GDPR Phishing Scam Targets Apple Accounts, Financial Data | Threatpost
https://ift.tt/2IFD7Ag
Submitted May 15, 2018 at 01:08AM by LindseyOD123
via reddit https://ift.tt/2rGKQUc
https://ift.tt/2IFD7Ag
Submitted May 15, 2018 at 01:08AM by LindseyOD123
via reddit https://ift.tt/2rGKQUc
Threatpost | The first stop for security news
GDPR Phishing Scam Targets Apple Accounts, Financial Data
A phishing campaign targeting Apple users is attempting to trick victims into updating their profiles under the guise it's a part of proactive security hardening prepping for the introduction of Gene
dban for memory sticks?
I would like to use something like dban to wipe 2 memory sticks. dban itself does not work. errora occure and i cant wipe them. i would like to wipe them directly with a tool that does not need an operating system. any ideas?
Submitted May 15, 2018 at 02:44AM by Joetunn
via reddit https://ift.tt/2Kmu2tk
I would like to use something like dban to wipe 2 memory sticks. dban itself does not work. errora occure and i cant wipe them. i would like to wipe them directly with a tool that does not need an operating system. any ideas?
Submitted May 15, 2018 at 02:44AM by Joetunn
via reddit https://ift.tt/2Kmu2tk
reddit
r/security - dban for memory sticks?
1 votes and 1 so far on reddit
"If you’re in the identity theft business it seems this would be a pot of gold."
https://ift.tt/2IFv3iR
Submitted May 15, 2018 at 02:36AM by volci
via reddit https://ift.tt/2IhZjkL
https://ift.tt/2IFv3iR
Submitted May 15, 2018 at 02:36AM by volci
via reddit https://ift.tt/2IhZjkL
FlowingData
Every document copy stored on used digital photocopiers
CBS News picked up four used photocopiers and looked at the hard drives. There was a lot of private information stored in them: Nearly every digital copier built since 2002 contains a hard drive &#…
Leaving on a jet plane: the trade in fraudulently obtained airline tickets
https://ift.tt/2jN6zGH
Submitted May 15, 2018 at 05:16AM by raybb
via reddit https://ift.tt/2KqLKf9
https://ift.tt/2jN6zGH
Submitted May 15, 2018 at 05:16AM by raybb
via reddit https://ift.tt/2KqLKf9
SpringerLink
Leaving on a jet plane: the trade in fraudulently obtained airline tic
Every day, hundreds of people fly on airline tickets that have been obtained fraudulently. This crime noscript analysis provides an overview of the trade in these tickets, drawing on interviews with...
$4500 Subdomain Takeover and the competition in netsec
https://ift.tt/2rmD9SO
Submitted May 15, 2018 at 06:50AM by LimBomber
via reddit https://ift.tt/2Ghjbyn
https://ift.tt/2rmD9SO
Submitted May 15, 2018 at 06:50AM by LimBomber
via reddit https://ift.tt/2Ghjbyn
Medium
$4500 Bounty — How I got lucky
This is a short explanation of how I took over a subdomain by doing recon at the right time and what I learned about the competition in…
Not sure if this is the right place to ask this. Does anyone know of an ink dispersant that would fit inside of a wallet?
I had someone steal money out of my wallet at work, and I'd like to leave my wallet in the same place with something in it that would shoot ink out at them.Does anyone know of a product that works like that?
Submitted May 15, 2018 at 09:11AM by Av1dL3arner
via reddit https://ift.tt/2rJ9ow0
I had someone steal money out of my wallet at work, and I'd like to leave my wallet in the same place with something in it that would shoot ink out at them.Does anyone know of a product that works like that?
Submitted May 15, 2018 at 09:11AM by Av1dL3arner
via reddit https://ift.tt/2rJ9ow0
reddit
Not sure if this is the right place to ask this. Does... • r/security
I had someone steal money out of my wallet at work, and I'd like to leave my wallet in the same place with something in it that would shoot ink...
Getting Started and Troubleshooting DNS over TLS
https://ift.tt/2GjDETu
Submitted May 15, 2018 at 09:55AM by nykzhang
via reddit https://ift.tt/2GhcwEo
https://ift.tt/2GjDETu
Submitted May 15, 2018 at 09:55AM by nykzhang
via reddit https://ift.tt/2GhcwEo
Medium
Troubleshooting DNS over TLS
I have been using DNSCrypt and DNS over HTTPS for a bit of time, but decided to give a try to the new DNS over TLS protocol today. The…
DARKSURGEON - a Windows packer project to empower incident response, digital forensics, malware analysis, and network defense
https://ift.tt/2ImjsSC
Submitted May 15, 2018 at 11:38AM by PeterG45
via reddit https://ift.tt/2jYiqBL
https://ift.tt/2ImjsSC
Submitted May 15, 2018 at 11:38AM by PeterG45
via reddit https://ift.tt/2jYiqBL
GitHub
cryps1s/DARKSURGEON
DARKSURGEON is a Windows packer project to empower incident response, digital forensics, malware analysis, and network defense.
