How Saudi-Linked Digital Espionage Reached Canadian Soil - The Citizen Lab
https://ift.tt/2xQ7JIz
Submitted October 03, 2018 at 08:03PM by focus_rising
via reddit https://ift.tt/2OArmy3
https://ift.tt/2xQ7JIz
Submitted October 03, 2018 at 08:03PM by focus_rising
via reddit https://ift.tt/2OArmy3
The Citizen Lab
The Kingdom Came to Canada: How Saudi-Linked Digital Espionage Reached Canadian Soil - The Citizen Lab
In this report, we describe how Canadian permanent resident and Saudi dissident Omar Abdulaziz was targeted with a fake package delivery notification. We assess with high confidence that Abdulaziz’s phone was infected with NSO’s Pegasus spyware. We attribute…
CloudFlare’s IPFS Gateway Will Power Extra-Decentralized EOS dApps
https://ift.tt/2P2irSX
Submitted October 03, 2018 at 07:47PM by katesatoshi
via reddit https://ift.tt/2zOZG0h
https://ift.tt/2P2irSX
Submitted October 03, 2018 at 07:47PM by katesatoshi
via reddit https://ift.tt/2zOZG0h
UNHASHED
CloudFlare’s IPFS Gateway Will Power Extra-Decentralized EOS dApps - UNHASHED
LiquidEOS has announced a project that will make dApps more decentralized than ever before. The group is using Cloudflare’s IPFS gateway to host EOS dApps on a decentralized filesystem. LiquidEOS’s new platform, which is simply called “the dApp Network”,…
Analysis of Android SMS Worm that spies on victims
https://ift.tt/2Ngj2ik
Submitted October 03, 2018 at 08:38PM by lukasstefanko
via reddit https://ift.tt/2O1YtLK
https://ift.tt/2Ngj2ik
Submitted October 03, 2018 at 08:38PM by lukasstefanko
via reddit https://ift.tt/2O1YtLK
Lukas Stefanko
Video analysis of Android SMS worm spying on victims - Lukas Stefanko
Spy has been spreading for the last couple of months using new registered domains leading to Android malware. This threat impersonates fake Sagawa service. Spy contains worm spreading capabilities via text messages and could be threat to victim’s mobile banking…
/r/netsec's Q4 2018 Information Security Hiring Thread
OverviewIf you have open positions at your company for information security professionals and would like to hire from the /r/netsec user base, please leave a comment detailing any open job listings at your company.We would also like to encourage you to post internship positions as well. Many of our readers are currently in school or are just finishing their education.Please reserve top level comments for those posting open positions.Rules & GuidelinesInclude the company name in the post. If you want to be topsykret, go recruit elsewhere.Include the geographic location of the position along with the availability of relocation assistance or remote work.If you are a third party recruiter, you must disclose this in your posting.Please be thorough and upfront with the position details.Use of non-hr'd (realistic) requirements is encouraged.While it's fine to link to the position on your companies website, provide the important details in the comment.Mention if applicants should apply officially through HR, or directly through you.Please clearly list citizenship, visa, and security clearance requirements.You can see an example of acceptable posts by perusing past hiring threads.FeedbackFeedback and suggestions are welcome, but please don't hijack this thread (use moderator mail instead.)
Submitted October 03, 2018 at 11:31PM by ranok
via reddit https://ift.tt/2O0KIgc
OverviewIf you have open positions at your company for information security professionals and would like to hire from the /r/netsec user base, please leave a comment detailing any open job listings at your company.We would also like to encourage you to post internship positions as well. Many of our readers are currently in school or are just finishing their education.Please reserve top level comments for those posting open positions.Rules & GuidelinesInclude the company name in the post. If you want to be topsykret, go recruit elsewhere.Include the geographic location of the position along with the availability of relocation assistance or remote work.If you are a third party recruiter, you must disclose this in your posting.Please be thorough and upfront with the position details.Use of non-hr'd (realistic) requirements is encouraged.While it's fine to link to the position on your companies website, provide the important details in the comment.Mention if applicants should apply officially through HR, or directly through you.Please clearly list citizenship, visa, and security clearance requirements.You can see an example of acceptable posts by perusing past hiring threads.FeedbackFeedback and suggestions are welcome, but please don't hijack this thread (use moderator mail instead.)
