NIST CSRC is down due to shutdown
https://csrc.nist.gov/
Submitted January 04, 2019 at 06:55AM by ejmart1n
via reddit http://bit.ly/2BX15BQ
https://csrc.nist.gov/
Submitted January 04, 2019 at 06:55AM by ejmart1n
via reddit http://bit.ly/2BX15BQ
csrc.nist.gov
NIST Computer Security Resource Center | CSRC
CSRC provides access to NIST's cybersecurity- and information security-related projects, publications, news and events.
A Summary of Planned Improvements to the Security of the PHP Ecosystem (and Beyond) for 2019
http://bit.ly/2F6iRpm
Submitted January 04, 2019 at 01:27PM by sarciszewski
via reddit http://bit.ly/2s9Ieif
http://bit.ly/2F6iRpm
Submitted January 04, 2019 at 01:27PM by sarciszewski
via reddit http://bit.ly/2s9Ieif
Paragonie
Our PHP Security Roadmap for the Year 2019 - Paragon Initiative Enterprises Blog
We have a lot of work ahead of us in 2019, and we hope it benefits the entire PHP community
Discovering and Hacking IoT Devices Using Web-Based Attacks
http://bit.ly/2VnvoKR
Submitted January 04, 2019 at 01:26PM by ziyahanalbeniz
via reddit http://bit.ly/2LNNscJ
http://bit.ly/2VnvoKR
Submitted January 04, 2019 at 01:26PM by ziyahanalbeniz
via reddit http://bit.ly/2LNNscJ
Netsparker
Discovering and Hacking IoT Devices Using Web-Based Attacks
This article discusses recent university level research on web-based attacks involving the discovery, hacking and remote control of Internet of Things (IoT) devices. We examine the duration and phases of these attacks, and conclude by suggesting some web…
Major hack of German politicians’ private data
http://bit.ly/2AvFaSp
Submitted January 04, 2019 at 04:16PM by yesnoornext
via reddit http://bit.ly/2Qopgyf
http://bit.ly/2AvFaSp
Submitted January 04, 2019 at 04:16PM by yesnoornext
via reddit http://bit.ly/2Qopgyf
threader.app
A thread written by @JulianRoepcke
#BREAKINGGermany faces the biggest hacker attack in its history.Private data of almost 1000 German #Bundestag, #Regional Parliament & #EU delegates was leaked.I worked through the leaked data all night. It's shocking!Not affected so far: #AfD.https://t.c…
Easily convert your APK into an Android Studio Project with APC, version 1.1 release notes!
http://bit.ly/2TnW2Be
Submitted January 04, 2019 at 10:32PM by ThisIsLibra
via reddit http://bit.ly/2COzGU1
http://bit.ly/2TnW2Be
Submitted January 04, 2019 at 10:32PM by ThisIsLibra
via reddit http://bit.ly/2COzGU1
reddit
r/netsec - Easily convert your APK into an Android Studio Project with APC, version 1.1 release notes!
2 votes and 0 comments so far on Reddit
Phishing template uses fake fonts to decode content and evade detection
http://bit.ly/2RdgB6T
Submitted January 05, 2019 at 01:07AM by cwardnet
via reddit http://bit.ly/2AtQ76U
http://bit.ly/2RdgB6T
Submitted January 05, 2019 at 01:07AM by cwardnet
via reddit http://bit.ly/2AtQ76U
Proofpoint
Phishing template uses fake fonts to decode content and evade
Proofpoint researchers describe a new phishing template that uses a previously undocumented font trick to decode and display pages.
BEC-International Slack Channel Aims at Impacting Fraud Across the Globe. TLP:White Information Sharing
http://bit.ly/2LQLI2e
Submitted January 05, 2019 at 02:36AM by iHeartMalware
via reddit http://bit.ly/2F9eNWh
http://bit.ly/2LQLI2e
Submitted January 05, 2019 at 02:36AM by iHeartMalware
via reddit http://bit.ly/2F9eNWh
Medium
BEC-International Slack Channel
Hello world!
