The Knol Infos Daily

News from my followers on Twitter about mostly from Education and Cyber-Security

#infosec

Top 50 Women in Internet Security

Shared by Maarten Boone

incapsula.com - We’ve compiled a list of 50 women currently working in the field of online security. All of whom are opinion and thought leaders with a passion for making the internet a safer place. We follow them...

McDonald's Official Website Exposes Passwords in Cleartext

bleepingcomputer.com - Security researcher Tijme Gommers has discovered and publicly disclosed an issue in the McDonald's official website that allows an attacker to gain access to a user's password in cleartext. The iss...

Consumers are passing off security responsibility to others: Gemalto | ZDNet

zdnet.com - Consumers are putting the responsibility for protecting their personal data in the hands of the organisations holding their data, rather than themselves, a report from security firm Gemalto has sai...

Credential-Stuffing Attacks Take Enterprise Systems By Storm

Shared by Ishan Girdhar

darkreading.com - Billions of online credentials freshly stolen in 2016 are fueling a practice of automated login hacks that are overwhelming legitimate human-login traffic on enterprise Web properties. A study out ...

Is Hacking in Your Blood?

Shared by NGenCode

tripwire.com - I am a hacker. I get hired by companies to break into their systems, a job commonly referred to as pentesting. I’m a “good guy” hacker. My definition of “good guy” versus “bad guy” is that good guy...

Kill it with fire: US-CERT warns admins to dump Server Message Block

theregister.co.uk - The US computer emergency readiness team is recommending organisations ditch old vulnerable versions of Server Message Block after a would-be zero-day was released by the Shadow Brokers hacking gro...

Staples Becomes The Latest Retailer Affected By A Payment Card Data Breach

techcrunch.com - If you’ve shopped at a major retailer in the U.S., chances are your payment card data has been stolen at some point. Today, it appears you may be able to add Staples to the growing list of retailer...

Dangerous New Gmail Phishing Attack Gaining Steam

darkreading.com - One of the best ways to tell if a website that is asking for your username and password is genuine or not is to look at the address bar in your browser that points to the site's true origin. But so...

It’s shockingly easy to hijack a Samsung SmartCam camera

arstechnica.com - Smart cameras marketed under the Samsung brand name are vulnerable to attacks that allow hackers to gain full control, a status that allows the viewing of what are supposed to be private video feed...

InfoSec Resources - Integrate WHONIX with Kali Linux to Achieve Anonymity

Shared by Hakin9

resources.infosecinstitute.com - How to become anonymous is the most common question that everybody asks on the internet. There could be many reasons to be an anonymous user; you are a journalist, and you want to get in touch with...

How to secure MongoDB on Linux or Unix production server

cyberciti.biz - The default file is located at /etc/mongodb.conf The default port is TCP 27017 MongoDB server version: 3.4.1 Edit the /etc/mongodb.conf or /usr/local/etc/mongodb.conf file, enter: $ sudo vi /etc/mo...

Law Firm Data Breaches Demonstrate the Expanding Scope of Cyber Attacks | JD Supra

jdsupra.com - In a case of “cyber meets securities fraud,” the United States Attorney’s Office for the Southern District of New York (“SDNY”) recently indicted three foreign nationals on charges of insider tradi...

SOHOpeless routers offer hard-coded credentials and command injection bugs

theregister.co.uk - Yet again, home routers are the home of SOHOpelessness: Zyxel and Billion units distributed in Thailand by TrueOnline have backdoors, and the researcher who found the flaw says the vendors have ign...

Close The Gap Between IT & Security To Reduce The Impact Of Cyber Threats

darkreading.com - Every modern organization operating today needs to rely on IT teams for service assurance within their networks and security professionals to keep everything safe. Organizations need both to operat...

The talent drought has led to costly cyber attacks on businesses

Shared by CyberWise

information-age.com - The almost complete reliance on the internet has meant that everything from economic vitality to national elections are affected by the changing landscape of cyber space. The global dependence on t...

Consumers Hold Businesses Mainly Responsible for Data Breaches

Shared by Tesserent

infosecurity-magazine.com - Consumers are increasingly aware of online security risks, but mainly hold businesses responsible for data breaches. According to Gemalto’s 2016 Data Breaches and Customer Loyalty report, about 58%...

How to Avoid Human Errors in Cybersecurity

investopedia.com - Beginning in 2014, both the SEC and FINRA began to examine the heightened risk financial services firms face regarding unauthorized access to the electronic data that these firms routinely maintain...