Submitted October 03, 2018 at 11:31PM by ranok
via reddit https://ift.tt/2O0KIgc
APT37: Final1stspy Reaping the FreeMilk
https://ift.tt/2Rht8ml
Submitted October 03, 2018 at 11:37PM by 0xbaadf00dsec
via reddit https://ift.tt/2zOrFgC
https://ift.tt/2Rht8ml
Submitted October 03, 2018 at 11:37PM by 0xbaadf00dsec
via reddit https://ift.tt/2zOrFgC
Intezer
APT37: Final1stspy Reaping the FreeMilk - Intezer
Researchers at Palo Alto Networks recently published a report regarding the NOKKI malware, which has shared code with KONNI and, although not in the report by Palo Alto, KimJongRAT (discovered by Paul Rascagnères of Cisco Talos in 2013), and another report…
How the OODA Loop Can Help Improve Detection Speed and Accuracy - Red Canary
https://ift.tt/2xWAbJ4
Submitted October 04, 2018 at 01:30AM by fireh7nter
via reddit https://ift.tt/2OubLAb
https://ift.tt/2xWAbJ4
Submitted October 04, 2018 at 01:30AM by fireh7nter
via reddit https://ift.tt/2OubLAb
Red Canary
How the OODA Loop Can Help Improve Detection Speed and Accuracy - Red Canary
This post will walk through a malware infection that used PsExec and show how the OODA loop method can help improve detection speed and accuracy.
Open Source FIDO2/U2F Security key
https://ift.tt/2NcgAhF
Submitted October 04, 2018 at 05:30AM by reddigineer
via reddit https://ift.tt/2RmrlMN
https://ift.tt/2NcgAhF
Submitted October 04, 2018 at 05:30AM by reddigineer
via reddit https://ift.tt/2RmrlMN
GitHub
SoloKeysSec/solo
FIDO2 USB+NFC token optimized for security, extensibility, and style - SoloKeysSec/solo
Violating Your Personal Space with Webex - Access all the Meeting Rooms!
https://ift.tt/2O0v8kS
Submitted October 04, 2018 at 04:18AM by ok_bye_now_
via reddit https://ift.tt/2yd5UFe
https://ift.tt/2O0v8kS
Submitted October 04, 2018 at 04:18AM by ok_bye_now_
via reddit https://ift.tt/2yd5UFe
JP
Violating Your Personal Space with Webex
Some time ago Karl Fosaaen with NetSpi came out with some pretty interesting research around Federated Services and Skype for Business. One of the attack vectors was being able to access other comp…
APT38: Details on New North Korean Regime-Backed Threat Group « APT38: Details on New North Korean Regime-Backed Threat Group
https://ift.tt/2xWhKnC
Submitted October 04, 2018 at 01:39PM by fireh7nter
via reddit https://ift.tt/2O54OWS
https://ift.tt/2xWhKnC
Submitted October 04, 2018 at 01:39PM by fireh7nter
via reddit https://ift.tt/2O54OWS
FireEye
APT38: Details on New North Korean Regime-Backed Threat Group « APT38: Details on New North Korean Regime-Backed Threat Group
We release details on APT38, a threat group we believe is responsible for conducting financial crime on behalf of the North Korean regime, stealing millions of dollars from banks worldwide.
CVE-2018-1788: PRTG Network Monitor Privilege Escalation
https://ift.tt/2ybFUdp
Submitted October 04, 2018 at 03:12PM by GetOffMyWAN
via reddit https://ift.tt/2OzeoAM
https://ift.tt/2ybFUdp
Submitted October 04, 2018 at 03:12PM by GetOffMyWAN
via reddit https://ift.tt/2OzeoAM
Criticalstart
PRTG Network Monitor Privilege Escalation | Critical Start
Common Sense Cybersecurity
How China Used a Tiny Chip to Infiltrate Amazon and Appl
https://ift.tt/2RpSgYc
Submitted October 04, 2018 at 03:12PM by singaporeslin9
via reddit https://ift.tt/2NqHm1a
https://ift.tt/2RpSgYc
Submitted October 04, 2018 at 03:12PM by singaporeslin9
via reddit https://ift.tt/2NqHm1a
Bloomberg
China Used a Tiny Chip in a Hack That Infiltrated U.S. Companies
The attack by Chinese spies reached almost 30 U.S. companies by compromising America's technology supply chain.
Hypervisor security advice
https://ift.tt/2xZ8Fuy
Submitted October 04, 2018 at 04:37PM by cromagdk
via reddit https://ift.tt/2yey2I4
https://ift.tt/2xZ8Fuy
Submitted October 04, 2018 at 04:37PM by cromagdk
via reddit https://ift.tt/2yey2I4
reddit
Hypervisor security advice • r/sysadmin
I am looking for some advice. The goal is to gain a bit of knowledge about hypervisor layer security, as in av/ips/something and remain agentless...
The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies
https://ift.tt/2RpSgYc
Submitted October 04, 2018 at 05:14PM by scottdeto
via reddit https://ift.tt/2P5hfOK
https://ift.tt/2RpSgYc
Submitted October 04, 2018 at 05:14PM by scottdeto
via reddit https://ift.tt/2P5hfOK
Bloomberg
China Used a Tiny Chip in a Hack That Infiltrated U.S. Companies
The attack by Chinese spies reached almost 30 U.S. companies by compromising America's technology supply chain.
