Vision Direct reveals breach that skimmed customer credit cards
https://ift.tt/2Kd709j
Submitted November 19, 2018 at 08:21PM by joshkale_
via reddit https://ift.tt/2QUUdLv
https://ift.tt/2Kd709j
Submitted November 19, 2018 at 08:21PM by joshkale_
via reddit https://ift.tt/2QUUdLv
TechCrunch
Vision Direct reveals breach that skimmed customer credit cards
European online contact lens supplier Vision Direct has revealed a data breach which compromised full credit card details for a number of its customers, as well as personal information. Compromised data includes full name, billing address, email address,…
XS-Searching Google’s bug tracker to find out vulnerable source code
https://ift.tt/2ORtGwL
Submitted November 19, 2018 at 10:23PM by Involder
via reddit https://ift.tt/2zhLYCh
https://ift.tt/2ORtGwL
Submitted November 19, 2018 at 10:23PM by Involder
via reddit https://ift.tt/2zhLYCh
Medium
XS-Searching Google’s bug tracker to find out vulnerable source code
Or how side-channel timing attacks aren’t that impractical
Join fellow hackers for one month of security research in Malaysia and Indonesia (all expenses paid)
https://ift.tt/2B91Gyc
Submitted November 19, 2018 at 09:50PM by breakingsystems
via reddit https://ift.tt/2qV2Iuv
https://ift.tt/2B91Gyc
Submitted November 19, 2018 at 09:50PM by breakingsystems
via reddit https://ift.tt/2qV2Iuv
reddit
r/netsec - Join fellow hackers for one month of security research in Malaysia and Indonesia (all expenses paid)
6 votes and 0 comments so far on Reddit
Vectorized Emulation: MMU Design
https://ift.tt/2A531au
Submitted November 20, 2018 at 01:57AM by gamozolabs
via reddit https://ift.tt/2BhrRFV
https://ift.tt/2A531au
Submitted November 20, 2018 at 01:57AM by gamozolabs
via reddit https://ift.tt/2BhrRFV
Gamozo Labs Blog
Vectorized Emulation: MMU Design
I blog about random things security, everything is broken, nothing scales, shared memory models are flawed.
Kickstart Application Security on Heroku with the Templarbit Buildpack
https://ift.tt/2FtXdNy
Submitted November 20, 2018 at 02:29AM by iamcoolc
via reddit https://ift.tt/2qU9Yqx
https://ift.tt/2FtXdNy
Submitted November 20, 2018 at 02:29AM by iamcoolc
via reddit https://ift.tt/2qU9Yqx
Templarbit Inc.
Kickstart Application Security on Heroku with the Templarbit Buildpack
Heroku remains a popular choice for teams to run their software...
SignedMalware.org | A Resource That Demonstrates Failures In Code Signing PKI
https://ift.tt/2h3AjBl
Submitted November 20, 2018 at 03:45AM by Hemlck
via reddit https://ift.tt/2S130M0
https://ift.tt/2h3AjBl
Submitted November 20, 2018 at 03:45AM by Hemlck
via reddit https://ift.tt/2S130M0
The Broken Shield: Measuring Revocation Effectiveness in the Windows Code-Signing PKI
https://ift.tt/2A924h5
Submitted November 20, 2018 at 04:43AM by Hemlck
via reddit https://ift.tt/2Fv3dFR
https://ift.tt/2A924h5
Submitted November 20, 2018 at 04:43AM by Hemlck
via reddit https://ift.tt/2Fv3dFR
The Broken Shield: Measuring Revocation Effectiveness in the Windows Code-Signing PKI
https://ift.tt/2A924h5
Submitted November 20, 2018 at 04:43AM by Hemlck
via reddit https://ift.tt/2Fv3dFR
https://ift.tt/2A924h5
Submitted November 20, 2018 at 04:43AM by Hemlck
via reddit https://ift.tt/2Fv3dFR
Authentication bypass in a NodeJS application — a bug bounty story
https://ift.tt/2qXEjEK
Submitted November 20, 2018 at 02:58PM by albinowax
via reddit https://ift.tt/2Q8GSlD
https://ift.tt/2qXEjEK
Submitted November 20, 2018 at 02:58PM by albinowax
via reddit https://ift.tt/2Q8GSlD
Medium
Authentication bypass in NodeJS application — a bug bounty story
Hello everyone,
[PDF] An Analysis of the ProtonMail Cryptographic Architecture
https://ift.tt/2OTJEXk
Submitted November 20, 2018 at 05:15PM by sarciszewski
via reddit https://ift.tt/2A4Y8hy
https://ift.tt/2OTJEXk
Submitted November 20, 2018 at 05:15PM by sarciszewski
via reddit https://ift.tt/2A4Y8hy
Top 10 Application Security Breaches of 2018
https://ift.tt/2KpNA1r
Submitted November 20, 2018 at 05:50PM by KeyDutch
via reddit https://ift.tt/2PDeQiw
https://ift.tt/2KpNA1r
Submitted November 20, 2018 at 05:50PM by KeyDutch
via reddit https://ift.tt/2PDeQiw
Htbridge
Top 10 Application Security Breaches of 2018
The most disastrous web and mobile application security breaches and security incidents of 2018 (so far).
