Netsec – Telegram
Netsec
@RNetsec
7.42K subscribers
22.4K links
This channel posts the feed from r/netsec.
For any suggestions dm @streaak
Donate to keep the bot running https://www.paypal.me/akhilgv
Download Telegram
About
Blog
Apps
Platform
Join
Netsec
7.42K subscribers
Netsec
Improving the Tastic Thief Long-Range RFID Reader
https://ift.tt/2J4HqRX

Submitted July 09, 2018 at 11:07PM by TastyHoneyBadger
via reddit https://ift.tt/2KVxLCi
Silent Break Security
ESPKey + Long Range RFID Reader = A New Tastic Thief | Silent Break Security
There have been plenty of blog posts, and security conference talks about building long-range RFID badge readers. Bishop Fox (RFID Hacking Tools) and Inguardians (Make your tastic fun tastic) both...
160 views
Netsec
Security Firm Sued for Failing to Detect Malware That Caused a 2009 Breach
https://ift.tt/2u7blEc

Submitted July 10, 2018 at 02:15AM by MisterCBax
via reddit https://ift.tt/2L00t4P
BleepingComputer
Security Firm Sued for Failing to Detect Malware That Caused a 2009 Breach
Two insurance companies are suing a cyber-security firm to recover insurance fees paid to a customer after the security firm failed to detect malware on the client's network for months, an issue that led to one of the biggest security breaches of the 2000s.…
155 views
Netsec
Finding Phishing: Tools and Techniques
https://ift.tt/2zqHWKy

Submitted July 10, 2018 at 02:32AM by patrikhudak
via reddit https://ift.tt/2J77HPF
reddit
r/netsec - Finding Phishing: Tools and Techniques
5 votes and 0 so far on reddit
159 views
Netsec
Microsoft has finally provided a service that mitigates the single most critical password-related security risk in the enterprise today: common passwords. You should kick the tires on this new Active Directory capability today, so you can deploy it as soon as it reaches general availability.
https://ift.tt/2L40cuk

Submitted July 10, 2018 at 05:24AM by longevitytech
via reddit https://ift.tt/2m4AxqE
Longevity Technology
Azure AD Password Protection: The Cloud Security Service your Active Directory Needs Now | Longevity Technology
Microsoft has finally provided a service that mitigates the single most critical password-related security risk in the enterprise today: common passwords. You should kick the tires on this new Active Directory capability today, so you can deploy it as soon…
158 views
Netsec
/r/netsec's Q3 2018 Information Security Hiring Thread
OverviewIf you have open positions at your company for information security professionals and would like to hire from the /r/netsec user base, please leave a comment detailing any open job listings at your company.We would also like to encourage you to post internship positions as well. Many of our readers are currently in school or are just finishing their education.Please reserve top level comments for those posting open positions.Rules & GuidelinesInclude the company name in the post. If you want to be topsykret, go recruit elsewhere.Include the geographic location of the position along with the availability of relocation assistance.If you are a third party recruiter, you must disclose this in your posting.Please be thorough and upfront with the position details.Use of non-hr'd (realistic) requirements is encouraged.While it's fine to link to the position on your companies website, provide the important details in the comment.Mention if applicants should apply officially through HR, or directly through you.Please clearly list citizenship, visa, and security clearance requirements.You can see an example of acceptable posts by perusing past hiring threads.FeedbackFeedback and suggestions are welcome, but please don't hijack this thread (use moderator mail instead.)

Submitted July 10, 2018 at 05:09AM by ranok
via reddit https://ift.tt/2ui9qMp
161 views
Netsec
Troy Hunt: The 111 Million Record Pemiblanc Credential Stuffing List
https://ift.tt/2u7iLYk

Submitted July 10, 2018 at 10:41AM by Royal_SeaLion
via reddit https://ift.tt/2m4jHIl
Troy Hunt
The 111 Million Record Pemiblanc Credential Stuffing List
One of the most alarming trends I've seen in the world of data breaches since starting Have I Been Pwned (HIBP) back in 2013 is the rapid rise of credential stuffing attacks. Per the definition in that link, it simply means this: Credential stuffing is the…
163 views
Netsec
This $39 Device Can Defeat iOS USB Restricted Mode
https://ift.tt/2Jaf5cP

Submitted July 10, 2018 at 10:28AM by numberbuzy
via reddit https://ift.tt/2zs2iD6
167 views
Netsec
Patching & Unsupported Software Websites by Vendor
https://ift.tt/2J8OcGr

Submitted July 10, 2018 at 04:20PM by bonniek4t
via reddit https://ift.tt/2JeuOaO
Security Exploits & News
Patching & Unsupported Software - Security Exploits & News
Looking to keep your systems up-to-date by patching and replacing unsupported software? Use this list of master links to multiple vendor sites as a guide.
152 views
Netsec
Synner—A TCP SYN Client written in Rust
https://ift.tt/2ukYU7g

Submitted July 10, 2018 at 05:59PM by JDBHub
via reddit https://ift.tt/2usDMfx
Digital Horror
Synner—A TCP SYN Client written in Rust
Synner—a TCP SYN client written in Rust.
150 views
Netsec
AT&T acquires threat intelligence company AlienVault
https://ift.tt/2ugo1b6

