Fortinet FortiGuard Blog: GandCrab V4.0 Analysis: New Shell, Same Old Menace
It has been over two months since GandCrab has undergone a major update. While this latest version includes an overhaul in terms of the code structure, its major purposes are practically the same.
View ArticleAlienVault Blogs: 15 Ways to Deal with Badly Written Risks
Every so often, a report gets presented which looks like it was written by the work experience student that was employed by the intern.So what’s the best way to respond? I went on Twitter to ask the...
View ArticleClik here to view.
/dev/random: DShield Analyzer for Cortex
TheHive is an awesome tool to perform incident management. One of the software components that is linked to TheHive is Cortex defined as a “Powerful observable analysis engine“. Let’s me explain why...
View ArticleClik here to view.
Didier Stevens: Quickpost: Compiling DLLs with MinGW on Kali
To compile the DLLs from this quickpost with MinGW on Kali, you first have to install MinGW.Issue this command: apt install mingw-w64Compile for 64-bit: x86_64-w64-mingw32-gcc -shared -o DemoDll.dll...
View ArticleClik here to view.
Un informático en el lado del mal: ibombshell: Crear un módulo para...
La semana pasada hablamos sobre la extracción de claves privadas SSH en Windows 10 como un nuevo método para el Hacking de Windows. Hoy quería enseñar lo sencillo que es crear un módulo de ibombshell,...
View ArticleClik here to view.
AlienVault Blogs: The Terms and Conditions of Internet Privacy for a GenZ...
We’ve all seen it before; the pop ups of necessary security updates, the horror stories of leaked celebrity pictures by hackers and the infamously long document of God-knows-what followed by “I agree...
View ArticleClik here to view.
Cisco Talos: Vulnerability Spotlight: Multiple Adobe Acrobat DC Remote Code...
Discovered by Aleksandar Nikolic of Cisco TalosOverviewToday, Talos is releasing details of new vulnerabilities within Adobe Acrobat Reader DC. Adobe Acrobat Reader is the most popular and most...
View ArticleClik here to view.
Cisco Talos: Microsoft Patch Tuesday - July 2018
Microsoft released its monthly set of security advisories today for vulnerabilities that have been identified and addressed in various products. This month's release addresses 53 new vulnerabilities,...
View ArticleClik here to view.
Cisco Talos: Vulnerability Spotlight: Multiple Antenna House Vulnerabilities
Discovered by Marcin Noga of Cisco TalosOverviewCisco Talos has identified six vulnerabilities in the Antenna House Office Server Document Converter (OSDC). These vulnerabilities can be used to...
View ArticleClik here to view.
ArsTechnica: Security Content: New Spectre-like attack uses speculative...
Enlarge (credit: Aurich Lawson / Getty Images)When the Spectre and Meltdown attacks were disclosed earlier this year, the expectation was that these attacks would be the first of many, as researchers...
View ArticleClik here to view.
Didier Stevens: New Tool: file-magic.py
I find the *nix tool file very useful. There’s no equivalent on Windows, that’s why I use a Windows port of this tool.But it has some limitations, the most annoying to me being the lack of support for...
View ArticleClik here to view.
Un informático en el lado del mal: Cómo usar Movistar + con Aura: Unos...
Desde que lanzamos Aura en Movistar + para España en el pasado Mobile World Congress, el número de casos de usos ha ido creciendo a la par que los usuarios. Cada día Aura va aprendiendo nuevas cosas, y...
View ArticleClik here to view.
Cisco Talos: Vulnerability Spotlight: Computerinsel Photoline Multiple...
Vulnerabilities discovered by Tyler Bohan from TalosOverviewToday, Cisco Talos is disclosing several vulnerabilities in Computerinsel Photoline. Photoline is an image-processing tool used to modify and...
View ArticleClik here to view.
Un informático en el lado del mal: Un evento, un pack y unas pegatinas...
Mañana doy mi última charla antes de las vacaciones, en el Evento Décimo Aniversario de 0xWord. El evento tiene un aforo muy limitado, y hoy, después de que termine el proceso de registro tendremos...
View ArticleClik here to view.
AlienVault Blogs: Continuous Information Security Monitoring to Combat...
Continuous security monitoring -- a term you’ve heard time and time again. And, while you may be tired of hearing the term, the fact is that continuous monitoring is vital when it comes to mitigating...
View ArticleClik here to view.
Cisco Talos: Advanced Mobile Malware Campaign in India uses Malicious MDM
This blog post is authored byWarren Mercer andPaul Rascagneres andAndrew Williams.SummaryCisco Talos has identified a highly targeted campaign against 13 iPhones which appears to be focused on India....
View ArticleClik here to view.
ArsTechnica: Security Content: Microsoft offers extended support for Windows,...
(credit: Marcus W / Flickr)Windows Server 2008 and 2008 R2, as well as SQL Server 2008 and 2008 R2, are due to move out of extended support over the next few years—SQL Server in July 2019 and Windows...
View ArticleClik here to view.
Un informático en el lado del mal: Docker de My WordPress In Paranoid Mode...
Hace unos días presentamos en el blog de ElevenPaths nuestro proyecto de dockerizar WordPress in Paranoid Mode (WPM) y de esa forma, hacer más sencillo poder probarlo de una forma rápida y segura. En...
View ArticleClik here to view.
/dev/random: Imap2TheHive: Support for Custom Observables
I’m using OSSEC to feed an instance of TheHive to investigate security incidents reported by OSSEC. To better categorize the alerts and merge similar events, I needed to add more observables. OSSEC...
View ArticleClik here to view.
/dev/random: [SANS ISC] Cryptominer Delivered Though Compromized JavaScript File
I published the following diary on isc.sans.org: “Cryptominer Delivered Though Compromized JavaScript File“:Yesterday I found an interesting compromised JavaScript file that contains extra code to...
View Article