Tuesday, September 25, 2018

Encrypting SNI: Fixing One of the Core Internet Bugs

submitted by /u/protecz

From VNC to reverse shell

submitted by /u/Benjojo

Introducing SharpSploit: A C# Post-Exploitation Library

submitted by /u/0xdea

Is serverless insecure? Let’s find out…

submitted by /u/sprkyco

Mass WordPress compromises redirect to tech support scams

submitted by /u/EvanConover

HashWick V8 Vulnerability

submitted by /u/fagnerbrack

Online retailer Newegg beached by Magecart group as well

submitted by /u/_0x3a_

Analysis of iOS user heap from an exploiter point of view

submitted by /u/mabote

Scaling AFL to a 256 thread machine

submitted by /u/dwndwn

How to force restart any iOS device with just CSS? 💣

submitted by /u/pwnsdxpw

Wannamine cryptominer that uses EternalBlue still active

submitted by /u/EvanConover

Malicious Command Execution via bash-completion (CVE-2018-7738)

submitted by /u/pocorgtfoftw

Remote Code Execution in Alpine Linux

submitted by /u/justicz

Breach at US Retailer SHEIN Hits Over Six Million Users

Breach at US Retailer SHEIN Hits Over Six Million UsersUS fashion retailer SHEIN has admitted suffering a major breach affecting the personal information of over six million customers. The women’s clothing company revealed at the end of last week that...
The Register

Bug? Feature? Power users baffled as BitLocker update switch-off continues

Microsoft claims issue confined to older kit Three months on, users continue to report that Microsoft's BitLocker disk encryption technology turns itself off during security updates.…
ZDNet

UK issues first-ever GDPR notice in connection to Facebook data scandal

Canadian firm AggregateIQ, linked to the Facebook & Cambridge Analytica data scandal, is the first to be put on notice.
SecurityWeek

Symantec Completes Internal Accounting Investigation

Symantec announced on Monday that it has completed its internal accounting audit, and while some issues have been uncovered, only one customer transaction has an impact on financial statements. read more

Are Colleges Teaching Real-World Cyber Security Skills?

The cybersecurity skill shortage is a well-recognized industry challenge, but the problem isn’t that there are too few people rather that many of them lack suitable skills and experience. Cybersecurity is a fast-growing profession, and talented graduates are in...