security   519158

« earlier    

Pwn a network by calling their fax machine
fax  badtech  security  exploit 
20 minutes ago by nelson
Rotten Potato | Penetration Testing Lab
However there is a technique which can be used that tries to trick the “NT Authority\System” account to negotiate and authenticate via NTLM locally so the token for the “NT Authority\System” account would become available and therefore privilege escalation possible. This technique is called Rotten Potato and it was introduced in DerbyCon 2016 by Stephen Breen and Chris Mallz.
windows  privesc  privilegeescalation  pentest  security 
1 hour ago by whip_lash
GitHub - quentinhardy/odat: ODAT: Oracle Database Attacking Tool
ODAT (Oracle Database Attacking Tool) is an open source penetration testing tool that tests the security of Oracle Databases remotely.
oracle  database  pentest  security  tool 
2 hours ago by whip_lash
An 11-year-old changed election results on a replica Florida state website in under 10 minutes | PBS NewsHour
Great demonstration of just how insecure voting machines are: this conference had KIDS go ahead and hack the machines.
security  voting  via:Techdirt 
2 hours ago by mcherm
Who Left Open The Cookie Jar?
Complexity of the attack surface makes for exploitable bugs.
Good reading of what kinds of things can happen.
browser  security  tracking  cookies  xss 
4 hours ago by drmeme
NSA Cracked Open Encrypted Networks of Russian Airlines, Al Jazeera, and Other “High Potential” Targets
The NSA’s ability to crack into sensitive VPNs belonging to large organizations, all the way back in 2006, raises broader questions about the security of such networks. Many consumers pay for access to VPNs in order to mask the origin of their internet traffic from the sites they visit, hide their surfing habits from their internet service providers, and to protect against eavesdroppers on public Wi-Fi networks.
security  nsa  vpn 
4 hours ago by whip_lash
The Security of Cellular Connections - The New York Times
"On a typical 4G LTE network connection, your data is encrypted and your identity is authenticated and protected."
security  wifi  cellular  nyt 
5 hours ago by outkast

« earlier    

related tags

!publish  !share  $23m  (still)  2013  2017  2018  aaronmak  abraji  accessibility  alerts  amazon  amazonecho  an  and  api  article  articles  at&t  aug18  aws  back  badr  badtech  beatrice_perez  biometrics  bitcoin  blockchain  blog_post  bodycamera  bookmarks_bar  browser  california  cameras  cellular  censorship  certificate  certificates  cheatsheet  china  ci  cia  clearance  clearances:  clicks  cloud_computing  conference  continuousdelivery  cookies  crypto  cryptocurrency  cryptography  csrf  ctf  ctvnews  currency  dashcam  database  deep_state  defcon  design  detection  dev  development  director's  dock  docker  driver  education  egosurf  elections  email  encryption  entire  environment  erd  establishment”  expert  exploit  fabico  facebook  fallacy  fax  file_formats  flaws  for  former  fp  fraud  from:foreignpolicy  gaps  gets  gianluca_stringhini  github  google  gpg  guns  hack  hacking  hacks  hii  http  https  iam  identity  in  information  infosec  innovation  instagram  intel  interaction  internet  ios  iot  issue  it’ll  javascript  jenkins  jornalismo-investigativo  kernel  kubernetes  law  learning  links  linux  local  localenvironment  location  mac  macos  malware  management  martinvigo  maryland's  medicaid  micro_musolesi  microphone  microsoft  misc  mitm  ml  mobile  mode  moi  monitoring  netpolicynotes  network  networking  networks  nsa  nyt  on  opensource  opsec  oracle  oscp  osx  over  owasp  ozy  pam  pen  pentest  pentesting  performance  pgp  phishing  podcast  police  politics  priv-esc  privacidade  privacy  privesc  privilege  privilege_escalation  privilegeescalation  programming  protocol  python  reference  research  reverse_engineering  reverseengineering  reviews  revoke  revokes  rohrbacher  russiagate  scanner  sensitive  service  severe  slate  smarthome  smb  snowden  social_media  socialengineering  socialmedia  software  spook  ssl  sued  surveillance  synthetic  system  tech  technology  tencent  testing  the  theft  threat  tin-foil-hat  tls  to  tool  tools  tracking  training  travel  trump  trump’s  tutorial  twitter  two-factor  u2f  us  usa  usage  utilities  ux  vegas  video  virtualization  voicemail  voting  vpn  wargames  web  webdesign  webdev  webmaster  webstuff  whitepaper  wifi  windows  wordpress  work  workaround  wpo  xss  “set 

Copy this bookmark: