Google’s creepy data video describes how your data may be used to engineer your decisions
https://ift.tt/2KwUUak

Submitted May 18, 2018 at 10:17PM by javoss88
via reddit https://ift.tt/2Lab3Dw

Dell SupportAssist Driver - Local Privilege Escalation Reversing and Analysis
https://ift.tt/2rTZ306

Submitted May 18, 2018 at 11:05PM by overflowingInt
via reddit https://ift.tt/2KxIpLx

[How-To/Release] CobaltSplunk - Splunk application to collect Attack Infrastructure logs and perform analysis
https://ift.tt/2k6QjQQ

Submitted May 18, 2018 at 10:58PM by vysec
via reddit https://ift.tt/2k6IUkv

DLL Hijacking via URL files
https://ift.tt/2GsWcRa

Submitted May 18, 2018 at 08:19PM by albinowax
via reddit https://ift.tt/2KzA9KT

Dennis Kucinich: I'm no fan of Trump's but he's got a point about wiretapping
https://ift.tt/2n6pvng

Submitted May 19, 2018 at 01:30AM by dengorilla1
via reddit https://ift.tt/2rPOooc

System Management Mode Speculative Execution Attacks
https://ift.tt/2k4tGMT

Submitted May 19, 2018 at 02:13AM by campuscodi
via reddit https://ift.tt/2IseOqh

Making security appliance a Certificate Authority
There's a category of firewall device which does deep packet inspection on all traffic. In order to work, it requires that all computers internally add a certificate authority for the firewall so that it can generate fake certificates and do deep packet inspection between client machines and the Internet. Are these widely known? Are there any good analysis of this particular approach and the risks/benefits it poses (as compared to evals of individual products)?I'd like to know more about the security community's take on this.

Submitted May 19, 2018 at 04:23AM by garrett_k
via reddit https://ift.tt/2k9TkQx

Budget Android phones are secretly sending users’ text messages to China
https://ift.tt/2fSOzqn

Submitted May 19, 2018 at 03:30AM by dengorilla1
via reddit https://ift.tt/2wVKhMc

The Obama administration is getting ready to elevate the role of Cyber Command
https://ift.tt/2b1havP

Submitted May 19, 2018 at 05:12PM by dengorilla1
via reddit https://ift.tt/2KDrabK

Evernote Employees Can Read Your Notes, and There's No Way to Opt-Out
https://ift.tt/2hm0pgJ

Submitted May 19, 2018 at 06:44PM by dengorilla1
via reddit https://ift.tt/2IAngzP

Fantastic Malware and Where to Find Them
https://ift.tt/2e8pdUi

Submitted May 19, 2018 at 08:12PM by dengorilla1
via reddit https://ift.tt/2KG1RWH

Google Quietly Drops Privacy Policy that Kept Users’ Names Out of Massive Web-Tracking Database
https://ift.tt/2rWibeP

Submitted May 19, 2018 at 09:31PM by dengorilla1
via reddit https://ift.tt/2wUpNU3

IBM warns of instant breaking of encryption by quantum computers: 'Move your data today'
https://ift.tt/2GyMe0M

Submitted May 19, 2018 at 09:55PM by speckz
via reddit https://ift.tt/2kaUzyQ

[Tool / Introduction ] IPFuscation - Using alternate IP representation in your attack workflows!
https://ift.tt/2KEg1Hw

Submitted May 20, 2018 at 12:45AM by vysec
via reddit https://ift.tt/2IwGoP1

Digi-ID: The future of secure login?
https://www.youtube.com/watch?v=mYqgf-9zb5c

Submitted May 20, 2018 at 01:17AM by iguessitsokaythen
via reddit https://ift.tt/2wVsaGl