Sensitive data captured in screenshots taken by Air Canada mobile application
http://bit.ly/2TsUMNi
Submitted January 05, 2019 at 07:41PM by kahunalu
via reddit http://bit.ly/2AyLGaT
http://bit.ly/2TsUMNi
Submitted January 05, 2019 at 07:41PM by kahunalu
via reddit http://bit.ly/2AyLGaT
New Town of Salem breach - already 27% cracked hashes available publicly
http://bit.ly/2LUe4IM
Submitted January 05, 2019 at 08:54PM by s3inlc
via reddit http://bit.ly/2RayVxI
http://bit.ly/2LUe4IM
Submitted January 05, 2019 at 08:54PM by s3inlc
via reddit http://bit.ly/2RayVxI
hashes.org
Hashes.org - Leak 'Blankmediagames.com (Town of Salem)'
Hashes.org is a community recovering password from submitted hashes.
HackTheBox — Mischief Writeup
http://bit.ly/2CRZVcs
Submitted January 05, 2019 at 11:57PM by TheShahzada
via reddit http://bit.ly/2Ty4hel
http://bit.ly/2CRZVcs
Submitted January 05, 2019 at 11:57PM by TheShahzada
via reddit http://bit.ly/2Ty4hel
Medium
HackTheBox — Mischief Writeup
This is one of my favorite Machine. And it’s my first CTF & HackTheBox write-up. If you read this please give me feedback, How was the…
Tool release: Universal Phishing Reverse Proxy "Modlishka" (2FA support)
http://bit.ly/2GQxEa6
Submitted January 06, 2019 at 03:36PM by piotrd_
via reddit http://bit.ly/2C5Arqj
http://bit.ly/2GQxEa6
Submitted January 06, 2019 at 03:36PM by piotrd_
via reddit http://bit.ly/2C5Arqj
GitHub
drk1wi/Modlishka
Modlishka. Reverse Proxy. Phishing NG. Contribute to drk1wi/Modlishka development by creating an account on GitHub.
Vidar and GandCrab: stealer and ransomware combo observed in the wild - Malwarebytes Labs
http://bit.ly/2F90nob
Submitted January 07, 2019 at 12:43AM by Papopoulis
via reddit http://bit.ly/2C6UG79
http://bit.ly/2F90nob
Submitted January 07, 2019 at 12:43AM by Papopoulis
via reddit http://bit.ly/2C6UG79
Malwarebytes
Vidar and GandCrab: stealer and ransomware combo observed in the wild
Threat actors combine new stealer Vidar and GandCrab ransomware in one-two punch.
PVS-Studio and Bug Bounties on Free and Open Source Software with the total bounty amount of about €850,000
http://bit.ly/2SExfJr
Submitted January 07, 2019 at 01:23AM by Muscat1992
via reddit http://bit.ly/2TrUypC
http://bit.ly/2SExfJr
Submitted January 07, 2019 at 01:23AM by Muscat1992
via reddit http://bit.ly/2TrUypC
Medium
PVS-Studio and Bug Bounties on Free and Open Source Software
n January, the EU is launching another big hunt for bugs in open-source software projects with the total bounty amount of about €850,000…
Pass the Cookie (Cloud Pivot) - Cheat Sheet
http://bit.ly/2VxENPQ
Submitted January 07, 2019 at 08:51AM by tomiknocker24
via reddit http://bit.ly/2C8UN2a
http://bit.ly/2VxENPQ
Submitted January 07, 2019 at 08:51AM by tomiknocker24
via reddit http://bit.ly/2C8UN2a
reddit
r/netsec - Pass the Cookie (Cloud Pivot) - Cheat Sheet
7 votes and 1 comment so far on Reddit
Australian Emergency Warning System hack leads to potential phishing message broadcast to thousands
https://ab.co/2CV8raz
Submitted January 07, 2019 at 03:48PM by Sgt_Splattery_Pants
via reddit http://bit.ly/2H1iKOk
https://ab.co/2CV8raz
Submitted January 07, 2019 at 03:48PM by Sgt_Splattery_Pants
via reddit http://bit.ly/2H1iKOk
ABC News
Emergency text and email service hacked, thousands receive warning messages about their personal data
A hacker sends malicious messages via text, email, and landline to tens of thousands of people across Australia after an emergency warning alert service, used by councils, is hacked.
