The bleak picture of two-factor authentication adoption in the wild
http://bit.ly/2QJvT36
Submitted December 22, 2018 at 07:33PM by liotier
via reddit http://bit.ly/2Aa5NMw
http://bit.ly/2QJvT36
Submitted December 22, 2018 at 07:33PM by liotier
via reddit http://bit.ly/2Aa5NMw
reddit
r/netsec - The bleak picture of two-factor authentication adoption in the wild
1 vote and 0 comments so far on Reddit
RSync the old is still new...
http://bit.ly/2LABzGY
Submitted December 23, 2018 at 12:24AM by fabipe
via reddit http://bit.ly/2rTqo36
http://bit.ly/2LABzGY
Submitted December 23, 2018 at 12:24AM by fabipe
via reddit http://bit.ly/2rTqo36
BinaryEdge - Science and Technology
RSync the old is still new...
This is a special blogpost for us. We usually work on our research by ourselves and present it in the same way, but this time, this research was partially done in collaboration with the amazing team at Rapid7. You should also check out their counterpart report…
Someone is trying to take entire countries offline and cybersecurity experts say 'it's a matter of time because it's really easy'
https://aol.it/2V8ozwH
Submitted December 23, 2018 at 06:02AM by Zapper216
via reddit http://bit.ly/2EJZzXq
https://aol.it/2V8ozwH
Submitted December 23, 2018 at 06:02AM by Zapper216
via reddit http://bit.ly/2EJZzXq
AOL.com
Someone is trying to take entire countries offline and cybersecurity experts say 'it's a matter of time because it's really easy'
The West's biggest security weakness is in the old electronics and sensors that control processes in infrastructure and industry.
Bachelor Thesis & Open Source Framework: Implementation and evaluation of secure and scalable anomaly-based network intrusion detection
http://bit.ly/2EFyDaD
Submitted December 23, 2018 at 03:59PM by alien_1337
via reddit http://bit.ly/2CuNQd3
http://bit.ly/2EFyDaD
Submitted December 23, 2018 at 03:59PM by alien_1337
via reddit http://bit.ly/2CuNQd3
GitHub
dreadl0ck/netcap
A framework for secure and scalable network traffic analysis - dreadl0ck/netcap
Hey everyone, I was wondering what you think about the topic talked about in the linked document, "Overwriting Hard Drive Data: The Great Wiping Controversy"
http://bit.ly/1q2Sfdo
Submitted December 24, 2018 at 03:22AM by orthoset
via reddit http://bit.ly/2GAZ7wv
http://bit.ly/1q2Sfdo
Submitted December 24, 2018 at 03:22AM by orthoset
via reddit http://bit.ly/2GAZ7wv
reddit
r/netsec - Hey everyone, I was wondering what you think about the topic talked about in the linked document, "Overwriting Hard…
0 votes and 1 comment so far on Reddit
How to exploit a PHP Remote CODE Execution bypassing filters, sanitizations and WAF rules
http://bit.ly/2PZAqJs
Submitted December 24, 2018 at 02:55PM by theMiddleBlue
via reddit http://bit.ly/2GGhUGD
http://bit.ly/2PZAqJs
Submitted December 24, 2018 at 02:55PM by theMiddleBlue
via reddit http://bit.ly/2GGhUGD
Secjuice.com
PHP RCE Bypass filters, sanitizations and WAF rules
In this article, I’ll show you how many possibilities PHP gives us in order to exploit a remote code execution bypassing filters, input sanitization, and WAF rules.
ELF in-memory execution via php/python/perl [MSF module included]
http://bit.ly/2T79rgX
Submitted December 24, 2018 at 08:37PM by cyberpunkych
via reddit http://bit.ly/2Cx795y
http://bit.ly/2T79rgX
Submitted December 24, 2018 at 08:37PM by cyberpunkych
via reddit http://bit.ly/2Cx795y
FBK CyberSecurity
ELF in-memory execution
Fileless malware attacks are becoming more and more popular. Which is hardly surprising as they normally leave no trace. In this article we will not speak about program execution in Windows RAM. Instead, we will focus on GNU/Linux. Linux is dominant in the…
The Importance of the Content-Type Header in HTTP Requests
http://bit.ly/2AftSBD
Submitted December 24, 2018 at 08:19PM by ziyahanalbeniz
via reddit http://bit.ly/2EN7ovC
http://bit.ly/2AftSBD
Submitted December 24, 2018 at 08:19PM by ziyahanalbeniz
via reddit http://bit.ly/2EN7ovC
Netsparker
The Importance of the Content-Type Header in HTTP Requests
This article describes the details of a vulnerability that combines Cross-site Request Forgery and Remote Code Execution. This can allow a hacker to discover and gain access to the machines within the network of a router. Content-Type Headers provide a critical…
Basic XPath Injection [Tutorial]
http://bit.ly/2rTlgvW
Submitted December 24, 2018 at 11:29PM by ImVendetta
via reddit http://bit.ly/2LzGVCe
http://bit.ly/2rTlgvW
Submitted December 24, 2018 at 11:29PM by ImVendetta
via reddit http://bit.ly/2LzGVCe
reddit
r/netsec - Basic XPath Injection [Tutorial]
3 votes and 0 comments so far on Reddit
Major flaw and security vulnerability in Plaid API, the banking authentication API behind Venmo, Robinhood, Acorns and many others
http://bit.ly/2T7ru6D
Submitted December 25, 2018 at 12:59AM by chirau
via reddit http://bit.ly/2BAmKzs
http://bit.ly/2T7ru6D
Submitted December 25, 2018 at 12:59AM by chirau
via reddit http://bit.ly/2BAmKzs
This is probably more appropriate here. As a broader question, how to handle the pesky customer’s recommendation
http://bit.ly/2V6EATO
Submitted December 25, 2018 at 04:01AM by 0bel1sk
via reddit http://bit.ly/2rTfjyP
http://bit.ly/2V6EATO
Submitted December 25, 2018 at 04:01AM by 0bel1sk
via reddit http://bit.ly/2rTfjyP
reddit
r/networking - Is hosting DMZ VLANs on physically separated switches is no longer a good practice?
75 votes and 73 comments so far on Reddit
Zeronights 2018 materials
http://bit.ly/2EDjK8G
Submitted December 25, 2018 at 12:59PM by ninoseki
via reddit http://bit.ly/2AdjqdS
http://bit.ly/2EDjK8G
Submitted December 25, 2018 at 12:59PM by ninoseki
via reddit http://bit.ly/2AdjqdS
reddit
r/netsec - Zeronights 2018 materials
3 votes and 0 comments so far on Reddit
Preliminary SQL Injection (Part 1)
http://bit.ly/2Skpice
Submitted December 25, 2018 at 06:06PM by ImVendetta
via reddit http://bit.ly/2Q1g02X
http://bit.ly/2Skpice
Submitted December 25, 2018 at 06:06PM by ImVendetta
via reddit http://bit.ly/2Q1g02X
reddit
r/netsec - Preliminary SQL Injection (Part 1)
1 vote and 0 comments so far on Reddit
Configuring DNS-over-TLS and DNS-over-HTTPS with any DNS Server
http://bit.ly/2Vbb6US
Submitted December 25, 2018 at 07:06PM by shreyasonline
via reddit http://bit.ly/2AeTuhX
http://bit.ly/2Vbb6US
Submitted December 25, 2018 at 07:06PM by shreyasonline
via reddit http://bit.ly/2AeTuhX
Technitium
Configuring DNS-over-TLS and DNS-over-HTTPS with any DNS Server
The new DNS-over-TLS (DoT) and DNS-over-HTTPS (DoH) protocols are available for enabling end user's privacy and security given the fact t...
Cloudflare's Concise Christmas Cryptography Challenges 2019
http://bit.ly/2Af1CyS
Submitted December 26, 2018 at 12:00AM by civicode
via reddit http://bit.ly/2CxmYZY
http://bit.ly/2Af1CyS
Submitted December 26, 2018 at 12:00AM by civicode
via reddit http://bit.ly/2CxmYZY
The Cloudflare Blog
Concise Christmas Cryptography Challenges 2019
We've put together some Christmas Cryptography questions. Do you think you can solve them?
