Latest Facebook hack and why 2-step verification isn't enough
https://ift.tt/2R9M1HT
Submitted October 01, 2018 at 10:34AM by adriank1410
via reddit https://ift.tt/2RePgNX
https://ift.tt/2R9M1HT
Submitted October 01, 2018 at 10:34AM by adriank1410
via reddit https://ift.tt/2RePgNX
Adrian Kwiatkowski
Latest Facebook hack and why 2-step verification isn't enough
Did you get logged out of your Facebook account around the last Friday, September 28th? Yeah, me too... Turns out, it wasn’t just an error, but a sign of data breach. Of around 50 million Facebook users. The security team decided to reset access tokens of…
Mini pwning with GL-iNet AR150
https://ift.tt/2OokZh6
Submitted October 01, 2018 at 08:56PM by EvanConover
via reddit https://ift.tt/2R9NYUF
https://ift.tt/2OokZh6
Submitted October 01, 2018 at 08:56PM by EvanConover
via reddit https://ift.tt/2R9NYUF
Erratasec
Mini pwning with GL-iNet AR150
Seven years ago, before the $35 Raspberry Pi, hackers used commercial WiFi routers for their projects. They'd replace the stock firmware wit...
How to improve your pentesting performance in Windows
https://ift.tt/2OrGrBR
Submitted October 02, 2018 at 02:33AM by agrrrdog
via reddit https://ift.tt/2NdUgiJ
https://ift.tt/2OrGrBR
Submitted October 02, 2018 at 02:33AM by agrrrdog
via reddit https://ift.tt/2NdUgiJ
Acunetix
Better Web-Pentesting in Windows with AHK | Acunetix
Article that looks at the use of AHK as a tool for pentesters. Windows is not a very popular OS for pentesters due to many reasons. Sometimes however we need to use it (at least on a virtual machine). This article shows examples on the use of hot keys to…
Original source code for MS-DOS 1.25 and 2.0 by Microsoft
https://ift.tt/2R2Krrb
Submitted October 02, 2018 at 03:38PM by CyberBullets
via reddit https://ift.tt/2zLzHGT
https://ift.tt/2R2Krrb
Submitted October 02, 2018 at 03:38PM by CyberBullets
via reddit https://ift.tt/2zLzHGT
GitHub
Microsoft/MS-DOS
The original sources of MS-DOS 1.25 and 2.0, for reference purposes - Microsoft/MS-DOS
Ethical Hacking Master Class - 100+ Hours Bundle
https://ift.tt/2NUszwR
Submitted October 02, 2018 at 04:47PM by patidarayush11
via reddit https://ift.tt/2IApe48
https://ift.tt/2NUszwR
Submitted October 02, 2018 at 04:47PM by patidarayush11
via reddit https://ift.tt/2IApe48
Teachable
The Complete Python Programming Course for Beginners
Learn Python for AI, Machine Learning, Data Science and App Development
CVE-2017-11176: A step-by-step Linux Kernel exploitation
https://ift.tt/2IwS9Gd
Submitted October 02, 2018 at 06:05PM by cfambionics
via reddit https://ift.tt/2NZBLDO
https://ift.tt/2IwS9Gd
Submitted October 02, 2018 at 06:05PM by cfambionics
via reddit https://ift.tt/2NZBLDO
Intel ME Manufacturing Mode: obscured dangers and their relationship to Apple MacBook vulnerability CVE-2018-4251
https://ift.tt/2RjDulr
Submitted October 02, 2018 at 07:43PM by alexlash
via reddit https://ift.tt/2NhQy7E
https://ift.tt/2RjDulr
Submitted October 02, 2018 at 07:43PM by alexlash
via reddit https://ift.tt/2NhQy7E
Ptsecurity
Intel ME Manufacturing Mode: obscured dangers and their relationship to Apple MacBook vulnerability CVE-2018-4251
The weakness of "security through obscurity" is so well known as to be obvious. Yet major hardware manufacturers, citing the need to p...
Collecting Shells by the Sea of NAS Vulnerabilities
https://ift.tt/2RiRdsT
Submitted October 02, 2018 at 08:17PM by EvanConover
via reddit https://ift.tt/2OsIRAk
https://ift.tt/2RiRdsT
Submitted October 02, 2018 at 08:17PM by EvanConover
via reddit https://ift.tt/2OsIRAk
Independent Security Evaluators
Collecting Shells by the Sea of NAS Vulnerabilities
Steps we took to control any Lenovo ix4–300d remotely
1400+ Canadian Fast-Food Restaurant Locations Closed due to Malware Outbreak
https://ift.tt/2DNOHIB
Submitted October 02, 2018 at 08:47PM by sheps
via reddit https://ift.tt/2y8kVrQ
https://ift.tt/2DNOHIB
Submitted October 02, 2018 at 08:47PM by sheps
via reddit https://ift.tt/2y8kVrQ
CBC
Swiss Chalet, Harvey's, other big chains hit by 'malware outbreak' | CBC News
A Canadian company that owns popular restaurant chains including Swiss Chalet and Harvey's says it experienced a "malware outbreak" on Friday, forcing it to temporarily close some locations.
