ON CALL NIGHTMARES: Episode 4 - Tanya Janca - Podcast
http://bit.ly/2QjxFD6
Submitted January 07, 2019 at 10:13PM by shehackspurple
via reddit http://bit.ly/2Rj65eE
http://bit.ly/2QjxFD6
Submitted January 07, 2019 at 10:13PM by shehackspurple
via reddit http://bit.ly/2Rj65eE
Podomatic
Episode 4 - Tanya Janca - Microsoft
There's on-call in nearly every aspect of the tech industry, in this episode we will focus on Security.
Tanya Janca is a senior cloud advocate for Microsoft, specializing in application and cloud security; evangelizing software security and advocating…
Tanya Janca is a senior cloud advocate for Microsoft, specializing in application and cloud security; evangelizing software security and advocating…
ChinaZ Revelations: Revealing ChinaZ Relationships with other Chinese Threat Actor Groups
http://bit.ly/2TvPII4
Submitted January 07, 2019 at 11:48PM by ulexec
via reddit http://bit.ly/2s9RCma
http://bit.ly/2TvPII4
Submitted January 07, 2019 at 11:48PM by ulexec
via reddit http://bit.ly/2s9RCma
reddit
r/netsec - ChinaZ Revelations: Revealing ChinaZ Relationships with other Chinese Threat Actor Groups
1 vote and 0 comments so far on Reddit
Few ideas how to maintain security while building a remote company.
http://bit.ly/2Fea2KO
Submitted January 08, 2019 at 12:29AM by ded1cated
via reddit http://bit.ly/2Fk2mGt
http://bit.ly/2Fea2KO
Submitted January 08, 2019 at 12:29AM by ded1cated
via reddit http://bit.ly/2Fk2mGt
WebARX
Remote Work Security Guide - WebARX Security Blog
Working in a remote team comes with its own challenges. To make sure your company data is protected and secure you need to know about remote work security.
XSS Account Persistence With Oauth
http://bit.ly/2RwNnPX
Submitted January 07, 2019 at 02:38PM by wifihack
via reddit http://bit.ly/2FkblaF
http://bit.ly/2RwNnPX
Submitted January 07, 2019 at 02:38PM by wifihack
via reddit http://bit.ly/2FkblaF
GitHub
dxa4481/XSSOauthPersistence
Maintaining account persistence via XSS and Oauth. Contribute to dxa4481/XSSOauthPersistence development by creating an account on GitHub.
Office 365 secure score
http://bit.ly/2RenchC
Submitted January 08, 2019 at 03:54AM by svotso
via reddit http://bit.ly/2CaIr9M
http://bit.ly/2RenchC
Submitted January 08, 2019 at 03:54AM by svotso
via reddit http://bit.ly/2CaIr9M
Docs
Office 365 Secure Score
Ever wonder how secure your organization really is in Office 365? Secure Score is here to help. Secure Score analyzes your organization's security based on your regular activities and security settings in Offic 365, and assigns a score.
Ethereum Classic (ETC) is currently being 51% attacked
http://bit.ly/2CUeYCf
Submitted January 08, 2019 at 08:36AM by sluglord14
via reddit http://bit.ly/2Ty0Y6T
http://bit.ly/2CUeYCf
Submitted January 08, 2019 at 08:36AM by sluglord14
via reddit http://bit.ly/2Ty0Y6T
The Coinbase Blog
Deep Chain Reorganization Detected on Ethereum Classic (ETC)
On 1/5/2019, Coinbase detected a deep reorg of the Ethereum Classic blockchain that included a double spend. In order to protect customer…
Buffer Overflow Practical Examples , metasploit , gdb and objdump !
http://bit.ly/2LXrq7l
Submitted January 08, 2019 at 07:18PM by Ahm3d_H3sham
via reddit http://bit.ly/2AAqpNT
http://bit.ly/2LXrq7l
Submitted January 08, 2019 at 07:18PM by Ahm3d_H3sham
via reddit http://bit.ly/2AAqpNT
0xRick Owned Root !
