Canonical finally comments on Ubuntu Linux Snap Store security failure
https://ift.tt/2wDrhSq

Submitted May 15, 2018 at 07:55PM by CornCobBobby
via reddit https://ift.tt/2IkScE4

Beware of the Magic SpEL(L) – Part 1 (CVE-2018-1273)
https://ift.tt/2wI6VYn

Submitted May 15, 2018 at 08:55PM by 0xdea
via reddit https://ift.tt/2ImEWmj

Beware of the Magic SpEL(L) – Part 1 (CVE-2018-1273)
https://ift.tt/2wI6VYn

Submitted May 15, 2018 at 08:55PM by 0xdea
via reddit https://ift.tt/2ImEWmj

Nethammer: Inducing Rowhammer Faults through Network Requests
https://ift.tt/2KXyuzP

Submitted May 15, 2018 at 09:12PM by albinowax
via reddit https://ift.tt/2ImdJA4

Dan Guido on Efail Vulnerability: "As an attacker, I could not care less about this technique. It's intellectually neat, but operationally stupid."
https://ift.tt/2KmxhB2

Submitted May 15, 2018 at 10:48PM by Derbel__McDillet
via reddit https://ift.tt/2L05CqC

The Secure Developer: Security Training with Elevate's Masha Sedova
https://ift.tt/2KmnY3W

Submitted May 15, 2018 at 11:20PM by heitortsergent
via reddit https://ift.tt/2rIPuBP

Is there any way a HTTPS proxy can forward traffic without decryption?
Normally a HTTPS proxy decrypts the traffic and re-encrypts it. It basically sees all traffic unencrypted.Is there any web standard or proxy software that forwards HTTPS handshake and does not decrypt the traffic?

Submitted May 15, 2018 at 11:49PM by kickass_turing
via reddit https://ift.tt/2ImWivl

Safe and Sorry – Terrorism & Mass Surveillance
https://www.youtube.com/watch?v=V9_PjdU3Mpo

Submitted May 15, 2018 at 11:44PM by dengorilla1
via reddit https://ift.tt/2IIPZWk

Sending Inaudible Commands to Voice Assistants. In the wrong hands, the technology could be used to unlock doors, wire money or buy stuff online ­-- simply with music playing over the radio
https://ift.tt/2jZvHtU

Submitted May 16, 2018 at 12:36AM by magenta_placenta
via reddit https://ift.tt/2Gkj2tX

Linux Random Number Generator: A New Approach - Stephan Müller
https://ift.tt/1U8fgIt

Submitted May 16, 2018 at 01:01AM by rain5
via reddit https://ift.tt/2L1LTHa

Windows Updates Broke Your Networking? Free Micropatches To The Rescue (CVE-2018-8174)
https://ift.tt/2rM82Am

Submitted May 16, 2018 at 12:56AM by dielel
via reddit https://ift.tt/2IGg74e

Vote on your favorite incident response playbook
We recently held an incident response playbook contest on SecOps Hub. It's now time to vote on your favorite. These playbooks cover topics such as malware, ransomware, Crit/high event monitoring, and automating WildFire responses.Visit the community to vote today! https://www.secopshub.com/t/show-off-your-security-expertise-join-our-community-driven-contest/263/8

Submitted May 16, 2018 at 01:20AM by SecOpsHub
via reddit https://ift.tt/2L11bvM

315 Red Team Tips
https://ift.tt/2Il19kP

Submitted May 16, 2018 at 03:30AM by piedpiperpivot
via reddit https://ift.tt/2wJG4uT

Security policies applied by the employer/institution after linking Exchange/Office365 account
Hello everyone!I don't know if this is the right place to consult for this as it's a question geared towards the Windows platform.Whenever I wanted to sync my university email with the stock Android email app, it would pop out with a dialog that said that the account would become an administrator on my phone which basically could do as it liked remotely so that was always a deal breaker for me and I would check my email through the browser or third-party apps on my phone.This wasn't the case for the default mail app on the Windows 10, at least I hadn't noticed before. After not having used the app with any account for a long time and the OS itself receiving many updates such the Creator's I decided to set up all my mailboxes again on the default "Mail" app. This time, however, while linking the university's mailbox it said something along the lines of "setting company policies, please wait" very briefly. Now, this is the same account that wanted to be able to wipe out my phone remotely without notice which is an Office365 service that my university uses. Looking into what I could find, the result were vague.Thanks Microsoft! You could just tell me, y'know.I don't know how to go about finding the repercussions of what this has done and something tells me that simply removing the email account won't change anything. Any help would be appreciated, many thanks!

Submitted May 16, 2018 at 03:08AM by Ere-Eye
via reddit https://ift.tt/2Ihf9vM

The HTTP headers we don't want
https://ift.tt/2rxDLWO

Submitted May 16, 2018 at 05:42AM by rmddos
via reddit https://ift.tt/2IrklcM

DHCP Client Code Execution Vulnerability - CVE-2018-1111
https://ift.tt/2rJjRaA

Submitted May 16, 2018 at 08:10AM by Gallus
via reddit https://ift.tt/2rKlvK0

Opportunity: Cybersecurity @ Siemens
Are you passionate about cybersecurity and want to make immediate difference in a global conglomerate? How about learning how to be a better leader and better anticipating risks while building your technical skillset?If you’re up to the challenge then let’s get started! Let’s be awesome! Send me a message.*Must be authorized to work in the US based at least 2 - 5 years of pentesting experience.

Submitted May 16, 2018 at 08:15AM by xpeditor
via reddit https://ift.tt/2Is9LSR

Another breach due to admin:admin user/pass combination
https://ift.tt/2rFuwmE

Submitted May 16, 2018 at 12:23PM by Majortom80
via reddit https://ift.tt/2KscDPZ

cyber attacks on the power grid may not happen the way we expect. Instead of one big cataclysmic event, they can manifest in a subtler manner, utilizing numerous smaller IoT devices but with severe consequences.
https://ift.tt/2wOLCob

Submitted May 16, 2018 at 11:56AM by Iot_Security
via reddit https://ift.tt/2KrDDiw

Plugbounty – The Bug Bounty Platform for Plugins & Extensions - Cybrary 0p3n
https://ift.tt/2IorhqQ

Submitted May 16, 2018 at 02:37PM by ded1cated
via reddit https://ift.tt/2IL7pSd

How do we Stop Spilling the Beans Across Origins?
https://ift.tt/2wJsEit

Submitted May 16, 2018 at 02:19PM by albinowax
via reddit https://ift.tt/2rKBmYT