Google Shutting Down Google+ After API Leaks 500k Account's Data/Lack Of Adoption
https://ift.tt/2yorSoR
Submitted October 09, 2018 at 03:21AM by g3xxg3xx
via reddit https://ift.tt/2OKUOBw
https://ift.tt/2yorSoR
Submitted October 09, 2018 at 03:21AM by g3xxg3xx
via reddit https://ift.tt/2OKUOBw
BleepingComputer
Google+ Shutting Down After Bug Leaks Info of 500k Accounts
Google has announced that they are closing the consumer functionality of Google+ due lack of adoption and an API bug that leaked the personal information of up to 500,000 Google+ accounts.
Length of an Antenna is relative to Wave Length
https://ift.tt/2CvMBLT
Submitted October 09, 2018 at 05:41AM by i_rsX
via reddit https://ift.tt/2NvMmRP
https://ift.tt/2CvMBLT
Submitted October 09, 2018 at 05:41AM by i_rsX
via reddit https://ift.tt/2NvMmRP
reddit
r/hacking - Length of an Antenna is relative to Wave Length
4 votes and 1 comment so far on Reddit
Delivery (Key)Boy
https://ift.tt/2OKJOnB
Submitted October 09, 2018 at 05:26AM by jdrch
via reddit https://ift.tt/2yluhk4
https://ift.tt/2OKJOnB
Submitted October 09, 2018 at 05:26AM by jdrch
via reddit https://ift.tt/2yluhk4
AlienVault
Delivery (Key)Boy
IntroductionBelow we’ve outlined the delivery phase of some recent attacks by KeyBoy, a group of attackers believed to operate out of China. They were first identified in 2013 targeting governments and NGOs in South East Asia. Their primary targeting continues…
Active Directory and Privilege Escalation Script
https://ift.tt/2lPu2YP
Submitted October 09, 2018 at 09:44AM by Hausec
via reddit https://ift.tt/2ykpgbs
https://ift.tt/2lPu2YP
Submitted October 09, 2018 at 09:44AM by Hausec
via reddit https://ift.tt/2ykpgbs
GitHub
hausec/ADAPE-Script
Active Directory Assessment and Privilege Escalation Script - hausec/ADAPE-Script
AWS takeover through SSRF in JavaScript
https://ift.tt/2yoaK2p
Submitted October 09, 2018 at 01:48PM by albinowax
via reddit https://ift.tt/2Oem3F9
https://ift.tt/2yoaK2p
Submitted October 09, 2018 at 01:48PM by albinowax
via reddit https://ift.tt/2Oem3F9
Gwendal Le Coguic
AWS takeover through SSRF in JavaScript
Gwendal Le Coguic, web developer and security researcher
A timing attack with CSS selectors and Javanoscript
https://ift.tt/2OOptOB
Submitted October 09, 2018 at 02:27PM by albinowax
via reddit https://ift.tt/2A0iAkF
https://ift.tt/2OOptOB
Submitted October 09, 2018 at 02:27PM by albinowax
via reddit https://ift.tt/2A0iAkF
sheddow's blog
A timing attack with CSS selectors and Javanoscript
Have you ever encountered a website that runs `jQuery(location.hash)`? It turns out this allows you to perform a powerful timing attack that can extract almost any secret from the HTML.
Trusting the delivery of Firefox Updates
https://ift.tt/2Qyk2jM
Submitted October 09, 2018 at 06:18PM by jvehent
via reddit https://ift.tt/2pLc2AM
https://ift.tt/2Qyk2jM
Submitted October 09, 2018 at 06:18PM by jvehent
via reddit https://ift.tt/2pLc2AM
Mozilla Security Blog
Trusting the delivery of Firefox Updates
Providing a web browser that you can depend on year after year is one of the core tenant of the Firefox security strategy. We put ...
Phishing Campaign uses Hijacked Emails to Deliver URSNIF by Replying to Ongoing Threads
https://ift.tt/2Cy692m
Submitted October 09, 2018 at 08:16PM by EvanConover
via reddit https://ift.tt/2Eb4Asv
https://ift.tt/2Cy692m
Submitted October 09, 2018 at 08:16PM by EvanConover
via reddit https://ift.tt/2Eb4Asv
Trendmicro
Phishing Campaign uses Hijacked Emails to Deliver URSNIF by Replying to Ongoing Threads - TrendLabs Security Intelligence Blog
A spam campaign we observed in September indicates attackers are angling towards a more sophisticated form of phishing. The campaign uses hijacked email accounts to deliver URSNIF as part of or as a response to an existing email thread.
Xiongmai Video Surveillance Devices Can be Hacked via Cloud Feature (XMEye P2P Cloud)
https://ift.tt/2OcMcnQ
Submitted October 09, 2018 at 11:48PM by dionas
via reddit https://ift.tt/2QHeh3x
https://ift.tt/2OcMcnQ
Submitted October 09, 2018 at 11:48PM by dionas
via reddit https://ift.tt/2QHeh3x
Sec-Consult
Millions of Xiongmai Video Surveillance Devices Can be Hacked via Cloud Feature (XMEye P2P Cloud) | SEC Consult
All devices from Xiongmai, a Chinese OEM who manufactures white-label video surveillance equipment, come with an always-on cloud feature called XMEye P2P cloud.
