TEMPEST - We see your secrets
http://bit.ly/2GbbsGJ
Submitted February 04, 2019 at 11:35PM by digitalinterruption
via reddit http://bit.ly/2UDVB6E
http://bit.ly/2GbbsGJ
Submitted February 04, 2019 at 11:35PM by digitalinterruption
via reddit http://bit.ly/2UDVB6E
Digital Interruption
TEMPEST - We see your secrets | Digital Interruption
In this post we discuss how practical TEMPEST attacks are whether it's something most companies should worry about when considering cyber security.
3 Billion Yahoo Accounts Hacked
http://bit.ly/2WHt7L6
Submitted February 05, 2019 at 12:14AM by PreciousPresley
via reddit http://bit.ly/2Biebdp
http://bit.ly/2WHt7L6
Submitted February 05, 2019 at 12:14AM by PreciousPresley
via reddit http://bit.ly/2Biebdp
Surfshark
3 Billion Hacked Yahoo Accounts, and Other Biggest Data Breaches - Surfshark
261 499 every hour or 73 per second - the number of data records lost or stolen every hour. A considerable part of the leaks is sensitive information - like credit card details, home addresses or social security numbers.
Exploit Walkthrough: Java XML Object Deserialization in OpenMRS Healthcare Software
http://bit.ly/2RFKuIm
Submitted February 05, 2019 at 12:10AM by SilentEcho
via reddit http://bit.ly/2TxBaIy
http://bit.ly/2RFKuIm
Submitted February 05, 2019 at 12:10AM by SilentEcho
via reddit http://bit.ly/2TxBaIy
Bishop Fox
OpenMRS - Insecure Object Deserialization - Bishop Fox
OpenMRS is a collaborative open-source project through which users can develop software to support healthcare in developing countries. In 2017, OpenMRS was implemented on more than 3,000 sites and stored information for over 8.7 million active patients. A…
Hacking an Aftermarket Remote Start System (CarLinkBT Series - Part 2)
http://bit.ly/2Wzlt5k
Submitted February 05, 2019 at 12:06AM by marketingversprite
via reddit http://bit.ly/2GnNW8L
http://bit.ly/2Wzlt5k
Submitted February 05, 2019 at 12:06AM by marketingversprite
via reddit http://bit.ly/2GnNW8L
VerSprite | Integrated Security Services and Consulting
Hacking an Aftermarket Remote Start System (Part 2) | VerSprite Research
In part two of this series, we’ll dive deeper into the technical specifications of the CarLinkBT module. and walkthrough expoitation.
Report: CEOs the Weakest Link with Security Measures
http://bit.ly/2Wwu6Og
Submitted February 05, 2019 at 12:05AM by token_app
via reddit http://bit.ly/2UEfJFB
http://bit.ly/2Wwu6Og
Submitted February 05, 2019 at 12:05AM by token_app
via reddit http://bit.ly/2UEfJFB
Securitymagazine
Report: CEOs the Weakest Link with Security Measures
A new report from The Bunker has highlighted that senior executives are still often the weakest link in the corporate cybersecurity chain and that cybercriminals target this vulnerability to commit serious data breaches.
Examining Pointer Authentication on the iPhone XS
http://bit.ly/2UDk4cp
Submitted February 04, 2019 at 10:29AM by wxor
via reddit http://bit.ly/2GnOivP
http://bit.ly/2UDk4cp
Submitted February 04, 2019 at 10:29AM by wxor
via reddit http://bit.ly/2GnOivP
reddit
r/netsec - Examining Pointer Authentication on the iPhone XS
1 vote and 0 comments so far on Reddit
Phishing U2F-Protected Accounts
https://www.youtube.com/watch?v=rPTI9e-9tBE
Submitted February 03, 2019 at 07:21AM by FarSide792
via reddit http://bit.ly/2WGUKE3
https://www.youtube.com/watch?v=rPTI9e-9tBE
Submitted February 03, 2019 at 07:21AM by FarSide792
via reddit http://bit.ly/2WGUKE3
YouTube
E 03 Phishing U2F Protected Accounts Nikita Mazurov Kenny Brown
These are the videos from BSides Tampa 2019: http://www.irongeek.com/i.php?page=videos/bsidestampa2019/mainlist Patreon: https://www.patreon.com/irongeek
Creating High Entropy Passwords on Linux
http://bit.ly/2t56L8L
Submitted February 05, 2019 at 06:43AM by weej
via reddit http://bit.ly/2HP9kpC
http://bit.ly/2t56L8L
Submitted February 05, 2019 at 06:43AM by weej
via reddit http://bit.ly/2HP9kpC
Cjbarker
CJ Barker | Creating High Entropy Passwords on Linux
CJ Barker - Husband, Father, Software Craftsman, InfoSec Enthusiast, Drummer and a gorilla in a man suit trying to make his way in life.