Buffer Overflow Practical Examples , metasploit , gdb and objdump ! - protostar stack3
Introduction Hey I’m back again with another article , today I’m going to solve protostar stack3 but this time it’s going to be a bit different , In the last two articles I solved stack0 , stack1 and stack2 and I used the source code of the binaries to identify…
Engineering Security (2014) by Peter Guttman
http://bit.ly/1itm1mL
Submitted January 08, 2019 at 10:34PM by nickpsecurity
via reddit http://bit.ly/2LWLfvy
http://bit.ly/1itm1mL
Submitted January 08, 2019 at 10:34PM by nickpsecurity
via reddit http://bit.ly/2LWLfvy
Reddit
From the netsec community on Reddit: Engineering Security (2014) by Peter Guttman
Posted by nickpsecurity - 24 votes and 3 comments
Adware Disguised as Game, TV, Remote Control Apps Infect 9 Million Google Play Users
http://bit.ly/2Tvfaxk
Submitted January 08, 2019 at 10:16PM by EvanConover
via reddit http://bit.ly/2shmGQY
http://bit.ly/2Tvfaxk
Submitted January 08, 2019 at 10:16PM by EvanConover
via reddit http://bit.ly/2shmGQY
Trendmicro
Adware Disguised as Game, TV, Remote Control Apps Infect 9 Million Google Play Users - TrendLabs Security Intelligence Blog
We recently discovered an active adware family (AndroidOS_HidenAd) disguised as 85 apps on the Google Play store with a total of 9 million downloads.
LeakLooker — Find open databases in a second
http://bit.ly/2sitr56
Submitted January 08, 2019 at 11:21PM by Mysterii8
via reddit http://bit.ly/2CbmfvW
http://bit.ly/2sitr56
Submitted January 08, 2019 at 11:21PM by Mysterii8
via reddit http://bit.ly/2CbmfvW
Medium
LeakLooker — Find open databases in a second
TL;DR With LeakLooker you can find publicly open MongoDB, CouchDB and Elasticsearch database, it also includes Kibana instances. Script…
TCP SYN Packet Denial Of Service Vulnerability on the WIFI interface of Samsung devices
http://bit.ly/2wKYQzU
Submitted January 08, 2019 at 11:20PM by hemorro
via reddit http://bit.ly/2Rknljp
http://bit.ly/2wKYQzU
Submitted January 08, 2019 at 11:20PM by hemorro
via reddit http://bit.ly/2Rknljp
reddit
r/netsec - TCP SYN Packet Denial Of Service Vulnerability on the WIFI interface of Samsung devices
1 vote and 0 comments so far on Reddit
'Spoofing' Google Search results
http://bit.ly/2TD1P63
Submitted January 09, 2019 at 05:17AM by Wietze-
via reddit http://bit.ly/2FeiRV3
http://bit.ly/2TD1P63
Submitted January 09, 2019 at 05:17AM by Wietze-
via reddit http://bit.ly/2FeiRV3
www.wietzebeukema.nl
Spoofing Google Search results
Use of Deserialisation in .NET Framework Methods and Classes
http://bit.ly/2ABM08C
Submitted January 09, 2019 at 01:50PM by digicat
via reddit http://bit.ly/2SKL6Om
http://bit.ly/2ABM08C
Submitted January 09, 2019 at 01:50PM by digicat
via reddit http://bit.ly/2SKL6Om
OS Page Cache Attacks: new hardware-agnostic side-channel attack
http://bit.ly/2VAPdyt
Submitted January 09, 2019 at 01:48PM by CyberBullets
via reddit http://bit.ly/2RmAysg
http://bit.ly/2VAPdyt
Submitted January 09, 2019 at 01:48PM by CyberBullets
via reddit http://bit.ly/2RmAysg
RCE in Steam Chat
http://bit.ly/2Reqkd7
Submitted January 09, 2019 at 07:13PM by albinowax
via reddit http://bit.ly/2VH0dKo
http://bit.ly/2Reqkd7
Submitted January 09, 2019 at 07:13PM by albinowax
via reddit http://bit.ly/2VH0dKo
HackerOne
Valve disclosed on HackerOne: XSS in steam react chat client
# 1. Background
The Steam Chat client is a particularly interesting system to attack because it's built using a modern set of technologies with strong security characteristics.