Tyrannosaurus reproduced fast and died young: A malicious host/IP/C&C from China, 2016 to present
https://ift.tt/2IsvxXf
Submitted October 02, 2018 at 09:53PM by supertoxicgodape
via reddit https://ift.tt/2zLrEtB
https://ift.tt/2IsvxXf
Submitted October 02, 2018 at 09:53PM by supertoxicgodape
via reddit https://ift.tt/2zLrEtB
Defeating AWS Honeytokens using CloudTrail Bypasses
https://ift.tt/2OtDDUZ
Submitted October 02, 2018 at 09:21PM by brilliance_for_booze
via reddit https://ift.tt/2QpgvUP
https://ift.tt/2OtDDUZ
Submitted October 02, 2018 at 09:21PM by brilliance_for_booze
via reddit https://ift.tt/2QpgvUP
Rhino Security Labs
Penetration Testing Company, Network & Web Application Pen Test
Rhino Security Labs is a top penetration testing company in Seattle, offering the best network and webapp pen test services for companies across the globe. With top security researchers and pentesters, we're the pentest service company for you.
WPScan: a WordPress Vulnerability Scanner (CLI)
https://wpscan.org/
Submitted October 02, 2018 at 10:21PM by web_dev_etc
via reddit https://ift.tt/2Qo41wC
https://wpscan.org/
Submitted October 02, 2018 at 10:21PM by web_dev_etc
via reddit https://ift.tt/2Qo41wC
WPScan
WPScan CLI Scanner Install + User Guide
The WPScan CLI tool is a free, for non-commercial use, black box WordPress security scanner written for security professionals and blog maintainers to test the security of their sites.
Fortnite gamers targeted by data theft malware
https://ift.tt/2xVIiW6
Submitted October 03, 2018 at 01:26AM by EvanConover
via reddit https://ift.tt/2Ni0kXm
https://ift.tt/2xVIiW6
Submitted October 03, 2018 at 01:26AM by EvanConover
via reddit https://ift.tt/2Ni0kXm
Malwarebytes
Fortnite gamers targeted by data theft malware
If you've ever been tempted to cheat at Fortnite, think again—with the release of season six of the popular video game, we found a data theft malware masquerading as a cheat tool, ready to steal your browser sessions, cookies, and even your Bitcoin.
70+ different types of home routers(all together 100,000+) are being hijacked by GhostDNS
https://ift.tt/2OyWii6
Submitted October 03, 2018 at 08:16AM by zhamisen
via reddit https://ift.tt/2P7qyxQ
https://ift.tt/2OyWii6
Submitted October 03, 2018 at 08:16AM by zhamisen
via reddit https://ift.tt/2P7qyxQ
Follow up to KRACK attack
https://ift.tt/2Oyx2sl
Submitted October 03, 2018 at 08:02AM by zhamisen
via reddit https://ift.tt/2PaKEHy
https://ift.tt/2Oyx2sl
Submitted October 03, 2018 at 08:02AM by zhamisen
via reddit https://ift.tt/2PaKEHy
Krackattacks
Auditing KRACKs in Wi-Fi
This website presents the Key Reinstallation Attack (KRACK). It breaks the WPA2 protocol by forcing nonce reuse in encryption algorithms used by Wi-Fi.
Learning Web App-Sec at PentesterLab
https://ift.tt/2NXh63k
Submitted October 03, 2018 at 02:12PM by Gallus
via reddit https://ift.tt/2P6uDlO
https://ift.tt/2NXh63k
Submitted October 03, 2018 at 02:12PM by Gallus
via reddit https://ift.tt/2P6uDlO
Medium
Learning Web App-Sec at PentesterLab
10 learning hacks on how to gain more from the PentesterLab Pro account.
