students.
What kind of PKI designs do browsers have?
I know they must have trust lists and also consist of hierarchical PKIs is this correct? Also, can you add more designs if any exist?
Submitted May 15, 2018 at 12:11AM by FearsomeHorror
via reddit https://ift.tt/2wDBb6B
I know they must have trust lists and also consist of hierarchical PKIs is this correct? Also, can you add more designs if any exist?
Submitted May 15, 2018 at 12:11AM by FearsomeHorror
via reddit https://ift.tt/2wDBb6B
reddit
What kind of PKI designs do browsers have? • r/security
I know they must have trust lists and also consist of hierarchical PKIs is this correct? Also, can you add more designs if any exist?
GDPR Phishing Scam Targets Apple Accounts, Financial Data | Threatpost
https://ift.tt/2IFD7Ag
Submitted May 15, 2018 at 01:08AM by LindseyOD123
via reddit https://ift.tt/2rGKQUc
https://ift.tt/2IFD7Ag
Submitted May 15, 2018 at 01:08AM by LindseyOD123
via reddit https://ift.tt/2rGKQUc
Threatpost | The first stop for security news
GDPR Phishing Scam Targets Apple Accounts, Financial Data
A phishing campaign targeting Apple users is attempting to trick victims into updating their profiles under the guise it's a part of proactive security hardening prepping for the introduction of Gene
dban for memory sticks?
I would like to use something like dban to wipe 2 memory sticks. dban itself does not work. errora occure and i cant wipe them. i would like to wipe them directly with a tool that does not need an operating system. any ideas?
Submitted May 15, 2018 at 02:44AM by Joetunn
via reddit https://ift.tt/2Kmu2tk
I would like to use something like dban to wipe 2 memory sticks. dban itself does not work. errora occure and i cant wipe them. i would like to wipe them directly with a tool that does not need an operating system. any ideas?
Submitted May 15, 2018 at 02:44AM by Joetunn
via reddit https://ift.tt/2Kmu2tk
reddit
r/security - dban for memory sticks?
1 votes and 1 so far on reddit
"If you’re in the identity theft business it seems this would be a pot of gold."
https://ift.tt/2IFv3iR
Submitted May 15, 2018 at 02:36AM by volci
via reddit https://ift.tt/2IhZjkL
https://ift.tt/2IFv3iR
Submitted May 15, 2018 at 02:36AM by volci
via reddit https://ift.tt/2IhZjkL
FlowingData
Every document copy stored on used digital photocopiers
CBS News picked up four used photocopiers and looked at the hard drives. There was a lot of private information stored in them: Nearly every digital copier built since 2002 contains a hard drive &#…
Leaving on a jet plane: the trade in fraudulently obtained airline tickets
https://ift.tt/2jN6zGH
Submitted May 15, 2018 at 05:16AM by raybb
via reddit https://ift.tt/2KqLKf9
https://ift.tt/2jN6zGH
Submitted May 15, 2018 at 05:16AM by raybb
via reddit https://ift.tt/2KqLKf9
SpringerLink
Leaving on a jet plane: the trade in fraudulently obtained airline tic
Every day, hundreds of people fly on airline tickets that have been obtained fraudulently. This crime noscript analysis provides an overview of the trade in these tickets, drawing on interviews with...
$4500 Subdomain Takeover and the competition in netsec
https://ift.tt/2rmD9SO
Submitted May 15, 2018 at 06:50AM by LimBomber
via reddit https://ift.tt/2Ghjbyn
https://ift.tt/2rmD9SO
Submitted May 15, 2018 at 06:50AM by LimBomber
via reddit https://ift.tt/2Ghjbyn
Medium
$4500 Bounty — How I got lucky
This is a short explanation of how I took over a subdomain by doing recon at the right time and what I learned about the competition in…
Not sure if this is the right place to ask this. Does anyone know of an ink dispersant that would fit inside of a wallet?
I had someone steal money out of my wallet at work, and I'd like to leave my wallet in the same place with something in it that would shoot ink out at them.Does anyone know of a product that works like that?
Submitted May 15, 2018 at 09:11AM by Av1dL3arner
via reddit https://ift.tt/2rJ9ow0
I had someone steal money out of my wallet at work, and I'd like to leave my wallet in the same place with something in it that would shoot ink out at them.Does anyone know of a product that works like that?
Submitted May 15, 2018 at 09:11AM by Av1dL3arner
via reddit https://ift.tt/2rJ9ow0
reddit
Not sure if this is the right place to ask this. Does... • r/security
I had someone steal money out of my wallet at work, and I'd like to leave my wallet in the same place with something in it that would shoot ink...
Getting Started and Troubleshooting DNS over TLS
https://ift.tt/2GjDETu
Submitted May 15, 2018 at 09:55AM by nykzhang
via reddit https://ift.tt/2GhcwEo
https://ift.tt/2GjDETu
Submitted May 15, 2018 at 09:55AM by nykzhang
via reddit https://ift.tt/2GhcwEo
Medium
Troubleshooting DNS over TLS
I have been using DNSCrypt and DNS over HTTPS for a bit of time, but decided to give a try to the new DNS over TLS protocol today. The…
DARKSURGEON - a Windows packer project to empower incident response, digital forensics, malware analysis, and network defense
https://ift.tt/2ImjsSC
Submitted May 15, 2018 at 11:38AM by PeterG45
via reddit https://ift.tt/2jYiqBL
https://ift.tt/2ImjsSC
Submitted May 15, 2018 at 11:38AM by PeterG45
via reddit https://ift.tt/2jYiqBL
GitHub
cryps1s/DARKSURGEON
DARKSURGEON is a Windows packer project to empower incident response, digital forensics, malware analysis, and network defense.
ZooPark (Technical Article by Kaspersky) - CyberEspionage Operation Targets Android Users in the Middle East
https://ift.tt/2rhldKk
Submitted May 15, 2018 at 11:30AM by PeterG45
via reddit https://ift.tt/2IJttN5
https://ift.tt/2rhldKk
Submitted May 15, 2018 at 11:30AM by PeterG45
via reddit https://ift.tt/2IJttN5
Don’t use HTML emails...use authenticated encryption
https://ift.tt/2jX2tfa
Submitted May 15, 2018 at 03:42PM by Majortom80
via reddit https://ift.tt/2Ild268
https://ift.tt/2jX2tfa
Submitted May 15, 2018 at 03:42PM by Majortom80
via reddit https://ift.tt/2Ild268
The Verge
Researchers have found a vulnerability in two popular email encryption protocols
Malicious code could be used to steal the entire contents of a target’s inbox.
Reviewing Android Webviews fileAccess attack vectors.
https://ift.tt/2IKRBz7
Submitted May 15, 2018 at 03:37PM by clviper
via reddit https://ift.tt/2IjHFZF
https://ift.tt/2IKRBz7
Submitted May 15, 2018 at 03:37PM by clviper
via reddit https://ift.tt/2IjHFZF