Rapid7 introduces an evasion module for Metasploit Framework (whitepaper inside)
https://blog.rapid7.com/2018/10/09/introducing-metasploits-first-evasion-module/
Submitted October 09, 2018 at 10:59PM by EvaMolotow
via reddit https://ift.tt/2QCQPV6
https://blog.rapid7.com/2018/10/09/introducing-metasploits-first-evasion-module/
Submitted October 09, 2018 at 10:59PM by EvaMolotow
via reddit https://ift.tt/2QCQPV6
Security updates available for Flash Player | APSB18-35
https://ift.tt/2OSZbKM
Submitted October 10, 2018 at 05:21AM by jdrch
via reddit https://ift.tt/2ys4tTj
https://ift.tt/2OSZbKM
Submitted October 10, 2018 at 05:21AM by jdrch
via reddit https://ift.tt/2ys4tTj
Adobe
Adobe Security Bulletin
Security updates available for Flash Player
Security updates available for Flash Player | APSB18-35
https://ift.tt/2OSZbKM
Submitted October 10, 2018 at 05:21AM by jdrch
via reddit https://ift.tt/2ys4tTj
https://ift.tt/2OSZbKM
Submitted October 10, 2018 at 05:21AM by jdrch
via reddit https://ift.tt/2ys4tTj
Adobe
Adobe Security Bulletin
Security updates available for Flash Player
.NET Framework October 2018 Security and Quality Rollup
https://ift.tt/2yvJFKC
Submitted October 10, 2018 at 05:13AM by jdrch
via reddit https://ift.tt/2Ofp1Jn
https://ift.tt/2yvJFKC
Submitted October 10, 2018 at 05:13AM by jdrch
via reddit https://ift.tt/2Ofp1Jn
Microsoft
.NET Framework October 2018 Security and Quality Rollup
A first-hand look from the .NET engineering teams
WhatsApp Heap Corruption
https://ift.tt/2y8OaM4
Submitted October 10, 2018 at 04:00AM by tunnelnel
via reddit https://ift.tt/2Em7DOX
https://ift.tt/2y8OaM4
Submitted October 10, 2018 at 04:00AM by tunnelnel
via reddit https://ift.tt/2Em7DOX
reddit
r/netsec - WhatsApp Heap Corruption
5 votes and 1 comment so far on Reddit
HASSH - an SSH Client/Server Fingerprinting Method
https://ift.tt/2xFDkwJ
Submitted October 10, 2018 at 06:05AM by netw0rm
via reddit https://ift.tt/2E9cZN7
https://ift.tt/2xFDkwJ
Submitted October 10, 2018 at 06:05AM by netw0rm
via reddit https://ift.tt/2E9cZN7
GitHub
salesforce/hassh
HASSH is a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations. The fingerprints can be easily stored, searched and shared in the form of a ...
Bruteforcing United Club's WiFi password
https://ift.tt/2A1D10M
Submitted October 10, 2018 at 07:39AM by JonLuca
via reddit https://ift.tt/2OL75WN
https://ift.tt/2A1D10M
Submitted October 10, 2018 at 07:39AM by JonLuca
via reddit https://ift.tt/2OL75WN
JonLuca’s Blog
Bruteforcing United Club’s WiFi password
JonLuca’s Blog - A blog about tech, programming, and information
Flatpak - a security nightmare
http://flatkill.org/
Submitted October 10, 2018 at 12:09PM by burpadurp
via reddit https://ift.tt/2yrxaji
http://flatkill.org/
Submitted October 10, 2018 at 12:09PM by burpadurp
via reddit https://ift.tt/2yrxaji
reddit
r/netsec - Flatpak - a security nightmare
24 votes and 2 comments so far on Reddit
MemITM: Tool to make in memory man in the middle
https://ift.tt/2pSz2xT
Submitted October 10, 2018 at 01:56PM by EpicBananaIsEpic
via reddit https://ift.tt/2ycAkZ7
https://ift.tt/2pSz2xT
Submitted October 10, 2018 at 01:56PM by EpicBananaIsEpic
via reddit https://ift.tt/2ycAkZ7
GitHub
AMOSSYS/MemITM
Tool to make in memory man in the middle. Contribute to AMOSSYS/MemITM development by creating an account on GitHub.
Firefox AUS (Application Update Service) Security Audit Report By German X41 D-SEC GMBH
https://ift.tt/2OU9HkW
Submitted October 10, 2018 at 03:05PM by Calcd
via reddit https://ift.tt/2NyYAcw
https://ift.tt/2OU9HkW
Submitted October 10, 2018 at 03:05PM by Calcd
via reddit https://ift.tt/2NyYAcw
Google Docs
X41-Balrog-Review-2018-Final-Report-Private.pdf
Bypassing WAFs and cracking XOR with Hackvertor
https://ift.tt/2pLnsUW
Submitted October 10, 2018 at 04:16PM by albinowax
via reddit https://ift.tt/2pIThOh
https://ift.tt/2pLnsUW
Submitted October 10, 2018 at 04:16PM by albinowax
via reddit https://ift.tt/2pIThOh
Web Security Blog | PortSwigger
Bypassing WAFs and cracking XOR with Hackvertor
You might not be aware of the Hackvertor extension I've been working on lately. It features tag based conversion that is far more powerful than the inbuilt decoder in Burp. The idea behind tag based c
Using Wasabi to solve a WebAssembly Crackme
https://ift.tt/2CBiHWI
Submitted October 10, 2018 at 07:38PM by thebarbershopper
via reddit https://ift.tt/2RFz34M
https://ift.tt/2CBiHWI
Submitted October 10, 2018 at 07:38PM by thebarbershopper
via reddit https://ift.tt/2RFz34M
reddit
r/netsec - Using Wasabi to solve a WebAssembly Crackme
3 votes and 0 comments so far on Reddit