ZooPark (Technical Article by Kaspersky) - CyberEspionage Operation Targets Android Users in the Middle East
https://ift.tt/2rhldKk
Submitted May 15, 2018 at 11:30AM by PeterG45
via reddit https://ift.tt/2IJttN5
https://ift.tt/2rhldKk
Submitted May 15, 2018 at 11:30AM by PeterG45
via reddit https://ift.tt/2IJttN5
Don’t use HTML emails...use authenticated encryption
https://ift.tt/2jX2tfa
Submitted May 15, 2018 at 03:42PM by Majortom80
via reddit https://ift.tt/2Ild268
https://ift.tt/2jX2tfa
Submitted May 15, 2018 at 03:42PM by Majortom80
via reddit https://ift.tt/2Ild268
The Verge
Researchers have found a vulnerability in two popular email encryption protocols
Malicious code could be used to steal the entire contents of a target’s inbox.
Reviewing Android Webviews fileAccess attack vectors.
https://ift.tt/2IKRBz7
Submitted May 15, 2018 at 03:37PM by clviper
via reddit https://ift.tt/2IjHFZF
https://ift.tt/2IKRBz7
Submitted May 15, 2018 at 03:37PM by clviper
via reddit https://ift.tt/2IjHFZF
3 Winners & 2 Losers: NIST Cybersecurity Framework 1.1
https://ift.tt/2IjqEis
Submitted May 15, 2018 at 05:17PM by Uminekoshi
via reddit https://ift.tt/2rJXkub
https://ift.tt/2IjqEis
Submitted May 15, 2018 at 05:17PM by Uminekoshi
via reddit https://ift.tt/2rJXkub
Nehemiah Security
3 Winners & 2 Losers: NIST Cybersecurity Framework 1.1 - Nehemiah Security
The introduction of the NIST cybersecurity framework 1.0 has been both expected and disruptive when it was first created in 2014. This framework has evolved the way many companies think about cybersecurity today. Many swear by it as well. This is why the…
Is there a CloudGen firewall that also have WAF features?
Hi, please excuse me for any technical mistake, I am a novice in terms of security.We are hosting an infrastructure on the cloud that contains multiple machines and a web application. Is there any CloudGen firewall that also could monitor and block threats coming on the web application? We also would like to have the less expensive one that covers everything we need.This should contain those features:SQL injection protectionCross site noscripting protectionCommon Web Attacks Protection such as command injection, HTTP request smuggling, HTTP response splitting, and remote file inclusion attackProtection against HTTP protocol violationsProtection against HTTP protocol anomalies such as missing host user-agent and accept headersPrevention against bots, crawlers, and scannersDetection of common application misconfigurations (for example, Apache, IIS, and so on.)Also OWASP protection.Thank you.
Submitted May 15, 2018 at 05:16PM by Gretyzdee
via reddit https://ift.tt/2L4917V
Hi, please excuse me for any technical mistake, I am a novice in terms of security.We are hosting an infrastructure on the cloud that contains multiple machines and a web application. Is there any CloudGen firewall that also could monitor and block threats coming on the web application? We also would like to have the less expensive one that covers everything we need.This should contain those features:SQL injection protectionCross site noscripting protectionCommon Web Attacks Protection such as command injection, HTTP request smuggling, HTTP response splitting, and remote file inclusion attackProtection against HTTP protocol violationsProtection against HTTP protocol anomalies such as missing host user-agent and accept headersPrevention against bots, crawlers, and scannersDetection of common application misconfigurations (for example, Apache, IIS, and so on.)Also OWASP protection.Thank you.
Submitted May 15, 2018 at 05:16PM by Gretyzdee
via reddit https://ift.tt/2L4917V
reddit
r/security - Is there a CloudGen firewall that also have WAF features?
1 votes and 0 so far on reddit
PagerDuty's publicly available Security Engineer training slides
https://ift.tt/2ra1QSz
Submitted May 15, 2018 at 05:57PM by infosecB
via reddit https://ift.tt/2rLUKDU
https://ift.tt/2ra1QSz
Submitted May 15, 2018 at 05:57PM by infosecB
via reddit https://ift.tt/2rLUKDU
PagerDuty Security Training
For Engineers - PagerDuty Security Training
This is an open-source version of 'Security Training for Engineers', PagerDuty's internal employee technical security training, open to all PagerDuty employees as part of our continuous security training program.