Static Analysis of Client-Side JavaScript for pen testers and bug bounty hunters
https://ift.tt/2I5Fytc
Submitted October 04, 2018 at 04:46PM by CyberBullets
via reddit https://ift.tt/2NmcSNN
https://ift.tt/2I5Fytc
Submitted October 04, 2018 at 04:46PM by CyberBullets
via reddit https://ift.tt/2NmcSNN
Appsecco
Static Analysis of Client-Side JavaScript for pen testers and bug bounty hunters
JavaScript has become one of the most ubiquitous technologies in the modern web browsers. Applications built using client-side JavaScript…
Apple, Amazon, Supermicro and China refute Bloomberg's Big Hack story.
https://ift.tt/2ID0w2X
Submitted October 04, 2018 at 07:31PM by scottdeto
via reddit https://ift.tt/2Qw6llz
https://ift.tt/2ID0w2X
Submitted October 04, 2018 at 07:31PM by scottdeto
via reddit https://ift.tt/2Qw6llz
Bloomberg.com
The Big Hack: Statements From Amazon, Apple, Supermicro, and the Chinese Government
Complete text
BYOB (Build Your Own Botnet) v0.2 Released - Major Improvements & Bug Fixes
https://ift.tt/2o2lJKj
Submitted October 04, 2018 at 09:36PM by PoonSafari
via reddit https://ift.tt/2NpJtlA
https://ift.tt/2o2lJKj
Submitted October 04, 2018 at 09:36PM by PoonSafari
via reddit https://ift.tt/2NpJtlA
GitHub
GitHub - malwaredllc/byob: An open-source post-exploitation framework for students, researchers and developers.
An open-source post-exploitation framework for students, researchers and developers. - GitHub - malwaredllc/byob: An open-source post-exploitation framework for students, researchers and developers.
Convert nmap scans into Beautiful HTML web pages
https://ift.tt/2PaWvFr
Submitted October 05, 2018 at 01:20AM by i_rsX
via reddit https://ift.tt/2IFjnKK
https://ift.tt/2PaWvFr
Submitted October 05, 2018 at 01:20AM by i_rsX
via reddit https://ift.tt/2IFjnKK
Member's Area
Convert nmap Scans into Beautiful HTML Pages
A few weeks ago I discovered this neat little trick that helps you see your saved nmap results in HTML formats, locally. This can be very helpful when you are performing large scans, like on an enterprise or a university for example. TL;DR: Use nmap …
[SOLVED] Hostapd error - nl80211: Could not configure driver mode
https://ift.tt/2PdfmQi
Submitted October 05, 2018 at 01:56AM by i_rsX
via reddit https://ift.tt/2zSLqDL
https://ift.tt/2PdfmQi
Submitted October 05, 2018 at 01:56AM by i_rsX
via reddit https://ift.tt/2zSLqDL
Member's Area
Hostapd error - nl80211: Could not configure driver mode
I got this problem when I try to use hostapd on Kali Linux 2018.1 nl80211: Could not configure driver mode I am using TP-link WR722n. Can u give me some suggestion?
Draw.io for threat modeling
https://ift.tt/2QwrNXz
Submitted October 05, 2018 at 01:06PM by michenriksen
via reddit https://ift.tt/2y21WQt
https://ift.tt/2QwrNXz
Submitted October 05, 2018 at 01:06PM by michenriksen
via reddit https://ift.tt/2y21WQt
Debunking "OSINT Analysis of the TOR Foundation" and a few words about Tor's directory authorities
https://ift.tt/2OEshh1
Submitted October 05, 2018 at 03:21PM by jvoisin
via reddit https://ift.tt/2BZxb1u
https://ift.tt/2OEshh1
Submitted October 05, 2018 at 03:21PM by jvoisin
via reddit https://ift.tt/2BZxb1u
dustri.org
Debunking "OSINT Analysis of the TOR Foundation" and a few words about Tor's directory authorities
Personnal blog of Julien (jvoisin) Voisin
Follow up to the container scanning comparison blog
https://ift.tt/2PdjxLG
Submitted October 05, 2018 at 04:55PM by stevenacreman
via reddit https://ift.tt/2yhrdWa
https://ift.tt/2PdjxLG
Submitted October 05, 2018 at 04:55PM by stevenacreman
via reddit https://ift.tt/2yhrdWa
kubedex.com
Follow Up: Container Scanning Comparison - kubedex.com
Come and read Follow Up: Container Scanning Comparison on Kubedex.com. The number one site to Discover, Compare and Share Kubernetes Applications.