Are the Tutanota and Ctemplar Encrypted Email Providers, Honeypots?

submitted by raven9 from self.Security

Log4Shell: RCE 0-day exploit found in log4j2, a popular Java logging package

submitted by Drewski from lunasec.io

Public CDNs Are Useless and Dangerous

submitted by infocom6502 from news.ycombinator.com

A mysterious threat actor is running hundreds of malicious Tor relays

submitted by Drewski from therecord.media

Missouri Admits It Fucked Up In Exposing Teacher Data, Offers Apology To Teachers -- But Not To Journalists It Falsely Accused Of Hacking

submitted by Drewski from techdirt.com

Confessions of a ransomware negotiator

submitted by Drewski from theregister.com

Hackers claim significant Epik breach

submitted by Drewski from domainnamewire.com

Hackers leak passwords for 500,000 Fortinet VPN accounts

submitted by Drewski from bleepingcomputer.com

How I re-over-engineered my home network for privacy and security

submitted by [deleted] from ben.balter.com

Cambridge Locksmith 247

submitted by locksmithcambridgema from self.Security

“Worst cloud vulnerability you can imagine” discovered in Microsoft Azure

submitted by Drewski from arstechnica.com

Github Now Demanding Device Verification

submitted by raven9 from self.Security

GitHub Kisses Passwords Goodbye

submitted by [deleted] from thenewstack.io

Tinder Will Soon Require Users To Verify Their Account Using Local ID For Added Security Online

submitted by [deleted] from indiatimes.com

Wapiti allows you to audit the security of your websites or web applications

submitted by [deleted] from wapiti.sourceforge.io

Wanted: Disgruntled Employees to Deploy Ransomware

submitted by Drewski from krebsonsecurity.com

Secret terrorist watchlist with 2 million records exposed online

submitted by Drewski from bleepingcomputer.com

Should browsers remember 2FA codes?

submitted by [deleted] from shkspr.mobi

Apple's disregard for security and privacy is mind-boggling

submitted by [deleted] from evermeet.cx

Large batch of high score Vulnerabilities in Mozilla Firefox are disclosed. High risk for government, businesses, and targeted individuals who use Mozilla open sores.

submitted by infocom6502 from cisecurity.org

Hidden Radios in Home Devices (IOT)! The next Cyberthreat

submitted by [deleted] from youtube.com

pwn.college - learn about, and practice, core cybersecurity concepts in a hands-on fashion

submitted by [deleted] from pwn.college

The problems with Antivirus software and how in 2021, they actually detract from security and privacy and not enhance it.

submitted by [deleted] from youtube.com

How to keep your smartphone safe from spying

submitted by [deleted] from archive.is

Canary tokens are a free, quick, painless way to help you discover that you've been breached

submitted by [deleted] from canarytokens.org

‘Master Faces’ That Can Bypass Over 40% Of Facial ID Authentication Systems

submitted by Drewski from unite.ai

Facebook is reportedly trying to analyze encrypted data without decrypting it

submitted by [deleted] from techspot.com

Molly is a hardened version of Signal for Android

submitted by [deleted] from github.com

Windscribe VPN servers seized by Ukrainian authorities weren’t encrypted

submitted by Drewski from arstechnica.com

With help from Google, impersonated Brave.com website pushes malware

submitted by [deleted] from arstechnica.com

We can't believe people use browsers to manage their passwords, says maker of password management tools

submitted by [deleted] from theregister.com

HTTP Security Headers: Why? How? What?

submitted by [deleted] from kerkour.com

Do a Security Checklist for Your Digital Life

submitted by [deleted] from brianlovin.com

VisibleV8 allows users to track and record the behavior of JavaScript programs without alerting the websites that run those programs

submitted by [deleted] from kapravelos.com

Is Microsoft a National Security Threat?

submitted by [deleted] from techrights.org

JavaScript will probably ruin your life. Disable it, block it, and stay safe from the most common vector of malware infection.

submitted by [deleted] from youtube.com

Lantern - fast, reliable and secure access to the open internet (no logging, no cooperation with law enforcement)

submitted by [deleted] from getlantern.org

Ybits - Firefox send alternative with malware protection

submitted by [deleted] from ybits.io

APKPure app contained malicious adware, say researchers

submitted by Drewski from techcrunch.com

+Link - a simple link shortening service to combat phishing

submitted by [deleted] from plus.link

How to Secure and Optimize your Website or Blog

submitted by [deleted] from cyberhost.uk

Passwords cross all boundaries, how can we manage them?

submitted by [deleted] from viewfromtheweb.com

Carrier suspected of injecting ads into two-factor SMS messages

submitted by [deleted] from xda-developers.com

Yes, we want cryptographic protection for email

submitted by [deleted] from sequoia-pgp.org

How to Make Sure Your Browser Extensions Are Safe

submitted by [deleted] from archive.is

Tinfoil Chat - onion-routed, endpoint secure messaging system

submitted by [deleted] from github.com

Mirotalk - free browser based real-time video calls

submitted by [deleted] from mirotalk.up.railway.app

Hey Signal! Great Encryption Needs Great Authentication

submitted by Drewski from sequoia-pgp.org

ESET SysRescue Live disc - a malware cleaning tool that runs independent of the operating system from a CD, DVD, or a USB. It has direct access to the disc and the file system, and therefore is capable of removing the most persistent threats.

