Clik here to view.
AlienVault Blogs: A Step Toward a Better Cyber Workforce
Do you believe that we have a severe shortage, or are you on the side that argues that there are plenty of qualified workers and it is the hiring managers who don’t understand their own position...
View ArticleClik here to view.
Didier Stevens: Update: pecheck.py Version 0.7.3
This new version handles errors in PEiD’s userdb files better.pefile does not support the full syntax used by PEiD, hence errors might occur, like this:pecheck-v0_7_3.zip (https) MD5:...
View ArticleClik here to view.
Un informático en el lado del mal: La tecnología como fuente de ideas: Hacks...
Hace unas semanas tuve la suerte de poder impartir, por tercer año, una ponencia en las Jornadas de Ciberseguridad del centro de estudios Virgen de la Paloma. Un centro histórico de la ciudad de...
View ArticleFortinet FortiGuard Blog: PyRoMineIoT: NSA Exploit, Monero(XMR) Miner, & IoT...
In this article, we will discuss the changes made to PyRoMine, as well as how the ETERNALROMANCE exploit was used to distribute yet another Monero miner we have dubbed PyRoMineIoT.
View ArticleClik here to view.
AlienVault Blogs: Infosecurity 2018 Recap!
The London weather was uncharacteristically pleasant for the whole week which saw it play host to many visitors around the world who descended for Infosec 2018 in Olympia.As usual, the event was...
View ArticleClik here to view.
Cisco Talos: Microsoft Patch Tuesday - June 2018
Executive SummaryMicrosoft has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month's advisory release addresses...
View ArticleClik here to view.
Un informático en el lado del mal: Desayunos & Deadlines
A veces me tomó el café - los que me conocen saben que me gusta largo, aguado, americano - mientras veo a Mi Hacker y Mi Survivor dibujar. A lo mejor están leyendo un cuento, o un cómic de Asterix, o...
View ArticleClik here to view.
AlienVault Blogs: Want to be a Data Scientist? 4 Things You Must Know
In the current age of digitization, data is the most trending and upcoming corporate currency across the length and breadth of the digital market. Data science is the most flourishing sector with a...
View ArticleClik here to view.
Cisco Talos: Vulnerability Spotlight: TALOS-2018-0545 - Microsoft wimgapi...
Vulnerabilities discovered by Marcin Noga from TalosOverviewTalos is disclosing a remote code execution vulnerability in the Microsoft wimgapi library. The wimgapi DLL is used in the Microsoft Windows...
View ArticleClik here to view.
Zero in a bit: Announcing the GA Release of SourceClear Custom Policies
We are very excited to announce the GA release of SourceClear Custom Policies. Custom Policies improves issue remediation and allows you to take greater control of your software delivery workflow.Why...
View ArticleClik here to view.
/dev/random: SSTIC 2018 Wrap-Up Day #1
Hello Readers,I’m back in the beautiful city of Rennes, France to attend my second edition of the SSTIC. My first one was a very good experience (you can find my previous wrap-up’s on this blog – day...
View ArticleClik here to view.
Didier Stevens: “Here Files” and my Tools
Several of my tools, that accept more than one filename as arguments, also accept a “here file” (cfr. here documents). A here file is a text file with a list of filenames, one per line. My tools...
View ArticleClik here to view.
/dev/random: [SANS ISC] A Bunch of Compromized WordPress Sites
I published the following diary on isc.sans.org: “A Bunch of Compromized WordPress Sites“:A few days ago, one of our readers contacted reported an incident affecting his website based on WordPress. He...
View ArticleClik here to view.
AlienVault Blogs: Secure by Design: The Network
Secure by design is about designing secure environments with real constraints in mind. I state the assumptions used in this post up front because they are going to give context to my security and...
View ArticleClik here to view.
Cisco Talos: Vulnerability Spotlight: TALOS-2018-0523-24 - Multiple...
Vulnerabilities discovered by Tyler Bohan from Talos OverviewTalos is disclosing two denial-of-ervice vulnerabilities in Pixar’s Renderman application. Renderman is a rendering application used in...
View ArticleClik here to view.
Un informático en el lado del mal: Wild Wild Wifi "Dancing with wolves": 5...
La última parte de esta serie dedicada a Wild Wild WiFi tiene que ver con el último de los trabajos que hicimos en este área de estudio. Se trata de dar una vuelta de tuerca a la idea del protocolo...
View ArticleClik here to view.
SANS Internet Storm Center, InfoCON: green: 
Threat Hunting &...
Ladies and gentlemen, for our main attraction, I give you...The HELK vs APTSimulator, in a Death Battle! The late, great Randy "Macho Man" Savage said many things in his day, in his own special way,...
View ArticleClik here to view.
/dev/random: SSTIC 2018 Wrap-Up Day #2
The second day started with a topic this had a lot of interest for me: Docker containers or “Audit de sécurité d’un environnement Docker” by Julien Raeis and Matthieu Buffet. Docker is everywhere today...
View ArticleDidier Stevens: Update: jpegdump.py Version 0.0.5
This is a small update to jpegdump.py, my tool to analyze the structure of jpeg files.The man page (option -m) has been updated.jpegdump_V0_0_5.zip (https) MD5: D7157E7FDEEA4257220F60E0081EE138 SHA256:...
View Article