Netsec – Telegram
Netsec
@RNetsec
7.49K subscribers
22.5K links
This channel posts the feed from r/netsec.
For any suggestions dm @streaak
Donate to keep the bot running https://www.paypal.me/akhilgv
Download Telegram
About
Blog
Apps
Platform
Join
Netsec
7.49K subscribers
Netsec
A Policy Based Approach to Docker Security and Compliance
http://bit.ly/2CaxiWd

Submitted January 09, 2019 at 11:58PM by weighanchore
via reddit http://bit.ly/2RnHtkY
Anchore
A Policy Based Approach to Container Security and Compliance
At Anchore, we take a preventative, policy-based compliance approach, specific to organizational needs. Our philosophy of scanning and evaluating Docker images against user-defined policies as early as possible in the development lifecycle, greatly reduces…
214 views
Netsec
2FA Can Be Bypassed with New Tool
http://bit.ly/2FhRrO2

Submitted January 09, 2019 at 11:56PM by Fantastic_Fix
via reddit http://bit.ly/2QACTKS
InfoSec-IT
2FA Can Be Bypassed with New Tool | InfoSec-IT
2 Factor Authentication may not be as secure as you think, as a new tool has been released that can bypass the security feature.
230 views
Netsec
PacketFence v8.3 is out! Clickatell support, spoofing detection based on device profiling and see what's coming up in v9!
http://bit.ly/2LZPwhH

Submitted January 10, 2019 at 01:28AM by extrafu
via reddit http://bit.ly/2QzTvSO
reddit
r/netsec - PacketFence v8.3 is out! Clickatell support, spoofing detection based on device profiling and see what's coming up in…
2 votes and 1 comment so far on Reddit
211 views
Netsec
RCE via DHCP in Windows
http://bit.ly/2TCwvVe

Submitted January 10, 2019 at 02:44AM by jeffrossisfat
via reddit http://bit.ly/2CZb3nH
reddit
r/netsec - RCE via DHCP in Windows
1 vote and 1 comment so far on Reddit
309 views
Netsec
Circumventing Limited Visibility in Detection Engineering
http://bit.ly/2RCYpDi

Submitted January 10, 2019 at 03:06AM by beaulambeau
via reddit http://bit.ly/2RnZZK0
Red Canary
How To Detect Cybersecurity Threats with Limited Visibility
Security tools have limited visibility, but you can work around endpoint detection and response (EDR) and other tooling limitations with these tips.
218 views
Netsec
System Down: a systemd-journald exploit
http://bit.ly/2RmCkt9

Submitted January 10, 2019 at 10:40AM by 0xdea
via reddit http://bit.ly/2FlVM2S
227 views
Netsec
Chinese Criminals pull off an Italian Job...
http://bit.ly/2ADogkG

Submitted January 10, 2019 at 12:59PM by Taur3an
via reddit http://bit.ly/2FkUBjw
The Economic Times
How Chinese hackers pulled off the Italian con job, a Rs 130-crore heist
The hackers sent spoofed emails of group CEO and held fake conference calls to fool India head of Italian company Tecnimont SpA.
224 views
Netsec
Top 10 GDPR Violations and Incidents of 2018
http://bit.ly/2VFL9Nb

Submitted January 10, 2019 at 06:40PM by KeyDutch
via reddit http://bit.ly/2FjleWI
Htbridge
Top 10 GDPR Violations and Incidents of 2018
A brief overview of the most important security and privacy incidents that may have serious GDPR ramifications.
251 views
Netsec
OWASP 2019 Strategy Doc - Request for feedback
http://bit.ly/2QC94tc

Submitted January 10, 2019 at 07:42PM by kerberosmansour
via reddit http://bit.ly/2TIZQgR
Google Docs
DRAFT OWASP Foundation Assessment & Strategic Approach
DRAFT OWASP Foundation Assessment & Strategic Approach Current Position SWOT Analysis Strengths Weaknesses Opportunities Threats Strategic position Financial position Assessment of Risks Porters five forces Challenges + Strategic Options PESTLE Analysis…
237 views
Netsec
The mystery of steganography
http://bit.ly/2C9p1C2

Submitted January 10, 2019 at 08:30PM by liotier
via reddit http://bit.ly/2siKqEp
Increment
The mystery of steganography – Increment: Security
Modern, nefarious interpretations of the age-old technique of covert communication have stoked the fires of curiosity—but is steganography really a major security concern?
223 views
Netsec
ves: Command Line End-to-End Encryption Utility. Encrypt Everything Without Fear of Losing the Key
http://bit.ly/2AtTrPd

Submitted January 10, 2019 at 09:53PM by vesvault
via reddit http://bit.ly/2RjK6UB
reddit
r/linux - ves: Command Line End-to-End Encryption Utility. Encrypt Everything Without Fear of Losing the Key
13 votes and 12 comments so far on Reddit
231 views
Netsec
Z-WASP Vulnerability Used to Phish Office 365 and ATP
http://bit.ly/2FlkMHw

