Using cloud-services, security is your job too
https://ift.tt/2PYGvaq
Submitted September 19, 2018 at 02:52PM by judit_k
via reddit https://ift.tt/2NlxhqQ
https://ift.tt/2PYGvaq
Submitted September 19, 2018 at 02:52PM by judit_k
via reddit https://ift.tt/2NlxhqQ
Avatao
Using cloud-services, security is your job too
Being cloud native won’t save you from external threats if you as a user are not aware of basic security...
Magecart Strikes Again: Newegg in the Crosshairs
https://ift.tt/2pkZ3Fu
Submitted September 19, 2018 at 07:18PM by ga-vu
via reddit https://ift.tt/2xxdFp2
https://ift.tt/2pkZ3Fu
Submitted September 19, 2018 at 07:18PM by ga-vu
via reddit https://ift.tt/2xxdFp2
Volexity
Magecart Strikes Again: Newegg in the Crosshairs | Volexity
Volexity has conducted the following research in collaboration with RiskIQ. We will discuss the same incident from different perspectives. RiskIQ's...
Online retailer Newegg beached by Magecart group as well
https://ift.tt/2pk7HnN
Submitted September 19, 2018 at 06:53PM by _0x3a_
via reddit https://ift.tt/2OCdRdZ
https://ift.tt/2pk7HnN
Submitted September 19, 2018 at 06:53PM by _0x3a_
via reddit https://ift.tt/2OCdRdZ
RiskIQ
Another Victim of the Magecart Assault Emerges: Newegg
While the dust is settling on the British Airways compromise, the Magecart actor behind it has hit yet another large merchant: Newegg.
Xbash Combines Botnet, Ransomware, Coinmining in Worm that Targets Linux and Windows
https://ift.tt/2xjrJTN
Submitted September 19, 2018 at 09:54PM by EvanConover
via reddit https://ift.tt/2OJsITO
https://ift.tt/2xjrJTN
Submitted September 19, 2018 at 09:54PM by EvanConover
via reddit https://ift.tt/2OJsITO
Palo Alto Networks Blog
Xbash Combines Botnet, Ransomware, Coinmining in Worm that Targets Linux and Windows - Palo Alto Networks Blog
Unit 42 researchers discover Xbash, a new malware family tied to the Iron Group targeting Linux and Microsoft Servers
NewEgg breached, CCs stolen for 1 month using simple JS
https://ift.tt/2pk7HnN
Submitted September 19, 2018 at 11:22PM by thirdeyecyclops
via reddit https://ift.tt/2NsPVNT
https://ift.tt/2pk7HnN
Submitted September 19, 2018 at 11:22PM by thirdeyecyclops
via reddit https://ift.tt/2NsPVNT
RiskIQ
Another Victim of the Magecart Assault Emerges: Newegg
While the dust is settling on the British Airways compromise, the Magecart actor behind it has hit yet another large merchant: Newegg.
O11ycast | Ep. #5, InfoSec with Gartner's Anton Chuvakin
https://ift.tt/2NXlHlg
Submitted September 19, 2018 at 11:00PM by alexdebrie
via reddit https://ift.tt/2OzPCgE
https://ift.tt/2NXlHlg
Submitted September 19, 2018 at 11:00PM by alexdebrie
via reddit https://ift.tt/2OzPCgE
Heavybit
O11ycast | Ep. #5, InfoSec with Gartner's Anton Chuvakin | Heavybit
In episode of 5 O11ycast, Rachel and Charity speak with Anton Chuvakin, Research VP at Gartner for Technical Professionals, about the ways modern companies make, or don't make, decisions around security.
Why You Shouldn’t Store Sensitive Data in JavaScript Files
https://ift.tt/2ODTcX8
Submitted September 20, 2018 at 01:47AM by Arkakapimag
via reddit https://ift.tt/2O2elNH
https://ift.tt/2ODTcX8
Submitted September 20, 2018 at 01:47AM by Arkakapimag
via reddit https://ift.tt/2O2elNH
Why You Should not store sensitive data in Javanoscript files
https://ift.tt/2MLYpKD
Submitted September 20, 2018 at 02:40AM by ziyahanalbeniz
via reddit https://ift.tt/2POAP1G
https://ift.tt/2MLYpKD
Submitted September 20, 2018 at 02:40AM by ziyahanalbeniz
via reddit https://ift.tt/2POAP1G
Dropbike: Data Breaches and Free Bike Rides
https://ift.tt/2QKhOyH
Submitted September 20, 2018 at 08:29AM by dezzion
via reddit https://ift.tt/2NW7Zzf
https://ift.tt/2QKhOyH
Submitted September 20, 2018 at 08:29AM by dezzion
via reddit https://ift.tt/2NW7Zzf
reddit
r/netsec - Dropbike: Data Breaches and Free Bike Rides
2 votes and 1 comment so far on Reddit
shots fired: NSS labs sues AMTSO for lack of transparency
https://ift.tt/2xkw7SD
Submitted September 20, 2018 at 12:13PM by funkensteinberg
via reddit https://ift.tt/2MNB631
https://ift.tt/2xkw7SD
Submitted September 20, 2018 at 12:13PM by funkensteinberg
via reddit https://ift.tt/2MNB631
Nsslabs
NSS Labs vs. CrowdStrike, Symantec, ESET and the Anti-Malware Testing Standards Organization - NSS Labs, Inc
Advancing Transparency and Accountability in the Cybersecurity Industry
HashWick V8 Vulnerability
https://ift.tt/2ByBdPA
Submitted September 20, 2018 at 03:35PM by fagnerbrack
via reddit https://ift.tt/2xE6FXI
https://ift.tt/2ByBdPA
Submitted September 20, 2018 at 03:35PM by fagnerbrack
via reddit https://ift.tt/2xE6FXI
reddit
r/netsec - HashWick V8 Vulnerability
2 votes and 0 comments so far on Reddit
Researching The FAX Machine Attack Surface
https://ift.tt/2xB8OU1
Submitted September 20, 2018 at 05:04PM by nibblesec
via reddit https://ift.tt/2QLXs8o
https://ift.tt/2xB8OU1
Submitted September 20, 2018 at 05:04PM by nibblesec
via reddit https://ift.tt/2QLXs8o
X41 D-SEC GmbH
Researching The FAX Machine Attack Surface
X41 Researched into the security of FAX machines and identified remotely exploitable vulnerabilities.
