Speculative Store Bypass explained: what it is, how it works
https://ift.tt/2Li5Aut
Submitted May 22, 2018 at 02:52AM by stephstad
via reddit https://ift.tt/2KK8RSe
https://ift.tt/2Li5Aut
Submitted May 22, 2018 at 02:52AM by stephstad
via reddit https://ift.tt/2KK8RSe
Redhat
Speculative Store Bypass explained: what it is, how it works
GDPR Joke, X-Post from r/unitedkingdom
https://ift.tt/2rZ5Bvf
Submitted May 22, 2018 at 02:28AM by Mrbenide
via reddit https://ift.tt/2IRr17t
https://ift.tt/2rZ5Bvf
Submitted May 22, 2018 at 02:28AM by Mrbenide
via reddit https://ift.tt/2IRr17t
reddit
r/unitedkingdom - GDPR Joke
612 votes and 67 so far on reddit
CIS-CAT Benchmarking - Ranking Priorities?
Hello All,Attempting to harden the Windows 10 OS and was using CIS-CATLITE Benchmarking.Does anyone know how to rank any of the suggestions made in the report? (ex. Which item would be listed as a higher priority to get done then the other)
Submitted May 22, 2018 at 02:21AM by YouGotGreedyMartin
via reddit https://ift.tt/2KFkbPx
Hello All,Attempting to harden the Windows 10 OS and was using CIS-CATLITE Benchmarking.Does anyone know how to rank any of the suggestions made in the report? (ex. Which item would be listed as a higher priority to get done then the other)
Submitted May 22, 2018 at 02:21AM by YouGotGreedyMartin
via reddit https://ift.tt/2KFkbPx
reddit
r/security - CIS-CAT Benchmarking - Ranking Priorities?
1 votes and 0 so far on reddit
Microsoft, Google: We've found a fourth data-leaking Meltdown-Spectre CPU hole. Design blunder exists in Intel, AMD, Arm, Power processors
https://ift.tt/2IBfbuI
Submitted May 22, 2018 at 05:21AM by spartanatreyu
via reddit https://ift.tt/2s3cevI
https://ift.tt/2IBfbuI
Submitted May 22, 2018 at 05:21AM by spartanatreyu
via reddit https://ift.tt/2s3cevI
www.theregister.co.uk
Microsoft, Google: We've found a fourth variant of Meltdown-Spectre CPU holes
Affects Intel and other processor makers
What is an S/PDIF port? What functions can it fulfill? What are some little unknown capabilities?
I think I have had a security breach with my computer and I would like to understand this port.
Submitted May 22, 2018 at 06:37AM by KublaiKhanDayzed
via reddit https://ift.tt/2IGOEvR
I think I have had a security breach with my computer and I would like to understand this port.
Submitted May 22, 2018 at 06:37AM by KublaiKhanDayzed
via reddit https://ift.tt/2IGOEvR
reddit
r/security - What is an S/PDIF port? What functions can it fulfill? What are some little unknown capabilities?
1 votes and 1 so far on reddit
HELPS TO STOP WASTING YOUR TIME AND LEARN MORE HACKING.
https://youtu.be/AMMOErxtahk
Submitted May 22, 2018 at 10:01AM by awkward_domzxc
via reddit https://ift.tt/2KK3fYc
https://youtu.be/AMMOErxtahk
Submitted May 22, 2018 at 10:01AM by awkward_domzxc
via reddit https://ift.tt/2KK3fYc
YouTube
STOP WASTING YOUR TIME AND LEARN MORE HACKING!
This is what my brain tells me a lot. But sometimes we just need a break. And it's OK to take a break - however long it has to be. And in this video I'm sharing how I try to deal with these negative thoughts and lack of motivation.
-=[ ❤️ Support ]=-
→…
-=[ ❤️ Support ]=-
→…
SleuthQL - SQL Injection Discovery Tool
https://ift.tt/2Iyb4U6
Submitted May 22, 2018 at 11:24AM by hackers_and_builders
via reddit https://ift.tt/2IYg8Re
https://ift.tt/2Iyb4U6
Submitted May 22, 2018 at 11:24AM by hackers_and_builders
via reddit https://ift.tt/2IYg8Re
Rhino Security Labs
SleuthQL: A SQL Injection Discovery Tool - Rhino Security Labs
SleuthQL identifies SQL injection points by automating some of the request analysis required during a web application assessment and outputting to SQLMap.
