EFAIL explained.
https://twitter.com/oliverdunk_/status/996058634613338112
Submitted May 14, 2018 at 09:39PM by oliverdunk
via reddit https://ift.tt/2rHWKwZ
https://twitter.com/oliverdunk_/status/996058634613338112
Submitted May 14, 2018 at 09:39PM by oliverdunk
via reddit https://ift.tt/2rHWKwZ
Twitter
Oliver Dunk
EFAIL explained.
Anatomy of a Missed Opportunity to Stop a Cyber Threat Infographic
https://ift.tt/2jQysgJ
Submitted May 14, 2018 at 09:36PM by volci
via reddit https://ift.tt/2rNsX6r
https://ift.tt/2jQysgJ
Submitted May 14, 2018 at 09:36PM by volci
via reddit https://ift.tt/2rNsX6r
Secureworks
Anatomy of a Missed Opportunity to Stop a Cyber Threat Infographic
In this infographic, learn how visibility in your environment can stop threats sooner and improve incident response outcomes.
efail: Official press release of the GnuPG developers
https://ift.tt/2KYLXHy
Submitted May 14, 2018 at 09:26PM by the_gnarts
via reddit https://ift.tt/2IhV3BC
https://ift.tt/2KYLXHy
Submitted May 14, 2018 at 09:26PM by the_gnarts
via reddit https://ift.tt/2IhV3BC
reddit
r/netsec - efail: Official press release of the GnuPG developers
3 votes and 3 so far on reddit
A Deep Dive Into RIG Exploit Kit Delivering Grobios Trojan
https://ift.tt/2jXmpP2
Submitted May 14, 2018 at 09:22PM by EvanConover
via reddit https://ift.tt/2GertqI
https://ift.tt/2jXmpP2
Submitted May 14, 2018 at 09:22PM by EvanConover
via reddit https://ift.tt/2GertqI
reddit
r/netsec - A Deep Dive Into RIG Exploit Kit Delivering Grobios Trojan
1 votes and 0 so far on reddit
Concord: Student accused of hacking system to change grades is arrested
https://ift.tt/2KjxXar
Submitted May 15, 2018 at 12:20AM by EvanConover
via reddit https://ift.tt/2rFVL15
https://ift.tt/2KjxXar
Submitted May 15, 2018 at 12:20AM by EvanConover
via reddit https://ift.tt/2rFVL15
KTVU
Concord: Student accused of hacking system to change grades is arrested
Concord Police say a student at Ygnacio Valley High School targeted teachers with a phishing scam and hacked into the Mount Diablo Unified School District computer system in order to change his grades as well as those of other students.
What kind of PKI designs do browsers have?
I know they must have trust lists and also consist of hierarchical PKIs is this correct? Also, can you add more designs if any exist?
Submitted May 15, 2018 at 12:11AM by FearsomeHorror
via reddit https://ift.tt/2wDBb6B
I know they must have trust lists and also consist of hierarchical PKIs is this correct? Also, can you add more designs if any exist?
Submitted May 15, 2018 at 12:11AM by FearsomeHorror
via reddit https://ift.tt/2wDBb6B
reddit
What kind of PKI designs do browsers have? • r/security
I know they must have trust lists and also consist of hierarchical PKIs is this correct? Also, can you add more designs if any exist?
GDPR Phishing Scam Targets Apple Accounts, Financial Data | Threatpost
https://ift.tt/2IFD7Ag
Submitted May 15, 2018 at 01:08AM by LindseyOD123
via reddit https://ift.tt/2rGKQUc
https://ift.tt/2IFD7Ag
Submitted May 15, 2018 at 01:08AM by LindseyOD123
via reddit https://ift.tt/2rGKQUc
Threatpost | The first stop for security news
GDPR Phishing Scam Targets Apple Accounts, Financial Data
A phishing campaign targeting Apple users is attempting to trick victims into updating their profiles under the guise it's a part of proactive security hardening prepping for the introduction of Gene
dban for memory sticks?
I would like to use something like dban to wipe 2 memory sticks. dban itself does not work. errora occure and i cant wipe them. i would like to wipe them directly with a tool that does not need an operating system. any ideas?
Submitted May 15, 2018 at 02:44AM by Joetunn
via reddit https://ift.tt/2Kmu2tk
I would like to use something like dban to wipe 2 memory sticks. dban itself does not work. errora occure and i cant wipe them. i would like to wipe them directly with a tool that does not need an operating system. any ideas?
