XSS Vulnerabilities in Multiple iFrame Busters Affecting Top Tier Sites
https://ift.tt/2NNM2Cu
Submitted September 18, 2018 at 04:29AM by rwestergren
via reddit https://ift.tt/2QAVh7s
https://ift.tt/2NNM2Cu
Submitted September 18, 2018 at 04:29AM by rwestergren
via reddit https://ift.tt/2QAVh7s
Randy Westergren
XSS Vulnerabilities in Multiple iFrame Busters Affecting Top Tier Sites - Randy Westergren
For those unfamiliar with modern advertising tech, iFrame Busters are HTML files hosted on publisher sites which allow ad creatives to extend outside of their standard boundaries. These expandable creatives are typically easy to identify on a site — usually…
Safari Crash - a small HTML DoS exploit kit aimed at mobile browsers
https://ift.tt/2NOdiRc
Submitted September 18, 2018 at 02:08PM by _____WINTERMUTE_____
via reddit https://ift.tt/2D4Oyji
https://ift.tt/2NOdiRc
Submitted September 18, 2018 at 02:08PM by _____WINTERMUTE_____
via reddit https://ift.tt/2D4Oyji
GitHub
TheSecondSun/Safari-Crash
Small HTML DoS exploit kit aimed at mobile browsers that allows rapid deployment and testing - TheSecondSun/Safari-Crash
Application Security Market 2025 Major Key Players – High-Tech Bridge, Fasoo, Contrast Security, HPE, Qualys, IBM Corporation, Rapid7, Whitehat Security, Pradeo and Veracode
https://ift.tt/2xutjBE
Submitted September 18, 2018 at 04:55PM by KeyDutch
via reddit https://ift.tt/2QDuMyd
https://ift.tt/2xutjBE
Submitted September 18, 2018 at 04:55PM by KeyDutch
via reddit https://ift.tt/2QDuMyd
Hunting mobile devices endpoints - the RF and the hard way
https://ift.tt/2PIxPUD
Submitted September 18, 2018 at 08:02PM by mabote
via reddit https://ift.tt/2D9D1zv
https://ift.tt/2PIxPUD
Submitted September 18, 2018 at 08:02PM by mabote
via reddit https://ift.tt/2D9D1zv
Analysis of iOS user heap from an exploiter point of view
https://ift.tt/2Djur1h
Submitted September 18, 2018 at 08:00PM by mabote
via reddit https://ift.tt/2NQCAhw
https://ift.tt/2Djur1h
Submitted September 18, 2018 at 08:00PM by mabote
via reddit https://ift.tt/2NQCAhw
HIDE AND SEEK: Tracking NSO Group’s Pegasus Spyware to Operations in 45 Countries
https://ift.tt/2PI04mn
Submitted September 18, 2018 at 10:08PM by EvanConover
via reddit https://ift.tt/2Ov641w
https://ift.tt/2PI04mn
Submitted September 18, 2018 at 10:08PM by EvanConover
via reddit https://ift.tt/2Ov641w
The Citizen Lab
HIDE AND SEEK: Tracking NSO Group’s Pegasus Spyware to Operations in 45 Countries - The Citizen Lab
In this post, we develop new Internet scanning techniques to identify 45 countries in which operators of NSO Group’s Pegasus spyware may be conducting operations.
Ransombile: Yet another reason to ditch SMS
https://ift.tt/2pgBbD0
Submitted September 18, 2018 at 09:56PM by _yowie_
via reddit https://ift.tt/2xjVKTF
https://ift.tt/2pgBbD0
Submitted September 18, 2018 at 09:56PM by _yowie_
via reddit https://ift.tt/2xjVKTF
Martin Vigo
Ransombile: Yet another reason to ditch SMS - Martin Vigo
Ransombile is a tool that can be used in different scenarios to compromise someone’s digital life when having phisical access to a locked mobile device
Using cloud-services, security is your job too
https://ift.tt/2PYGvaq
Submitted September 19, 2018 at 02:52PM by judit_k
via reddit https://ift.tt/2NlxhqQ
https://ift.tt/2PYGvaq
Submitted September 19, 2018 at 02:52PM by judit_k
via reddit https://ift.tt/2NlxhqQ
Avatao
Using cloud-services, security is your job too
Being cloud native won’t save you from external threats if you as a user are not aware of basic security...
Magecart Strikes Again: Newegg in the Crosshairs
https://ift.tt/2pkZ3Fu
Submitted September 19, 2018 at 07:18PM by ga-vu
via reddit https://ift.tt/2xxdFp2
https://ift.tt/2pkZ3Fu
Submitted September 19, 2018 at 07:18PM by ga-vu
via reddit https://ift.tt/2xxdFp2
Volexity
Magecart Strikes Again: Newegg in the Crosshairs | Volexity
Volexity has conducted the following research in collaboration with RiskIQ. We will discuss the same incident from different perspectives. RiskIQ's...
Online retailer Newegg beached by Magecart group as well
https://ift.tt/2pk7HnN
Submitted September 19, 2018 at 06:53PM by _0x3a_
via reddit https://ift.tt/2OCdRdZ
https://ift.tt/2pk7HnN
Submitted September 19, 2018 at 06:53PM by _0x3a_
via reddit https://ift.tt/2OCdRdZ
RiskIQ
Another Victim of the Magecart Assault Emerges: Newegg
While the dust is settling on the British Airways compromise, the Magecart actor behind it has hit yet another large merchant: Newegg.