How to crack hash type PKZIP2 on kali linux?
Hi, I have my .zip file that I would like to open, I forget the password, when I tried to recover it with John The Ripper in Kali Linux, but I get an error "No Password hashes loaded".When i run the command to obtains the password hash, i've got a hashes like this :prep.zip:$pkzip2$1*2*3*0*250d*2fa9*eda32bdf*0*62*8*8*eda3*04aa*prep.zip*$/pkzip2$:::::prep.zipIt seems John The ripper on Kali Linux can't crack this "pkzip2 encryption" , I say it, because when I try to crack this hash-type on Windows with John TR, it's works, it crack this hash type. Linux is supposed to be designed for this sort of thing, so I want to know why it does not work on Linux.I put the commands that I make on Linux et Windows.ON LINUXroot@kali:~# cd Bureauroot@kali:~/Bureau# zip2john prep.zipver 14 efh 7075 prep.zip->Pr�sentation Personnelle.docx PKZIP Encr: 2b chk, TS_chk, cmplen=9485, decmplen=12201, crc=EDA32BDFprep.zip:$pkzip2$1*2*3*0*250d*2fa9*eda32bdf*0*62*8*8*eda3*04aa*prep.zip*$/pkzip2$:::::prep.ziproot@kali:~/Bureau# zip2john prep.zip > prep.johnver 14 efh 7075 prep.zip->Pr�sentation Personnelle.docx PKZIP Encr: 2b chk, TS_chk, cmplen=9485, decmplen=12201, crc=EDA32BDFroot@kali:~/Bureau# john --incremental prep.johnUsing default input encoding: UTF-8No password hashes loaded (see FAQ)root@kali:~/Bureau#The same commandsON WINDOWSC:\johnj\run>zip2john /cygdrive/c/Users/*****/Desktop/prep.zip4 [main] zip2john 8688 find_fast_cwd: WARNING: Couldn't compute FAST_CWD pointer. Please report this problem tothe public mailing list [cygwin@cygwin.com](mailto:cygwin@cygwin.com)ver 14 efh 7075 prep.zip->Pr▒sentation Personnelle.docx PKZIP Encr: 2b chk, TS_chk, cmplen=9485, decmplen=12201, crc=EDA32BDFprep.zip:$pkzip2$1*2*3*0*250d*2fa9*eda32bdf*0*62*8*29*eda3*04aa*/cygdrive/c/Users/*****/Desktop/prep.zip*$/pkzip2$:::::/cygdrive/c/Users/*****/Desktop/prep.zipC:\johnj\run>zip2john /cygdrive/c/Users/*****/Desktop/prep.zip > C:\Users\****\Desktop\prep.john2 [main] zip2john 7284 find_fast_cwd: WARNING: Couldn't compute FAST_CWD pointer. Please report this problem tothe public mailing list [cygwin@cygwin.com](mailto:cygwin@cygwin.com)ver 14 efh 7075 prep.zip->Pr▒sentation Personnelle.docx PKZIP Encr: 2b chk, TS_chk, cmplen=9485, decmplen=12201, crc=EDA32BDFC:\johnj\run>john --incremental /cygdrive/c/Users/*****/Desktop/prep.john3 [main] john 6504 find_fast_cwd: WARNING: Couldn't compute FAST_CWD pointer. Please report this problem tothe public mailing list [cygwin@cygwin.com](mailto:cygwin@cygwin.com)Loaded 1 password hash (PKZIP [32/32])Will run 2 OpenMP threadsPress 'q' or Ctrl-C to abort, almost any other key for status0g 0:00:00:09 0g/s 840.5p/s 840.5c/s 840.5C/s 11022..andeoprofe (prep.zip)1g 0:00:01:10 DONE (2018-05-22 02:35) 0.01407g/s 246830p/s 246830c/s 246830C/s pubwa..tyihfUse the "--show" option to display all of the cracked passwords reliablySession completedSorry for my english!