Submitted May 15, 2018 at 02:44AM by Joetunn
via reddit https://ift.tt/2Kmu2tk
reddit
r/security - dban for memory sticks?
1 votes and 1 so far on reddit
"If you’re in the identity theft business it seems this would be a pot of gold."
https://ift.tt/2IFv3iR
Submitted May 15, 2018 at 02:36AM by volci
via reddit https://ift.tt/2IhZjkL
https://ift.tt/2IFv3iR
Submitted May 15, 2018 at 02:36AM by volci
via reddit https://ift.tt/2IhZjkL
FlowingData
Every document copy stored on used digital photocopiers
CBS News picked up four used photocopiers and looked at the hard drives. There was a lot of private information stored in them: Nearly every digital copier built since 2002 contains a hard drive &#…
Leaving on a jet plane: the trade in fraudulently obtained airline tickets
https://ift.tt/2jN6zGH
Submitted May 15, 2018 at 05:16AM by raybb
via reddit https://ift.tt/2KqLKf9
https://ift.tt/2jN6zGH
Submitted May 15, 2018 at 05:16AM by raybb
via reddit https://ift.tt/2KqLKf9
SpringerLink
Leaving on a jet plane: the trade in fraudulently obtained airline tic
Every day, hundreds of people fly on airline tickets that have been obtained fraudulently. This crime noscript analysis provides an overview of the trade in these tickets, drawing on interviews with...
$4500 Subdomain Takeover and the competition in netsec
https://ift.tt/2rmD9SO
Submitted May 15, 2018 at 06:50AM by LimBomber
via reddit https://ift.tt/2Ghjbyn
https://ift.tt/2rmD9SO
Submitted May 15, 2018 at 06:50AM by LimBomber
via reddit https://ift.tt/2Ghjbyn
Medium
$4500 Bounty — How I got lucky
This is a short explanation of how I took over a subdomain by doing recon at the right time and what I learned about the competition in…
Not sure if this is the right place to ask this. Does anyone know of an ink dispersant that would fit inside of a wallet?
I had someone steal money out of my wallet at work, and I'd like to leave my wallet in the same place with something in it that would shoot ink out at them.Does anyone know of a product that works like that?
Submitted May 15, 2018 at 09:11AM by Av1dL3arner
via reddit https://ift.tt/2rJ9ow0
I had someone steal money out of my wallet at work, and I'd like to leave my wallet in the same place with something in it that would shoot ink out at them.Does anyone know of a product that works like that?
Submitted May 15, 2018 at 09:11AM by Av1dL3arner
via reddit https://ift.tt/2rJ9ow0
reddit
Not sure if this is the right place to ask this. Does... • r/security
I had someone steal money out of my wallet at work, and I'd like to leave my wallet in the same place with something in it that would shoot ink...
Getting Started and Troubleshooting DNS over TLS
https://ift.tt/2GjDETu
Submitted May 15, 2018 at 09:55AM by nykzhang
via reddit https://ift.tt/2GhcwEo
https://ift.tt/2GjDETu
Submitted May 15, 2018 at 09:55AM by nykzhang
via reddit https://ift.tt/2GhcwEo
Medium
Troubleshooting DNS over TLS
I have been using DNSCrypt and DNS over HTTPS for a bit of time, but decided to give a try to the new DNS over TLS protocol today. The…
DARKSURGEON - a Windows packer project to empower incident response, digital forensics, malware analysis, and network defense
https://ift.tt/2ImjsSC
Submitted May 15, 2018 at 11:38AM by PeterG45
via reddit https://ift.tt/2jYiqBL
https://ift.tt/2ImjsSC
Submitted May 15, 2018 at 11:38AM by PeterG45
via reddit https://ift.tt/2jYiqBL
GitHub
cryps1s/DARKSURGEON
DARKSURGEON is a Windows packer project to empower incident response, digital forensics, malware analysis, and network defense.
ZooPark (Technical Article by Kaspersky) - CyberEspionage Operation Targets Android Users in the Middle East
https://ift.tt/2rhldKk
Submitted May 15, 2018 at 11:30AM by PeterG45
via reddit https://ift.tt/2IJttN5
https://ift.tt/2rhldKk
Submitted May 15, 2018 at 11:30AM by PeterG45
via reddit https://ift.tt/2IJttN5
Don’t use HTML emails...use authenticated encryption
https://ift.tt/2jX2tfa
Submitted May 15, 2018 at 03:42PM by Majortom80
via reddit https://ift.tt/2Ild268
https://ift.tt/2jX2tfa
Submitted May 15, 2018 at 03:42PM by Majortom80
via reddit https://ift.tt/2Ild268
The Verge
Researchers have found a vulnerability in two popular email encryption protocols
Malicious code could be used to steal the entire contents of a target’s inbox.