Video analysis of Android SMS worm spyware [malware analysis]
https://ift.tt/2Ngj2ik
Submitted October 03, 2018 at 06:18PM by lukasstefanko
via reddit https://ift.tt/2RndDsT
https://ift.tt/2Ngj2ik
Submitted October 03, 2018 at 06:18PM by lukasstefanko
via reddit https://ift.tt/2RndDsT
Lukas Stefanko
Video analysis of Android SMS worm spying on victims - Lukas Stefanko
Spy has been spreading for the last couple of months using new registered domains leading to Android malware. This threat impersonates fake Sagawa service. Spy contains worm spreading capabilities via text messages and could be threat to victim’s mobile banking…
How Saudi-Linked Digital Espionage Reached Canadian Soil - The Citizen Lab
https://ift.tt/2xQ7JIz
Submitted October 03, 2018 at 08:03PM by focus_rising
via reddit https://ift.tt/2OArmy3
https://ift.tt/2xQ7JIz
Submitted October 03, 2018 at 08:03PM by focus_rising
via reddit https://ift.tt/2OArmy3
The Citizen Lab
The Kingdom Came to Canada: How Saudi-Linked Digital Espionage Reached Canadian Soil - The Citizen Lab
In this report, we describe how Canadian permanent resident and Saudi dissident Omar Abdulaziz was targeted with a fake package delivery notification. We assess with high confidence that Abdulaziz’s phone was infected with NSO’s Pegasus spyware. We attribute…
CloudFlare’s IPFS Gateway Will Power Extra-Decentralized EOS dApps
https://ift.tt/2P2irSX
Submitted October 03, 2018 at 07:47PM by katesatoshi
via reddit https://ift.tt/2zOZG0h
https://ift.tt/2P2irSX
Submitted October 03, 2018 at 07:47PM by katesatoshi
via reddit https://ift.tt/2zOZG0h
UNHASHED
CloudFlare’s IPFS Gateway Will Power Extra-Decentralized EOS dApps - UNHASHED
LiquidEOS has announced a project that will make dApps more decentralized than ever before. The group is using Cloudflare’s IPFS gateway to host EOS dApps on a decentralized filesystem. LiquidEOS’s new platform, which is simply called “the dApp Network”,…
Analysis of Android SMS Worm that spies on victims
https://ift.tt/2Ngj2ik
Submitted October 03, 2018 at 08:38PM by lukasstefanko
via reddit https://ift.tt/2O1YtLK
https://ift.tt/2Ngj2ik
Submitted October 03, 2018 at 08:38PM by lukasstefanko
via reddit https://ift.tt/2O1YtLK
Lukas Stefanko
Video analysis of Android SMS worm spying on victims - Lukas Stefanko
Spy has been spreading for the last couple of months using new registered domains leading to Android malware. This threat impersonates fake Sagawa service. Spy contains worm spreading capabilities via text messages and could be threat to victim’s mobile banking…
/r/netsec's Q4 2018 Information Security Hiring Thread
OverviewIf you have open positions at your company for information security professionals and would like to hire from the /r/netsec user base, please leave a comment detailing any open job listings at your company.We would also like to encourage you to post internship positions as well. Many of our readers are currently in school or are just finishing their education.Please reserve top level comments for those posting open positions.Rules & GuidelinesInclude the company name in the post. If you want to be topsykret, go recruit elsewhere.Include the geographic location of the position along with the availability of relocation assistance or remote work.If you are a third party recruiter, you must disclose this in your posting.Please be thorough and upfront with the position details.Use of non-hr'd (realistic) requirements is encouraged.While it's fine to link to the position on your companies website, provide the important details in the comment.Mention if applicants should apply officially through HR, or directly through you.Please clearly list citizenship, visa, and security clearance requirements.You can see an example of acceptable posts by perusing past hiring threads.FeedbackFeedback and suggestions are welcome, but please don't hijack this thread (use moderator mail instead.)
Submitted October 03, 2018 at 11:31PM by ranok
via reddit https://ift.tt/2O0KIgc
OverviewIf you have open positions at your company for information security professionals and would like to hire from the /r/netsec user base, please leave a comment detailing any open job listings at your company.We would also like to encourage you to post internship positions as well. Many of our readers are currently in school or are just finishing their education.Please reserve top level comments for those posting open positions.Rules & GuidelinesInclude the company name in the post. If you want to be topsykret, go recruit elsewhere.Include the geographic location of the position along with the availability of relocation assistance or remote work.If you are a third party recruiter, you must disclose this in your posting.Please be thorough and upfront with the position details.Use of non-hr'd (realistic) requirements is encouraged.While it's fine to link to the position on your companies website, provide the important details in the comment.Mention if applicants should apply officially through HR, or directly through you.Please clearly list citizenship, visa, and security clearance requirements.You can see an example of acceptable posts by perusing past hiring threads.FeedbackFeedback and suggestions are welcome, but please don't hijack this thread (use moderator mail instead.)
Submitted October 03, 2018 at 11:31PM by ranok
via reddit https://ift.tt/2O0KIgc