Why All Users Should Change Passwords Today
http://bit.ly/2G4yb7m
Submitted February 05, 2019 at 04:57PM by el_programmer
via reddit http://bit.ly/2SvqblA
http://bit.ly/2G4yb7m
Submitted February 05, 2019 at 04:57PM by el_programmer
via reddit http://bit.ly/2SvqblA
Infosecurity Magazine
Why All Users Should Change Passwords Today
Change Your Password Day is a good time to switch to a password manager.
Reverse RDP attack: Code Execution on RDP clients
http://bit.ly/2BlpgdH
Submitted February 05, 2019 at 08:41PM by eyalitki
via reddit http://bit.ly/2WHGFpT
http://bit.ly/2BlpgdH
Submitted February 05, 2019 at 08:41PM by eyalitki
via reddit http://bit.ly/2WHGFpT
Check Point Research
Home - Check Point Research
Latest Research by our Team
Exploiting Google "dot" Email Accounts for Fun and for Profit. But mostly for profit
http://bit.ly/2DldReb
Submitted February 05, 2019 at 10:15PM by iHeartMalware
via reddit http://bit.ly/2ULZkPL
http://bit.ly/2DldReb
Submitted February 05, 2019 at 10:15PM by iHeartMalware
via reddit http://bit.ly/2ULZkPL
Agari
BEC Actors Exploit Gmail “Dot Accounts” to Scale Activity | Agari
Cybercriminals are taking advantage of a Gmail feature to scale fradulent activity, including filing fake tax returns, credit card applications, and more.
Cisco Identity Services Engine: from unauth stored XSS to RCE as root
http://bit.ly/2t4jYyB
Submitted February 05, 2019 at 09:00AM by jose_boneh
via reddit http://bit.ly/2HVKlRx
http://bit.ly/2t4jYyB
Submitted February 05, 2019 at 09:00AM by jose_boneh
via reddit http://bit.ly/2HVKlRx
reddit
r/netsec - Cisco Identity Services Engine: from unauth stored XSS to RCE as root
1 vote and 1 comment so far on Reddit
Introducing tmpnix - an alternative to static binaries for post exploitation
http://bit.ly/2t5jBDM
Submitted February 05, 2019 at 10:46PM by alech_de
via reddit http://bit.ly/2HQPE4I
http://bit.ly/2t5jBDM
Submitted February 05, 2019 at 10:46PM by alech_de
via reddit http://bit.ly/2HQPE4I
shiftordie.de
Introducing tmpnix - an alternative to static binaries for post exploitation - shift or die
Introducing tmpnix - an alternative to static binaries for post exploitation
Feb ...
Feb ...
Summary of Android security ecosystem for the past month
http://bit.ly/2UBEkee
Submitted February 05, 2019 at 11:54PM by lukasstefanko
via reddit http://bit.ly/2BkaTWM
http://bit.ly/2UBEkee
Submitted February 05, 2019 at 11:54PM by lukasstefanko
via reddit http://bit.ly/2BkaTWM
Lukas Stefanko
Android Security Monthly Recap #1 | January 2019 - Lukas Stefanko
Brief Android security summary from January 2019 including malware researches - Spyware, Banking Trojans, Adware, Vulnerabilities...
Introducing Armory: Bring your external pentesting and bug bounty hunting to the next level
http://bit.ly/2DTXdDE
Submitted February 06, 2019 at 02:03AM by fang0654
via reddit http://bit.ly/2RJh3VO
http://bit.ly/2DTXdDE
Submitted February 06, 2019 at 02:03AM by fang0654
via reddit http://bit.ly/2RJh3VO
Depthsecurity
Introducing Armory: External Pentesting Like a Boss
TLDR;
We are introducing Armory, a tool that adds a database backend to dozens of popular external and discovery tools. This allows you to run the tools directly from Armory, automatically
We are introducing Armory, a tool that adds a database backend to dozens of popular external and discovery tools. This allows you to run the tools directly from Armory, automatically
Researcher Assaulted By A Vendor After Disclosing A Vulnerability
http://bit.ly/2UKfEjT
Submitted February 06, 2019 at 11:55AM by ayn0r
via reddit http://bit.ly/2t7nXdN
http://bit.ly/2UKfEjT
Submitted February 06, 2019 at 11:55AM by ayn0r
via reddit http://bit.ly/2t7nXdN
Secjuice.com
Researcher Assaulted After Disclosure
Following a serious vulnerability disclosure to Atrient, the security researcher who disclosed the vulnerability was assaulted by their COO at ICE.
Poppin’ Calc: Web Studio Edition
http://bit.ly/2Bxvo2H
Submitted February 06, 2019 at 07:04PM by chicksdigthelongrun
via reddit http://bit.ly/2HXLx6Z
http://bit.ly/2Bxvo2H
Submitted February 06, 2019 at 07:04PM by chicksdigthelongrun
via reddit http://bit.ly/2HXLx6Z
Medium
Poppin’ Calc: Web Studio Edition
What Even Are You?
APT10 Targeted Norwegian MSP and US Companies in Sustained Campaign
http://bit.ly/2DbrFrr
Submitted February 06, 2019 at 08:49PM by campuscodi
via reddit http://bit.ly/2HULkBn
http://bit.ly/2DbrFrr
Submitted February 06, 2019 at 08:49PM by campuscodi
via reddit http://bit.ly/2HULkBn
Recorded Future
APT10 Targeted Norwegian MSP and US Companies in Sustained Campaign
In this report, Insikt Group shares insight into a sustained cyberespionage campaign assessed to be conducted by Chinese state-sponsored threat actor APT10.
The Curious Case of Convexity Confusion
http://bit.ly/2Tt77l4
Submitted February 06, 2019 at 08:47PM by albinowax
via reddit http://bit.ly/2t9rYyf
http://bit.ly/2Tt77l4
Submitted February 06, 2019 at 08:47PM by albinowax
via reddit http://bit.ly/2t9rYyf
reddit
r/netsec - The Curious Case of Convexity Confusion
4 votes and 0 comments so far on Reddit
Virtual Reality - a stealthy backdoor for windows
http://bit.ly/2Txz23i
Submitted February 06, 2019 at 06:46PM by rokups
via reddit http://bit.ly/2Bmloco
http://bit.ly/2Txz23i
Submitted February 06, 2019 at 06:46PM by rokups
via reddit http://bit.ly/2Bmloco
GitHub
rokups/virtual-reality
Stealthy backdoor for Windows operating systems. Contribute to rokups/virtual-reality development by creating an account on GitHub.
BACNet javanoscript Injection -Persistent XSS in BACNet devices CVE-2019–7408
http://bit.ly/2TBCytI
Submitted February 06, 2019 at 12:46AM by bertinjoseb
via reddit http://bit.ly/2BhyhEz
http://bit.ly/2TBCytI
Submitted February 06, 2019 at 12:46AM by bertinjoseb
via reddit http://bit.ly/2BhyhEz
Medium
BACNet javanoscript Injection -Persistent XSS in BACNet devices CVE-2019–7408
Santiago Chile Feb 2019