SANS Internet Storm Center, InfoCON: green: Exploit Attempts for Drupal...
Attackers usually dont have to worry much about Drupal administrators applying patches. The majority of exploit attempts I see in our honeypots use pretty ancient vulnerabilities. So I was happy to see...
View ArticleClik here to view.
Darknet - The Darkside: Two Israeli Men Arrested For Running VDoS-s.com DDoS...
DDoS or Booter services have been around for a while, but VDoS-s.com was a particularly slick (and shameless) one with a content marketing strategy and active social media accounts. Two Israeli men...
View ArticleArsTechnica: Security Content: New batch of leaked Colin Powell e-mails...
Add former US Secretary of State Colin Powell to the list of high-ranking Washington insiders whose leaked e-mails are rankling their peers with just weeks to go before the US presidential election.DC...
View ArticleArsTechnica: Security Content: Science press site hacked; hackers release…...
For many science journalists, a week would not be complete without one or more trips to the Eurekalert website. Put together by the American Association for the Advancement of Science, Eurekalert is...
View ArticleSANS Internet Storm Center, InfoCON: green: ISC Stormcast For Thursday,...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
Un informático en el lado del mal: Cómo usar una "debilidad" de SSRF en...
Durante este verano hemos estado muy activos reportando algunas vulnerabilidades descubiertas por el motor de Faast en algunas empresas tecnológicas. Utilizando la visión del Pentesting Persistente que...
View ArticleClik here to view.
ArsTechnica: Security Content: Alibaba fires employees for hacking their way...
(credit: Social media, via China Daily)China's Mid-Autumn Festival started today, as much of the world now knows due to a runaway inflatable moon incident reported yesterday (as seen below). Celebrated...
View ArticleSANS Internet Storm Center, InfoCON: green: Is "2 out of 3" good...
One of my morning rituals is to take the last few malware samples I received in any of my inboxes and run them in a virtual machine to see if there is anything new. To be honest: There isnt much new...
View ArticleClik here to view.
/dev/random: IP Address Open Source Intelligence for the Win
During the last edition of the Troopers security conference in March, I attended a talk about “JustMetaData”. It’s a tool developed by Chris Truncer to perform open source intelligence against IP...
View ArticleClik here to view.
ArsTechnica: Security Content: Signal fixes bug that lets attackers tamper...
EnlargeSignal, the mobile messaging app recommended by NSA leaker Edward Snowden and a large number of security professionals, just fixed a bug that allowed attackers to tamper with the contents of...
View ArticleClik here to view.
ArsTechnica: Security Content: Teenager uncovers route to free Web surfing on...
Enlarge/ Free, unfiltered Web browsing—without a data plan. (credit: Jacob Ajit)Jacob Ajit, a 17-year-old student at the Thomas Jefferson High School for Science and Technology in Fairfax, Virginia,...
View ArticleSANS Internet Storm Center, InfoCON: green: ISC Stormcast For Friday,...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
Un informático en el lado del mal: Protege tu #Magento: Exploitación del bug...
Magento es una de las principales plataformas de comercio electrónico en Internet y con una amplia comunidad - incluso han desarrollado un plugin de Latch para Magento -. Es posible encontrar multitud...
View ArticleClik here to view.
McAfee Avert Labs: Taking a Look at W32/Ramnit
Today we’re going to take a look at an interesting file-infector virus. W32/Ramnit infects EXE, DLL and HTML files. That last one is right; W32/Ramnit also infects HTML files to replicate itself.Let’s...
View Articlehoneyblog: 2011 Honeynet Project Security Workshop Slides + Videos
The slides and videos from the 2011 Honeynet Project Security Workshop (Paris) are now available! You can get the material from http://www.honeynet.org/SecurityWorkshops/2011_Paris. About the...
View ArticleLost In Security: Españoles por la BlackHat
Siguiendo con la estela del artículo publicado 'Españoles por la Phrack', vuelvo a la carga con un artículo parecido, pero en este caso sobre una de las conferencias de seguridad que más conoce la...
View ArticleLost In Security: El último superviviente (II) - iOS
En el pasado artículo estuvimos revisando los puntos débiles que tiene un malware a la hora de sobrevivir un reinicio del sistema, y nos centramos en OSX. Ahora toca el turno a iOS, que al ser una...
View ArticleClik here to view.
KPNC: vulnerability in… WinCalc (Win7, x64)
I will never go out of business in this country. thanks to Microsoft. who would have thought that wincalcis vulnerable? I have not checked all systems yet, so this is my configuration: Windows 7...
View ArticleClik here to view.
PandaLabs: PowerLocker
PowerLocker, also called PrisonLocker, is a new family of ransomware which in addition to encrypting files on the victim’s computer (as with other such malware) threatens to block users’ computers...
View ArticleSANS Internet Storm Center, InfoCON: green: In Need of a OTP Manager Soon?,...
Even if everybody agrees to say that passwords are a weak way to protect access to sensitive or private information, they remainstill today the default method implemented by many online services. A...
View Article