$571 worth of Hacking books by No Starch Press like Get Serious Cryptography: A Practical Introduction to Modern Encryption, Black Hat Python, Android Security Internals, and more for $15 (-97% OFF)
http://bit.ly/2CzFIb9
Submitted December 26, 2018 at 12:15AM by maidelane
via reddit http://bit.ly/2QMAT70
http://bit.ly/2CzFIb9
Submitted December 26, 2018 at 12:15AM by maidelane
via reddit http://bit.ly/2QMAT70
Humble Bundle
Humble Book Bundle: The Happy Hacking Holiday Bundle by No Starch Press
Pay what you want for awesome ebooks and support charity!
Uber, statistics, and a chrome extension
http://bit.ly/2QNOMlw
Submitted December 26, 2018 at 01:16AM by JonLuca
via reddit http://bit.ly/2Lx1CPj
http://bit.ly/2QNOMlw
Submitted December 26, 2018 at 01:16AM by JonLuca
via reddit http://bit.ly/2Lx1CPj
JonLuca’s Blog
Uber, statistics, and a chrome extension
JonLuca’s Blog - A blog about tech, programming, and information
Twitter is Broken
http://bit.ly/2RmSO3A
Submitted December 26, 2018 at 04:52PM by Fugitif
via reddit http://bit.ly/2Ag52Bi
http://bit.ly/2RmSO3A
Submitted December 26, 2018 at 04:52PM by Fugitif
via reddit http://bit.ly/2Ag52Bi
The AntiSocial Engineer Limited
Twitter is Broken | The AntiSocial Engineer Limited
For those that aren’t aware of ‘The AntiSocial Engineer Limited’, we are a small cybersecurity consultancy that is trying to reduce the number of online victims of cybercrime. Nothing makes us happier than when organisations do their bit in the ... Read More
Detecting Use of SandboxEscaper's "MsiAdvertiseProduct" 0-day PoC
http://bit.ly/2CyTRoZ
Submitted December 26, 2018 at 05:19PM by pe3zx
via reddit http://bit.ly/2Sro3YV
http://bit.ly/2CyTRoZ
Submitted December 26, 2018 at 05:19PM by pe3zx
via reddit http://bit.ly/2Sro3YV
i-secure Co, Ltd.
Detecting Use of SandboxEscaper's "MsiAdvertiseProduct" 0-day PoC - Bangkok, Thailand | i-secure Co, Ltd.
Briefly Introduction to the Vulnerability On December 19, 2018, SandboxEscaper released details about another zero-day vulnerability in Microsoft Windows with PoC. This vulnerability, if successfully attack, can be used to bypass restricted DACL of files…
5 Industries Most at Risk of Data Breaches
http://bit.ly/2AcW9Zm
Submitted December 26, 2018 at 09:31PM by RyanTmthn
via reddit http://bit.ly/2LABy5L
http://bit.ly/2AcW9Zm
Submitted December 26, 2018 at 09:31PM by RyanTmthn
via reddit http://bit.ly/2LABy5L
Ekransystem
5 Industries Most at Risk of Data Breaches
Any company possessing sensitive data is under threat of being breached. Hackers can obtain any personal information, from names to heart rate data.
20000 routers LiveBox leaks Wifi credentials
http://bit.ly/2Rfz1mN
Submitted December 26, 2018 at 09:53PM by Dormidera
via reddit http://bit.ly/2GDTy0h
http://bit.ly/2Rfz1mN
Submitted December 26, 2018 at 09:53PM by Dormidera
via reddit http://bit.ly/2GDTy0h
1024Megas
20.000 routers Orange Livebox exponen SSID y contraseña WiFi
Tutoriales, guías, noticias... Entradas variadas sobre el mundo de la Ciberseguridad, hacking ético, RaspberryPi, IoT y el mundo TI en general.