TCP SYN Packet Denial Of Service Vulnerability on the WIFI interface of Samsung devices
http://bit.ly/2wKYQzU
Submitted January 08, 2019 at 11:20PM by hemorro
via reddit http://bit.ly/2Rknljp
http://bit.ly/2wKYQzU
Submitted January 08, 2019 at 11:20PM by hemorro
via reddit http://bit.ly/2Rknljp
reddit
r/netsec - TCP SYN Packet Denial Of Service Vulnerability on the WIFI interface of Samsung devices
1 vote and 0 comments so far on Reddit
'Spoofing' Google Search results
http://bit.ly/2TD1P63
Submitted January 09, 2019 at 05:17AM by Wietze-
via reddit http://bit.ly/2FeiRV3
http://bit.ly/2TD1P63
Submitted January 09, 2019 at 05:17AM by Wietze-
via reddit http://bit.ly/2FeiRV3
www.wietzebeukema.nl
Spoofing Google Search results
Use of Deserialisation in .NET Framework Methods and Classes
http://bit.ly/2ABM08C
Submitted January 09, 2019 at 01:50PM by digicat
via reddit http://bit.ly/2SKL6Om
http://bit.ly/2ABM08C
Submitted January 09, 2019 at 01:50PM by digicat
via reddit http://bit.ly/2SKL6Om
OS Page Cache Attacks: new hardware-agnostic side-channel attack
http://bit.ly/2VAPdyt
Submitted January 09, 2019 at 01:48PM by CyberBullets
via reddit http://bit.ly/2RmAysg
http://bit.ly/2VAPdyt
Submitted January 09, 2019 at 01:48PM by CyberBullets
via reddit http://bit.ly/2RmAysg
RCE in Steam Chat
http://bit.ly/2Reqkd7
Submitted January 09, 2019 at 07:13PM by albinowax
via reddit http://bit.ly/2VH0dKo
http://bit.ly/2Reqkd7
Submitted January 09, 2019 at 07:13PM by albinowax
via reddit http://bit.ly/2VH0dKo
HackerOne
Valve disclosed on HackerOne: XSS in steam react chat client
# 1. Background
The Steam Chat client is a particularly interesting system to attack because it's built using a modern set of technologies with strong security characteristics.
It's built on...
The Steam Chat client is a particularly interesting system to attack because it's built using a modern set of technologies with strong security characteristics.
It's built on...
polkit: temporary auth hijacking via PID reuse and non-atomic fork - project-zero
http://bit.ly/2RH1sKw
Submitted January 09, 2019 at 07:08PM by danielkza
via reddit http://bit.ly/2QD5Ohq
http://bit.ly/2RH1sKw
Submitted January 09, 2019 at 07:08PM by danielkza
via reddit http://bit.ly/2QD5Ohq
reddit
r/netsec - polkit: temporary auth hijacking via PID reuse and non-atomic fork - project-zero
1 vote and 0 comments so far on Reddit
RCE On Your Build Server: Gradle Plugin Portal: Clickjacking & Cross-Site Request Forgery enabling Account Takeover
http://bit.ly/2ACqP6m
Submitted January 09, 2019 at 07:50PM by Fido488
via reddit http://bit.ly/2sgxXAW
http://bit.ly/2ACqP6m
Submitted January 09, 2019 at 07:50PM by Fido488
via reddit http://bit.ly/2sgxXAW
Medium
Gradle Plugin Portal: Clickjacking & Cross-Site Request Forgery enabling Account Takeover
Two security vulnerabilities in the Gradle Plugin Portal would have allowed any website to change the username, email & password of any…
5 Best VPN Services with free Trials while torrenting or pirating.
http://bit.ly/2AFI3zZ
Submitted January 09, 2019 at 09:33PM by asa25640
via reddit http://bit.ly/2TEIEc3
http://bit.ly/2AFI3zZ
Submitted January 09, 2019 at 09:33PM by asa25640
via reddit http://bit.ly/2TEIEc3
AndowMac
5 Best VPN Services in 2019 Chosen by Users (Updated January 2019) - AndowMac
11 VPN also known as Virtual Private Network is the best way to surf the internet anonymously without revealing any
Trammell Hudson - Modchips of the State
http://bit.ly/2Fl8r5w
Submitted January 09, 2019 at 09:54PM by liotier
via reddit http://bit.ly/2Fjfix0
http://bit.ly/2Fl8r5w
Submitted January 09, 2019 at 09:54PM by liotier
via reddit http://bit.ly/2Fjfix0
reddit
r/netsec - Trammell Hudson - Modchips of the State
2 votes and 0 comments so far on Reddit
A Policy Based Approach to Docker Security and Compliance
http://bit.ly/2CaxiWd
Submitted January 09, 2019 at 11:58PM by weighanchore
via reddit http://bit.ly/2RnHtkY
http://bit.ly/2CaxiWd
Submitted January 09, 2019 at 11:58PM by weighanchore
via reddit http://bit.ly/2RnHtkY
Anchore
A Policy Based Approach to Container Security and Compliance
At Anchore, we take a preventative, policy-based compliance approach, specific to organizational needs. Our philosophy of scanning and evaluating Docker images against user-defined policies as early as possible in the development lifecycle, greatly reduces…
2FA Can Be Bypassed with New Tool
http://bit.ly/2FhRrO2
Submitted January 09, 2019 at 11:56PM by Fantastic_Fix
via reddit http://bit.ly/2QACTKS
http://bit.ly/2FhRrO2
Submitted January 09, 2019 at 11:56PM by Fantastic_Fix
via reddit http://bit.ly/2QACTKS
InfoSec-IT
2FA Can Be Bypassed with New Tool | InfoSec-IT
2 Factor Authentication may not be as secure as you think, as a new tool has been released that can bypass the security feature.
