Phishing U2F-Protected Accounts
https://www.youtube.com/watch?v=rPTI9e-9tBE
Submitted February 03, 2019 at 07:21AM by FarSide792
via reddit http://bit.ly/2WGUKE3
https://www.youtube.com/watch?v=rPTI9e-9tBE
Submitted February 03, 2019 at 07:21AM by FarSide792
via reddit http://bit.ly/2WGUKE3
YouTube
E 03 Phishing U2F Protected Accounts Nikita Mazurov Kenny Brown
These are the videos from BSides Tampa 2019: http://www.irongeek.com/i.php?page=videos/bsidestampa2019/mainlist Patreon: https://www.patreon.com/irongeek
Creating High Entropy Passwords on Linux
http://bit.ly/2t56L8L
Submitted February 05, 2019 at 06:43AM by weej
via reddit http://bit.ly/2HP9kpC
http://bit.ly/2t56L8L
Submitted February 05, 2019 at 06:43AM by weej
via reddit http://bit.ly/2HP9kpC
Cjbarker
CJ Barker | Creating High Entropy Passwords on Linux
CJ Barker - Husband, Father, Software Craftsman, InfoSec Enthusiast, Drummer and a gorilla in a man suit trying to make his way in life.
Why All Users Should Change Passwords Today
http://bit.ly/2G4yb7m
Submitted February 05, 2019 at 04:57PM by el_programmer
via reddit http://bit.ly/2SvqblA
http://bit.ly/2G4yb7m
Submitted February 05, 2019 at 04:57PM by el_programmer
via reddit http://bit.ly/2SvqblA
Infosecurity Magazine
Why All Users Should Change Passwords Today
Change Your Password Day is a good time to switch to a password manager.
Reverse RDP attack: Code Execution on RDP clients
http://bit.ly/2BlpgdH
Submitted February 05, 2019 at 08:41PM by eyalitki
via reddit http://bit.ly/2WHGFpT
http://bit.ly/2BlpgdH
Submitted February 05, 2019 at 08:41PM by eyalitki
via reddit http://bit.ly/2WHGFpT
Check Point Research
Home - Check Point Research
Latest Research by our Team
Exploiting Google "dot" Email Accounts for Fun and for Profit. But mostly for profit
http://bit.ly/2DldReb
Submitted February 05, 2019 at 10:15PM by iHeartMalware
via reddit http://bit.ly/2ULZkPL
http://bit.ly/2DldReb
Submitted February 05, 2019 at 10:15PM by iHeartMalware
via reddit http://bit.ly/2ULZkPL
Agari
BEC Actors Exploit Gmail “Dot Accounts” to Scale Activity | Agari
Cybercriminals are taking advantage of a Gmail feature to scale fradulent activity, including filing fake tax returns, credit card applications, and more.
Cisco Identity Services Engine: from unauth stored XSS to RCE as root
http://bit.ly/2t4jYyB
Submitted February 05, 2019 at 09:00AM by jose_boneh
via reddit http://bit.ly/2HVKlRx
http://bit.ly/2t4jYyB
Submitted February 05, 2019 at 09:00AM by jose_boneh
via reddit http://bit.ly/2HVKlRx
reddit
r/netsec - Cisco Identity Services Engine: from unauth stored XSS to RCE as root
1 vote and 1 comment so far on Reddit
Introducing tmpnix - an alternative to static binaries for post exploitation
http://bit.ly/2t5jBDM
Submitted February 05, 2019 at 10:46PM by alech_de
via reddit http://bit.ly/2HQPE4I
http://bit.ly/2t5jBDM
Submitted February 05, 2019 at 10:46PM by alech_de
via reddit http://bit.ly/2HQPE4I
shiftordie.de
Introducing tmpnix - an alternative to static binaries for post exploitation - shift or die
Introducing tmpnix - an alternative to static binaries for post exploitation
Feb ...
Feb ...