Submitted July 10, 2018 at 07:24PM by rickyboone
via reddit https://ift.tt/2m5lD3p
VentureBeat
AT&T acquires threat intelligence company AlienVault
AT&T has announced plans to acquire cybersecurity company AlienVault. Terms of the deal were not disclosed. Founded in 2007, AlienVault offers a number of tools for detecting and responding to …
156 views
Netsec
Beyond LLMNR/NBNS Spoofing
https://ift.tt/2J9wq5V

Submitted July 10, 2018 at 08:51PM by _pdp_
via reddit https://ift.tt/2L4itLg
NetSPI Blog
Beyond LLMNR/NBNS Spoofing – Exploiting Active Directory-Integrated DNS
Exploiting weaknesses in name resolution protocols is a common technique for performing man-in-the-middle (MITM) attacks. Two particularly vulnerable name resolution protocols are Link-Local Multicast Name Resolution (LLMNR) and NetBIOS Name Service (NBNS).…
155 views
Netsec
PLEAD Downloader Used by BlackTech
https://ift.tt/2M7W7qe

Submitted July 10, 2018 at 09:21PM by EvanConover
via reddit https://ift.tt/2umLwj3
JPCERT/CC Blog
PLEAD Downloader Used by BlackTech
In a past article, we introduced TSCookie, malware which seems to be used by BlackTech[1]. It has been revealed that this actor also uses another type of malware “PLEAD”. (“PLEAD” is referred to both as a name of malware including...
154 views
Netsec
Inside and Beyond Ticketmaster: The Many Breaches of Magecart
https://ift.tt/2m5DIhO

Submitted July 10, 2018 at 11:23PM by _0x3a_
via reddit https://ift.tt/2KYRVeG
RiskIQ
Inside and Beyond Ticketmaster: The Many Breaches of Magecart
The hack of Ticketmaster was not a one-off event, but part of a massive digital credit card-skimming campaign by the threat group Magecart.
149 views
Netsec
Sniff-Paste: Pastebin OSINT Harvester
https://ift.tt/2L2tIkh

Submitted July 11, 2018 at 12:46AM by amusciano
via reddit https://ift.tt/2maXmJ7
GitHub
needmorecowbell/sniff-paste
sniff-paste - Pastebin OSINT Harvester
148 views
Netsec
Speculative Buffer Overflows: Attacks and Defenses
https://ift.tt/2NDFq6N

Submitted July 11, 2018 at 03:53AM by _pdp_
via reddit https://ift.tt/2u8EoHE
150 views
Netsec
Hey Reddit, we made a free-as-in-beer Splunk alternative in Go - announcing Gravwell Community Edition
https://ift.tt/2m5w7j8

Submitted July 11, 2018 at 03:38AM by remasis
via reddit https://ift.tt/2NHJaEc
www.gravwell.io
Gravwell Community Edition
Initial Gravwell testers did a lot of home monitoring with the software and wanted to get licenses for their friends and colleagues but Gravwell was built for larger enterprises and our pricing model isn't set up for home use. All of that changes with the…
156 views
Netsec
Neatly bypassing Content Security Policy. Why 'unsafe-inline' is almost always a full-fledged XSS
https://ift.tt/2KLc3S1

Submitted July 10, 2018 at 10:16PM by i_bo0om
via reddit https://ift.tt/2L8WmQW
Wallarm
Neatly bypassing CSP – Wallarm
How to trick CSP in letting you run whatever you want
146 views
Netsec
Shutting down the BGP Hijack Factory
https://ift.tt/2JbhaoM

Submitted July 11, 2018 at 01:14PM by lormayna
via reddit https://ift.tt/2ulTeK5
Dyn
Shutting down the BGP Hijack Factory | Dyn Blog
It started with a lengthy email to the NANOG mailing list on 25 June 2018: independent security researcher Ronald Guilmette detailed the ...
148 views
Netsec
Double Free in openslp 2.0.0, PoC DoS exploit available, patch available
https://ift.tt/2IzuOSy

Submitted July 11, 2018 at 12:45PM by magnusstubman
via reddit https://ift.tt/2KQjoQx
reddit
r/netsec - Double Free in openslp 2.0.0, PoC DoS exploit available, patch available
0 votes and 0 so far on reddit
149 views
Netsec
Lawsuit: Data security firm Trustwave owes $30M for 2009 data breach at Heartland Payment Systems
https://ift.tt/2m5gBUI

Submitted July 11, 2018 at 06:07PM by thms0
via reddit https://ift.tt/2N6l3Od
Cookcountyrecord
Lawsuit: Data security firm Trustwave owes $30M for 2009 data breach at Heartland Payment Systems
Two insurance companies have joined together to ask a Cook County judge to order a data security firm to pay $30 million to reimburse the insurers for funds they had to pay out to settle claims resulting from a data breach at Heartland Payment Systems.
157 views
Netsec
VPNs that share your data with Google
https://ift.tt/2u903zE

Submitted July 11, 2018 at 06:58PM by FarFinding
via reddit https://ift.tt/2NF0fyy
VPNpro
These VPNs might be leaking your email messages | VPNpro
By using the wrong VPN you might risk email message leaks since Gmail may share your private mails with third parties. Find out which VPNs use Gmail.
153 views