PacketFence v8.3 is out! Clickatell support, spoofing detection based on device profiling and see what's coming up in v9!
http://bit.ly/2LZPwhH
Submitted January 10, 2019 at 01:28AM by extrafu
via reddit http://bit.ly/2QzTvSO
http://bit.ly/2LZPwhH
Submitted January 10, 2019 at 01:28AM by extrafu
via reddit http://bit.ly/2QzTvSO
reddit
r/netsec - PacketFence v8.3 is out! Clickatell support, spoofing detection based on device profiling and see what's coming up in…
2 votes and 1 comment so far on Reddit
RCE via DHCP in Windows
http://bit.ly/2TCwvVe
Submitted January 10, 2019 at 02:44AM by jeffrossisfat
via reddit http://bit.ly/2CZb3nH
http://bit.ly/2TCwvVe
Submitted January 10, 2019 at 02:44AM by jeffrossisfat
via reddit http://bit.ly/2CZb3nH
reddit
r/netsec - RCE via DHCP in Windows
1 vote and 1 comment so far on Reddit
Circumventing Limited Visibility in Detection Engineering
http://bit.ly/2RCYpDi
Submitted January 10, 2019 at 03:06AM by beaulambeau
via reddit http://bit.ly/2RnZZK0
http://bit.ly/2RCYpDi
Submitted January 10, 2019 at 03:06AM by beaulambeau
via reddit http://bit.ly/2RnZZK0
Red Canary
How To Detect Cybersecurity Threats with Limited Visibility
Security tools have limited visibility, but you can work around endpoint detection and response (EDR) and other tooling limitations with these tips.
System Down: a systemd-journald exploit
http://bit.ly/2RmCkt9
Submitted January 10, 2019 at 10:40AM by 0xdea
via reddit http://bit.ly/2FlVM2S
http://bit.ly/2RmCkt9
Submitted January 10, 2019 at 10:40AM by 0xdea
via reddit http://bit.ly/2FlVM2S
Chinese Criminals pull off an Italian Job...
http://bit.ly/2ADogkG
Submitted January 10, 2019 at 12:59PM by Taur3an
via reddit http://bit.ly/2FkUBjw
http://bit.ly/2ADogkG
Submitted January 10, 2019 at 12:59PM by Taur3an
via reddit http://bit.ly/2FkUBjw
The Economic Times
How Chinese hackers pulled off the Italian con job, a Rs 130-crore heist
The hackers sent spoofed emails of group CEO and held fake conference calls to fool India head of Italian company Tecnimont SpA.
Top 10 GDPR Violations and Incidents of 2018
http://bit.ly/2VFL9Nb
Submitted January 10, 2019 at 06:40PM by KeyDutch
via reddit http://bit.ly/2FjleWI
http://bit.ly/2VFL9Nb
Submitted January 10, 2019 at 06:40PM by KeyDutch
via reddit http://bit.ly/2FjleWI
Htbridge
Top 10 GDPR Violations and Incidents of 2018
A brief overview of the most important security and privacy incidents that may have serious GDPR ramifications.
OWASP 2019 Strategy Doc - Request for feedback
http://bit.ly/2QC94tc
Submitted January 10, 2019 at 07:42PM by kerberosmansour
via reddit http://bit.ly/2TIZQgR
http://bit.ly/2QC94tc
Submitted January 10, 2019 at 07:42PM by kerberosmansour
via reddit http://bit.ly/2TIZQgR
Google Docs
DRAFT OWASP Foundation Assessment & Strategic Approach
DRAFT OWASP Foundation Assessment & Strategic Approach Current Position SWOT Analysis Strengths Weaknesses Opportunities Threats Strategic position Financial position Assessment of Risks Porters five forces Challenges + Strategic Options PESTLE Analysis…
The mystery of steganography
http://bit.ly/2C9p1C2
Submitted January 10, 2019 at 08:30PM by liotier
via reddit http://bit.ly/2siKqEp
http://bit.ly/2C9p1C2
Submitted January 10, 2019 at 08:30PM by liotier
via reddit http://bit.ly/2siKqEp
Increment
The mystery of steganography – Increment: Security
Modern, nefarious interpretations of the age-old technique of covert communication have stoked the fires of curiosity—but is steganography really a major security concern?
ves: Command Line End-to-End Encryption Utility. Encrypt Everything Without Fear of Losing the Key
http://bit.ly/2AtTrPd
Submitted January 10, 2019 at 09:53PM by vesvault
via reddit http://bit.ly/2RjK6UB
http://bit.ly/2AtTrPd
Submitted January 10, 2019 at 09:53PM by vesvault
via reddit http://bit.ly/2RjK6UB
reddit
r/linux - ves: Command Line End-to-End Encryption Utility. Encrypt Everything Without Fear of Losing the Key
13 votes and 12 comments so far on Reddit
Z-WASP Vulnerability Used to Phish Office 365 and ATP
http://bit.ly/2FlkMHw
Submitted January 10, 2019 at 09:51PM by EvanConover
via reddit http://bit.ly/2RhdieW
http://bit.ly/2FlkMHw
Submitted January 10, 2019 at 09:51PM by EvanConover
via reddit http://bit.ly/2RhdieW
Avanan
Z-WASP Vulnerability Used to Phish Office 365 and ATP
The ZWASP phishing method was taking advantage of a vulnerability in Office 365 to bypass all of Microsoft's security. All Office 365 users were vulnerable, with or without ATP. Avanan worked with Microsoft to repair the vulnerability.