Daily Security News
PacketStorm
The US Army Just Contracted With A UFO Group To Study Alien Alloys new- Critical Linux Wi-Fi Bug Allows System Compromise new
- UC Browser Potentially Endangers 500 Million Users new
- US Stopped Using Floppy Disks To Manage Nuclear Weapons Arsenal new
- Zappos Offers Users 10% Discount In 2012 Breach Settlement
- Cryptocurrency Execs Charged With Running $11 Million Ponzi Scheme
- How The Wheels Came Off Facebook's Libra Project
- Samsung Bug Allows Any Fingerprint To Unlock Phones
- Dancho Danchev Launches New Uncle George Initiative
- Oracle Patches 218 Security Vulnerabilities
- SHIELD Act Passes Committee
- Cozy Bear Is Back In Action Again
The Register
- Deus ex hackina: It took just 10 minutes to find data-divulging demons corrupting Pope's Click to Pray eRosary app new
- How does £36m sound, mon CHERI? UK.gov pumps cash into Arm security research
- Google slings websites into Chrome's solitary confinement on Android to thwart Spectre-style data snooping
- Help! I bought a domain and ended up with a stranger's PayPal! And I can't give it back
- A cautionary, Thames Watery tale on how not to look phishy: 'Click here to re-register!'
- Remember the Democratic National Committee email leak? Same hackers now targeting EU countries, say malware boffins
- Hundreds charged in internet's biggest child-abuse swap-shop site bust: IP addy leak led cops to sys-op's home
- Sure is quiet from Adobe. No security fixes this month? Great job. Oh no, wait, what's that stampede sound...
- Ye olde Blue Screen of Death is back – this time, a bad Symantec update is to blame
- Sudo? More like Su-doh: There's a fun bug that gives restricted sudoers root access (if your config is non-standard)
- Apple insists it's totally not doing that thing it wasn't accused of: We're not handing over Safari URLs to Tencent – just people's IP addresses
- Pitney Bowes: Can we be frank? Ransomware has borked our dead-tree post systems
Reddit - NetSec
- CVE-2019-16278 - Unauthenticated Remote Code Execution in Nostromo web server new
- Model Based fuzzing of the WPA3 Dragonfly Handshake new
- Weaponizing and Gamifying AI for WiFi Hacking: Presenting Pwnagotchi 1.0.0 new
- Hack The Box - Ellingson Write-up by 0xRick new
- Pwn2Win CTF 2019 - Registration is now open! new
- Forgive Me Father For I Have Hacked (How we broke an app before its official release) new
- We are the privacytools.io team — (in a week, at r/Privacy) Ask Us Anything!
- Letting Birds scooters fly free
- Bypassing LLMNR/NBT-NS honeypot
- DOMDig, discovering javascript injection using Headless Chrome and Nodejs
- Cryptocurrency-Mining Malware Found Embedded in Audio Files
- Better USB injection with rawcoon
Bleeping Computer
- Hackers Backdoor Sites by Hiding Fake WordPress Plugins
- Maze Ransomware Now Delivered by Spelevo Exploit Kit
- Maze Ransomware Now Delivered by Spelevo Exploit Kit
- Microsoft 365 Authentication Outage, Users Unable to Login
- STOP Ransomware Decryptor Released for 148 Variants
- REvil Ransomware Affiliates Partner with Corporate Intruders
- Windows 10 KB4520062 Update May Break Microsoft Defender ATP
- Malicious Tor Browser Steals Cryptocurrency from Darknet Market Users
- Fake WordPress Plugin Comes with Cryptocurrency Mining Function
- 500+ Million UC Browser Android Users Exposed to MiTM Attacks. Again.
- Microsoft Adds Azure AD Sign-In History to Detect Unusual Activity
- Samsung to Patch Fingerprint Scanner Against Silicone Case Unlock Bug
The Hacker News
- Microsoft to Reward Hackers for Finding Bugs in Open Source Election Software
- Chrome for Android Enables Site Isolation Security Feature for All Sites with Login
- Sudo Flaw Lets Linux Users Run Commands As Root Even When They're Restricted
- Feds Shut Down Largest Dark Web Child Abuse Site; South Korean Admin Arrested
- Phorpiex Botnet Sending Out Millions of Sextortion Emails Using Hacked Computers
- A Comprehensive Guide On How to Protect Your Websites From Hackers
- Facebook Now Pays Hackers for Reporting Security Bugs in 3rd-Party Apps
- Adobe Releases Out-of-Band Security Patches for 82 Flaws in Various Products
- Apple Under Fire Over Sending Some Users Browsing Data to China's Tencent
- Firefox Blocks Inline and Eval JavaScript on Internal Pages to Prevent Injection Attacks
- Report to Your Management with the Definitive 'Incident Response for Management' Presentation Template
Threat Wire
Exploits
Packet Storm Exploits
- Sangoma SBC 2.3.23-119-GA Authentication Bypass new
- Sangoma SBC 2.3.23-119-GA Unauthenticated User Creation new
- WiKID Systems 2FA Enterprise Server 4.2.0-b2032 SQL Injection / XSS / CSRF
- Android Binder Use-After-Free
- Restaurant Management System 1.0 Shell Upload
- VIM 8.1.2135 Use-After-Free
- ThinVNC 1.0b1 Authentication Bypass
- WordPress Popup Builder 3.49 Cross Site Scripting
- VMware VeloCloud 3.3.0 / 3.2.2 Authorization Bypass
- WordPress Soliloquy Lite 2.5.6 Cross Site Scripting
- WordPress FooGallery 1.8.12 Cross Site Scripting
- WorkgroupMail 7.5.1 WorkgroupMail Unquoted Service Path
Exploit-DB Webapps
- [webapps] Joomla! 3.4.6 - Remote Code Execution
- [webapps] Wordpress FooGallery 1.8.12 - Persistent Cross-Site Scripting
- [webapps] Wordpress Soliloquy Lite 2.5.6 - Persistent Cross-Site Scripting
- [webapps] Wordpress Popup Builder 3.49 - Persistent Cross-Site Scripting
- [webapps] Restaurant Management System 1.0 - Remote Code Execution
- [webapps] Accounts Accounting 7.02 - Persistent Cross-Site Scripting
- [webapps] CyberArk Password Vault 10.6 - Authentication Bypass
- [webapps] Bolt CMS 3.6.10 - Cross-Site Request Forgery
- [webapps] Express Invoice 7.12 - 'Customer' Persistent Cross-Site Scripting
- [webapps] Ajenti 2.1.31 - Remote Code Execution
- [webapps] Kirona-DRS 5.5.3.5 - Information Disclosure
- [webapps] Intelbras Router WRN150 1.0.18 - Persistent Cross-Site Scripting
Exploit-DB Local and Privilege Escalation
