The Security Daily

Technology

Bug Bounty, 2 years in | Twitter Blogs

blog.twitter.com - Security on a global platform like Twitter is a 24/7 job – we are constantly evolving to respond to new threats and attacks against our users and our systems. In order to stay ahead of the game we ...

Why Google's victory in a copyright fight with Oracle is a big deal

vox.com - A few years ago, the database company Oracle sued Google, arguing that Google's Android operating system infringed the copyright of Oracle's Java technology. On Thursday a jury sided with Google, r...

Broadcast Name Resolution Poisoning / WPAD Attack Vector

Shared by Cyber Arms

praetorian.com - Posted Wednesday, May 25, 2016, 2:55 PM CDT by Josh Abraham One of the common attack vectors for penetration testing is to leverage an attack known as Broadcast Name Resolution Poisoning. Recently,...

Process Explorer: part 2

blog.malwarebytes.org - For Windows operating systems (OS), especially those up to and including Windows 7, Process Explorer is an excellent replacement for Task Manager. After publishing part 1: an introduction I receive...

Android Malware Slowly Adapts to Marshmallow's New Permission Model

Shared by Evident.io

news.softpedia.com - Malware coders have adapted two Android trojans to cope with Marshmallow's new user permission model, showing that, despite Google's best efforts, crooks will plow through all the company's securit...

How Troy Hunt Is Alerting Web Users Ensnared in Huge Data Breaches

eweek.com -     How Troy Hunt Is Alerting Web Users Ensnared in Huge Data Breaches     By Wayne Rash  |  Posted 2016-05-28 Print             NEWS ANALYSIS: An Australian security researcher is single-handedly ...

The Ukrainian Hacker Who Became the FBI’s Best Weapon—And Worst Nightmare

Shared by Cyber Arms

wired.com - But there was a hiccup. On February 10, 2005, Hilbert was summoned into a conference room in the J. Edgar Hoover Building, with five supervisors sitting around the table and an angry federal prosec...

Come rubare soldi da un ATM con un cellulare? | Tech Economy

techeconomy.it - Non me ne vogliate per il titolo roboante, ma in realtà è veramente possibile rubare soldi dall’ATM di una banca utilizzando un cellulare e il tema alimenta confronti e dibattiti. Negli ultimi anni...

Designer Malware Campaigns: The Rise of Couture Cybercrime?

Shared by Scuttlebutt

securityintelligence.com - A freelance writer for three years, Doug Bonderud is a Western Canadian with expertise in the fields of technology and innovation. In addition to working for the IBM Midsize... Employees are gettin...

How Performance Counters Opened Holes in Android - TrendLabs Security Intelligence Blog

Shared by Evident.io

blog.trendmicro.com - Earlier this week I talked at the annual HITB security conference in the Netherlands about some of my recent research into Android vulnerabilities. The topic of my talk was how performance counters...

The CyberWire 5.27.16

Shared by Evident.io

thecyberwire.com - We were pleased to be able to cover Georgetown University's annual Cybersecurity Law Institute this week. Expert panels gave advice on incident response, regulatory agencies and law enforcement aut...

Some credit card info at risk after transport website security breach

abc.net.au - The NSW Opposition has called on the state's Transport Minister to reveal how many customers have been affected by a security breach of TrainLink's online booking systems. Transport for NSW said it...

iOS hacker shows off iOS 9.3.2 JailbreakMe-inspired jailbreak, but a release is unlikely

9to5mac.com - Luca Todesco, better known around iOS hacking circles as qwertyoruiop, has released a video showcasing an iOS 9.3.2 jailbreak. The jailbreak, which is performed on a sixth-generation iPod touch, is...

Applying upgrades | Cloud 66 Community

Shared by Cloud 66

help.cloud66.com - Cloud 66 aims to make it easier to build immutable infrastructure. Building servers and stacks from scratch is much better than modifying existing server configurations and tinkering with settings ...

DAWF (DragonJAR Automatic Windows Forensic)

dragonjar.org - Enviado por DragoN en Abr 22, 2016 | 5 Comentarios DAWF (DragonJAR Automatic Windows Forensic) es el nombre que se le ha dado a una herramienta que automatiza la extracción de evidencia forense en ...

DNS Spoofing with Nethunter, cSploit & Kali Linux

Shared by Cyber Arms

cyberarms.wordpress.com - How cool would it be as a pentester to walk around a target company, with only your smartphone, and divert individual systems surfing the web to an outside Kali Linux system you have setup that is ...

Lior Div in Network World: Rip up the script when assembling a modern security team

Shared by Lior Div

cybereason.com - The advanced threats companies face require security teams have different characteristics than the backgrounds analysts typically have. However, most businesses hire security practitioners who have...

What SIEM tools made your short list?

searchsecurity.techtarget.com - Big data analytics, threat intelligence and machine learning have broadened the capabilities of security information and event management, technology that is used to normalize log data from dispara...

Dangers of charging your smartphone’s battery via USB

blog.kaspersky.com - Chances are that each of us has found ourselves in a situation where our phone is dying and we have no charger on hand, but at the same time we desperately need to stay connected — to answer an imp...

First take: The 2017 McLaren 570GT is a triple threat of looks, speed and comfort

Shared by CNET

cnet.com - When the McLaren MP4-12C came along in 2011 boasting Ferrari-baiting power, sweet looks and a weirdly comfortable ride, we knew that it was a base to build upon, and a pretty great one at that. Fas...

All Courses - Full Listing

Shared by Security Tube

pentesteracademy.com - This course will teach you Python scripting and its application to problems in computer and network security. This course is ideal for penetration testers, security enthusiasts and network administ...

Assembly Language and Shellcoding on Linux « SecurityTube Training

Shared by Security Tube

securitytube-training.com - The SecurityTube Linux Assembly Expert (SLAE) aims to teach the basics of assembly language on the Linux platform from a security perspective and its application to writing shellcode, encoders, dec...

24 best free software downloads for your laptop

techworld.com - This excellent software does double duty as a synchronisation tool and as an automated backup program. Exceedingly simple to use, it offers 2GB of free online backup space, takes up little RAM and ...

Millennials Could Learn From Baby Boomers When It Comes To Security

darkreading.com - Millennials may be tech-savvy, but they have a lot to learn when it comes to security, several new studies reveal. According to a survey commissioned by Webroot, 59% of millennials share their trav...

How To Set Up Twitter 'Follow Rules' In ManageFlitter | 7 Graces Of Marketing

Shared by Lynn Serafinn

the7gracesofmarketing.com - Social media strategist Lynn Serafinn shares her strategies for finding followers on Twitter, using ManageFlitter’s Remote Account Management feature. Pt 2 of 2. Part 1 of this 2-part series on usi...

How To Add A Custom Screen Resolution In Windows 10

addictivetips.com - Windows lets you select your display’s resolution from a reasonably long list of resolution settings that you can pick out. Back in Windows 7 you had one recommended setting and one really low sett...

Whoops: Oculus Piracy Crackdown Makes it Even More Vulnerable?

pcmag.com - Oculus on Friday released a platform update that aims to curb virtual reality piracy—but it may have done just the opposite. Version 1.4 of the Oculus app comes with updated "integrity checks" to p...

US-CERT: Leaked WPAD queries could expose corporate to MitM attacks

securityaffairs.co - The U.S. Computer Emergency Readiness Team(US-CERT) issued the Alert (TA16-144A) to warn of leaked WPAD queries could result in domain name collisions with internal network naming schemes. The WPAD...

Your data, their cloud? Bring your own encryption keys

Shared by Vormetric

infoworld.com - "Are you the Key Master?" "I am the Key Master, are you the Gate Keeper?" Those aren't merely lines from the "Ghostbusters" movie, but the question IT has to ask more and more about protecting even...

Device Guard deployment guide (Windows 10)

Shared by Cyber Arms

technet.microsoft.com - Microsoft Device Guard is a feature set that consists of both hardware and software system integrity hardening features that revolutionize the Windows operating system’s security. Windows 10 employ...

4 Ways to Keep Your eCommerce Business Safe

tech.co - At a yearly convention, where 20,000 hackers come together to share trade secrets. John Hering, a confessed hacker and cofounder of the mobile security company Lookout, says “any system can be brok...

Account Takeover: The Bane of E-Commerce

Shared by rybolov

bankinfosecurity.com - E-commerce sites face an ongoing fraud battle: Their login forms are constantly hit by bots using stolen credentials to try to take over accounts. See Also: How to Mitigate Credential Theft by Secu...

Apple Store's worst feature? Customers, says ex-employee

cnet.com - Technically Incorrect offers a slightly twisted take on the tech that's taken over our lives. You've always wondered what life is like at an Apple store, haven't you? Behind the scenes and in an em...

When John McAfee Crashes Your Panel...

Shared by Evident.io

blog.evident.io - Dave Lewis, global Security Advocate for Akamai Technologies, has almost two decades of industry experience with a focus on IT operations and management. He is the founder of the website Liquidmatr...

The tool that let's large business fight back the digital disrupters

Shared by ITBrief

itbrief.com.au - When you've been in IT a while, you've seen that vendors love to invent trends to sell their solutions. Most come and go, while few permanently change the way we do business. One trend that is rock...

FBI raids dental software researcher who discovered private patient data on public server

dailydot.com - Someone alerts you to exposed, unencrypted patient information on your FTP server. Is the correct response to thank them profusely or try to have them charged as a criminal hacker? It is not a tric...

Ransomware Complaints Double in a Year, Total Over $1.5 Million

Shared by Howard Fuhs

motherboard.vice.com - The number of victims reporting ransomware attacks has nearly doubled in a year, and the reported loss to victims nearly tripled, according to an FBI report based on information provided by the pub...

This site uses cookies for an optimal experience. We also allow third party cookies by trusted partners. By continuing to browse the site you are agreeing to our use of cookies. To learn more and disable some specific cookies, check our Privacy policy →