How To Stop Larry From Hacking Your WiFi in 2017

Shared by ω❗️z

thehackernews.com - It’s 2017, and we’re not any further along with Wi-Fi security than we were 10 years ago. There are Intrusion Detection Systems and 2nd generation antivirus apps to protect us from some vulnerabili...

5 strategies for addressing cybercrime -- GCN

Shared by Mike Husbands

gcn.com - From Jesse James to Butch Cassidy to Bonnie and Clyde, criminals have robbed individuals, stage coaches, trains and banks. Why? Because, as Willie Sutton famously said, “that’s where the money is.”...

Windows 10 security: 'So good, it can block zero-days without being patched' | ZDNet

Shared by TheLazyAdm

zdnet.com - Microsoft researchers have found that two zero-day exploits it patched against in November wouldn't have worked on systems running the Windows 10 Anniversary Update anyway. The firm has been testin...

Cybersecurity: Much Work Remains

Shared by Ryan Terp

automationworld.com - First, the good news: An increasing number of manufacturers are awakening to the threat of cybersecurity. This is a pretty big deal considering that, just a few years ago, most manufacturers outsid...

This phishing email uses an unexpected trick to infect PCs with keylogger malware | ZDNet

Shared by Robert Fuller

zdnet.com - Cybercriminals are targeting a US major financial services provider with malicious emails containing the tools required to install information collecting keylogging software onto the infected syste...

Think employers must protect workers’ personal info? Think again

networkworld.com - There’s good news for security pros worried that their organizations may be liable if their employees’ personal information gets hacked: a panel of judges in Pennsylvania says workers can’t collect...

Terrorists are winning the digital arms race, experts say

Shared by R@ng3r-B0B

csoonline.com - Terrorist groups are embracing a huge number of digital tools to recruit members and plan attacks, putting them a step ahead of governments trying to combat them, a group of counterterrorism expert...

Vulnerabilities Leave iTunes, App Store Open to Script Injection

threatpost.com - Apple is reportedly aware of and is in the middle of fixing a pair of vulnerabilities that exist in iTunes and the App Store. If exploited, researchers claim an attacker could inject malicious scri...

The most common passwords of 2016 - Help Net Security

Shared by Tony Kelly

helpnetsecurity.com - Despite having been predicted many times, the demise of the password as the preferred authentication method is still far off, as it’s difficult to beat its ease of use. According to Keeper Security...

Art of Anti Detection 2 – PE Backdoor Manufacturing

pentest.blog - This paper will explain several methods used for placing backdoors in PE(Portable Executable) files for red team purposes, in order to fully grasp the content of this paper, readers needs to have a...

White House Approves New Rules for Sharing of Raw Intelligence Data

Shared by CyberNation

threatpost.com - President Obama last week approved a change in the way the National Security Agency shares raw signals intelligence data with the rest of the U.S. intelligence community, a shift that privacy exper...

Cb Response 6.0 Changes the Game for Incident Responders, Emerges as the Clear Choice for Both Security and IT Teams - Carbon Black

Shared by Justin

carbonblack.com - Historically, large enterprises have been forced to make a choice between the best solution for their security teams and a solution that complies with IT requirements. Today, security teams and IT ...

Don’t Miss Out at RSA - Enterprise Services Blog

servicesblog.hpe-enterpriseforward.com - Security concerns keep growing. The costs of a breach continue to increase, now reaching billions of dollars in extreme cases. The costs of mitigation are surprisingly affordable.  And while you ma...

Following Extortion Attempt, Gaming Network ESEA Breached, 1.5M Profiles Leaked

threatpost.com - Following an extortion attempt, information from a recent breach of a competitive video gaming community surfaced over the weekend online. Data purportedly belonging to 1.5 million members of video...

Post-holiday spam campaign delivers Neutrino Bot

Shared by Somen

blog.malwarebytes.com - This post was co-authored by @hasherezade and Jérôme Segura During the Christmas season and early into the new year, we noticed a sharp decrease in spam volume, perhaps as online criminals took a b...

Cyber attacks against the healthcare industry are expected to grow

Shared by AQ

securityaffairs.co - The monitoring of the activity in the cyber criminal underground is essential for investigators and security experts. The value of illegal products and services gives us a precious information on c...

Kevin-Robertson/Invoke-TheHash

Shared by nicolasq

github.com - Invoke-TheHash Invoke-TheHash contains PowerShell functions for performing pass the hash WMI and SMB command execution. WMI and SMB services are accessed through .NET TCPClient connections. Authent...

Why your information security needs to include business continuity management

Shared by AQ

ncxgroup.com - When organizations think of information security, they don’t necessarily think business continuity management (BCM) as being a part of it.  Some security executives think the same as well, and this...