- [local] BlackMoon FTP Server 3.1.2.1731 - 'BMFTP-RELEASE' Unquoted Serive Path
- [local] Web Companion versions 5.1.1035.1047 - 'WCAssistantService' Unquoted Service Path
- [local] WorkgroupMail 7.5.1 - 'WorkgroupMail' Unquoted Service Path
- [local] Lavasoft 2.3.4.7 - 'LavasoftTcpService' Unquoted Service Path
- [local] Zilab Remote Console Server 3.2.9 - 'zrcs' Unquoted Service Path
- [local] X.Org X Server 1.20.4 - Local Stack Overflow
- [local] LiteManager 4.5.0 - 'romservice' Unquoted Serive Path
- [local] Solaris xscreensaver 11.4 - Privilege Escalation
- [local] Mikogo 5.2.2.150317 - 'Mikogo-Service' Unquoted Serive Path
- [local] sudo 1.2.27 - Security Bypass
- [local] ActiveFax Server 6.92 Build 0316 - 'ActiveFaxServiceNT' Unquoted Service Path
- [local] Uplay 92.0.0.6280 - Local Privilege Escalation
Exploit-DB DoS
- [dos] SpotAuditor 5.3.1.0 - Denial of Service
- [dos] ActiveFax Server 6.92 Build 0316 - 'POP3 Server' Denial of Service
- [dos] Windows Kernel - win32k.sys TTF Font Processing Pool Corruption in win32k!ulClearTypeFilter
- [dos] Windows Kernel - NULL Pointer Dereference in nt!MiOffsetToProtos While Parsing Malformed PE File
- [dos] Windows Kernel - Out-of-Bounds Read in CI!CipFixImageType While Parsing Malformed PE File
- [dos] Windows Kernel - Out-of-Bounds Read in nt!MiParseImageLoadConfig While Parsing Malformed PE File
- [dos] Windows Kernel - Out-of-Bounds Read in CI!HashKComputeFirstPageHash While Parsing Malformed PE File
- [dos] Windows Kernel - Out-of-Bounds Read in nt!MiRelocateImage While Parsing Malformed PE File
- [dos] Foscam Video Management System 1.1.6.6 - 'UID' Denial of Service (PoC)
- [dos] XNU - Remote Double-Free via Data Race in IPComp Input Path
- [dos] WebKit - User-agent Shadow root Leak in WebCore::ReplacementFragment::ReplacementFragment
- [dos] WebKit - UXSS Using JavaScript: URI and Synchronous Page Loads
Exploit-DB Shellcode
Exploit-DB Papers
Exploit-DB Remote
- [remote] Oracle Weblogic Server - Deserialization Remote Command Execution (Patch Bypass) new
- [remote] ThinVNC 1.0b1 - Authentication Bypass
- [remote] Whatsapp 2.19.216 - Remote Code Execution
- [remote] Podman & Varlink 1.5.1 - Remote Code Execution
- [remote] freeFTP 1.0.8 - 'PASS' Remote Buffer Overflow
- [remote] DOUBLEPULSAR - Payload Execution and Neutralization (Metasploit)
- [remote] GoAhead 2.5.0 - Host Header Injection
- [remote] Cisco Small Business 220 Series - Multiple Vulnerabilities
- [remote] Mobatek MobaXterm 12.1 - Buffer Overflow (SEH)
- [remote] File Sharing Wizard 1.5.0 - POST SEH Overflow
- [remote] Microsoft Windows - BlueKeep RDP Remote Windows Kernel Use After Free (Metasploit)
- [remote] Hisilicon HiIpcam V100R003 Remote ADSL - Credentials Disclosure
Hak5
Vulnerabilities
Bugtraq
- CA20191015-01: Security Notice for CA Performance Management
- CVE-2019-5533 - VMware VeloCloud Authorization Bypass
- [SECURITY] [DSA 4509-3] apache2 security update
- [SECURITY] [DSA 4544-1] unbound security update
- CVE-2019-3010 - Local privilege escalation on Solaris 11.x via xscreensaver
- [SECURITY] [DSA 4543-1] sudo security update
- [slackware-security] sudo (SSA:2019-287-01)
- SEC Consult SA-20191014-0 :: Reflected XSS vulnerability in OpenProject
- APPLE-SA-2019-10-11-1 Swift 5.1.1 for Ubuntu
- [SECURITY] [DSA 4539-3] openssl regression update
- [SYSS-2019-033]: Microsoft Designer Bluetooth Desktop - Insufficient Protection of Code (Firmware) and Data (Cryptographic Key)
- [SYSS-2019-034]: Microsoft Surface Keyboard - Insufficient Protection of Code (Firmware) and Data (Cryptographic Key)
Full Disclosure
- Sangoma SBC bypass authentication via argument injection - CVE-2019-12148
- Sangoma SBC local sudo user creation vulnerability without authentication - CVE-2019-12147
- CVE-2019-3010 - Local privilege escalation on Solaris 11.x via xscreensaver
- CVE 2019-2215 Android Binder Use After Free
- CA20191015-01: Security Notice for CA Performance Management
- Information leakage found in FRITZ!OS 6.83 & 6.80 (AVM DSL Router Fritz!Box 7490) [DTC-A-20170323-001]
- WiKID 2FA Enterprise Server Multiple Issues
- reinersct: receiving annual awards for trivial insecurity
- Tomedo Server - Weak encryption mech.
- APPLE-SA-2019-10-11-1 Swift 5.1.1 for Ubuntu
- Reflected XSS via Broken Link Checker v.1.11.8 WordPress Plugin
- [CFP] BSides San Francisco – February 2020
Tools
CyberPunk nowhere.net
Darknet
- LambdaGuard – AWS Lambda Serverless Security Scanner
- exe2powershell – Convert EXE to BAT Files
- HiddenWall – Create Hidden Kernel Modules
- Anteater – CI/CD Security Gate Check Framework
- Stardox – Github Stargazers Information Gathering Tool
- ZigDiggity – ZigBee Hacking Toolkit
- RandIP – Network Mapper To Find Servers
Exploit Dev
Reddit - Exploit Dev
- Question Regarding Shell Coder Handbook Edition 2 new
- POP POP RET
- Heap Exploitation 101
- Wargame Meetup #2: October 12, 2019
- How a double-free bug in WhatsApp turns to RCE
- Vulerability Research Internship Interview Questions
- Getting into Exploit Dev position
- Memory Corruption vs Web Exploit Development
- I am getting started. Please share some roadmaps, resources and courses on exlloit development of windows and linux
- Can anyone explain your guy’s thought process during your research?
- Wargame Meetup #1: September 28, 2019
- Heap Overflows and the iOS Kernel Heap
Google Project Zero
- The story of Adobe Reader symbols
- Windows Exploitation Tricks: Spoofing Named Pipe Client PID
- A very deep dive into iOS Exploit chains found in the wild
- In-the-wild iOS Exploit Chain 1
- In-the-wild iOS Exploit Chain 5
- In-the-wild iOS Exploit Chain 4
- In-the-wild iOS Exploit Chain 3
- In-the-wild iOS Exploit Chain 2
- Implant Teardown
- JSC Exploits
- The Many Possibilities of CVE-2019-8646
- Down the Rabbit-Hole...
Security Researchers
- Letting Birds scooters fly free
- Meet the team: Johanna Ydergård – Scaling the impact of ethical hackers
- Ahh shhgit!
- Access My Info: How a Team of Researchers Investigated Data Access Rights around the World
- Access My Info: Measuring Data Access Rights Around the World
- FindSecBugs officially an OWASP project
- WooCommerce 3.6.4 - CSRF Bypass to Stored XSS
- vBulletin RCE CVE-2019-16759 exploited in the wild, to Detectify
- Investigating the security of Lime scooters
- Karim Rahal: Security Features of Firefox
- Contribute to Open Source with Hacktoberfest at GoSecure!
- Identifying & Exploiting Leaked Azure Storage Keys
Reversing/I like ASM
Reddit - Reverse Engineering
- Binary Ninja loader for Brainfuck new
- Easy way to get Chrome Stored Password in Python3 new
- C64LoaderWV - Loading C64 programs into Ghidra
- at51: Some Tools for Reverse Engineering 8051 Firmware
- Finding Vulnerabilities in Closed Source Windows Software by Applying Fuzzing
- /r/ReverseEngineering's Weekly Questions Thread
- CVE-2019-12643: Cisco IOS XE Authentication Bypass Vulnerability - includes source code walkthrough and PoC
- Is it possible to re-engineer the frequencies on a BTR 800 intercom system so that it can be in 400-500 frequency range?
- How to Reverse Engineer an iOS App and macOS Software
- Hex-Rays' official port of my microcode plugin, HexRaysDeob, is now distributed as an example in IDAPython
- IDA: What's new in 7.4
- iOS exploitation walkthrough: Heap Overflows and the iOS Kernel Heap
Reddit - REGames
- Reverse Engineering DEMUL to allow multi-emulator Multiplayer on single PC new
- DOOM Unity Switch store version reverse engineering?
- How to Make a FlyCam from Scratch using Cheat Engine, Lua, and Assembly! (Multi-part Playlist)
- Torchlight 2 Modding Community Needs Your Help Understanding the .Pak Format for Mods
- Reading UI textures from Project Eden (PC, 2001)
- Akatsuki Blitzkampf - I'm a complete noob to this field, looking for directions.
- Trying to mod a font in BlazBlue?
- [Tutorial] Beam me up Scotty - A Vulkan ProxyDLL
- Extracting sounds from the 2002 game ‘Spyro: Enter the dragonfly’
- Reversing HackEx - An android game - Reverse Engineering
- Finding Player and Camera Position for Fly Hack - Pwn Adventure 3
- Deobfucating DYN Files
StackExchange - ReverseEngineering
- Compressed/encrypted game files new
- Alternative APIs to hook instead of messagebox for message pop ups? new
- Reversing ELF files and Read-Only file system new
- Is relocation table only used for absolute addresses? new
- What is the best approach for using IDA's remote debugger for analyzing a sample with two VMs? new
- IDA Pro, replace exit() with continue; new
- How to identify JTAG pins?
- Mounting JFFS2 Filesystem
- In depth understanding of C++ concepts during Reversing
- Replicating Code To Call CoRegisterClassObject Same Way as Target EXE
- Modify function to return a static value
- Tools for detecting packing and encryption
Guided Hacking
Malware/APT
Reddit - Malware
- Malware Analysis Center - A free tool for finding and sharing malware
- Cryptocurrency-Mining Malware Found Embedded in Audio Files
- New Malware Sheds Light on How Cryptocurrency Exchanges Get Hacked
- Bitcoin Sextortion Malware Mines Monero as Side-Gig
- Lastline Webinar / Network Visibility & Protection
- F secure removed exploitkit
- Weird *virus* I had when I was a child. I think about it to this day.
- iTunes Users Endangered: A Newly Found Exploit May Lead to a Ransomware Infection
- September 2019’s most wanted malware
- Why there is not more impressive malware for Windows
- Zombieland CTF – Reverse Engineering for Beginners
- PhishStats - is a real time Phishing database that gathers phishing URLs from several sources.
Unit42
- Graboid: First-Ever Cryptojacking Worm Found in Images on Docker Hub
- Blackremote: Money Money Money – A Swedish Actor Peddles an Expensive New RAT
- More xHunt – New PowerShell Backdoor Blocked Through DNS Tunnel Detection
- Exploits in the Wild for vBulletin Pre-Auth RCE Vulnerability CVE-2019-16759
- PKPLUG: Chinese Cyber Espionage Group Attacking Asia
- xHunt Campaign: Attacks on Kuwait Shipping and Transportation Organizations
- Critical Vulnerability in Harbor Enables Privilege Escalation from Zero to Admin (CVE-2019-16097)
- The Legend of Adwind: A Commodity RAT Saga in Eight Parts
- Unit 42 Named Top Zero-Day Vulnerability Contributor by Microsoft
- Exploitation of Windows CVE-2019-0708 (BlueKeep): Three Ways to Write Data into the Kernel with RDP PDU
- Newly Registered Domains: Malicious Abuse by Bad Actors
- Hunting the Public Cloud for Exposed Hosts and Misconfigurations
FireEye Threat Research
- Definitive Dossier of Devilish Debug Details – Part Deux: A Didactic Deep Dive into Data Driven Deductions
- LOWKEY: Hunting for the Missing Volume Serial ID
- Staying Hidden on the Endpoint: Evading Detection with Shellcode
- Mahalo FIN7: Responding to the Criminal Operators’ New Tools and Techniques
- Living off the Orchard: Leveraging Apple Remote Desktop for Good and Evil
- IDA, I Think It’s Time You And I Had a Talk: Controlling IDA Pro With Voice Control Software
- Head Fake: Tackling Disruptive Ransomware Attacks
- The FireEye OT-CSIO: An Ontology to Understand, Cross-Compare, and Assess Operational Technology Cyber Security Incidents
- 2019 Flare-On Challenge Solutions
- test-vanity-url
- Open Sourcing StringSifter
- Ransomware Protection and Containment Strategies: Practical Guidance for Endpoint Protection, Hardening, and Containment
Bug Bounties
HackerOne
- Highlights from our Biggest and Best Security@ Conference
- Improve Compliance Testing Results with HackerOne Challenge
- Tell Your Hacker Story with the Redesigned Profile Pages
- 3 Ways Hacker-Powered Security Helps the Agile CISO
- More Than Bounty: Beating Burnout with Hacker-Powered Security
- Breaking Down the Benefits of Hacker-Powered Pentests
- PayPal Celebrates Its First Anniversary on HackerOne
- GitLab: Reducing the time to payout and a bug bounty anniversary contest
Reddit - BugBounty
- Do you use a remote instance/server while bounty hunting? new
- SSRF - Raiding Metadata Service for AWS Credentials
- Live Bug Bounty Recon Session and Creating a Recon Database for Yahoo W/ Cody Brocious @Daeken
- Does anyone have any idea about how to exploit sql injection cookie based ?
- The 5 Hacking NewsLetter 75 · Pentester Land
- Issues with amass?
- X-frame-bypass by @zonduu
- Interesting ways to find Open redirect vulnerabilities and chaining them by @snowoverride
- h1 should really hire better triage team
- Interesting ways to hunt for open s3 aws buckets by @snowoverride
- How much does a full-time bounty hunter earn?
