Clik here to view.
Wired: Threat Level: Hacker Lexicon: What Are White Hat, Gray Hat, and Black...
Here's how to distinguish the colors of the hacker rainbow. The post Hacker Lexicon: What Are White Hat, Gray Hat, and Black Hat Hackers? appeared first on WIRED.
View ArticleClik here to view.
Wired: Threat Level: Matthew Keys Sentenced to Two Years for Aiding Anonymous
The former Tribune Company employee was convicted of giving Anonymous information that helped hackers access an LA Times server and alter a headline. The post Matthew Keys Sentenced to Two Years for...
View ArticleClik here to view.
Wired: Threat Level: A Scheme to Encrypt the Entire Web Is Actually Working
The non-profit certificate authority Let's Encrypt is enabling a sea change toward HTTPS encryption online. The post A Scheme to Encrypt the Entire Web Is Actually Working appeared first on WIRED.
View ArticleClik here to view.
Didier Stevens: oledump.py *.vir
I was asked if oledump.py can “scan” multiple files: it can not, it can only analyze a single file at a time.However, you can use it in a loop (bash, cmd, …) and call it each time with a different...
View ArticleSANS Internet Storm Center, InfoCON: green: Another .lnk File, (Sun, Jul 23rd)
In diary entry Office maldoc + .lnk we analyzed a Windows shortcut file (.lnk) and looked for metadata, but it didn width:1037px" />This time we have more metadata, under TrackerDataBlock we can...
View ArticleClik here to view.
Didier Stevens: Update: python-per-line.py Version 0.0.2
python-per-line is a tool to apply a Python expression on each line of input.I updated it because I had to process large credential dumps (I’ll blog about this later).This new version can process .gz...
View ArticleSANS Internet Storm Center, InfoCON: green: ISC Stormcast For Monday, July...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
Zero in a bit: Announcing Updates to Veracode Integrations to Microsoft...
We are pleased to announce updates to the Veracode integrations to Microsoft Visual Studio Team Services (VSTS) and Team Foundation Server (TFS), and to Visual Studio. The VSTS/TFS integration makes...
View ArticleClik here to view.
Un informático en el lado del mal: Bypass UAC en Windows 7 usando DLL...
Los bypasses sobre UAC están cayendo casi semanalmente. Es cierto que Microsoft no los considera una vulnerabilidad, pero pueden ayudar en un pentest bastante, ya que, si el proceso comprometido...
View ArticleClik here to view.
Darknet - The Darkside: CyberChef – Cyber Swiss Army Knife
CyberChef is a simple, intuitive web app for carrying out all manner of “cyber” operations within a web browser. These operations include simple encoding like XOR or Base64, more complex encryption...
View ArticleSANS Internet Storm Center, InfoCON: green: Uber drivers new threat: the...
This week I was told about a scam that surprised me due to the criminals creativity. A New York City Uber driver had his Uber account and days income was stolen by someone who was supposed to be his...
View ArticleClik here to view.
Wired: Threat Level: Matthew Keys Sentenced to Two Years for Aiding Anonymous
The former Tribune Company employee was convicted of giving Anonymous information that helped hackers access an LA Times server and alter a headline. The post Matthew Keys Sentenced to Two Years for...
View ArticleClik here to view.
Wired: Threat Level: A Scheme to Encrypt the Entire Web Is Actually Working
The non-profit certificate authority Let's Encrypt is enabling a sea change toward HTTPS encryption online. The post A Scheme to Encrypt the Entire Web Is Actually Working appeared first on WIRED.
View ArticleClik here to view.
Didier Stevens: New Tool: headtail.py
Someone asked me what this headtail command was that I’ve used a couple of times in my blog posts, like in this screenshot:It’s a tool that I wrote (what else ;-)) to help me create screenshots of...
View ArticleClik here to view.
ArsTechnica: Security Content: “Perverse” malware infecting hundreds of Macs...
Enlarge (credit: Tim Malabuyo)A mysterious piece of malware that gives attackers surreptitious control over webcams, keyboards, and other sensitive resources has been infecting Macs for at least five...
View ArticleSANS Internet Storm Center, InfoCON: green: ISC Stormcast For Tuesday, July...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleSANS Internet Storm Center, InfoCON: green: Trends Over Time, (Mon, Jul 24th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
Un informático en el lado del mal: WhatsApp: Cómo conseguir que los mensajes...
Después de haber estado jugando con WhatsApp para encontrar una forma de saber si alguien había leído o no los mensajes, empezamos a jugar con los grupos. Primero utilizándolos como forma de saber si...
View ArticleClik here to view.
Zero in a bit: We're Already at Cyberwar (and We're Losing)
Let’s face it – cyberwar is no longer science fiction. Our economies – and our democratic system – are under attack. Security researchers are often reluctant to attribute attacks to particular nation...
View ArticleClik here to view.
Zero in a bit: Security Needs to Shift Left – and Right
The move to Agile and DevSecOps development processes has fostered a lot of attention on the need to shift security testing left in the development cycle. And this is absolutely a pivot in the right...
View Article