15 Actions You Can Take Right Now to Protect Your Privacy in the Age of Trump

medium.com - It is no secret that American democracy is in for some dark years. Trump has threatened first amendment rights; threatened to jail his political opposition; condoned violence by his followers; stok...

Major Linux security hole gapes open | ZDNet

Shared by AQ

zdnet.com - Sometimes Linux users can be smug about their system's security. And sometimes a major hole that's been hiding in Linux since about version 2.6 opens up and in you fall. The security hole this time...

U.S. govt. hackers ready to strike back if Russia tries to disrupt election

Shared by AQ

nbcnews.com - U.S. military hackers have penetrated Russia's electric grid, telecommunications networks and the Kremlin's command systems, making them vulnerable to attack by secret American cyber weapons should...

Guatemalan | 4’9” | Female | US Army Sergeant | Cyber Forensics Student | Badass

itspmagazine.com - As a female born in another country and brought to the United States at the age of 12 by a single mother of four children, I never imagined I could be part of something bigger than anything I’ve ev...

World Economic Forum ranks cyber as third biggest threat

Shared by Brian Mecca

infosecurity-magazine.com - Connected devices and the potential for cyber-attacks has featured as one of the top risks for 2017. While economic inequality, societal polarization and intensifying environmental dangers were ide...

17 Amazing Blogs on Insider Threats You Should Be Following - Onion ID Website

Shared by OnionID

onionid.com - After a string of concerning news about some of the world’s biggest brands falling victim to cyber attacks (Insider Threats?), it’s only natural to devote a great majority of your security budget t...

Basic Malware Analysis Tools - Hacking Tutorials

hackingtutorials.org - In the upcoming 6 hacking tutorials we will be talking about basic malware analysis and we will start with discussing the many different Basic Malware Analysis Tools which are available. A Malware ...

Tegile ups its array game with new kit

theregister.co.uk - All-flash and hybrid array vendor Tegile has updated its product range, with the T3000 series of all-flash, hybrid and high density arrays becoming the faster and more capavcious T4000 series. Tegi...

Student Science Fair Project | Can Two-Factor Protect Democracy?

Shared by Yubico

yubico.com - Millions of people use YubiKeys all across the globe, and our customers often share how they use YubiKeys at work and for their personal accounts. Now and then we hear a unique story from a new per...

ForgottenSec/Transitioning_Into_InfoSec

Shared by Rob Weiss

github.com - Transitioning Into InfoSec So many people in Information Security create resources for students transitioning into the industry, but the struggle is to share them to Academia and anyone else trying...

Avoiding the Technology Upgrade? Don't Dodge Security

Shared by IBM Security

securityintelligence.com - Consumers love new technology. New iterations of iPhones or brand-specific Androids are embraced by devotees looking to analyze the latest features, dissect any potential flaws and conduct entirely...

We Are Anonymous: Inside the Hacker World of LulzSec, Anonymous, and the Global Cyber Insurgency - CyberWar: Si Vis Pacem, Para Bellum

Shared by Rene Tieben

tobem.com - Category: Books Tags: 0316213527, and the Global Cyber Insurgency, Anonymous, Anonymous (Group), Back Bay Books, Computer Data Security, Parmy Olson, Security - General, Security (National & Intern...

Cyber SA 2017

c-mric.org - Theme – Cyber Situation Awareness as a Prism to Understanding Situations in a fast-paced CyberWorld Deadline for paper submissions has now been extended to 28th February 2017 IEEE is the Technical ...

Cambridge firm at centre of worldwide fight against cybercrime

therecord.com - CAMBRIDGE — With the flip of a wall-mounted switch, the white glass turns almost clear, offering a window onto the front lines of the never-ending digital war against hackers. This is the security ...

Bro IDS tips and tricks - Security Art Work

Shared by D4rkY4n

securityartwork.es - Como continuación del excelente post sobre Bro que publicó nuestro compañero Juan Manuel hace un tiempo, en el presente recopilamos diversos tips and tricks para dicha herramienta que esperamos que...

Editor's note

Please find here the daily Twitter-News shared by knolinfos and my followed tweets, have fun ;-) Check also my blogs on WordPress  and my Security Web Site Internet Monitor (EN, FR, DE) . Interested in Education??? Check here 21st Century  in Education and 21st Century How-To Guide for Teaching-People . Simple steps to secure your PC, Twitter account and Facebook account, check here PC Security-HowTo Secure my PC .
This site uses cookies for an optimal experience. We also allow third party cookies by trusted partners. By continuing to browse the site you are agreeing to our use of cookies. To learn more and disable some specific cookies, check our Privacy policy →