- GSuite Security: Everyone wants it but not everyone gets it - LevelUp 0x05
Pentester Land
Portswigger
Metasploit Minute
Crypto
Reddit - Crypto
- Unable to decrypt new
- How can I encrypt my message? new
- Crypto cashout planning tool for you new
- Want A FOSS Academic Search Engine That Does Not Track You new
- Fiat-shamir heuristic new
- Really fixing getrandom() [LWN.net]
- Which degree, education + do I need to be a teen prodigy?
- Join Pi Before the Halving at 1 M Pioneers!!!
- Enchive : encrypted personal archives
- SSH auth: how does it work?
- Suggestions for crypto protocol to analyze for class project
- Implications of a theoretical Application of Blake2b?
StackExchange - Crypto
- AES-MixColumn layer in the last round new
- AES - Non-linearity hinders differential cryptoanalysis new
- Computationally indistinguishably vs Perfect Indistinguishably [duplicate] new
- show how bob can use only one permutation to reverse the process [on hold] new
- TLS 1.2 handshake ECDH premaster/master secret generation with C OpenSSL API [on hold] new
- Encryption data [migrated] new
- FIAT-Shamir transform and hash [duplicate] new
- For CBC, if the initialization vector is corrupted, can we still decrypt the message? new
- fiat-shamir heurisitc new
- Is it possible to narrow down the possible keys used for AES CBC encryption, knowing a given plaintext and its ciphertext, where IV=0? new
- X509_verify() with ECDSA public key failure [on hold]
- Is there a jump ahead formula for Inversive congruential generator? An index function for given value? ICG: $x_{i+1} = ax_i^{-1}+c mod P$
Podcasts
Security Weekly
- Flush the Cache - PSW #623 new
- The Last Cigar - PSW #622
- That's What Larry Said - PSW #621
- Special Treats - PSW #620
- The Struggle Is Real - PSW #619
- So Many Jokes, So Little Time - PSW #618
- Save the World - PSW #617
- It Gets Really Hot! - PSW #616
- Nobody Move! - PSW #615
- Let's Unzip the Fly - PSW #614
- Well Lubricated - Paul's Security Weekly #613
Risky.Biz
- Snake Oilers 10 part 2: Do too many users have VPN access to your prod environment? There's another way!
- Risky Biz Soap Box: Yubico's Jerrod Chong talks series 5 Yubikeys and what's next
- Risky Business #558 -- Trump targets Crowdstrike, Apple jailbreakers rejoice
- Snake Oilers 10 part 1: Richard Bejtlich talks Zeek plus pitches from Respond Software and PATH Networks
- Risky Business #557 -- 26 nations release cyber norms statement at UN
- Risky Business #556 -- US Treasury targets DPRK crews, more details on Ukraine power hack
- Risky Business #555 -- Bluekeep Metasploit module released, Paige Thompson pleads not guilty and more
- Risky Biz Soap Box: MITRE ATT&CK framework is now officially everywhere
- Risky Business #554 -- Is there an iOS exploit glut?
- Risky Business #553 -- Imperva's cloud WAF gets owned hard
- Risky Biz Soap Box: Casey Ellis on "match.com for hackers"
- Risky Business #552 -- Guest host Alex Stamos on all the week's security news
The CyberWire
- Hoping for SOHO security — Research Saturday new
- Clickfraud and third-parties (both SDKs and stores). Trojanized TOR browser steals from Russian users. WiFi bugs. Sketchy jailbreak. Big Tech on free speech. Cooperation against…
- Cozy Bear never really left. Iran denies it suffered a US cyberattack. Malicious WAV files. Darknet dragnet hauls in child exploitation ring. Graboid infests Docker…
- Cyber retaliation for a kinetic attack, again. Industrial espionage from China. Botnet does sextortion. Typosquatting the other candidate. A poor approach to reputation management.
- Ransomware hits US, French companies. ISPs as combat support arms. Lawful intercept gone rogue? Lazarus Group is back and in GitHub. China’s security laws and…
- Decrypting ransomware for good. — Research Saturday
- Ransomware and a zero-day. A newly discovered espionage platform. FIN7’s new tricks. Beijing speaks and Apple listens. A visit to NSA’s Cybersecurity Directorate.
- Alleged DIA leaker. Europol cybergang study. Protecting the DIB. Chinese information operations.
- Twitter and two-factor authentication. Privacy concerns. The US Senate Intelligence Committee reports on Russian troll farms. Turla is back with some new tricks.
- Riding herd on Mustang Panda. Drupalgeddon2 is out in the wild. VPN warnings and mitigations. Patch notes. An offer to share intelligence about Huawei. Presidential…
- Iran hacks for influence. Brazilian PII up for auction. Prince Harry vs. Fleet Street. Electrical infrastructure cyber risk. Paying ransom. HildaCrypt developers say they’re going…
- The fuzzy boundaries of APT41. — Research Saturday
ISC Daily Stormcast
- ISC StormCast for Friday, October 18th 2019
- ISC StormCast for Thursday, October 17th 2019
- ISC StormCast for Wednesday, October 16th 2019
- ISC StormCast for Tuesday, October 15th 2019
- ISC StormCast for Monday, October 14th 2019
- ISC StormCast for Friday, October 11th 2019
- ISC StormCast for Thursday, October 10th 2019
- ISC StormCast for Wednesday, October 9th 2019
- ISC StormCast for Tuesday, October 8th 2019
- ISC StormCast for Monday, October 7th 2019
Threat Intel
Reddit - Onions
- Which is the privacy of onion mail and ch or org or io domain? new
- Active cannabis store link and more
- Fake Tor Browser Has Been Spying, Stealing Bitcoin ‘For Years’
- Super Fast Dumb Dank Chat
- F@ceD@rK
- Where can I get an onion domain email address?
- New anonymous E2E encrypted chat
- Anonymous and Accountless VPS hosting - BitVPS - Bitcoin and other cryptos accepted
- Free talk Fridays - What's on your mind?
- Obfuscating hidden service traffic with obsfv4
- Automatic Nginx hidden service installer
- Why is it so hard to find edibles
Reddit - Pwned
- “BriansClub” Hack Rescues 26M Stolen Cards
- /r/pwned : Now with new Moderator!
- Serious Bitdefender Compromise beware if you are running Bitdefender
- Moe's, McAlister's, Schlotzsky's Restaurants Hit by Payment Card Breach
- European aerospace giant Airbus hacked in "sophisticated" attacks against VPNs used by suppliers
- Please don't hack my site, I beg you.
- Abandonia/Netlog password collection download?
- DoorDash confirms data breach affected 4.9 million customers, workers and merchants – TechCrunch
- Unpatched vBulletin 0day RCE POC public.
- Anywhere I can download Chegg breach data?
- Let's see what you have scheduled in your Google Calendar!