submitted by [deleted] from eset.com

1ty.me - One Time Self Destructing Links For Sharing Sensitive Information

submitted by [deleted] from 1ty.me

sploitus - exploits & tools search engine

submitted by [deleted] from sploitus.com

DerivePass - compute secure passwords without storing them anywhere

submitted by [deleted] from derivepass.com

Trackmedown - Identify potential scammers to safeguard yourself and others

submitted by [deleted] from trackemdown.com

SpiderFoot provides an easy-to-use interface that enables you to automatically collect Open Source Intelligence about IP addresses, domain names, e-mail addresses, usernames, names, subnets and ASNs from many sources such as AlienVault, HaveIBeenPwned, SecurityTrails, SHODAN and more

submitted by [deleted] from spiderfoot.net

A Western Digital Vulnerability is Being Actively Exploited to Wipe Connected Devices

submitted by [deleted] from arstechnica.com

D3FEND - a knowledge graph of cybersecurity countermeasures

submitted by [deleted] from d3fend.mitre.org

Grugq - from in-depth papers on forensics and anti-forensics, to detailed analysis of events that skirt both international espionage and cyber security

submitted by [deleted] from gru.gq

Cellphone Security - critical app functions blocking

submitted by [deleted] from dt.gl

The Auditor - validate the integrity of the operating system from another Android device

submitted by [deleted] from attestation.app

Irish police to be given powers over passwords

submitted by Drewski from bbc.com

How governments and spies text each other: Matrix has become the messaging app of choice for top-secret communications

submitted by Drewski from wired.co.uk

Pi.Alert - WIFI/LAN intruder detector. Check the devices connected and alert you with unknown devices. It also warns of the disconnection of "always connected" devices

submitted by [deleted] from github.com

Tracking One Year of Malicious Tor Exit Relay Activities (Part II)

submitted by [deleted] from archive.is

passworDDD - unique passwords for every website

submitted by [deleted] from passworddd.com

How to configure Noscript for ordinary users

submitted by [deleted] from dedoimedo.com

Your Old Phone Number Could Get You Hacked, Researchers Say

submitted by [deleted] from gizmodo.com

A team o computer science researchers has uncovered a line of attack that breaks all Spectre defenses

submitted by [deleted] from sciencedaily.com

What is Lacking in Linux Security and What Are or Should We be Doing about This

submitted by [deleted] from youtube.com

Despite popular belief, OpenBSD's security is actually lacking in a lot of ways

submitted by [deleted] from madaidans-insecurities.github.io

The Universal Radio Hacker - investigate unknown wireless protocols

submitted by [deleted] from github.com

Morpheus Turns a CPU Into a Rubik’s Cube to Defeat Hackers

submitted by [deleted] from spectrum.ieee.org

HTTPS Everywhere? Let's not

submitted by [deleted] from changelog.com

Secure Network - tools to protect yourself

submitted by [deleted] from matteoguadrini.github.io

Scientists harness chaos to protect devices from hackers

submitted by [deleted] from news.osu.edu

Google’s Project Zero Finds a Nation-State Zero-Day Operation

submitted by [deleted] from schneier.com

ShieldWall embraces the zero-trust principle and instruments your server firewall to block inbound connections from every IP on any port, by default

submitted by [deleted] from shieldwall.me

Zenlogin - suspicious login detection in minutes

submitted by [deleted] from zenlogin.co

How to bypass CloudFlare bot protection

submitted by [deleted] from jychp.medium.com

Cloaker.mobi - a simple in-browser file encryption

submitted by [deleted] from cloaker.mobi

MITRE ATT&CK is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations

submitted by [deleted] from attack.mitre.org

Endgame for end-to-end encryption

submitted by [deleted] from openrightsgroup.org

Snort is an Open Source network intrusion prevention system capable of performing real-time traffic analysis and packet logging on IP networks.

submitted by [deleted] from snort.org

Dropbox Passwords will soon be free for all users

submitted by [deleted] from techradar.com

Whistleblower: Ubiquiti Breach “Catastrophic”

submitted by Drewski from krebsonsecurity.com

“netmask” npm package, used by 270,000+ projects, vulnerable to octal input data: server-side request forgery, remote file inclusion, local file inclusion, and more (CVE-2021-28918)

submitted by Drewski from sick.codes

This Android update is really nasty spyware — what you need to know

submitted by [deleted] from tomsguide.com

(in)security - Yet another blog with some security related posts

submitted by [deleted] from insecurity.blog

Plain Text Offenders - Did you just email me back my own password?!

submitted by [deleted] from plaintextoffenders.com

DARPA takes step toward 'holy grail of encryption'

submitted by [deleted] from livescience.com

HIBPOfflineCheck - Keepass plugin that performs offline and online checks against HaveIBeenPwned passwords

submitted by [deleted] from github.com

Today's Cyberattacks Foreshadow Wars to Come

submitted by [deleted] from spectrum.ieee.org

Hacker dumps Guns.com database with customers, admin data

submitted by Drewski from hackread.com

Nzyme is a free and open WiFi defense system that detects and physically locates threats using an easy to build and deploy sensor system

submitted by [deleted] from nzyme.org

Firejail is a SUID program that reduces the risk of security breaches by restricting the running environment of untrusted applications

submitted by [deleted] from firejail.wordpress.com

Secure Password reGenerator

submitted by [deleted] from 22.00-59.com

Flatpak - a security nightmare

submitted by [deleted] from flatkill.org

Phone app can figure out the shape of your house key by listening to you use it

submitted by [deleted] from boingboing.net

Credential Stuffing Attacks-How to Secure Your Identity?

submitted by jackforbes from 4shared.com

Digital Security

submitted by [deleted] from riseup.net

Lynis is a battle-tested security tool. It performs an extensive health scan of your systems to support system hardening and compliance testing.

submitted by [deleted] from cisofy.com

view more: next ›