Scam number checker? Also Potential PayPal scam?
I recall a service once where I could type in a phone number and see what others are saying of it, can't seem to relocate such a service, just a bunch of similar ones.I just am concerned about the Paypal number 888 221 1161, and not certain if it is legitimate. I was on hold with them for 15 minutes, then got through to what sounded like an off-shore rep. She asked for my first and last name and I said it and based on that alone she said I did have an account. But at one point she asked for the last four of my SSN. Here's the thing. I do have a Paypal account I haven't logged into for YEARS, but I occasionally get emails from "service@paypal.com" about transactions I did not make. Well when I asked this rep what to do about those emails she said send them to "review@paypal.com." Another red flag (pretty sure the correct one is spoof@paypal.com, which is where I did forward their emails). Just constant red flags, seemed like phishing. But even Paypal's site themselves say that is a legitimate number and I don't exactly know the logistics of forwarding an 888 number like that. I know they're easy to spoof, but forwarding it seems impossible.So another question I have other than my noscript question for any who may know, given that I am basically permanently locked out of my paypal account, when I signed up for it, did I have to provide the last 4 of my SSN? Just seems odd she'd ask for that. She also asked me for my bank account number associated with the Paypal account. I was uncomfortable and didn't provide it to her. But the thing is, as a fraud investigator myself, I know it is standard practice to ask people for PII as forms of verification before discussing account information or performing account maintenance, that's like fraud 101.I'm just trying to imagine the angle of this scam if it is one, it's missing the part where they in any way try to appeal to my emotions. The phone number provided is the one that pops up on paypal's official website.And the situation is only further complicated by the fact that I cannot answer my security questions to reset my paypal password, and remembering either the password or answers to those questions isn't going to happen as I abandoned the account without deleting it many years ago before I became an investigator myself and well... realized how stupid that is but that was the main reason I was calling to begin with was to try to get assistance logging back into my account, but the way the rep kept asking for my PII was sketching me out. As part of my job I have listened to hundreds of call center recordings with fraud departments, half and half off-shore, and that rep seemed a little too eager after I provided her my name, last four of SSN, and email address. So I didn't provide any more information. I then went into a line of questioning where I asked when they changed it from spoof to review (for suspicious email forwarding) and she said they updated it. I asked when, she stumbled and said it's new, I said how new because I DuckDuckGo'd it and wasn't seeing anything. She stumbled again saying it was this week. I said I felt uncomfortable forwarding there, she asked to place me on hold, got back a bit later and said it's actually been updated for years but the spoof one is currently down for maintenance. I said okay and disconnected.So thoughts? Seems phishy, right? Or am I just being paranoid being an investigator myself? I literally see this kind of thing 60+ hours a week in my career so sometimes I feel so desensitized to it, but I try to remain vigilant. If it wasn't a scam then she was just a new/horrible rep.

Submitted May 20, 2018 at 01:00AM by PatientVegan
via reddit https://ift.tt/2Iv5Ecx

One out of Two American Adults Part of the FBI’s Facial Recognition Database
https://ift.tt/2etuffL

Submitted May 20, 2018 at 04:28AM by dengorilla1
via reddit https://ift.tt/2wW9dTD

One out of Two American Adults Part of the FBI’s Facial Recognition Database
https://ift.tt/2etuffL

Submitted May 20, 2018 at 04:28AM by dengorilla1
via reddit https://ift.tt/2IvQxQ7

President Trump Eliminates Job of National Cybersecurity
https://ift.tt/2LbbFc6

Submitted May 20, 2018 at 04:22AM by ApprehensiveActuator
via reddit https://ift.tt/2KEtpLW

SANS DFIR Memory Forensics Analysis Poster (Free)
https://ift.tt/2vbaa7Z

Submitted May 20, 2018 at 10:04AM by PeterG45
via reddit https://ift.tt/2GvyfIZ

Awesome Mind Maps - Review Posters for a Ton of Infosec Topics (See Comment for List of Content)
https://ift.tt/1cpk6HX

Submitted May 20, 2018 at 10:53AM by TechLord2
via reddit https://ift.tt/2rTyicS