Submitted May 22, 2018 at 12:41PM by T-drum
via reddit https://ift.tt/2kfIok4
Hi, I have my .zip file that I would like to open, I forget the password, when I tried to recover it with John The Ripper in Kali Linux, but I get an error "No Password hashes loaded".When i run the command to obtains the password hash, i've got a hashes like this :prep.zip:$pkzip2$1*2*3*0*250d*2fa9*eda32bdf*0*62*8*8*eda3*04aa*prep.zip*$/pkzip2$:::::prep.zipIt seems John The ripper on Kali Linux can't crack this "pkzip2 encryption" , I say it, because when I try to crack this hash-type on Windows with John TR, it's works, it crack this hash type. Linux is supposed to be designed for this sort of thing, so I want to know why it does not work on Linux.I put the commands that I make on Linux et Windows.ON LINUXroot@kali:~# cd Bureauroot@kali:~/Bureau# zip2john prep.zipver 14 efh 7075 prep.zip->Pr�sentation Personnelle.docx PKZIP Encr: 2b chk, TS_chk, cmplen=9485, decmplen=12201, crc=EDA32BDFprep.zip:$pkzip2$1*2*3*0*250d*2fa9*eda32bdf*0*62*8*8*eda3*04aa*prep.zip*$/pkzip2$:::::prep.ziproot@kali:~/Bureau# zip2john prep.zip > prep.johnver 14 efh 7075 prep.zip->Pr�sentation Personnelle.docx PKZIP Encr: 2b chk, TS_chk, cmplen=9485, decmplen=12201, crc=EDA32BDFroot@kali:~/Bureau# john --incremental prep.johnUsing default input encoding: UTF-8No password hashes loaded (see FAQ)root@kali:~/Bureau#The same commandsON WINDOWSC:\johnj\run>zip2john /cygdrive/c/Users/*****/Desktop/prep.zip4 [main] zip2john 8688 find_fast_cwd: WARNING: Couldn't compute FAST_CWD pointer. Please report this problem tothe public mailing list [cygwin@cygwin.com](mailto:cygwin@cygwin.com)ver 14 efh 7075 prep.zip->Pr▒sentation Personnelle.docx PKZIP Encr: 2b chk, TS_chk, cmplen=9485, decmplen=12201, crc=EDA32BDFprep.zip:$pkzip2$1*2*3*0*250d*2fa9*eda32bdf*0*62*8*29*eda3*04aa*/cygdrive/c/Users/*****/Desktop/prep.zip*$/pkzip2$:::::/cygdrive/c/Users/*****/Desktop/prep.zipC:\johnj\run>zip2john /cygdrive/c/Users/*****/Desktop/prep.zip > C:\Users\****\Desktop\prep.john2 [main] zip2john 7284 find_fast_cwd: WARNING: Couldn't compute FAST_CWD pointer. Please report this problem tothe public mailing list [cygwin@cygwin.com](mailto:cygwin@cygwin.com)ver 14 efh 7075 prep.zip->Pr▒sentation Personnelle.docx PKZIP Encr: 2b chk, TS_chk, cmplen=9485, decmplen=12201, crc=EDA32BDFC:\johnj\run>john --incremental /cygdrive/c/Users/*****/Desktop/prep.john3 [main] john 6504 find_fast_cwd: WARNING: Couldn't compute FAST_CWD pointer. Please report this problem tothe public mailing list [cygwin@cygwin.com](mailto:cygwin@cygwin.com)Loaded 1 password hash (PKZIP [32/32])Will run 2 OpenMP threadsPress 'q' or Ctrl-C to abort, almost any other key for status0g 0:00:00:09 0g/s 840.5p/s 840.5c/s 840.5C/s 11022..andeoprofe (prep.zip)1g 0:00:01:10 DONE (2018-05-22 02:35) 0.01407g/s 246830p/s 246830c/s 246830C/s pubwa..tyihfUse the "--show" option to display all of the cracked passwords reliablySession completedSorry for my english!
Submitted May 22, 2018 at 12:41PM by T-drum
via reddit https://ift.tt/2kfIok4
reddit
r/security - How to crack hash type PKZIP2 on kali linux?
1 votes and 0 so far on reddit
What is the typical 'secret' flow?