- Strengthening Cybersecurity with Artificial Intelligence
HaveIBeenPwned
- StreetEasy - 988,230 breached accounts
- Sephora - 780,073 breached accounts
- Wanelo - 23,165,793 breached accounts
- Lumin PDF - 15,453,048 breached accounts
- KiwiFarms - 4,606 breached accounts
- Minehut - 396,533 breached accounts
- Void.to - 95,431 breached accounts
- Poshmark - 36,395,491 breached accounts
- Mastercard Priceless Specials - 89,388 breached accounts
- XKCD - 561,991 breached accounts
- Coinmama - 478,824 breached accounts
- Chegg - 39,721,127 breached accounts
Privacy/VPNs
Slashdot - Rights
- Google Criticized After Voice From 'Nest' Camera Threatens to Steal Baby new
- Russian Cyber-Espionage Group Controlled Its Malware Partly Through Reddit Posts new
- Blizzard Criticized By Bipartisan Group of US Lawmakers (Including Ron Wyden, Marco Rubio, and Alexandria Ocasio-Cortez) new
- Would You Trust Amazon To Run Free and Fair Elections? new
- The Most Important Right-To-Repair Hearing Yet Is On Monday new
- New Bill Promises an End To Our Privacy Nightmare, Jail Time To CEOs Who Lie
- Senators Propose Near-Total Ban On Worker Noncompete Agreements
- Berkeley City Council Unanimously Votes To Ban Face Recognition
- China's Helicopter Prototype Looks Like a UFO
- Google Ejects Open-Source WireGuard From Play Store Over Donation Links
- The Creators Of Pokemon Go Mapped The World. Now They're Mapping You
- Huge Child Porn Ring Busted As Authorities Cite Ability To Crack Bitcoin Privacy
Reddit - Privacy
- Does google know my phone number if I'm logged into a google account on my (Android) phone? new
- Discord is scarier than Skype when it comes to privacy new
- At an Outback Steakhouse Franchise, Surveillance Blooms new
- What features would a "Chat Application" have in order to provide the best privacy and confidence in using it? new
- Which apps have access to my browsing information via phone? new
- MODS HAVE BEEN BOUGHT AND PAID FOR BY CHINA new
- Remind app, is it safe to use in dev teams? (For privacy and security) new
- How good is elementary OS for privacy? new
- Is Google always listening? new
- Eprivo Secure Email Referral Code new
- Riseup vs. ProtonMail new
- Friendly reminder: Fingerprints are a bad way to secure your phone new
Reddit - VPN
- Paying for VPN Anonymously new
- LAN-like connections on Algo with Wireguard new
- How to remove malicious tunnel? new
- New to VPNs new
- Access client side network? new
- Does anyone know a vpn with New Zealand and Iceland? new
- Is VPN device to device encryption?
- Someone with zero knowledge about this needs a bit of advice.
- SpectrVPN
- VPN friendly streaming services?
- What country has the 90s flash on netflix
- How to set up VPN on Tenda router (model: D302)
Help Wanted
Reddit - AskNetSec
- Career progression: what next after an enterprise cybersecurity architect role in one of the largest companies in its specific market segment (70k ppl)? new
- Are you aware of any central repository collecting and sharing information about info/cyber incidents occurring to companies? new
- Gathering network device data for security detection purposes - Which logs to send to SIEM new
- How van I fix disconnected AlienVault Anywhere Sensor
- Has anyone else had issues when wireless pentesting using a female USB-C to male USB adapter and if so, how did you solve the issue?
- Should I Make an Alarm to Track Suspicious DNS Zone Transfers? Is it part of the MITRE ATT&K framework?
- PowerBI Reporting
- Career Progression - What comes next for a Senior Sec Analyst
- Should I disable developer mode for LastPass Android?
- What are the most recognized security certification?
- How technical is SSCP
- What is the way to deauth router and open hotspot with same name and capture password with which devices are trying to connect?
Reddit - Netsec Students
- Parasitic Reverse Tracerouting Case Study new
- A look at NTP Traffic Amplification (CVE-2013-5211) new
- Question: Not to get too political but during the 2016 election, how did investigators find Russian linked twitter accounts? new
- Characteristics of an Effective SOC new
- Can anyone give me directions in Cyber Security? new
- Joe In San Diego | Cybersecurity & Mentor-Led Program with Joe McCray new
- InfosecAddicts Mentorship Program | Mentor-led Cybersecurity | Joe McCray new
- OSCP Preparation Guide and Tips [video] new
- Playing with SQLMap and Solving Hacker101's "Photo Gallery" CTF Level
- CISSP Practice Questions: Security & Risk Management
- The Top 10 Cybersecurity Tips to Protect Your Organization
- You're going to get hacked... Be ready.
Stackoverflow - Security
- Honeypot logs gateway’s IP instead of incoming ones new
- web exceptions information getter new
- what is meaning of id=373 in webpwn3r github? [on hold] new
- Is Angular service private field secure? new
- How to recover data from flash drive new
- How to prevent PHP SQL Injection using PHP URL parameters new
- Generating wordlist containing >=1 uppercase, lowercase, numeric, special character new
- Securely storing oAuth Tokens in Azure new
- How can I protect my website Customization
- Spring REST security: how to implement “two step” authentication
- How to secure thrift php client with ssl
- JWT Secured REST APIs being called outside of Android app
Stack Exchange
- Honeypot logs VM’s gateway IP instead of incoming ones new
- Why can't FTK imager add E02 file (Encase) as an evidence? new
- can someone start the msftconnecttest? [on hold] new
- Will using CTR mode with unique IVs, but only one password for encrypting multiple files, leak data or keys? new
- Is there a secure and legal way to disable NFC and RFID on credit cards and personal IDs? new
- Scanning a large network for vulnerable clients new
- How to combine multiple Encase image format files into one image file (in Windows 10)? [on hold] new
- Why CVV on the credit card at all? new
- How an ISP can detect if someone having a WhatsApp call or video call? new
- How can BitLocker be considered safer, if it doesn't asks for a key during boot new
- Does blocking all ports make a machine more secure? new
- Wonolo Job app wants to do a background check and want all my information. Social, Birthday, Banking new
Locks/Social Engineering
Reddit - Lockpicking
- Found this laying on the ground. As soon as I picked it up my friend said "A random lock without a key is useless to… new
- Seeking a specific cylinder type. new
- Here is a better photo of the S & G 826C (my favorite lock at the moment) new
- S & G 826C spp'd (I don't have a video of this one picked but i have other medeco cores picked on my YT: Kw1k… new
- Finally a member of the 1100 Club! new
- Anyone know where to find Abloy Novel locks? new
- Found this lock in the old shed. Any clues what it is? new
- Masterlock magnum 40mm new
- Squire SS65CS Cylinder Swapping new
- Black Belt Application new
- Interesting 2 in 1 lock i saw in vacation a few days ago! new
- Master Lock LOTO Surprise new
Reddit - Social Engineering
- Among following websites which one is the best for people search? new
- How To Develop Charisma To Help You Influence People: 10 Best Ways new
- How CIA altered the ending of Orwell's 'Animal Farm' to project Communism as the sole tyrannic system new
- Elicitation
- Why You Never See Your Friends Anymore
- 200+ Critical thinking questions
- How You Benefit From Supporting Others’ Attempts to Change
- How You Benefit From Supporting Others’ Attempts to Change
- How You Benefit From Supporting Others’ Attempts to Change
- Is it pretentious to ask others not to shorten your first name?
- The Dangers of Digitally Distracted War Fighting
- Why Calling Out Imitators Is Effective At Swaying Public Perception
Security Blogs
Security Bloggers Network
- Derbycon 2019, Lance Peterman’s ‘Modlishka Is A Mantis Eating 2FAs Lunch’ new
- XKCD, 53 Cards new
- Derbycon 2019, David E. Young Jr.’s ‘There’s No Place Like (DUAL) Homed’ new
- Top Cloud Directory Service new
- Samsung Fingerprint Bug: Worse Than We Thought new
- What Assumptions Are You Making? new
- Malvertising on Legitimate Websites, Even The New York Times
- What is Multi-Factor Authentication (MFA)?
- Delphix Partner Spotlight on FWD View
- Get Your Cybersecurity Firing on All Cylinders
- 7 Cybersecurity Attacks That Can Hurt Your Business and Customers
- Robert M. Lee’s & Jeff Hass’ Little Bobby Comics, ‘Power Grid’
ThreatPost
- Microsoft Tackles Election Security with Bug Bounties
- Execs Could Face Jail Time For Privacy Violations
- Major Airport Malware Attack Shines a Light on OT Security
- Four-Year-Old Critical Linux Wi-Fi Bug Allows System Compromise
- Podcast: Insider Attacks May Soon Cost Less Than Malware-based Equivalent
- Zappos Offers Users 10% Discount in 2012 Breach Settlement
- Phorpiex Botnet Shifts Gears From Ransomware to Sextortion
- Hacking Back? BriansClub Dark Web Attack a Boon for Banks
- Trump Campaign Website Left Open to Email Server Hijack
- Cisco Aironet Access Points Plagued By Critical, High-Severity Flaws
- Dangerous Kubernetes Bugs Allow Authentication Bypass, DoS
- 10 Steps for Ransomware Protection
digitalmunition
- Canada Post resets customers’ online passwords but clarifies that ‘there has not been a cyberattack’ new
- Web Companion versions 5.1.1035.1047 – ‘WCAssistantService’ Unquoted Service Path new
- Facebook’s cryptocurrency Libra finding few friends in government, banking industry | DV Plus new
- Adobe Acrobat Reader Out-of-Bounds information disclosure [CVE-2019-8173] new
- Murder Victim Found With Hacked Face in Middle of Quiet New Jersey Road: Source, Witness new
- Phorpiex botnet used in sextortion email spam campaign new
- BlackMoon FTP Server 3.1.2.1731 – ‘BMFTP-RELEASE’ Unquoted Serive Path new
- Plan to kill Kamlesh Tiwari hatched 2 months ago: Police new
- Adobe Acrobat Reader Out-of-Bounds information disclosure [CVE-2019-8064] new
- School data breach tied to high-stakes water gun fight new
- Adobe Acrobat Reader Out-of-Bounds information disclosure [CVE-2019-8184] new
- Etisalat successfully completed the first end-to-end 5G stand-alone call in Mena region new
eHacking News
- Credit histories of a million Russians were in the public domain new
- More than 300 hundred arrested in "dark web child abuse" sting! new
- The Head of the FSB spoke about the threat of massive terrorist hacker attacks
- Food blogger Jack Monroe lost 5000 Euros in phone number theft
- Facebook and China on Developing Global Digital Currencies in Emerging Markets
- UNICEF won't convert Bitcoin and Ethereum : will accept donations in cryptocurrency
- How 5G Network would Change the IoT and the Challenges Ahead
- An App Helping Scammers Hack into Bank Accounts on the Rise in Bengaluru
- Bengaluru: Passport offices alerts public against fake websites
- Blockchain will become a part of the Russian economy
- Cyber Criminals Use New Method To Steal Funds From Bank Customers' Account
- Business representatives proposed scheme to legalise eSIM in Russia
Wired - Security
- Congress Still Doesn't Have an Answer for Ransomware new
- The Air Force Ditches Its Nuclear Command Floppy Disks new
- At an Outback Steakhouse Franchise, Surveillance Blooms new
- DNC Hackers Resurface, Zuckerberg Talks Free Speech, and More News
- Apple's Good Intentions on Privacy Stop at China's Borders
- Inside Olympic Destroyer, the Most Deceptive Hack in History
- Russia’s Cozy Bear Hackers Resurface With Clever New Tricks
- How a Bitcoin Trail Led to a Massive Dark Web Child-Porn Site Takedown
- Facebook Sweetens Deal for Hackers to Catch Security Bugs
- The MacOS Catalina Privacy and Security Features You Should Know
- An iTunes Bug Let Hackers Spread Ransomware
- Planting Tiny Spy Chips in Hardware Can Cost as Little as $200
Krebs on Security
- When Card Shops Play Dirty, Consumers Win
- “BriansClub” Hack Rescues 26M Stolen Cards
- Patch Tuesday Lowdown, October 2019 Edition
- Mariposa Botnet Author, Darkcode Crime Forum Admin Arrested in Germany
- German Cops Raid “Cyberbunker 2.0,” Arrest 7 in Child Porn, Dark Web Market Sting
- MyPayrollHR CEO Arrested, Admits to $70M Fraud
- Interview With the Guy Who Tried to Frame Me for Heroin Possession
- Before He Spammed You, this Sly Prince Stalked Your Mailbox
- Man Who Hired Deadly Swatting Gets 15 Months
- NY Payroll Company Vanishes With $35 Million
- Patch Tuesday, September 2019 Edition
- Secret Service Investigates Breach at U.S. Govt IT Contractor
Naked Security
- Phishy text message tries to steal your cellphone account
- Some Android adware apps hide icons to make it hard to remove them
- Bitcoin money trail leads cops to ‘world’s largest’ child abuse site
- S2 Ep13.5: All about social media: Growing up online, parent advice and social shaming – Naked Security Podcast
- Much-attacked Baltimore uses ‘mind-bogglingly’ bad data storage
- S2 Ep 13: Weird Android zero day and other tech fails – Naked Security podcast
- Pen testers find mystery black box connected to ship’s engines
- Robotic hand solves Rubik’s Cube by learning how to learn about it
- Hackers hack card details from BriansClub carding site
- Adobe fixes 46 critical bugs in patchfest
- Food writer Jack Monroe loses at least £5,000 in SIM-swap fraud
- Pitney Bowes and Groupe M6 join ransomware’s victim list
Schneier on Security
- Friday Squid Blogging: Six-Foot-Long Mass of Squid Eggs Found on Great Barrier Reef
- Why Technologists Need to Get Involved in Public Policy
- Adding a Hardware Backdoor to a Networked Computer
- Using Machine Learning to Detect IP Hijacking
- Cracking the Passwords of Early Internet Pioneers
- Factoring 2048-bit Numbers Using 20 Million Qubits
- Friday Squid Blogging: Apple Fixes Squid Emoji
- I Have a New Book: We Have Root
- Details on Uzbekistan Government Malware: SandCat
- New Reductor Nation-State Malware Compromises TLS
- Wi-Fi Hotspot Tracking
- Cheating at Professional Poker
Linux Security
- Massachusetts: Tell Your Lawmakers to Press Pause on Government Face Surveillance
