The Security Daily

Technology

Verizon Will Now Let Users Kill Previously Indestructible Tracking Code - ProPublica

Shared by
Marc Rogers

propublica.org - Verizon says it will soon offer customers a way to opt out from having their smartphone and tablet browsing tracked via a hidden un-killable tracking identifier. The decision came after a ProPublic...

The Lego Movie game puts you in the action (pictures) - CNET

Shared by
CNET

cnet.com - Don't miss a moment from the world's biggest mobile show CNET In-Depth brings you the most important bits from Mobile World Congress in a convenient email roundup.

How to Make XBMC Easier to Use (Especially for Non-Geeks)

Shared by
Lifehacker

lifehacker.com - So you've created a kickass, play-anything media center with XBMC, but it's a too hard for your less tech-savvy friends and family members to use. Here are a few ways to make your home theater PC s...

Nvidia G-Sync is a smooth move for PC games - CNET

Shared by
CNET

cnet.com - Playing video games on a PC versus a living room game console has numerous advantages, from better textures to higher resolutions to tighter mouse-and-keyboard controls. But even on a $3,000-or-mor...

Get Access to Robin Sharma's Free Video Training Series

Shared by
Robin Sharma

robinsharma.com - Click below to be the FIRST to know when we release each video in this series! Privacy Policy: We hate SPAM and promise to keep your email address safe.

Use Magic Actions to supercharge your YouTube experience - CNET

Shared by
CNET

cnet.com - The YouTube site has gone through many redesigns over the last few years. Each time, features are added and taken away, which may not suit your preferences. If you want to view videos with fewer di...

Beats Pill XL Bluetooth speaker review - CNET

Shared by
CNET

cnet.com - First, an apology. We're a little tardy in reviewing the Beats Pill XL, the bigger brother to the standard Beats Pill Bluetooth speaker. Part of the reason for that may have been that I was underwh...

Flexible and fun: Check out the 2015 Honda Fit EX-L (pictures) - CNET

Shared by
CNET

cnet.com - Don't miss a moment from the world's biggest mobile show CNET In-Depth brings you the most important bits from Mobile World Congress in a convenient email roundup.

Black Hat Asia 2015

Shared by
Black Hat

blackhat.com - Mobile banking is about to become the de facto standard for banking activities. Banking apps on smartphones and tablets - are becoming more widespread and this evolution aims at strongly limiting t...

The Rise of Backdoor-FCKQ (CTB-Locker) - McAfee

Shared by
McAfee Labs

blogs.mcafee.com - By Raj Samani (@Raj_Samani) and Christiaan Beek (@ChristiaanBeek) In the McAfee Labs Threats Report published in November 2014, Senior Vice President Vincent Weafer commented that 2014 will be reme...

LaCie Mirror Portable Hard Drive review - CNET

Shared by
CNET

cnet.com - Covered completely in scratch-resistant Corning Gorilla Glass, the LaCie Mirror Portable Hard Drive looks more like a thick compact or a fancy desk accessory than a storage device. But with 1TB of ...

Marriott Fixes Simple Bug in Web Service That Could Explose Customer Data | Threatpost

Shared by
McAfee Labs

threatpost.com - Customer payment information and other data was made vulnerable by a flaw in the Marriott Web service used by the Android app as well as the Web site, a security researcher found. The vulnerability...

Gamers Beware: League of Legends, Path of Exile Released with Data-Stealing Malware - Security News - Trend Micro USA

Shared by
Trend Micro

trendmicro.com - Official releases of the popular online games League of Legends (LoL) and Path of Exile (PoE) were found laced with the notorious PlugX, a remote access Trojan (RAT) that can spy and help steal inf...

Security Experts Unite to Rewrite Proposed Cyber Laws

Shared by
SecurityWeek

securityweek.com - Fahmida Y. Rashid is a Senior Contributing Writer for SecurityWeek. She has experience writing and reviewing security, core Internet infrastructure, open source, networking, and storage. Before set...

Hexacorn

Shared by
SANS DFIR

hexacorn.com - After I posted this piece Ryan (Thanks!) pinged me to highlight a few aspects related to SCCM which are worth mentioning, so I am adding some more notes below: A while ago I wrote that SCCM can hel...

Improving SSL warnings [APF talk Jan 2015] - Google Slides

Shared by
Christopher Soghoian

docs.google.com - Ce fichier a beaucoup de succès ! Certains outils risquent d'être indisponibles tant que de nombreux utilisateurs essaient de l'éditer. Veuillez réessayer plus tard.Ignorer

The 404 Show 1,599: Sling TV verdict, Trivia Crack and that Kate Upton mobile game (podcast) - CNET

Shared by
CNET

cnet.com - Bridget Carey and Ariel Nunez help Jeff and Iyaz understand the fine print of a Sling TV subscription, why Trivia Crack is worse than hardcore narcotics and figure out what the deal is with that mo...

Identity theft prevention tips and assistance

Shared by
Help Net Security

net-security.org - by Mirko Zorz - Editor in Chief - Friday, 30 January 2015. Eva Casey-Velasquez is the CEO of the Identity Theft Resource Center, which provides victim assistance at no charge to consumers throughou...

Kaspersky notes increase in legitimate certificates used to sign malware - SC Magazine

Shared by
SCMagazine

scmagazine.com - The number of legitimate certificates used to sign malware jumped from 1,500 to more than 6,000 in only six years. A Kaspersky Lab blog post detailed the increasingly pervasive threat and how attac...

It’s Baaacck: Ransomware Returns with a Vengeance -

Shared by
Trend Micro

blog.trendmicro.com - There’s truth to that saying when it comes to online threats. Over the past few months, our researchers have seen that ransomware is making a comeback. This is something to be concerned about becau...

The Password and You | Malwarebytes Unpacked

Shared by
Malwarebytes

blog.malwarebytes.org - Everyone who uses a computer knows the importance of passwords. In several ways, these small textual nuggets have become the keys to much of our lives, if not all our digital lives. But even if you...

Hacking Exposed Computer Forensics Blog: Forensic Lunch 1/30/15 - Kyle Maxwell , Lee Whitfield and Lenny Zeltser

Shared by
SANS DFIR

hackingexposedcomputerforensicsblog.blogspot.com - Friday, January 30, 2015 Forensic Lunch 1/30/15 - Kyle Maxwell , Lee Whitfield and Lenny Zeltser Hello Reader,          We had information full Forensic Lunch this time around! Our guests this week...

An easy way to remove oddball toggles from the Android 5.0 Quick Settings menu - CNET

Shared by
CNET

cnet.com - The release of Android 5.0 Lollipop brought a new look to the Android operating system. One area that saw improvement was the Quick Settings menu and Notifications bar. A simple swipe down from the...

retme7/CVE-2014-4322_poc · GitHub

Shared by
egyp7

github.com - poc code works on Nexus Android 4.4/5.0 Gain privileges:system -> root,as a part of https://github.com/retme7/CVE-2014-7911_poc The exploit must be excuted as system privilege and several specific ...

retme7/CVE-2014-7911_poc · GitHub

Shared by
egyp7

github.com - Local root exploit for Nexus5 Android 4.4.4(KTU8P) ./cve20147911/assets/msmattack is the binary file of CVE-2014-4322 exploit.You can find it here: https://github.com/retme7/CVE-2014-4322_poc http:...

Metasploit for Pentesters « SecurityTube Trainings

Shared by
Security Tube

securitytube-training.com - The coherent teaching style and technically challenging lab exercises in the SecurityTube Metasploit Framework Expert certification help towards a gradual and comprehensive learning curve for the s...

FTC publishes security recommendations for IoT device makers - SC Magazine

Shared by
SCMagazine

scmagazine.com - After hosting an Internet of Things (IoT) workshop in 2013 and inviting public comment on the event, the Federal Trade Commission has published a report to help manufacturers develop connected devi...

Delve into DIY security with these 23 connected cameras - CNET

Shared by
CNET

cnet.com - DIY security gives you greater flexibility over your connected home, allowing you to setup each gadget as you see fit and avoid subscription-based services that lock you into a contract. Still, the...

x86/64 Assembly and Shellcoding on Linux « SecurityTube Trainings

Shared by
Security Tube

securitytube-training.com - The SecurityTube Linux Assembly64 Expert (SLAE64) aims to teach the basics of x86_64 assembly language on the Linux platform from a security perspective and its application to writing shellcode, en...

5800 Gas Station Tank Gauges vulnerable to cyber attacks

Shared by
The Code Curmudgeon

securityaffairs.co - A recent research conducted by HD Moore of Rapid7 revealed a disconcerting truth, the Automated tank gauges (ATGs) used to prevent fuel leaks at more than 5,000 gas stations in the US are vulnerabl...

The top multifactor authentication products

Shared by
SearchSecurity.com

searchsecurity.techtarget.com - Multifactor authentication (MFA) is a method of boosting IT security that requires end users to provide multiple methods of identification to confirm their identity for gaining access to corporate ...

BlackBerry Messenger. The app that lets you chat only to those you want to. - MediaCenter Panda Security

Shared by
Panda Security

pandasecurity.com - A few years back, when we discovered that our parents’ business phones could be used for more than just sending emails, something changed. BlackBerry Messenger made everyone want to switch to this ...

'GHOST' bug in Linux library enables remote takeover of victim's system - SC Magazine

Shared by
SCMagazine

scmagazine.com - Researchers with security firm Qualys have identified a buffer overflow vulnerability in the Linux GNU C Library (glibc) that, if exploited, could enable an attacker to remotely take complete contr...

