Clik here to view.
Didier Stevens: Update; base64dump.py Version 0.0.7
This new version of base64dump.py has a new option: -z. With this option, you can ignore leading null bytes (to be used for example to handle UNICODE).You can see this option used in this video...
View ArticleClik here to view.
Un informático en el lado del mal: 6 de Julio: Una chala sobre "PinPay &...
Antes de que lleguen las vacaciones de verano en el hemisferio norte, tenemos aún cosas por delante. Hoy domingo aprovecho para dejaros un par de citas que tenemos la semana que viene. Las dos serán...
View ArticleSANS Internet Storm Center, InfoCON: green: PE Section Name Descriptions,...
PE files (.exe, .dll, ...) have sections: a section with code, one with data, ... Each section has a name, and different compilers use different section names. Section names can help us identify the...
View ArticleClik here to view.
Didier Stevens: Update: zipdump.py Version 0.0.9
In this new version of zipdump.py, you can provide a YARA rule directly on the command line, without having to store it inside a file.Just start the value of option -y with # and type your rule (use...
View ArticleClik here to view.
Un informático en el lado del mal: Un pentesting usando OWASP Top Ten 2017:...
En los últimos exámenes de las convocatorias de las becas Talentum Startups de Telefónica, una de las preguntas que realizamos a los candidatos, para ver qué tipo de contacto o conocimientos tienen...
View ArticleClik here to view.
ArsTechnica: Security Content: HTTPS Certificate Revocation is broken, and...
Enlarge/ Damn computer hackers, always trying to steal all my stuff. (credit: Getty Images / C.J. Burton)This article was originally published on Scott Helme's blog and is reprinted here with his...
View ArticleClik here to view.
Wired: Threat Level: Hacker Lexicon: What Are White Hat, Gray Hat, and Black...
Here's how to distinguish the colors of the hacker rainbow. The post Hacker Lexicon: What Are White Hat, Gray Hat, and Black Hat Hackers? appeared first on WIRED.
View ArticleClik here to view.
Wired: Threat Level: Matthew Keys Sentenced to Two Years for Aiding Anonymous
The former Tribune Company employee was convicted of giving Anonymous information that helped hackers access an LA Times server and alter a headline. The post Matthew Keys Sentenced to Two Years for...
View ArticleClik here to view.
Darknet - The Darkside: OpenPuff – Professional Steganography Tool
OpenPuff is a professional steganography tool, with unique features you won’t find among any other free or commercial software. OpenPuff is 100% free and suitable for highly sensitive data covert...
View ArticleClik here to view.
Didier Stevens: Update: pecheck.py Version 0.7.0
This new version of pecvheck.py adds an overview of sections. More details here.pecheck-v0_7_0.zip (https) MD5: 7BE550EC71BF99FC31704C2DD4ED3C8A SHA256:...
View ArticleClik here to view.
Un informático en el lado del mal: Cómo explotar Eternalblue en Windows...
Creo que, si hay algo en lo que todos estamos de acuerdo, es que la curiosidad es un factor clave en el camino de la seguridad informática. En mi caso, la curiosidad es tan grande que un día me veras...
View ArticleClik here to view.
PandaLabs: PowerLocker
PowerLocker, also called PrisonLocker, is a new family of ransomware which in addition to encrypting files on the victim’s computer (as with other such malware) threatens to block users’ computers...
View ArticleClik here to view.
Un informático en el lado del mal: Cupón Verano 2017 con 10% de descuento en...
Como suele ser habitual, antes de hacer el parón veraniego en 0xWord que se aprovecha para hacer el inventario y consumir las merecidas vacaciones en la empresa, se va a proceder a sacar el cupón de...
View ArticleSANS Internet Storm Center, InfoCON: green: ISC Stormcast For Wednesday, July...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
Zero in a bit: Testing the Fences: Software Security Is National Security
There is a scene in the movie Jurassic Park where we witness just how smart the velociraptors are. In order to find a way out of their enclosure, the carnivorous dinosaurs are systematically testing...
View ArticleClik here to view.
Darknet - The Darkside: GnuPG Crypto Library libgcrypt Cracked Via Side-Channel
Some clever boffins including Internet software pioneer djb have gotten libgcrypt cracked via a Side-Channel attack which has to do with the direction of a sliding window carried out in the library....
View ArticleClik here to view.
Didier Stevens: Update: re-search.py Version 0.0.8
This new version of re-search.py introduces options –script and –execute to provide your custom Python functions.Regular expressions can contain comments, like programming languages. This is a comment...
View ArticleSANS Internet Storm Center, InfoCON: green: Selecting domains with random...
I often have to go through lists of domains or URLs, and filter out domains that look like random strings of characters (and could thus have been generated by malware using an algorithm).Thats one of...
View ArticleSANS Internet Storm Center, InfoCON: green: ISC Stormcast For Thursday, July...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
ArsTechnica: Security Content: Backdoor built in to widely used tax app...
Enlarge (credit: National Police of Ukraine)The third-party software updater used to seed last week's NotPetya worm that shut down computers around the world was compromised more than a month before...
View Article