What's your suggestion 'secret' flow from the moment it is received from a 3rd party vendor (e.g. API key) to the moment it appears within the process environment variable and is accessible by code. You may assume typical cloud environment + typical Docker orchestrator.Example flow: store in vault, write a deployment noscript that reads from the vault and inject into the process env var (I can see flaws within this flow, just an example)
Submitted May 22, 2018 at 04:55PM by yonatannn
via reddit https://ift.tt/2KHxP4Q
What's your suggestion 'secret' flow from the moment it is received from a 3rd party vendor (e.g. API key) to the moment it appears within the process environment variable and is accessible by code. You may assume typical cloud environment + typical Docker orchestrator.Example flow: store in vault, write a deployment noscript that reads from the vault and inject into the process env var (I can see flaws within this flow, just an example)
Submitted May 22, 2018 at 04:55PM by yonatannn
via reddit https://ift.tt/2KHxP4Q
reddit
r/security - What is the typical 'secret' flow?
1 votes and 0 so far on reddit
Why the CFO and CISO need to get along
https://ift.tt/2LfYs1P
Submitted May 22, 2018 at 04:53PM by Uminekoshi
via reddit https://ift.tt/2GFyfWP
https://ift.tt/2LfYs1P
Submitted May 22, 2018 at 04:53PM by Uminekoshi
via reddit https://ift.tt/2GFyfWP
Nehemiah Security
Why the CFO and CISO need to get along - Nehemiah Security
Business exists as a system to capture and expand revenue. At the heart of this system is the relationship between the CFO and the CISO. The CFO is eager to remove all barriers to revenue. In many cases, removing those barriers make the business harder for…
Can't make calls on Telegram in Qatar
Hello, I'm visiting Qatar. I used Telegram to make calls without problems for several days, but yesterday I've noticed something weird: I can't makes calls on Telegram and the all Internet connection slows down.I've tested both using WiFi and SIM data. Some other useful information:Internet connection seams sloweryesterday whatsapp calls doesn't work; today works fineFacebook calls using Messanger work fineI use an iPhoneCan someone help understanding what is going on?
Submitted May 22, 2018 at 04:22PM by aadeg
via reddit https://ift.tt/2IULCaX
Hello, I'm visiting Qatar. I used Telegram to make calls without problems for several days, but yesterday I've noticed something weird: I can't makes calls on Telegram and the all Internet connection slows down.I've tested both using WiFi and SIM data. Some other useful information:Internet connection seams sloweryesterday whatsapp calls doesn't work; today works fineFacebook calls using Messanger work fineI use an iPhoneCan someone help understanding what is going on?
Submitted May 22, 2018 at 04:22PM by aadeg
via reddit https://ift.tt/2IULCaX
reddit
r/security - Can't make calls on Telegram in Qatar
1 votes and 0 so far on reddit
Don’t fall off the log!
https://ift.tt/2FVIh5Q
Submitted May 22, 2018 at 05:37PM by whitehattracker
via reddit https://ift.tt/2x1xrMu
https://ift.tt/2FVIh5Q
Submitted May 22, 2018 at 05:37PM by whitehattracker
via reddit https://ift.tt/2x1xrMu
CSO Online
Don’t fall off the log!
Effective log management is key to data security in the public cloud.
New Research Uncovers ‘Simplified’ Means of Launching Rowhammer Attacks
https://ift.tt/2xbOlIv
Submitted May 22, 2018 at 05:22PM by whitehattracker
via reddit https://ift.tt/2kgv1k0
https://ift.tt/2xbOlIv
Submitted May 22, 2018 at 05:22PM by whitehattracker
via reddit https://ift.tt/2kgv1k0
reddit
r/security - New Research Uncovers ‘Simplified’ Means of Launching Rowhammer Attacks
1 votes and 0 so far on reddit
DVD, USB, Hard Disk, Video & Lecture Security Software | Edukrypt
https://ift.tt/2s3dgIi
Submitted May 22, 2018 at 05:04PM by edukrypt1
via reddit https://ift.tt/2kgv3bC
https://ift.tt/2s3dgIi
Submitted May 22, 2018 at 05:04PM by edukrypt1
via reddit https://ift.tt/2kgv3bC
noida.locanto.net
DVD, USB, Hard Disk & Lecture Security Software | Edukrypt, Noida
EDUKRYPT is India’s leading DVD, USB, Hard Disk Security Software providers for Offline Lecture Playback. You can find here … view this ad now!
