ITSEC News @itsecbot@schleuss.online

#introductions This bot is posting ITSEC related news from all over the web - usually refreshes every few minutes with new stories. If you would like to see more sites included, write to the maintainer @emanuel - you might also be interested in @vulnbot

Hack the Box: Ypuffy Walkthrough - Today we are going to solve another CTF challenge “Ypuffy”. It is a retired vulnerable lab present... more: https://www.hackingarticles.in/hack-the-box-ypuffy-walkthrough/ #ctfchallenges

Pentest Lab Setup on Memcached - In this article, we are going to learn about pen-testing in Memcached lab setup in Ubuntu 18.04. M... more: https://www.hackingarticles.in/pentest-lab-setup-on-memcached/ #uncategorized

Where’s the Equifax Data? Does It Matter? - Threat-hunters say the breached data from the massive Equifax incident is nowhere to be found, ind... more: https://threatpost.com/equifax-data-nation-state/141929/ #vulnerabilities #datanotfound #nationstate #databreach #espionage #privacy #darkweb #equifax #breach #hacks #apt #spy

Threat Roundup for Feb. 8 to Feb. 15 - Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Feb.... more: http://feedproxy.google.com/~r/feedburner/Talos/~3/w2zpuY81R_A/threat-roundup-0208-0215.html #threatroundup #threatgrid #coverage #umbrella #amp

Google working on new Chrome security feature to 'obliterate DOM XSS' - Google announces Trusted Types browser API, a new defense against DOM-based XSS attacks. more: https://www.zdnet.com/article/google-working-on-new-chrome-security-feature-to-obliterate-dom-xss/#ftag=RSSbaffb68

Data Breach Bonanza: Dating Apps, Equifax, Mass Credential Dumps - Data-exposure "lowlights" for the week ending Feb. 15, 2019. more: https://threatpost.com/data-breach-equifax-credential-dumps/141925/ #facialrecognition #coffeemeetsbagel #credentialspills #vulnerabilities #valentine’sday #myfitnesspal #websecurity #databreach #privacy #darkweb #equifax #okcupid #roundup #breach #feb.15 #hacks #500px

Eight Cryptojacking Apps Booted From Microsoft Store - The eight apps were secretly stealing victims' CPU power to mine for Monero. more: https://threatpost.com/eight-cryptojacking-apps-booted-from-microsoft-store/141896/ #mobilesecurity #microsoftstore #cryptojacking #cryptomining #maliciousapp #websecurity #microsoft #bitcoin

Tips on How to Fight Back Against DNS Spoofing Attacks - Despite a welcome and needed DNS revamp, preventable abuse continues. more: https://threatpost.com/dns-spoofing-attacks/141880/ #cryptographically #infosecinsider #cryptography #websecurity #dnsflagday #malware #dnssec #google #hacks #dns

How to Build Comprehensive Security Processes With Threat Intelligence - As children, many of us played with the classic assortment of blocks, columns, and other shapes know... more: https://www.recordedfuture.com/threat-intelligence-security-processes/ #cyberthreatintelligence #opinion

GAO gives Congress go-ahead for a GDPR-like privacy legislation - Government officials, academia, and advocacy groups say it's time for the US to get its own GDPR-t... more: https://www.zdnet.com/article/gao-gives-congress-go-ahead-for-a-gdpr-like-privacy-legislation/#ftag=RSSbaffb68

Trickbot Malware Goes After Remote Desktop Credentials - The banking trojan is consistently evolving in hopes of boosting its efficacy. more: https://threatpost.com/trickbot-remote-desktop/141879/ #passwordgrabbingmodule #malwareanalysis #bankingtrojan #remotedesktop #evolving #trickbot #malware #update #putty #rdp #vnc

Security News – Paul’s Security Weekly #594 -     Why it’s way too easy to sell counterfeit goods on amazon, how to defend against the runC contai... more: http://feedproxy.google.com/~r/securityweekly/XBIC/~3/M4glO-Wepms/ #paulssecurityweekly #securityweekly #securitynews #computernews #windows10 #infosec #defcon #linux #news #runc #mac

Harry Svedlove, Edgewise – Paul’s Security Weekly #594 -     Harry Sverdlove, Chief Technology Officer of Edgewise for an interview, to talk about The Future... more: http://feedproxy.google.com/~r/securityweekly/XBIC/~3/JwSeTwX8nzw/ #paulssecurityweekly #futureoffirewalls #harrysverdlove #paulasadoorian #securityweekly #interview #edgewise #cto

Enterprise-ish Network Security: Pt. 1 – Paul’s Security Weekly #594 -     There are quite a few choices for selecting open-source and inexpensive hardware to build your n... more: http://feedproxy.google.com/~r/securityweekly/XBIC/~3/gU7Ysf1ut1Y/ #paulssecurityweekly #technicalsegment #enterprisetools #networksecurity #securityweekly #qotomhardware #techsegment #firewalls #opnsense #pfsense #qotom

CB-K19/0144 - Die beiden quelloffenen GPS Frameworks gpsd und microjson weisen eine Stack-basierte Pufferüberlau... more: https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/2019/02/warnmeldung_cb-k19-0144.html

Ultra-Sneaky Phishing Scam Swipes Facebook Credentials - Researchers warn that the phishing campaign looks "deceptively realistic." more: https://threatpost.com/sneaky-phishing-scam-facebook/141869/ #socialengineering #phishingcampaign #websecurity #credentials #facebook #phishing

Cyber Security Week in Review (Feb. 15, 2019) - Welcome to this week's Cyber Security Week in Review, where Cisco Talos runs down all of the news we... more: http://feedproxy.google.com/~r/feedburner/Talos/~3/35s2-oNDlJw/cyber-security-week-in-review-feb-15.html #cybersecurityweekinreview #microsoftpatchtuesday #cryptocurrency #adobeacrobat #securitynews #blockchain #cybernews #microsoft #facebook #whatsapp #vfemail #trojan #adobe #apple #ics

Thousands of Android apps permanently record your online activity for ad targeting - Your unique ID is being connected to devices to create an immutable record even when you ask for y... more: https://www.zdnet.com/article/thousands-of-apps-bypass-android-privacy-protections-to-permanently-record-your-activities/#ftag=RSSbaffb68

CB-K19/0141 Update 1 - Firefox ist ein Open Source Web Browser. ESR ist die Variante mit verlängertem Support.
Ein entfer... more: https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/2019/02/warnmeldung_cb-k19-0141_update_1.html

CB-K19/0143 - Thunderbird ist ein Open Source E-Mail Client.
Ein entfernter, anonymer Angreifer kann mehrere Sch... more: https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/2019/02/warnmeldung_cb-k19-0143.html