Submitted January 10, 2019 at 09:51PM by EvanConover
via reddit http://bit.ly/2RhdieW
Avanan
Z-WASP Vulnerability Used to Phish Office 365 and ATP
The ZWASP phishing method was taking advantage of a vulnerability in Office 365 to bypass all of Microsoft's security. All Office 365 users were vulnerable, with or without ATP. Avanan worked with Microsoft to repair the vulnerability.
227 views
Netsec
ServHelper and FlawedGrace - New malware introduced by TA505
http://bit.ly/2M4dnN6

Submitted January 10, 2019 at 10:51PM by EvanConover
via reddit http://bit.ly/2VI8u0L
Proofpoint
ServHelper and FlawedGrace - New malware introduced by TA505
Proofpoint researchers detail two undocumented pieces of malware being used by TA505.
236 views
Netsec
Global DNS Hijacking Campaign: DNS Record Manipulation at Scale
http://bit.ly/2QDUmlH

Submitted January 11, 2019 at 02:25AM by TheFlame937
via reddit http://bit.ly/2FplxP6
FireEye
Global DNS Hijacking Campaign: DNS Record Manipulation at Scale « Global DNS Hijacking Campaign: DNS Record Manipulation at Scale
We detail three different ways we have seen DNS records be manipulated to enable victim compromises.
227 views
Netsec
Global DNS Hijacking Campaign: DNS Record Manipulation at Scale
http://bit.ly/2QDUmlH

Submitted January 11, 2019 at 08:45AM by fireh7nter
via reddit http://bit.ly/2CdLQ7B
FireEye
Global DNS Hijacking Campaign: DNS Record Manipulation at Scale « Global DNS Hijacking Campaign: DNS Record Manipulation at Scale
We detail three different ways we have seen DNS records be manipulated to enable victim compromises.
228 views
Netsec
/r/netsec's Q1 2019 Information Security Hiring Thread
OverviewIf you have open positions at your company for information security professionals and would like to hire from the /r/netsec user base, please leave a comment detailing any open job listings at your company.We would also like to encourage you to post internship positions as well. Many of our readers are currently in school or are just finishing their education.Please reserve top level comments for those posting open positions.Rules & GuidelinesInclude the company name in the post. If you want to be topsykret, go recruit elsewhere.Include the geographic location of the position along with the availability of relocation assistance or remote work.If you are a third party recruiter, you must disclose this in your posting.Please be thorough and upfront with the position details.Use of non-hr'd (realistic) requirements is encouraged.While it's fine to link to the position on your companies website, provide the important details in the comment.Mention if applicants should apply officially through HR, or directly through you.Please clearly list citizenship, visa, and security clearance requirements.You can see an example of acceptable posts by perusing past hiring threads.FeedbackFeedback and suggestions are welcome, but please don't hijack this thread (use moderator mail instead.)

Submitted January 11, 2019 at 07:21AM by ranok
via reddit http://bit.ly/2H4r5kg
235 views
Netsec
Phishing for the Catch of a Lifetime
http://bit.ly/2TMeQut

Submitted January 11, 2019 at 03:53PM by jeramyfromthefuture
via reddit http://bit.ly/2FqP0Is
armadillo
Phishing for the Catch of a Lifetime - armadillo
Fish are tricked into biting the bait on the end of a rod, just as phishing attacks prey on individuals who are fooled into opening fraudulent emails.
217 views
Netsec
New WhatsApp bug may have been discovered, exposes message history in plain text
http://bit.ly/2SJh11K

Submitted January 11, 2019 at 05:33PM by Titokhan
via reddit http://bit.ly/2FkoHED
Piunika Web
New WhatsApp bug may have been discovered, exposes message history in plain text - Piunika Web
Amazon employee Abby Fuller said after they used their new SIM with a new phone, and logged into WhatsApp, they could see someone else's message history.
257 views
Netsec
COM XSL Transformation: Bypassing Microsoft Application Control Solutions (CVE-2018-8492) - Awesome post!
http://bit.ly/2sjSxQU

Submitted January 11, 2019 at 07:12PM by oddvarmoe
via reddit http://bit.ly/2FsyjvZ
| bohops |
COM XSL Transformation: Bypassing Microsoft Application Control Solutions (CVE-2018-8492)
Introduction Greetings, Everyone!  It has been several months since I’ve blogged, so it seems fitting to start the New Year off with a post about two topics that I thoroughly enjoy exploring: Appli…
224 views
Netsec
Metasploit Framework 5.0 Released
http://bit.ly/2CdXKy9

Submitted January 11, 2019 at 07:31PM by DemanHD
via reddit http://bit.ly/2VKiGWH
Rapid7 Blog
Metasploit Framework 5.0 Released
We are happy to announce the release of Metasploit 5.0, the culmination of work by the Metasploit team over the past year.
224 views
Netsec
Ryuk Ransomware Attack: Rush to Attribution Misses the Point
http://bit.ly/2LY76CC

Submitted January 11, 2019 at 09:21PM by EvanConover
via reddit http://bit.ly/2M6TC7N
McAfee Blogs
Ryuk Ransomware Attack: Rush to Attribution Misses the Point | McAfee Blogs
Senior analyst Ryan Sherstobitoff contributed to this report. During the past week, an outbreak of Ryuk ransomware that impeded newspaper printing
215 views