PagerDuty's publicly available Security Engineer training slides
https://ift.tt/2ra1QSz
Submitted May 15, 2018 at 05:57PM by infosecB
via reddit https://ift.tt/2rLUKDU
https://ift.tt/2ra1QSz
Submitted May 15, 2018 at 05:57PM by infosecB
via reddit https://ift.tt/2rLUKDU
PagerDuty Security Training
For Engineers - PagerDuty Security Training
This is an open-source version of 'Security Training for Engineers', PagerDuty's internal employee technical security training, open to all PagerDuty employees as part of our continuous security training program.
Security In 5: Episode 238 - Mini-Series Top 10 Reasons To Pen Test - 7 - Prioritize Risks
https://ift.tt/2ImQ5j9
Submitted May 15, 2018 at 06:35PM by BinaryBlog
via reddit https://ift.tt/2INszz0
https://ift.tt/2ImQ5j9
Submitted May 15, 2018 at 06:35PM by BinaryBlog
via reddit https://ift.tt/2INszz0
Libsyn
Security In Five Podcast: Episode 238 - Mini-Series Top 10 Reasons To Pen Test - 7 - Prioritize Risks
Continuing with the mini series, Top 10 Reasons To Run Penetration Tests in Your Business, we are up to number 7. This one talks about how penetration tests and their results can help you prioritize your risks. This episode talks about how this happens and…
Facebook Hack Shows It’s Time to Upgrade Our Method of Verifying Identity
https://ift.tt/292LeDh
Submitted May 15, 2018 at 08:26PM by dengorilla1
via reddit https://ift.tt/2GiExLH
https://ift.tt/292LeDh
Submitted May 15, 2018 at 08:26PM by dengorilla1
via reddit https://ift.tt/2GiExLH
Motherboard
Facebook Hack Shows It’s Time to Upgrade Our Method of Verifying Identity
All you need to get around two-factor authentication is Photoshop.
Canonical finally comments on Ubuntu Linux Snap Store security failure
https://ift.tt/2wDrhSq
Submitted May 15, 2018 at 07:55PM by CornCobBobby
via reddit https://ift.tt/2IkScE4
https://ift.tt/2wDrhSq
Submitted May 15, 2018 at 07:55PM by CornCobBobby
via reddit https://ift.tt/2IkScE4
BetaNews
Canonical finally comments on Ubuntu Linux Snap Store security failure
Over the weekend, we reported on an Ubuntu Snap Store app that had a hidden cryptocurrency miner. This was a disappointing discovery, as users’ machines were being hijacked to earn money for …
Beware of the Magic SpEL(L) – Part 1 (CVE-2018-1273)
https://ift.tt/2wI6VYn
Submitted May 15, 2018 at 08:55PM by 0xdea
via reddit https://ift.tt/2ImEWmj
https://ift.tt/2wI6VYn
Submitted May 15, 2018 at 08:55PM by 0xdea
via reddit https://ift.tt/2ImEWmj
GoSecure
Beware of the Magic SpEL(L) - Part 1 (CVE-2018-1273) - GoSecure
This February, we ran a Find Security Bugs scan on over at least one hundred components from the Spring Framework, including the core components (spring-core, spring-mvc) but also optional components (spring-data, spring-social, spring-oauth, etc.). From…
Beware of the Magic SpEL(L) – Part 1 (CVE-2018-1273)
https://ift.tt/2wI6VYn
Submitted May 15, 2018 at 08:55PM by 0xdea
via reddit https://ift.tt/2ImEWmj
https://ift.tt/2wI6VYn
Submitted May 15, 2018 at 08:55PM by 0xdea
via reddit https://ift.tt/2ImEWmj
GoSecure
Beware of the Magic SpEL(L) - Part 1 (CVE-2018-1273) - GoSecure
This February, we ran a Find Security Bugs scan on over at least one hundred components from the Spring Framework, including the core components (spring-core, spring-mvc) but also optional components (spring-data, spring-social, spring-oauth, etc.). From…
Nethammer: Inducing Rowhammer Faults through Network Requests
https://ift.tt/2KXyuzP
Submitted May 15, 2018 at 09:12PM by albinowax
via reddit https://ift.tt/2ImdJA4
https://ift.tt/2KXyuzP
Submitted May 15, 2018 at 09:12PM by albinowax
via reddit https://ift.tt/2ImdJA4
reddit
Nethammer: Inducing Rowhammer Faults through Network... • r/security
1 points and 1 comments so far on reddit