Summary of Android security ecosystem for the past month
http://bit.ly/2UBEkee
Submitted February 05, 2019 at 11:54PM by lukasstefanko
via reddit http://bit.ly/2BkaTWM
http://bit.ly/2UBEkee
Submitted February 05, 2019 at 11:54PM by lukasstefanko
via reddit http://bit.ly/2BkaTWM
Lukas Stefanko
Android Security Monthly Recap #1 | January 2019 - Lukas Stefanko
Brief Android security summary from January 2019 including malware researches - Spyware, Banking Trojans, Adware, Vulnerabilities...
Introducing Armory: Bring your external pentesting and bug bounty hunting to the next level
http://bit.ly/2DTXdDE
Submitted February 06, 2019 at 02:03AM by fang0654
via reddit http://bit.ly/2RJh3VO
http://bit.ly/2DTXdDE
Submitted February 06, 2019 at 02:03AM by fang0654
via reddit http://bit.ly/2RJh3VO
Depthsecurity
Introducing Armory: External Pentesting Like a Boss
TLDR;
We are introducing Armory, a tool that adds a database backend to dozens of popular external and discovery tools. This allows you to run the tools directly from Armory, automatically
We are introducing Armory, a tool that adds a database backend to dozens of popular external and discovery tools. This allows you to run the tools directly from Armory, automatically
Researcher Assaulted By A Vendor After Disclosing A Vulnerability
http://bit.ly/2UKfEjT
Submitted February 06, 2019 at 11:55AM by ayn0r
via reddit http://bit.ly/2t7nXdN
http://bit.ly/2UKfEjT
Submitted February 06, 2019 at 11:55AM by ayn0r
via reddit http://bit.ly/2t7nXdN
Secjuice.com
Researcher Assaulted After Disclosure
Following a serious vulnerability disclosure to Atrient, the security researcher who disclosed the vulnerability was assaulted by their COO at ICE.
Poppin’ Calc: Web Studio Edition
http://bit.ly/2Bxvo2H
Submitted February 06, 2019 at 07:04PM by chicksdigthelongrun
via reddit http://bit.ly/2HXLx6Z
http://bit.ly/2Bxvo2H
Submitted February 06, 2019 at 07:04PM by chicksdigthelongrun
via reddit http://bit.ly/2HXLx6Z
Medium
Poppin’ Calc: Web Studio Edition
What Even Are You?
APT10 Targeted Norwegian MSP and US Companies in Sustained Campaign
http://bit.ly/2DbrFrr
Submitted February 06, 2019 at 08:49PM by campuscodi
via reddit http://bit.ly/2HULkBn
http://bit.ly/2DbrFrr
Submitted February 06, 2019 at 08:49PM by campuscodi
via reddit http://bit.ly/2HULkBn
Recorded Future
APT10 Targeted Norwegian MSP and US Companies in Sustained Campaign
In this report, Insikt Group shares insight into a sustained cyberespionage campaign assessed to be conducted by Chinese state-sponsored threat actor APT10.
The Curious Case of Convexity Confusion
http://bit.ly/2Tt77l4
Submitted February 06, 2019 at 08:47PM by albinowax
via reddit http://bit.ly/2t9rYyf
http://bit.ly/2Tt77l4
Submitted February 06, 2019 at 08:47PM by albinowax
via reddit http://bit.ly/2t9rYyf
reddit
r/netsec - The Curious Case of Convexity Confusion
4 votes and 0 comments so far on Reddit
Virtual Reality - a stealthy backdoor for windows
http://bit.ly/2Txz23i
Submitted February 06, 2019 at 06:46PM by rokups
via reddit http://bit.ly/2Bmloco
http://bit.ly/2Txz23i
Submitted February 06, 2019 at 06:46PM by rokups
via reddit http://bit.ly/2Bmloco
GitHub
rokups/virtual-reality
Stealthy backdoor for Windows operating systems. Contribute to rokups/virtual-reality development by creating an account on GitHub.