It's built on...
The Steam Chat client is a particularly interesting system to attack because it's built using a modern set of technologies with strong security characteristics.
It's built on...
polkit: temporary auth hijacking via PID reuse and non-atomic fork - project-zero
http://bit.ly/2RH1sKw
Submitted January 09, 2019 at 07:08PM by danielkza
via reddit http://bit.ly/2QD5Ohq
http://bit.ly/2RH1sKw
Submitted January 09, 2019 at 07:08PM by danielkza
via reddit http://bit.ly/2QD5Ohq
reddit
r/netsec - polkit: temporary auth hijacking via PID reuse and non-atomic fork - project-zero
1 vote and 0 comments so far on Reddit
RCE On Your Build Server: Gradle Plugin Portal: Clickjacking & Cross-Site Request Forgery enabling Account Takeover
http://bit.ly/2ACqP6m
Submitted January 09, 2019 at 07:50PM by Fido488
via reddit http://bit.ly/2sgxXAW
http://bit.ly/2ACqP6m
Submitted January 09, 2019 at 07:50PM by Fido488
via reddit http://bit.ly/2sgxXAW
Medium
Gradle Plugin Portal: Clickjacking & Cross-Site Request Forgery enabling Account Takeover
Two security vulnerabilities in the Gradle Plugin Portal would have allowed any website to change the username, email & password of any…
5 Best VPN Services with free Trials while torrenting or pirating.
http://bit.ly/2AFI3zZ
Submitted January 09, 2019 at 09:33PM by asa25640
via reddit http://bit.ly/2TEIEc3
http://bit.ly/2AFI3zZ
Submitted January 09, 2019 at 09:33PM by asa25640
via reddit http://bit.ly/2TEIEc3
AndowMac
5 Best VPN Services in 2019 Chosen by Users (Updated January 2019) - AndowMac
11 VPN also known as Virtual Private Network is the best way to surf the internet anonymously without revealing any
Trammell Hudson - Modchips of the State
http://bit.ly/2Fl8r5w
Submitted January 09, 2019 at 09:54PM by liotier
via reddit http://bit.ly/2Fjfix0
http://bit.ly/2Fl8r5w
Submitted January 09, 2019 at 09:54PM by liotier
via reddit http://bit.ly/2Fjfix0
reddit
r/netsec - Trammell Hudson - Modchips of the State
2 votes and 0 comments so far on Reddit
A Policy Based Approach to Docker Security and Compliance
http://bit.ly/2CaxiWd
Submitted January 09, 2019 at 11:58PM by weighanchore
via reddit http://bit.ly/2RnHtkY
http://bit.ly/2CaxiWd
Submitted January 09, 2019 at 11:58PM by weighanchore
via reddit http://bit.ly/2RnHtkY
Anchore
A Policy Based Approach to Container Security and Compliance
At Anchore, we take a preventative, policy-based compliance approach, specific to organizational needs. Our philosophy of scanning and evaluating Docker images against user-defined policies as early as possible in the development lifecycle, greatly reduces…
2FA Can Be Bypassed with New Tool
http://bit.ly/2FhRrO2
Submitted January 09, 2019 at 11:56PM by Fantastic_Fix
via reddit http://bit.ly/2QACTKS
http://bit.ly/2FhRrO2
Submitted January 09, 2019 at 11:56PM by Fantastic_Fix
via reddit http://bit.ly/2QACTKS
InfoSec-IT
2FA Can Be Bypassed with New Tool | InfoSec-IT
2 Factor Authentication may not be as secure as you think, as a new tool has been released that can bypass the security feature.