Clik here to view.
SANS Internet Storm Center, InfoCON: green: It's Not An Invoice ..., (Sun,...
Jeff received an invoice via email, did not trust it and submitted it to us.As expected, it was not an invoice, but a malicious Word document (MD5 9c4c3234f20b6102569216675b48c70a).I do a step by step...
View ArticleClik here to view.
un-excogitate.org: Dormant DOMination
IntroductionIn the midst of "trying to be creative", I thought I should finally pull my finger out and catch up on some work that I haven't had a chance to blog about. Especially as Michele has...
View ArticleSANS Internet Storm Center, InfoCON: green: ISC Stormcast For Monday, August...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
Carnal0wnage Blog: Certutil for delivery of files
Quick post putting together some twitter...
View ArticleClik here to view.
Un informático en el lado del mal: Friends, tenemos un nuevo SDK de Latch...
Tanto mi gran amigo Rafael Troncoso (@tuxotron) como yo, somos dos usuarios de Latch y llevábamos mucho tiempo queriendo implementarlo a nivel de desarrollador en algún proyecto propio. Aunque hemos...
View ArticleClik here to view.
/dev/random: Who’s Blocked by Bad Guys?
Just a quick post about an interesting file found in a phishing kit. Bad guys use common techniques to prevent crawlers, scanners or security companies from accessing their pages. Usually, they deploy...
View ArticleSANS Internet Storm Center, InfoCON: green: ISC Stormcast For Tuesday, August...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
SANS Internet Storm Center, InfoCON: green: Defang all the things!,...
Today, I would like to promote a best practice via a small Python module that is very helpful when you’re dealing with suspicious or malicious URLs. Links in documents are potentially dangerous because...
View ArticleADD / XOR / ROL: A quick post on Wikipedia-scrubbing and a historical...
I am a huge fan of Wikipedia -- I sometimes browse Wikipedia like other people watch TV, skipping from topic to topic and - on average - being impressed by the quality of the articles.One thing I have...
View ArticleClik here to view.
/dev/random: [SANS ISC] Defang all the things!
I published the following diary on isc.sans.org: “Defang all the things!“.Today, I would like to promote a best practice via a small Python module that is very helpful when you’re dealing with...
View ArticleClik here to view.
Darknet - The Darkside: NoSQLMap – Automated NoSQL Exploitation Tool
NoSQLMap is an open source Python-based automated NoSQL exploitation tool designed to audit for as well as automate injection attacks and exploit default configuration weaknesses in NoSQL databases. It...
View ArticleClik here to view.
Un informático en el lado del mal: Días de Colegas.
Desde que vine al mundo hace ya más de cuatro décadas he tenido la suerte de hacer muchos amigos – o colegas, como decíamos en el barrio -. Muchos de ellos los conservo, otros se me han separado un...
View ArticleClik here to view.
Didier Stevens: Wireshark: Follow Streams
Following streams (like TCP connections) in Wireshark provides a different view on network traffic: in stead of individual packets, one can see data flowing between client & server.There is a...
View ArticleSANS Internet Storm Center, InfoCON: green: ISC Stormcast For Wednesday,...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
Un informático en el lado del mal: Nuevo Libo: "Hacking Web Applications:...
Ayer ya se puso a la venta el nuevo libro de 0xWord, titulado "Hacking Web Applications: Client-Side Attacks" y escrito por el gran Enrique Rando, que ya tiene en su haber la participación en los...
View ArticleClik here to view.
SANS Internet Storm Center, InfoCON: green: Malicious script dropping an...
Yesterday, I found an interesting sample that I started to analyze… It reached my spam trap attached to an email in Portuguese with the subject: "Venho por meio desta solicitar orçamento dos produtos”...
View ArticleClik here to view.
/dev/random: [SANS ISC] Malicious script dropping an executable signed by Avast?
I published the following diary on isc.sans.org: “Malicious script dropping an executable signed by Avast?“.Yesterday, I found an interesting sample that I started to analyze… It reached my spam trap...
View ArticleClik here to view.
Zero in a bit: Top 4 Ways Veracode Integrations Make Security's Job Easier
The Veracode Application Security Platform integrates seamlessly with the development, security and risk-tracking tools you already use. And, our flexible API allows you to create your own custom...
View ArticleClik here to view.
Darknet - The Darkside: Bitcoin Anonymity Compromised By Most Vendors
Cryptocurrency is getting a lot of press lately and some researchers dug a little bit deeper in Bitcoin anonymity as it’s a touted selling point for most cryptocurrencies. It’s not a problem with...
View ArticleClik here to view.
Wired: Threat Level: Matthew Keys Sentenced to Two Years for Aiding Anonymous
The former Tribune Company employee was convicted of giving Anonymous information that helped hackers access an LA Times server and alter a headline. The post Matthew Keys Sentenced to Two Years for...
View Article