YubiKey comes to the iPhone with Mobile SDK for iOS and LastPass support
https://ift.tt/2x1u20a
Submitted May 22, 2018 at 06:18PM by salcan
via reddit https://ift.tt/2keXAhB
https://ift.tt/2x1u20a
Submitted May 22, 2018 at 06:18PM by salcan
via reddit https://ift.tt/2keXAhB
Yubico
YubiKey comes to the iPhone with Mobile SDK for iOS and LastPass support | Yubico
YubiKey iOS support is here with two exciting pieces of news. For developers, we now offer the Yubico Mobile SDK for iOS, and LastPass fully supports the YubiKey NEO over NFC on iOS.
Testing Arbitrary Code Guard against Kernel Code Injections
https://ift.tt/2khaR9q
Submitted May 22, 2018 at 06:03PM by Scene_News
via reddit https://ift.tt/2keUeLn
https://ift.tt/2khaR9q
Submitted May 22, 2018 at 06:03PM by Scene_News
via reddit https://ift.tt/2keUeLn
Professional Security Guards Los Angeles | UGS
https://ift.tt/2GGFi1v
Submitted May 22, 2018 at 06:47PM by securityorangecounty
via reddit https://ift.tt/2ICwaRu
https://ift.tt/2GGFi1v
Submitted May 22, 2018 at 06:47PM by securityorangecounty
via reddit https://ift.tt/2ICwaRu
UGS
Professional Security Guards Los Angeles | United Guard Security
United Guard Security is a Los Angeles Security Guard Agency that is committed to protecting the lives and assets of our clients, while minimizing liability
Security In 5: Episode 243 - Mini Series Top 10 Reason To Pen Test - 8 - Fine Tune Your Policies
https://ift.tt/2GGpXxU
Submitted May 22, 2018 at 06:39PM by BinaryBlog
via reddit https://ift.tt/2IB8I6U
https://ift.tt/2GGpXxU
Submitted May 22, 2018 at 06:39PM by BinaryBlog
via reddit https://ift.tt/2IB8I6U
Libsyn
Security In Five Podcast: Episode 243 - Mini Series Top 10 Reason To Pen Test - 8 - Fine Tune Your Policies
Continuing in the mini series Top 10 Reasons To Pen test in your business we have reached number eight. This episode goes into number 8 and how penetration tests can help you measure the effectiveness of you policies and fine tune them. Be aware, be safe.…
For those who want to learn stack overflow in Hindi
https://www.youtube.com/watch?v=0_XHb_1WgNk&t=1s
Submitted May 22, 2018 at 07:04PM by r0hi7
via reddit https://ift.tt/2IZ6ZYE
https://www.youtube.com/watch?v=0_XHb_1WgNk&t=1s
Submitted May 22, 2018 at 07:04PM by r0hi7
via reddit https://ift.tt/2IZ6ZYE
YouTube
Lecture 3 : Buffer overlflow, shellcodes and Shellcodes injection (Hindi)
This is third lecture of the series, in which i have explained about the buffer overflows. All the necessary commands that I have mentioned during the lectur...
GDPR for IoT devices and services
https://ift.tt/2x1Jl8X
Submitted May 22, 2018 at 07:04PM by Iot_Security
via reddit https://ift.tt/2x8JQOS
https://ift.tt/2x1Jl8X
Submitted May 22, 2018 at 07:04PM by Iot_Security
via reddit https://ift.tt/2x8JQOS
SecuriThings
GDPR for IoT devices and services
May 25th is almost here, and GDPR is on everyone’s mind. While most of the attention (and most likely, enforcement) is directed at large companies hoarding information on millions of users, it [...]
What are your opinions on using DuckDuckGo instead of Google?
I know Google has more features but are you willing to give them up in order to get more privacy?
Submitted May 22, 2018 at 07:50PM by TooFiveFive
via reddit https://ift.tt/2LnVx79
I know Google has more features but are you willing to give them up in order to get more privacy?
Submitted May 22, 2018 at 07:50PM by TooFiveFive
via reddit https://ift.tt/2LnVx79
reddit
r/security - What are your opinions on using DuckDuckGo instead of Google?
1 votes and 2 so far on reddit