Fortinet FortiGuard Blog: An Inside Look at CVE-2017-0199 – HTA and Scriptlet...
FortiGuard Labs recently came across a new strain of samples exploiting the CVE-2017-0199 vulnerability. This vulnerability was fixed by Microsoft and the patch was released in April 2017. Due to its...
View ArticleClik here to view.
Un informático en el lado del mal: Pedaladas para pensar en tecnología
Noventa y siete, noventa y ocho, noventa y nueve y cien. Sí, parece que la rueda delantera está ya bien inflada. Guardo la bomba de aire. Me pongo el casco, me subo a la bici y ajusto las calas....
View ArticleClik here to view.
Carnal0wnage Blog: DevOoops: Hadoop
What is Hadoop?"The Apache Hadoop software library is a framework that allows for the distributed processing of large data sets across clusters of computers using simple programming models. It is...
View ArticleFortinet FortiGuard Blog: Governmental Entities Bringing Financial...
By now, it’s no secret that cybercriminals have targeted, and continue to target, the financial services industry with advanced attacks that are designed to steal or otherwise jeopardize valuable data....
View ArticleFortinet FortiGuard Blog: Join Fortinet at HPE Discover 2017!
Fortinet is a Gold sponsor at Discover 2017, and will showcase several important security innovations to help you stay ahead of cyber threats. Join Fortinet at booth 231 while you’re at Discover 2017...
View ArticleClik here to view.
Darknet - The Darkside: EtherApe – Graphical Network Monitor
EtherApe is a graphical network monitor for Unix modelled after etherman. Featuring link layer, IP and TCP modes, it displays network activity graphically. Hosts and links change in size with traffic....
View ArticleClik here to view.
ArsTechnica: Security Content: Leaked NSA report says Russians tried to hack...
Enlarge/ Eric Trump, son of then-presidential nominee Donald Trump, looks at wife Lara Yunaska's voting booth. An NSA report indicates Russia may have attempted to plant malware on the computers of...
View ArticleSANS Internet Storm Center, InfoCON: green: Malware and XOR - Part 1, (Mon,...
Malware authors often encode their malicious payload, to avoid detection and make analysis more difficult.I regurlarly see payloads encoded with the XOR function. Often, they will use a sequence of...
View ArticleClik here to view.
Didier Stevens: Update: xor-kpa.py Version 0.0.5
Some small changes to my XOR known plaintext attack tool (xor-kpa), which will be detailed in an ISC Diary entry.xor-kpa_V0_0_5.zip (https) MD5: 023D8E3725E0EF7CEC449085AA96BB3A SHA256:...
View ArticleSANS Internet Storm Center, InfoCON: green: ISC Stormcast For Tuesday, June...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
Un informático en el lado del mal: Manipulación en memoria de los tokens de...
Cuando estamos en un pentesting y tenemos que conseguir el máximo privilegio en una máquina es importante tener conocimientos sobre las vulnerabilidades actuales que permitan la elevación de...
View ArticleClik here to view.
ArsTechnica: Security Content: How a few yellow dots burned the Intercept’s...
Enlarge (credit: Ars Technica)When reporters at The Intercept approached the National Security Agency on June 1 to confirm a document that had been anonymously leaked to the publication in May, they...
View ArticleClik here to view.
SANS Internet Storm Center, InfoCON: green: Malware and XOR - Part 2, (Tue,...
In part 1, I gave some examples to recover XOR keys from encoded executables if we knew some of the content of the unencoded file (known plaintext attack).In this part, I give some examples to automate...
View ArticleClik here to view.
ArsTechnica: Security Content: You’ll never guess where Russian spies are...
Enlarge (credit: Instagram)A Russian-speaking hacking group that, for years, has targeted governments around the world is experimenting with a clever new method that uses social media sites to conceal...
View ArticleSANS Internet Storm Center, InfoCON: green: ISC Stormcast For Wednesday, June...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
Didier Stevens: Overview of Content Published In May
Here is an overview of content I published in May:Blog posts:Gzip Decompression Via PipesQuickpost: Internet Zone IDsCrack A ZIP Password, And Fly To Dubai …Quickpost: ZIP Password Cracking With John...
View ArticleClik here to view.
Un informático en el lado del mal: Cómo un enlace malicioso en WhatsApp puede...
Siempre que se hace un click en un hipervínculo enviado a través de un mensaje de correo electrónico o cualquier plataforma de mensajería, existe un cierto riesgo de que el enlace sea malicioso y el...
View ArticleClik here to view.
Carnal0wnage Blog: Mentoring: On meeting your **Heroes**
Mentoring: On meeting your **Heroes**I put heroes in asterisks because none of us have paparazzi following us around. I regularly use Val Smith's quote about even the most popular infosec person is...
View ArticleClik here to view.
SANS Internet Storm Center, InfoCON: green: Deceptive Advertisements: What...
About a week ago, a reader asked for help with a nasty typo squatting incident:The site, yotube.com, at the time redirected to fake tech support sites. These sites typically pop up a message alerting...
View ArticleClik here to view.
Darknet - The Darkside: OneLogin Hack – Encrypted Data Compromised
The OneLogin hack is blowing up now it seems like whoever got access can also decrypt encrypted customer data which is just about AS BAD as it can get for a password/identity management service. Now...
View Article