Technology & Security News

By ItsAllAboutTheBytes.com | Tech news and Solutions , Cisco info and tutorials. www.itsallaboutthebytes.com

This Year's First Mac Malware Appears

"2018 is barely two weeks old, and already it looks like we've got new piece of macOS malware! Hooray :)"<p>That's how Apple-focused security researcher …

Security

New security flaw detected in Intel hardware

Finnish cybersecurity specialist F-Secure has reported another serious flaw in Intel hardware. It has nothing to do with the Spectre and Meltdown …

Information Security

U.S. Marshals to hold auction of seized bitcoin on Jan. 22

NEW YORK (Reuters) - The U.S. government will hold an auction of about 3,813 bitcoins that were seized in federal criminal, civil and administrative cases, the U.S. Marshals Service said on Thursday.<p>The six-hour online auction will be held on Jan. 22, the Marshals said in a statement, with the …

Bitcoin

Introduction to reverse engineering and Assembly.

I recently wrote a blog post giving an introduction to reverse engineering and assembly language on the Purism blog. Considering that my last blog …

PhishLulz Phishing Automation Tool,Automating Phishing Activities,Phishlulz Tutorial

PhishLulz<p>PhishLulz is a Ruby toolset aimed at automating Phishing activities.<p>When you start a phishing campaign, a dedicated Amazon EC2 (Debian 7) …

Google Hacking for PenTester • Penetration Testing

Google Hacking the meaning of the original use of Google Google search engine to search for information technology and behavior, now refers to the …

Meltdown and Spectre - Updated Threat Information - Latest Information - SANS DFIR WEBCASTS

awesome-incident-response

A curated list of tools and resources for security incident response, aimed to help security analysts and DFIR teams.<p>Contents<p>All in one …

Forensics

The Past, Present and Future of DNS Security

The Domain Name System (DNS) is the backbone of the modern internet. Over the years, it has evolved to make networked computing accessible to …

Information Security

30 Amazing Python Projects for the Past Year (v.2018)

For the past year, we’ve compared nearly 15,000 open source Python projects to pick Top 30 (0.2% chance).<p>This is an extremely competitive list and it …

Python Programming

The Ultimate Intermediate Ruby on Rails Tutorial: Let’s Create an Entire App!

There are plenty tutorials online which show how to create your first app. This tutorial will go a step further and explain line-by-line how to …

JavaScript

Nvidia GPUs aren't immune to Spectre security flaw

As many tech companies are working together to patch Spectre and Meltdown vulnerabilities, Nvidia joins the list of businesses to offer a patched …

Information Security

Directory Traversal Fuzzer: DotDotPwn

It’s a very flexible intelligent fuzzer to discover traversal directory vulnerabilities in software such as HTTP/FTP/TFTP servers, Web platforms such …

Linux

Linkedin Information Gathering Tool: raven

raven is a Linkedin information gathering tool that can be used by pentesters to gather information about an organization employees using Linkedin. …

Linux

How to check Linux for Spectre and Meltdown vulnerability - nixCraft

How do I check if my Linux server is still vulnerable to Spectre and Meltdown CPU bugs? <br>Spectre & Meltdown Checker is a shell script that check for …

Linux

Exploit the Credentials Present in Files and Memory: PowerMemory

PowerMemory is a PowerShell post-exploitation tool. It uses Microsoft binaries and therefore is able to execute on a machine, even after the Device …

Information Security

Hackers exploit critical Oracle WebLogic flaw to secretly mine cryptocurrency worldwide

Hackers have been found using this exploit to install cryptominers on vulnerable, unpatched devices.<p>Multiple hackers are exploiting a web server …

Information Security

FBI Director: Cryptocurrency, Nation-State Attacks, Among Agency's Top Cybersecurity Concerns

1/10/2018<br>03:18 PM<p>50%<p>50%<p>Speaking at International Conference on Cyber Security, FBI director Christopher Wray pointed to a rise in nation-state …

FBI chief says phone encryption is a 'major public safety issue'

The FBI's stance on phone encryption hasn't changed even if the President fired former director James Comey. At a cybersecurity conference in New York, current chief Christopher Wray has reiterated that the agency failed to access the content inside 7,775 devices within the fiscal year that ended …

Privacy

Meltdown and Spectre CPU vulnerabilities: One week later

It’s been almost a full week since researchers discovered two groundbreaking security vulnerabilities present in almost every single device running …

Brian Krzanich

What's Slack Doing With Your Data?

More than six million people use Slack daily, spending on average more than two hours each day inside the chat app. For many employees, work life is …

Privacy

EMC, VMware security bugs throw gasoline on cloud security fire | Ars Technica

Backups of virtual machines on some hosts could be accessed or altered by an attacker.<p>While everyone was screaming about Meltdown and Spectre, …

Information Security

'Back to Basics' Might Be Your Best Security Weapon

A company's ability to successfully reduce risk starts with building a solid security foundation.<p>Despite an influx of best-in-breed security …

Cybersecurity

Windows Meltdown patch: No more security updates for your PC if your AV isn't compatible

Microsoft has updated its support notice to say that Windows computers will not receive any security updates at all until their AV software is …

Information Security

Yet another crazy bug surfaces in macOS High Sierra

Yet another serious security flaw has been discovered in macOS High Sierra.<p>The bug, which remains present in Apple’s most recent public release, allows anyone to change the App Store settings in System Preferences by entering anything as your password.<p>It’s hard to ignore the decline in Apple …

iOS

How to properly secure your Android phone

Know how to use the tools you're given to keep your phone and your data secure.<p>Google, Apple, and Microsoft have great tools for managing your online …

Android Oreo

CPU bug patch saga: Antivirus tools caught with their hands in the Windows cookie jar

Microsoft's workaround to protect Windows computers from the Intel processor security flaw dubbed Meltdown has revealed the rootkit-like nature of …

Information Security

WhatsApp Security Flaws Could Allow Snoops to Slide Into Group Chats

When WhatsApp added end-to-end encryption to every conversation for its billion users two years ago, the mobile messaging giant significantly raised …

Encryption

Exploit Development: How to Manipulate Code Execution with the Instruction Pointer

The one thing that separates a script kiddy from a legitimate hacker or security professional is the ability to program. Script kiddies use other …

White Hat