Mozilla continues phasing out of 1024-bit SSL CA certificates

Shared by
Security Affairs

securityaffairs.co - Mozilla products including the popular Firefox browser will stop trusting SSL certificates that were issued using old root CA certificates with 1024-bit RSA keys. When a user access to a website it...

Javascript for Pentesters « SecurityTube Trainings

Shared by
Security Tube

securitytube-training.com - Javascript for Pentesters will take you beyond alert(‘XSS’) and equip you to demonstrate advanced attacks such as Hijacking Forms, Logging Keystrokes, DOM manipulation etc. This course is Beginner ...

Crave Ep. 190: Testing out 'Insane Mode' in the Tesla P85D - CNET

Shared by
CNET

cnet.com - This week, we get all nostalgic with the Prynt smartphone case that makes your iPhone work like a Polaroid camera; learn some scary things about what happens when seniors play Grand Theft Auto 5; a...

BMW Group ConnectedDrive increases data security. Rapid response to reports from the German Automobile As-sociation ADAC.

Shared by
SecBarbie

press.bmwgroup.com - Munich. As the leading manufacturer in the networking of driver, vehicle and the surrounding environment, the BMW Group is increasing the security of data transmission in its vehicles. This is the ...

Google account hijacking via exploitation of XSS flaw

Shared by
The Code Curmudgeon

securityaffairs.co - Even the giants have their Achilles heel, the Google Apps administrator console is affected by a critical cross-site scripting (XSS) vulnerability that could be exploited by attackers to force a Go...

How Twitter aims to prevent your timeline from filling up with spam - MediaCenter Panda Security

Shared by
Panda Security

pandasecurity.com - As with so many of today’s technological tools, while many people use them to make their lives easier, or to keep in touch with friends and family, there are some that take advantage of them simply...

Snowden revealed intelligence activities of Canadians

Shared by
Security Affairs

securityaffairs.co - Edward Snowden seems to be a bottomless pit, month after month his revelations are shocking the IT security community. Surveillance, hacking, cyber espionage, these are the main activities carried ...

Russian dating site rewards hacker for amassing email database and 'discovering vulnerability' - SC Magazine

Shared by
SCMagazine

scmagazine.com - After 20 million of its dating site users' email addresses were put up for sale online, Topface tracked down the hacker behind the amassed database and paid him “an award for finding a vulnerabilit...

Security tools that are safe from the NSA - MediaCenter Panda Security

Shared by
Panda Security

pandasecurity.com - U.S. Intelligence services have shown on numerous occasions how adept they are at accessing our data without permission. Nevertheless, there is still hope that you can keep your confidential inform...

My “How to Work With an MSSP to Improve Security” Paper Publishes

Shared by
Dr. Anton Chuvakin

blogs.gartner.com - My “How to Work With an MSSP to Improve Security” has just published. It took a lot of work, and – at 37 pages – it cannot be called “an MSSP user bible.” However, I think I hit many of the sore sp...

Top-rated reviews of the week (pictures) - CNET

Shared by
CNET

cnet.com - While the Panasonic Lumix CM1 is undeniably pricey and bulky, its wealth of photography kit helps it achieve image quality that's unrivalled in the smartphone world. If you love the idea of always ...

Maligno Video Series - Client Exe Generation - Pyinstaller

Shared by
Security Tube

securitytube.net - Description: 10 - Client EXE Generation - PyInstaller Music: Wonder Cycle by Chris Zabriskie Maligno is an open source penetration testing tool written in Python that serves Metasploit payloads. Do...

Facebook Malware infected more than 110K users

Shared by
Chris Duque

latesthackingnews.com - A new Facebook Malware in the form of a Trojan is infecting hundreds of thousands of  Facebook users in only two days. The trojan works by tagging the infected user’s friends in an enticing post. W...

Does your mate send smut vids on Facebook? 1. That's a bit weird. 2. It may be malware • The Register

Shared by
Kimberly

theregister.co.uk - A security researcher is warning of an ongoing attack against Facebook users in which a phony Flash Player download tries to take over their computers. The distribution mechanism is fairly commonpl...

Reddit published transparency report 2014

Shared by
Security Affairs

securityaffairs.co - Reddit, the popular social news website has released its first Reddit transparency report that details data related the requests for user information and requests for content removal the company re...

Login Page

Shared by
Dr. Anton Chuvakin

gartner.com - © 2015 Gartner, Inc. and/or its Affiliates. All Rights Reserved.

Darktrace Reveals Six Months’ Data Breach in Financial Services by Hackers — Security Gladiators

Shared by
Security Affairs

securitygladiators.com - Financial information has allegedly been breached, due to malware detected by Darktrace security firm. Fears of boldness in the actions of hackers increase, due to the recent attacks against Sony a...