The CLIP OS Project - a secure multi-level OS
https://clip-os.org/en/
Submitted September 20, 2018 at 06:06PM by guedou
via reddit https://ift.tt/2xzOiTz
https://clip-os.org/en/
Submitted September 20, 2018 at 06:06PM by guedou
via reddit https://ift.tt/2xzOiTz
reddit
r/netsec - The CLIP OS Project - a secure multi-level OS
1 vote and 0 comments so far on Reddit
NCIX Data breach (EVERYTHING)
https://ift.tt/2MQsVmq
Submitted September 20, 2018 at 10:27PM by heishnod
via reddit https://ift.tt/2OF1GNC
https://ift.tt/2MQsVmq
Submitted September 20, 2018 at 10:27PM by heishnod
via reddit https://ift.tt/2OF1GNC
Privacyfly
NCIX DATABREACH
The following editorial will take you inside the dark world of data brokering, as we expose the backroom deals in which fifteen years of customer data from defunct Canadian retailer NCIX were sold.
Increased Use of a Delphi Packer to Evade Malware Classification
https://ift.tt/2xplCgQ
Submitted September 21, 2018 at 12:50AM by EvanConover
via reddit https://ift.tt/2PViVun
https://ift.tt/2xplCgQ
Submitted September 21, 2018 at 12:50AM by EvanConover
via reddit https://ift.tt/2PViVun
FireEye
Increased Use of a Delphi Packer to Evade Malware Classification « Increased Use of a Delphi Packer to Evade Malware Classification
The concept of "packing" or "crypting" a malicious program is widely popular among threat actors looking to bypass or defeat analysis by static and dynamic analysis tools.
Mass WordPress compromises redirect to tech support scams
https://ift.tt/2xpIv3S
Submitted September 21, 2018 at 01:11AM by EvanConover
via reddit https://ift.tt/2DjbfRc
https://ift.tt/2xpIv3S
Submitted September 21, 2018 at 01:11AM by EvanConover
via reddit https://ift.tt/2DjbfRc
Malwarebytes
Mass WordPress compromises redirect to tech support scams
Thousands of WordPress sites have been injected with the same malicious redirection. We review the infection details and the malicious traffic leading to browser lockers.
Is serverless insecure? Let's find out...
https://ift.tt/2nOIYHF
Submitted September 21, 2018 at 04:03AM by sprkyco
via reddit https://ift.tt/2QLiUds
https://ift.tt/2nOIYHF
Submitted September 21, 2018 at 04:03AM by sprkyco
via reddit https://ift.tt/2QLiUds
NSS Labs lawsuit takes aim at CrowdStrike, Symantec and ESET
https://ift.tt/2xni66q
Submitted September 21, 2018 at 06:00AM by Taur3an
via reddit https://ift.tt/2NrpCHQ
https://ift.tt/2xni66q
Submitted September 21, 2018 at 06:00AM by Taur3an
via reddit https://ift.tt/2NrpCHQ
SearchSecurity
NSS Labs lawsuit takes aim at CrowdStrike, Symantec and ESET
An NSS Labs lawsuit accused major antimalware vendors, including CrowdStrike and Symantec, as well as the Anti-Malware Testing Standards Organization, of unfair play.
Understanding PGP by Simulating it
https://ift.tt/2OH9C0O
Submitted September 21, 2018 at 10:57AM by tejaas_solanki
via reddit https://ift.tt/2O4zBC6
https://ift.tt/2OH9C0O
Submitted September 21, 2018 at 10:57AM by tejaas_solanki
via reddit https://ift.tt/2O4zBC6
Medium
Understanding PGP by Simulating it!
As the name suggests, PGP, the acronym for Pretty Good Privacy is an encryption program that actually provides good privacy. The “pretty…
Introducing SharpSploit: A C# Post-Exploitation Library
https://ift.tt/2xz2Na4
Submitted September 21, 2018 at 11:53AM by 0xdea
via reddit https://ift.tt/2QM8LNR
https://ift.tt/2xz2Na4
Submitted September 21, 2018 at 11:53AM by 0xdea
via reddit https://ift.tt/2QM8LNR
Posts By SpecterOps Team Members
Introducing SharpSploit: A C# Post-Exploitation Library
Today, I’m releasing SharpSploit, the first in a series of offensive C# tools I have been writing over the past several months.
Cloudflare adopts Google's Roughtime protocol to make certificate expiration checks more secure
https://ift.tt/2QNUWhK
Submitted September 21, 2018 at 07:13PM by Natanael_L
via reddit https://ift.tt/2popvye
https://ift.tt/2QNUWhK
Submitted September 21, 2018 at 07:13PM by Natanael_L
via reddit https://ift.tt/2popvye
The Cloudflare Blog
Roughtime: Securing Time with Digital Signatures
When you visit a secure website, it offers you a TLS certificate that asserts its identity. Every certificate has an expiration date, and when it’s passed due, it is no longer valid.