- New US Privacy Bill Would Intro Jail Time for CEOs
- Secret Court Rules That the FBIs 'Backdoor Searches' of Americans Violated the Fourth Amendment
- Germany's cyber-security agency recommends Firefox as most secure browser
- 5 ways to contribute to open source during Hacktoberfest
- Linux Sudo Bug Lets Non-Privileged Users To Run Commands As Root
- 350+ hackers hunt down missing people in first such hackathon
- This is how CIOs should approach ethics and privacy
- What is the Tor Browser? How it works and how it can help you protect your identity online
- Computing enthusiast cracks ancient Unix code
- Soldering spy chips inside firewalls is now a cheap hack, shows researcher
- #SecTorCa: Millions of Phones Leaking Information Via Tor
Dark Reading
- Tor Weaponized to Steal Bitcoin
- In A Crowded Endpoint Security Market, Consolidation Is Underway
- CenturyLink Customer Data Exposed
- Glitching: The Hardware Attack that can Disrupt Secure Software
- SOC Puppet: Dark Reading Caption Contest Winners
- Learn About the Underground World of Anti-Cheats at Black Hat Europe
- Edge Feature Section
- Best Practices
- Older Amazon Devices Subject to Old Wi-Fi Vulnerability
- Debug Feature in Web Dev Tool Exposed Trump Campaign Site, Others to Attack
- Phishing Campaign Targets Stripe Credentials, Financial Data
- State of SMB Insecurity by the Numbers
Whitehat Security Blog
- Microservices: A Double-Edged Sword
- Using AppSec Statistics to Drive Better Outcomes
- The Rising Costs of Data Breaches – An Expensive Hit to Enterprises Across the Globe
- Cloud Application Security Shouldn’t be Up in the Air
- ‘The More Things Change, The More They Stay the Same’: XSS, SQLi, CSRF AppSec Vulnerabilities Show Little Improvement in 1H2019
- Know Your Risk: How Evaluating Security Posture Can Drive Better Business Decisions
HITB News
- Cyber Battle of the Emirates & Pro Capture the Flag Enthrall as HITB+Cyberweek Gets Underway in Abu Dhabi
- Sony confirms the PlayStation 5 is coming in 2020, reveals new hardware details
- Huawei hits record 5G speed of 3.67Gbps on live Swiss C-Band network
- FBI misused surveillance data, spied on its own, FISA ruling finds
- How to make your own bootable macOS 10.15 Catalina USB install drive
- Exclusive: A Deeper Look at the PlayStation 5
- Mariposa Botnet Author, Darkcode Crime Forum Admin Arrested in Germany
- October 2019 security patch now rolling out for Galaxy S10, Note 10
- AIG says its cyber insurance plans don't cover criminal acts; wants lawsuit tossed
- Hackers Patch Web Browsers to Track Encrypted Traffic
- macOS 10.15 Catalina: The Ars Technica review
- FBI warns about attacks that bypass multi-factor authentication (MFA)
The RISKS Digest
- Some of the biggest critics of Waymo and other self-driving cars are the Silicon Valley residents who know how they work
- What Is Bitcoin Block Size and Why Does It Matter?
- Hacking Of Internet-connected cars big national security threat
- Wearable face projector to avoid face recognition
- Federal government has dramatically expanded exposure to risky mortgages
- NCCIC
- Disney World Skyliner Gondola abruptly stops, stranding passengers in air
- Webkit zero-day exploit besieges Mac and iOS users with malvertising redirects
- Commuters get an eyeful after pair breaks in, uploads porn to Michigan billboard
- These sneaky email scammers are making it even harder for workers to spot fake invoices
- This mysterious hacking campaign snooped on a popular form of VoiP software
- Ransomware forces 3 hospitals to turn away all but the most critical patients
Kaspersky Blog
- 5 things we learned at Kaspersky NEXT
- Transatlantic Cable podcast, episode 114
- “Puss in Boots” APT campaign
- Corporate phishing under the guise of performance appraisals
- Protecting public clouds from common vulnerabilities
- Transatlantic Cable podcast, episode 113
- Helping the victims of Yatron and FortuneCrypt ransomware
- What happened to Kaspersky Free antivirus ?
- Machine learning–aided scams
- Smominru botnet infects 4,700 new PCs daily
- Transatlantic Cable podcast, episode 112
- National Cybersecurity Month 2019
Adam Shostack & friends
- Interesting Reads: Risk, Automation, lessons and more!
- Quick Threat Model Links October 2019
- OWASP Portland: Talk and Podcast
- Interesting reads
- Capture the Flag events and eSports
- Course announcement: Tampering in Depth!
- Threat Modeling Building Blocks
- Interesting Reads, August 19
- Training At Embedded Systems Security Days
- Toolbox: After a Conference
- Blackhat Best Practice
- Actionable Followups from the Capital One Breach
Graham Cluley
- About that “Any fingerprint can unlock your Samsung Galaxy S10” report
- Smashing Security #150: Liverpool WAGs, Facebook politics, and a selfie stalker
- Ransomware attack hits Pitney Bowes, impacting company mail rooms around the world
- Fake iOS Checkra1n jailbreak site installs slot machine game, generates click-fraud revenue
- Unlock the power of threat intelligence with this practical guide. Get your free copy now
- Alleged “Psycho” hacker in court over EtherDelta cryptocurrency robbery
- Stalker zoomed in on Japanese idol’s eyes to find out where she lived
- Smashing Security #149: Falling in love with fraudsters
- Ransomware victim hacks attacker, turning the tables by stealing decryption keys
- Yes, MFA isn’t perfect. But that’s not a reason for your company not to use it
- Toms Shoes newsletter “hacked by a nice man”
- How a GIF could let a hacker view your WhatsApp messages
Rapid7
- Metasploit Wrap-up
- What a Difference a Year Makes: Revisiting Our Inaugural Fortune 500 ICER One Year Later
- InsightVM vs. Managed Vulnerability Management: How to Choose Which Rapid7 Offering Is Right for You
- Import External Threat Intelligence with the InsightIDR Threats API
- [Podcast] BlackICE Creator Rob Graham Turns Security Textbook Author
- Introducing the Rapid7 InsightConnect App for Splunk
- Metasploit Wrap-up
- Rapid7 Introduces Industry Cyber-Exposure Report: Deutsche Börse Prime Standard 320
- Avoiding the Zombie Cloud Apocalypse: How to Reduce Exposure in the Cloud
- Patch Tuesday - October 2019
- R7-2019-32: Denial-of-Service Vulnerabilities in Beckhoff TwinCAT PLC Environment
- Why Do Managed Detection and Response (MDR) Services Exist in a World Dominated by MSSPs?