SlackPirate - The Slack Enumeration and Extraction Tool
http://bit.ly/2TzbDOr
Submitted January 07, 2019 at 04:30PM by emtunc
via reddit http://bit.ly/2SNbUNK
http://bit.ly/2TzbDOr
Submitted January 07, 2019 at 04:30PM by emtunc
via reddit http://bit.ly/2SNbUNK
GitHub
emtunc/SlackPirate
Slack Enumeration and Extraction Tool - extract sensitive information from a Slack Workspace - emtunc/SlackPirate
Adding security checks to Continous Integration pipelines
http://bit.ly/2H2u2Sv
Submitted January 07, 2019 at 09:30PM by alexksak
via reddit http://bit.ly/2FgSrRZ
http://bit.ly/2H2u2Sv
Submitted January 07, 2019 at 09:30PM by alexksak
via reddit http://bit.ly/2FgSrRZ
alxk's blog
Effective Security Pipeline
Building an effective DevSecOps pipeline to catch security issues both during development and continuously in production.
ON CALL NIGHTMARES: Episode 4 - Tanya Janca - Podcast
http://bit.ly/2QjxFD6
Submitted January 07, 2019 at 10:13PM by shehackspurple
via reddit http://bit.ly/2Rj65eE
http://bit.ly/2QjxFD6
Submitted January 07, 2019 at 10:13PM by shehackspurple
via reddit http://bit.ly/2Rj65eE
Podomatic
Episode 4 - Tanya Janca - Microsoft
There's on-call in nearly every aspect of the tech industry, in this episode we will focus on Security.
Tanya Janca is a senior cloud advocate for Microsoft, specializing in application and cloud security; evangelizing software security and advocating…
Tanya Janca is a senior cloud advocate for Microsoft, specializing in application and cloud security; evangelizing software security and advocating…
ChinaZ Revelations: Revealing ChinaZ Relationships with other Chinese Threat Actor Groups
http://bit.ly/2TvPII4
Submitted January 07, 2019 at 11:48PM by ulexec
via reddit http://bit.ly/2s9RCma
http://bit.ly/2TvPII4
Submitted January 07, 2019 at 11:48PM by ulexec
via reddit http://bit.ly/2s9RCma
reddit
r/netsec - ChinaZ Revelations: Revealing ChinaZ Relationships with other Chinese Threat Actor Groups
1 vote and 0 comments so far on Reddit
Few ideas how to maintain security while building a remote company.
http://bit.ly/2Fea2KO
Submitted January 08, 2019 at 12:29AM by ded1cated
via reddit http://bit.ly/2Fk2mGt
http://bit.ly/2Fea2KO
Submitted January 08, 2019 at 12:29AM by ded1cated
via reddit http://bit.ly/2Fk2mGt
WebARX
Remote Work Security Guide - WebARX Security Blog
Working in a remote team comes with its own challenges. To make sure your company data is protected and secure you need to know about remote work security.
XSS Account Persistence With Oauth
http://bit.ly/2RwNnPX
Submitted January 07, 2019 at 02:38PM by wifihack
via reddit http://bit.ly/2FkblaF
http://bit.ly/2RwNnPX
Submitted January 07, 2019 at 02:38PM by wifihack
via reddit http://bit.ly/2FkblaF
GitHub
dxa4481/XSSOauthPersistence
Maintaining account persistence via XSS and Oauth. Contribute to dxa4481/XSSOauthPersistence development by creating an account on GitHub.