Xbash Combines Botnet, Ransomware, Coinmining in Worm that Targets Linux and Windows
https://ift.tt/2xjrJTN
Submitted September 19, 2018 at 09:54PM by EvanConover
via reddit https://ift.tt/2OJsITO
https://ift.tt/2xjrJTN
Submitted September 19, 2018 at 09:54PM by EvanConover
via reddit https://ift.tt/2OJsITO
Palo Alto Networks Blog
Xbash Combines Botnet, Ransomware, Coinmining in Worm that Targets Linux and Windows - Palo Alto Networks Blog
Unit 42 researchers discover Xbash, a new malware family tied to the Iron Group targeting Linux and Microsoft Servers
NewEgg breached, CCs stolen for 1 month using simple JS
https://ift.tt/2pk7HnN
Submitted September 19, 2018 at 11:22PM by thirdeyecyclops
via reddit https://ift.tt/2NsPVNT
https://ift.tt/2pk7HnN
Submitted September 19, 2018 at 11:22PM by thirdeyecyclops
via reddit https://ift.tt/2NsPVNT
RiskIQ
Another Victim of the Magecart Assault Emerges: Newegg
While the dust is settling on the British Airways compromise, the Magecart actor behind it has hit yet another large merchant: Newegg.
O11ycast | Ep. #5, InfoSec with Gartner's Anton Chuvakin
https://ift.tt/2NXlHlg
Submitted September 19, 2018 at 11:00PM by alexdebrie
via reddit https://ift.tt/2OzPCgE
https://ift.tt/2NXlHlg
Submitted September 19, 2018 at 11:00PM by alexdebrie
via reddit https://ift.tt/2OzPCgE
Heavybit
O11ycast | Ep. #5, InfoSec with Gartner's Anton Chuvakin | Heavybit
In episode of 5 O11ycast, Rachel and Charity speak with Anton Chuvakin, Research VP at Gartner for Technical Professionals, about the ways modern companies make, or don't make, decisions around security.
Why You Shouldn’t Store Sensitive Data in JavaScript Files
https://ift.tt/2ODTcX8
Submitted September 20, 2018 at 01:47AM by Arkakapimag
via reddit https://ift.tt/2O2elNH
https://ift.tt/2ODTcX8
Submitted September 20, 2018 at 01:47AM by Arkakapimag
via reddit https://ift.tt/2O2elNH
Why You Should not store sensitive data in Javanoscript files
https://ift.tt/2MLYpKD
Submitted September 20, 2018 at 02:40AM by ziyahanalbeniz
via reddit https://ift.tt/2POAP1G
https://ift.tt/2MLYpKD
Submitted September 20, 2018 at 02:40AM by ziyahanalbeniz
via reddit https://ift.tt/2POAP1G
Dropbike: Data Breaches and Free Bike Rides
https://ift.tt/2QKhOyH
Submitted September 20, 2018 at 08:29AM by dezzion
via reddit https://ift.tt/2NW7Zzf
https://ift.tt/2QKhOyH
Submitted September 20, 2018 at 08:29AM by dezzion
via reddit https://ift.tt/2NW7Zzf
reddit
r/netsec - Dropbike: Data Breaches and Free Bike Rides
2 votes and 1 comment so far on Reddit
shots fired: NSS labs sues AMTSO for lack of transparency
https://ift.tt/2xkw7SD
Submitted September 20, 2018 at 12:13PM by funkensteinberg
via reddit https://ift.tt/2MNB631
https://ift.tt/2xkw7SD
Submitted September 20, 2018 at 12:13PM by funkensteinberg
via reddit https://ift.tt/2MNB631
Nsslabs
NSS Labs vs. CrowdStrike, Symantec, ESET and the Anti-Malware Testing Standards Organization - NSS Labs, Inc
Advancing Transparency and Accountability in the Cybersecurity Industry
HashWick V8 Vulnerability
https://ift.tt/2ByBdPA
Submitted September 20, 2018 at 03:35PM by fagnerbrack
via reddit https://ift.tt/2xE6FXI
https://ift.tt/2ByBdPA
Submitted September 20, 2018 at 03:35PM by fagnerbrack
via reddit https://ift.tt/2xE6FXI
reddit
r/netsec - HashWick V8 Vulnerability
2 votes and 0 comments so far on Reddit
Researching The FAX Machine Attack Surface
https://ift.tt/2xB8OU1
Submitted September 20, 2018 at 05:04PM by nibblesec
via reddit https://ift.tt/2QLXs8o
https://ift.tt/2xB8OU1
Submitted September 20, 2018 at 05:04PM by nibblesec
via reddit https://ift.tt/2QLXs8o
X41 D-SEC GmbH
Researching The FAX Machine Attack Surface
X41 Researched into the security of FAX machines and identified remotely exploitable vulnerabilities.
The CLIP OS Project - a secure multi-level OS
https://clip-os.org/en/
Submitted September 20, 2018 at 06:06PM by guedou
via reddit https://ift.tt/2xzOiTz
https://clip-os.org/en/
Submitted September 20, 2018 at 06:06PM by guedou
via reddit https://ift.tt/2xzOiTz
reddit
r/netsec - The CLIP OS Project - a secure multi-level OS
1 vote and 0 comments so far on Reddit
NCIX Data breach (EVERYTHING)
https://ift.tt/2MQsVmq
Submitted September 20, 2018 at 10:27PM by heishnod
via reddit https://ift.tt/2OF1GNC
https://ift.tt/2MQsVmq
Submitted September 20, 2018 at 10:27PM by heishnod
via reddit https://ift.tt/2OF1GNC
Privacyfly
NCIX DATABREACH
The following editorial will take you inside the dark world of data brokering, as we expose the backroom deals in which fifteen years of customer data from defunct Canadian retailer NCIX were sold.