Hacker News (YCombinator) - Security
- Ask HN: Is Hacker News API returning wrong “time”? new
- HackPPL: A universal probabilistic programming language new
- Revisiting the BlackHat BCard hack of 2018 new
- Hacker News Digest: A responsive HN with summaries and illustrations
- The 2018 Olympics Cyberattack
- Remove my password from lists so hackers won't be able to hack me (2017)
- Faster Layouts with CSS Grid and Subgrid
- The Fallacy That Is Cryptocurrency
- Debugging hidden memory leaks in Ruby
- Eat, Drink and Be Wary: Ex-CIA Officer Reveals How Eateries Are Key to Spycraft
- New bill ensures Jailtime for CEOs that lie
- When Card Shops Play Dirty, Consumers Win
Security in Mainstream Media
Google News Hacking
- I'll Be Seeing You: The Evolution of Hacking | Specials - WNYC new
- Malware hackers using steganography in WAV audio files to hide malicious code - Boing Boing new
- Chinese Hacking: The Plane Made from Stolen Tech?—Cyber Saturday - Fortune new
- Hillary Clinton On A Conspiracy Roll, Claims '10-Year-Olds Are Hacking Our Voting Systems' - The Daily Wire new
- Blockchain Voting is Vulnerable to Hacking and Low-Quality Data: Research - Investing.com new
- End the secrecy over Russia’s election hacking in Florida | Editorial - Orlando Sentinel new
- Murder Victim Found With Hacked Face in Middle of Quiet New Jersey Road: Source, Witness - NBC New York new
- Hackers Use Malicious Code in WAV Audio Files To Mine Cryptocurrencies - Cointelegraph new
- Sharjah Police recover 434 hacked social media accounts | Crime - Gulf News new
- Miss Nothing With A Hacked 360 Degree Camera Trap - Hackaday new
- Murder Victim Found With Hacked Face in Middle of Quiet New Jersey Road: Source, Witness - NBC 10 Philadelphia new
- That Time The Brits Hacked The First Picture From The Moon From The Soviets - Jalopnik new
Google Cyber Security
- Cybersecurity and tech conference sparking conversations in the north country - WPTZ new
- Fresh graduates to spearhead HCL Technologies cyber security push - Business Standard new
- SANS to hold its biggest Cyber Security Training Event in the Gulf - Saudi Gazette new
- Ask SCORE: How can I protect my business from a cyberattack? - GoErie.com new
- Army''s Tiger division, universities host joint workshop on cyber security in Jammu - Outlook India new
- Offer Cyber Security as a service CSaaS - CIO East Africa new
- Get Your Cybersecurity Firing on All Cylinders - Security Boulevard new
- Organizations Are Embracing Cyber Security Awareness Training as the First Line of Defense Against Hackers - CPO Magazine
- 7 Cybersecurity Attacks That Can Hurt Your Business and Customers - Security Boulevard
- Cyber Week in Review: October 18, 2019 - Council on Foreign Relations
- ETFs in Focus as Cyber Security Market Momentum Picks Up - Yahoo Finance
- ABS Confirmed as Global Leader in Maritime Cyber Security with Fourth Award in a Year - Hellenic Shipping News Worldwide
Thirsty for more
Hacker News (YCombinator)
- COMEFROM new
- No Overview Available: A Survey of Apple Developer Documentation new
- Fuzzing the Z-Machine new
- Fuzzing the Z-Machine new
- Math Breakthrough Speeds Supercomputer Simulations new
- Pop!_OS 19.10 new
- CVS turned a tobacco ban into a financial win new
- Working with Errors in Go 1.13 new
- Learn ClojureScript: Discovering Sequence Operations new
- Public-Health Puzzle: Young People Having Less Sex, Contracting More STDs new
- Pascal Compiler for the C64: Introducing Turbo Rascal SE new
- Structure and Interpretation of Computer Programs (1996) [pdf] new
Reddit - Cyberpunk
- Watching my 16 year old son gaming on a Saturday afternoon might not be every parents idea of heaven but I love it new
- Sketch of a bomb disposal bot, by me new
- [OC] DATA_TRANSF3R.exe new
- Hong Kong protestor deceives facial recognition! [Print & Paste]! new
- From Star Wars The Old Republic, the city of Nar Shaddaa new
- A very cyberpunk coffee please new
- does someone know the author of it? new
- 413, photo manipulation by me new
- This futuristic-looking bus in an old city new
- I love the Blade Runner soundtrack, so I created some really atmospheric chillwave drone music. Sleep tight 🙂 new
- Cyber Saturday, not me. new
- HK-Z O N E 香港 O N E new
Reddit - Security CTF
- Ellingson: Hack The Box Walkthrough new
- htb ellingson write-up by epi new
- Hack The Box - Ellingson Write-up by 0xRick new
- Pwn2Win CTF 2019 - Registration is now open! new
- VulnHub - Symfonos: 3
- Please help me solve this pre-con challenge
- Png has text hidden in it
- CryptoCurrency is The Flag 2: Registration is open!
- [Web] Hitcon 2019 - Virtual Public Network
- CTF in Australia?
- How to start ctf’s
- Need some guide to host CTF event
Reddit - Sysadmin
- Parasitic Reverse Tracerouting Case Study new
- I created a free app that has a ton of sys/netadmin tools. new
- Powershell - Returning property names that contain value for ad object new
- How to archive Zix sent mail? new
- Archiving Business Data new
- Moving from Sharepoint to Team Dynamix new
- SQL Database Migrations new
- How long should a BIOS flashback take? I need to update the BIOS for this ASUS Crosshair VII Hero MoBo to work with the Ryzen… new
- Is HPC (High Performance Computing) an easy subject after being familiar with System Administration? new
- Dentrix upgrade G4 - G7 new
- Office 365 (huge mailboxes + outlook hanging :()) new
- Question about security, monitoring and backups new
Reddit - Bitcoin
- Too funny not to post... saw this in my parking lot. Desperate times call for desperate measures! new
- My most recent work, celebrating 10 years of bitcointalk.org. What you see here is a result of corrosion on copper and no paint or ink… new
- Smart BTC price tag -- Lightning Network powered NFC chip using the OpenNode API new
- Der Bitcoin-Standard Available via the Lightning Network at the Lightning Conference! new
- Alright which one of you is this? new
- 60+ year old political cartoon predicts the future. The only freedom we got left is Bitcoin. new
- HTC launches smartphone with Bitcoin full node capabilities - The Block new
- I'm looking for introductionary material about bitcoin in Arabic new
- TIL: Despite having such a BIG community, Reddit dont accept Bitcoin for advertisement! new
- Bear market didn't get to this guy. Dont let it get to you. i35W Minneapolis area. new
- Only Paper... new
- Lightning Conference Berlin Day1 new
Reddit - CryptoCurrency
- CAKE WALLET for Monero has crossed 20,000 unique installs on iOS. new
- Seams familiar new
- Too funny not to post... saw this in my parking lot new
- China's PBOC Says Its Own Cryptocurrency Is ‘Close’ to Release new
- How is 0x any different from uniswap from the users perspective? new
- BTC Price: USDT and China is taking over new
- Bitcoin ATM new
- Bitcoin Halving to Push Market Cap Into the Trillions? new
- Examining Synthetix: the Ethereum DeFi Project Making Waves This Week new
- USDT ERC-20 Volume Now 'Dominant Vehicle' For Tether new
- Only Paper... new
- Largest takedown (8 tb, 250k videos) of a child porn server ever, DOJ traced Bitcoin transactions to arrest users in US and 11 other nations new
Lobste.rs
- I'm Letting the Internet Decide the OS of My New System new
- Supreme Court hands victory to blind man who sued Domino's over site accessibility new
- Empathy and subjective experience in programming languages new
- Turbo Rascal Syntax error, “;” expected but “BEGIN” new
- Buf · A new way of working with Protocol Buffers new
- Liquid Types vs. Floyd-Hoare Logic new