BACNet javanoscript Injection -Persistent XSS in BACNet devices CVE-2019–7408
http://bit.ly/2TBCytI
Submitted February 06, 2019 at 12:46AM by bertinjoseb
via reddit http://bit.ly/2BhyhEz
http://bit.ly/2TBCytI
Submitted February 06, 2019 at 12:46AM by bertinjoseb
via reddit http://bit.ly/2BhyhEz
Medium
BACNet javanoscript Injection -Persistent XSS in BACNet devices CVE-2019–7408
Santiago Chile Feb 2019
Inception, a tool written in go lang that detects configuration files and more on web server.
http://bit.ly/2De60yK
Submitted February 06, 2019 at 10:06PM by Abiral111
via reddit http://bit.ly/2Spu4sj
http://bit.ly/2De60yK
Submitted February 06, 2019 at 10:06PM by Abiral111
via reddit http://bit.ly/2Spu4sj
GitHub
proabiral/inception
A highly configurable tool to check for whatever you like against any number of hosts. - proabiral/inception
JellyHive - Set up Let's Encrypt certificate solution on Azure (xpost /r/dotnet)
http://bit.ly/2TzWGw5
Submitted February 06, 2019 at 11:26PM by smatsson
via reddit http://bit.ly/2BlWKbI
http://bit.ly/2TzWGw5
Submitted February 06, 2019 at 11:26PM by smatsson
via reddit http://bit.ly/2BlWKbI
JellyHive
Set up Let's Encrypt certificate solution on Azure
IntroductionIt’s 2019 and your site needs a SLL/TLS certificate. These can be quite expensiv, but fear not, there are solutions that are free!Enter Let’s Encrypt. Scenario and prerequisiteThe scenari
Open source hardware vs next generation hacking
http://bit.ly/2Add91v
Submitted February 07, 2019 at 01:19AM by edsonarantes2
via reddit http://bit.ly/2Gctqsk
http://bit.ly/2Add91v
Submitted February 07, 2019 at 01:19AM by edsonarantes2
via reddit http://bit.ly/2Gctqsk
PONDERWALL
Open Source Hardware Could Defend Against Next Generation Hacking
Making open-source hardware systems more available increases regular people’s security by giving them verifiable secure options.
Researcher Assaulted By A Vendor After Disclosing A Vulnerability
http://bit.ly/2UKfEjT
Submitted February 07, 2019 at 01:08AM by Titokhan
via reddit http://bit.ly/2TEvRHm
http://bit.ly/2UKfEjT
Submitted February 07, 2019 at 01:08AM by Titokhan
via reddit http://bit.ly/2TEvRHm
Secjuice.com
Researcher Assaulted After Disclosure
Following a serious vulnerability disclosure to Atrient, the security researcher who disclosed the vulnerability was assaulted by their COO at ICE.
Red team hackers crack DOD's MHS Genesis electronic heath records system -- FCW
http://bit.ly/2Shr95u
Submitted February 07, 2019 at 04:18AM by mc_security
via reddit http://bit.ly/2UECXLQ
http://bit.ly/2Shr95u
Submitted February 07, 2019 at 04:18AM by mc_security
via reddit http://bit.ly/2UECXLQ
FCW
Red team hackers crack DOD's MHS Genesis electronic heath records system -- FCW
The $5.5 billion commercial health record system is 'not survivable in a cyber-contested environment,' according to an internal Pentagon report.
OSCP Write-up Leaked By “Cyb3rsick “
http://bit.ly/2DhUYIG
Submitted February 07, 2019 at 10:56AM by icssindia
via reddit http://bit.ly/2UJY7ID
http://bit.ly/2DhUYIG
Submitted February 07, 2019 at 10:56AM by icssindia
via reddit http://bit.ly/2UJY7ID
reddit
r/netsec - OSCP Write-up Leaked By “Cyb3rsick “
1 vote and 0 comments so far on Reddit