Didier Stevens: Update: base64dump.py Version 0.0.10
And even more encodings added to this version of base64dump.py: 0x…. little-endian (zxle) and 0x…. big endian (zxbe).base64dump_V0_0_10.zip (https) MD5: 6670ACD88FD384BA9172F2B98E72D0D4 SHA256:...
View ArticleClik here to view.
Un informático en el lado del mal: El vídeo del acuerdo entre Telefónica y...
Ayer fue el día en el que el equipo que había estado trabajando en el acuerdo entre Netflix y Telefónica decidió anunciarlo. Ha sido un largo trabajo de muchas personas durante mucho tiempo pensando en...
View ArticleFortinet FortiGuard Blog: Incomplete Patch: Another Joomla! Core XSS...
A new vulnerability affects Joomla! CMS versions 3.0.0 through 3.8.7. In this blog, I’ll share my analysis of this vulnerability.
View ArticleFortinet FortiGuard Blog: Shinoa, Owari, Mirai: What's with All the Anime...
In September 2016, the Mirai source code was leaked on Hack Forums. Ever since, there has been an explosion of malware targeting IoT devices, each bearing the name of a protagonist found in Japanese...
View ArticleClik here to view.
/dev/random: [SANS ISC] Antivirus Evasion? Easy as 1,2,3
I published the following diary on isc.sans.org: “Antivirus Evasion? Easy as 1,2,3“:For a while, ISC handlers have demonstrated several obfuscation techniques via our diaries. We always told you that...
View ArticleClik here to view.
AlienVault Blogs: Things I Hearted this Week, 25th May 2018
The Royal Wedding is behind us. Elon Musk is melting down over a piece that exposed safety concerns in its car factory, and I'm just going to jump right into the InfoSec news for the week.Reliance On...
View ArticleHex blog: IDAPython: wrappers are only wrappers
Intended audience IDAPython developers who enjoy the occasional headache, leaky abstraction enthousiasts, or simply the curious. TL;DR IDAPython wraps C++ types, and the lifecycle of C++ objects (and...
View ArticleClik here to view.
Un informático en el lado del mal: Movistar Home: OK Aura, quiero ver...
Esta semana, sin duda, ha sido un periodo en el que os he traído muchos vídeos. Desde mi conferencia en X1Red+Segura en la que hablaba de la privacidad y los datos en tiempos de Cambridge Analytica al...
View ArticleClik here to view.
Cisco Talos: Threat Roundup for May 18-25
Welcome to Cisco Talos' weekly Threat Roundup, where we go over some of the most prevalent malware and vulnerabilities we've seen over the past week. As with previous roundups, this post isn't meant to...
View ArticleClik here to view.
Un informático en el lado del mal: Cursos, Charlas y Eventos para esta semana...
Aprovechando el domingo, os dejo la lista de eventos, charlas y conferencias donde vamos a participar desde LUCA, ElevenPaths, Telefónica o 0xWord. No son muchos, pero como siempre hay suficientes...
View ArticleClik here to view.
Didier Stevens: Quickpost: Windows Debugger as Post Mortem Debugger – 32-bit...
I was following Microsoft’s advice to install WinDbg as a post mortem debugger, but didn’t get the expected results.It turns out that WinDbg x64 version will register itself as the post mortem debugger...
View ArticleClik here to view.
Un informático en el lado del mal: Entiéndeme tú a mí vuelve a Madrid en...
Hace muchos años, cuando yo era un joven saliendo de la Escuela Universitaria de Informática de la Universidad Politécnica de Madrid, comencé a trabajar en una empresa en Madrid que se llamaba Dysoft...
View ArticleClik here to view.
...And you will know me by the trail of bits: Collect NTFS forensic...
We’re releasing an extension for osquery that will let you dig deeper into the NTFS filesystem. It’s one more tool for incident response and data collection. But it’s also an opportunity to dispense...
View ArticleClik here to view.
Un informático en el lado del mal: Dos años de Chief Data Officer en Telefónica
Era finales de Mayo del año 2016 cuando me nombraron CDO y (Chief Data Officer) de Telefónica. El cargo era bastante nuevo en el mundo de la empresa así que hubo que explicar largo y tendido en qué...
View ArticleClik here to view.
...And you will know me by the trail of bits: Manage Santa within osquery
We’re releasing an extension for osquery that lets you manage Google Santa without the need for a separate sync server.Google Santa is an application whitelist and blacklist system for macOS ideal for...
View ArticleClik here to view.
AlienVault Blogs: ISC2’s HCISPP Certification in Healthcare
Why Take the HCISPP Test?I’d like to share my experiences with the healthcare information security and privacy practitioner (HCISPP) test. It’s ISC2’s niche healthcare test and I’d like to start by -...
View ArticleClik here to view.
Cisco Talos: Beers with Talos EP 30 - VPNFilter, the Unfiltered Story
Beers with Talos (BWT) Podcast Episode 30 is now available. Download this episode and subscribe to Beers with Talos:If iTunes and Google Play aren't your thing: www.talosintelligence.com/podcastEP30...
View ArticleClik here to view.
Un informático en el lado del mal: Powershell Empire GUI: Una interfaz...
Que Powershell Empire es una realidad dentro de las herramientas de seguridad es algo indudable, y lo vimos en el año 2016 cuando empezamos a hablar de ella. El potencial y la flexibilidad de la...
View ArticleClik here to view.
AlienVault Blogs: USM Anywhere is GDPR Ready
I am pleased to announce that USM Anywhere and USM Central comply with the European Union General Data Protection Regulation (GDPR), as successfully assessed by a third party. This means that...
View Article