Reviewing Android Webviews fileAccess attack vectors.
https://ift.tt/2IKRBz7
Submitted May 15, 2018 at 03:37PM by clviper
via reddit https://ift.tt/2IjHFZF
https://ift.tt/2IKRBz7
Submitted May 15, 2018 at 03:37PM by clviper
via reddit https://ift.tt/2IjHFZF
3 Winners & 2 Losers: NIST Cybersecurity Framework 1.1
https://ift.tt/2IjqEis
Submitted May 15, 2018 at 05:17PM by Uminekoshi
via reddit https://ift.tt/2rJXkub
https://ift.tt/2IjqEis
Submitted May 15, 2018 at 05:17PM by Uminekoshi
via reddit https://ift.tt/2rJXkub
Nehemiah Security
3 Winners & 2 Losers: NIST Cybersecurity Framework 1.1 - Nehemiah Security
The introduction of the NIST cybersecurity framework 1.0 has been both expected and disruptive when it was first created in 2014. This framework has evolved the way many companies think about cybersecurity today. Many swear by it as well. This is why the…
Is there a CloudGen firewall that also have WAF features?
Hi, please excuse me for any technical mistake, I am a novice in terms of security.We are hosting an infrastructure on the cloud that contains multiple machines and a web application. Is there any CloudGen firewall that also could monitor and block threats coming on the web application? We also would like to have the less expensive one that covers everything we need.This should contain those features:SQL injection protectionCross site noscripting protectionCommon Web Attacks Protection such as command injection, HTTP request smuggling, HTTP response splitting, and remote file inclusion attackProtection against HTTP protocol violationsProtection against HTTP protocol anomalies such as missing host user-agent and accept headersPrevention against bots, crawlers, and scannersDetection of common application misconfigurations (for example, Apache, IIS, and so on.)Also OWASP protection.Thank you.
Submitted May 15, 2018 at 05:16PM by Gretyzdee
via reddit https://ift.tt/2L4917V
Hi, please excuse me for any technical mistake, I am a novice in terms of security.We are hosting an infrastructure on the cloud that contains multiple machines and a web application. Is there any CloudGen firewall that also could monitor and block threats coming on the web application? We also would like to have the less expensive one that covers everything we need.This should contain those features:SQL injection protectionCross site noscripting protectionCommon Web Attacks Protection such as command injection, HTTP request smuggling, HTTP response splitting, and remote file inclusion attackProtection against HTTP protocol violationsProtection against HTTP protocol anomalies such as missing host user-agent and accept headersPrevention against bots, crawlers, and scannersDetection of common application misconfigurations (for example, Apache, IIS, and so on.)Also OWASP protection.Thank you.
Submitted May 15, 2018 at 05:16PM by Gretyzdee
via reddit https://ift.tt/2L4917V
reddit
r/security - Is there a CloudGen firewall that also have WAF features?
1 votes and 0 so far on reddit
PagerDuty's publicly available Security Engineer training slides
https://ift.tt/2ra1QSz
Submitted May 15, 2018 at 05:57PM by infosecB
via reddit https://ift.tt/2rLUKDU
https://ift.tt/2ra1QSz
Submitted May 15, 2018 at 05:57PM by infosecB
via reddit https://ift.tt/2rLUKDU
PagerDuty Security Training
For Engineers - PagerDuty Security Training
This is an open-source version of 'Security Training for Engineers', PagerDuty's internal employee technical security training, open to all PagerDuty employees as part of our continuous security training program.
PagerDuty's publicly available Security Engineer training slides
https://ift.tt/2ra1QSz
Submitted May 15, 2018 at 05:57PM by infosecB
via reddit https://ift.tt/2rLUKDU
https://ift.tt/2ra1QSz
Submitted May 15, 2018 at 05:57PM by infosecB
via reddit https://ift.tt/2rLUKDU
PagerDuty Security Training
For Engineers - PagerDuty Security Training
This is an open-source version of 'Security Training for Engineers', PagerDuty's internal employee technical security training, open to all PagerDuty employees as part of our continuous security training program.