Linux | Changing memory protection in an arbitrary process
https://ift.tt/2DxZZPg
Submitted November 20, 2018 at 09:21PM by shleimeleh
via reddit https://ift.tt/2ze4ICP
https://ift.tt/2DxZZPg
Submitted November 20, 2018 at 09:21PM by shleimeleh
via reddit https://ift.tt/2ze4ICP
Perception Point
Linux internals | Perception Point
Recently, we faced this very specific task: changing the protection flags of memory regions in an arbitrary process. As this task may seem trivial, we encountered some obstacles and learned new things in the process, mostly about Linux mechanisms and kernel…
Hasta Yatakları
https://ift.tt/2KhYbv0
Submitted November 20, 2018 at 11:06PM by hastayataklari34
via reddit https://ift.tt/2zio75C
https://ift.tt/2KhYbv0
Submitted November 20, 2018 at 11:06PM by hastayataklari34
via reddit https://ift.tt/2zio75C
Hasta Yatağı Hasta Karyolası Satış
Hasta Yatağı ve Hasta Karyolası
Hasta Yatağı, Hasta Karyolası, Hasta Yatakları Kaliteli Ve En Ucuz Fiyatlara Bulabileceğiniz Tek Adres
phpBB 3.2.3: Phar Deserialization to RCE
https://ift.tt/2BnbkjE
Submitted November 20, 2018 at 10:47PM by rips-hb
via reddit https://ift.tt/2OYMASA
https://ift.tt/2BnbkjE
Submitted November 20, 2018 at 10:47PM by rips-hb
via reddit https://ift.tt/2OYMASA
Write-up about Adobe Flash Player bug patched today
https://ift.tt/2KkAeTX
Submitted November 20, 2018 at 11:55PM by campuscodi
via reddit https://ift.tt/2DLWHJ2
https://ift.tt/2KkAeTX
Submitted November 20, 2018 at 11:55PM by campuscodi
via reddit https://ift.tt/2DLWHJ2
Insanely Low-Level
Flash News
TLDR; There’s a bug in Adobe Flash. The interpreter code of the Action Script Virtual Machine (AVM) does not reset a with-scope pointer when an exception is caught, leading later to a type confusio…
Google Inbox recipient spoofing vulnerability
https://ift.tt/2TuLrVZ
Submitted November 21, 2018 at 01:02AM by Sephr
via reddit https://ift.tt/2Tol6Jr
https://ift.tt/2TuLrVZ
Submitted November 21, 2018 at 01:02AM by Sephr
via reddit https://ift.tt/2Tol6Jr
Twitter
Eli Grey
One of these screenshots is a draft email to the real PayPal support. The other one is to a scammer. Both screenshots are identical. Unfixed vulnerability in all Google Inbox mobile apps: https://t.co/ixRxU9qLnh PoC demo (open with Google Inbox app): htt…
Office 365 and Azure AD vulnerable to brute-force and password spray attacks
https://ift.tt/2OSp2yw
Submitted November 21, 2018 at 02:00AM by stautistic
via reddit https://ift.tt/2RZ8bfs
https://ift.tt/2OSp2yw
Submitted November 21, 2018 at 02:00AM by stautistic
via reddit https://ift.tt/2RZ8bfs
Hacker Noon
How Azure AD Could Be Vulnerable to Brute-Force and DOS Attacks
Azure AD is the de facto gatekeeper of Microsoft cloud solutions such as Azure, Office 365, Enterprise Mobility. As an integral component…
Not So Cozy: An Uncomfortable Examination of a Suspected APT29 Phishing Campaign
https://ift.tt/2S6ziFz
Submitted November 21, 2018 at 01:25AM by Logic_15
via reddit https://ift.tt/2BlFeEQ
https://ift.tt/2S6ziFz
Submitted November 21, 2018 at 01:25AM by Logic_15
via reddit https://ift.tt/2BlFeEQ
FireEye
Not So Cozy: An Uncomfortable Examination of a Suspected APT29 Phishing Campaign « Not So Cozy: An Uncomfortable Examination of…
FireEye detected new targeted phishing activity at more than 20 of our clients across multiple industries.
Unfixed spoofing vulnerability in Google Inbox mobile apps
https://ift.tt/2FwSDOD
Submitted November 21, 2018 at 01:15AM by Sephr
via reddit https://ift.tt/2Kn1iSv
https://ift.tt/2FwSDOD
Submitted November 21, 2018 at 01:15AM by Sephr
via reddit https://ift.tt/2Kn1iSv
Twitter
Eli Grey
One of these screenshots is a draft email to the real PayPal support. The other one is to a scammer. Both screenshots are identical. Unfixed vulnerability in all Google Inbox mobile apps: https://t.co/ixRxU9qLnh PoC demo (open with Google Inbox app): htt…
out-of-tree kernel {module, exploit} development tool
https://out-of-tree.io
Submitted November 21, 2018 at 10:28AM by jollheef
via reddit https://ift.tt/2DPKint
https://out-of-tree.io
Submitted November 21, 2018 at 10:28AM by jollheef
via reddit https://ift.tt/2DPKint
reddit
r/netsec - out-of-tree kernel {module, exploit} development tool
1 vote and 1 comment so far on Reddit
Web Browser Address Bar Spoofing
https://ift.tt/2S7MpX1
Submitted November 21, 2018 at 12:16PM by ziyahanalbeniz
via reddit https://ift.tt/2zjS3hQ
https://ift.tt/2S7MpX1
Submitted November 21, 2018 at 12:16PM by ziyahanalbeniz
via reddit https://ift.tt/2zjS3hQ
Netsparker
Web Browser Address Bar Spoofing
This blog post looks at two address bar spoofing incidents. The first involved the Homograph vulnerability, where attackers used the IDN feature to trick users by imitating legitimate characters. The second involved Edge and Safari, in which redirected website…