Clik here to view.
/dev/random: Go Hunt for Malicious Activity!
What do security analysts when they aren’t on fire? They hunt for malicious activity on networks and servers! A few days ago, some suspicious traffic was detected. It was an HTTP GET request to a URL...
View ArticleClik here to view.
Dancho Danchev's Blog - Mind Streams of Information Security Knowledge: New...
We've, recently, intercepted, a, currently, circulating, spam, campaign, affecting, hundreds, of, thousands, of, users, while, exposing, the, confidentiality, integrity, and, availability, of, their,...
View ArticleClik here to view.
Dancho Danchev's Blog - Mind Streams of Information Security Knowledge: The...
With, mobile, malware, continuing, to, proliferate, cybercriminals, continue, getting, successfully, positioned, to, take, advantage, of, hundreds, of, thousands, of, socially, engineering, users, on,...
View ArticleClik here to view.
Darknet - The Darkside: OWASP OWTF – Offensive Web Testing Framework
OWASP Offensive Web Testing Framework is a project focused on penetration testing efficiency and alignment of security tests to security standards like: The OWASP Testing Guide (v3 and v4), the OWASP...
View ArticleClik here to view.
ArsTechnica: Security Content: “Hacked” e-mail account of White House worker...
Enlarge/ A photo of First Lady Michelle Obama's passport from a dump of the e-mail of White House contractor Ian Mellul. Mellul's password may have been in a 2013 Adobe user data breach. On September...
View ArticleClik here to view.
ArsTechnica: Security Content: Why the silencing of KrebsOnSecurity opens a...
Enlarge (credit: David Brandt)For the better part of a day, KrebsOnSecurity, arguably the world's most intrepid source of security news, has been silenced, presumably by a handful of individuals who...
View ArticleClik here to view.
Un informático en el lado del mal: Joinnovation & KeepCoding Connect: 2...
Ayer fue el día de ver los proyectos de EQUINOX, el hackathon de ElevenPaths donde durante 24 horas se lanzan proyectos que normalmente no se hacen por falta de tiempo. Ideas locas que nos dejaron 8...
View ArticleClik here to view.
Dancho Danchev's Blog - Mind Streams of Information Security Knowledge: New...
We've, recently, intercepted, a, currently, circulating, malicious, campaign, affecting, hundreds, of, Google, Play, users, potentially, exposing, their, devices, to, a, multi-tide, of, malicious,...
View ArticleClik here to view.
McAfee Avert Labs: Taking a Look at W32/Ramnit
Today we’re going to take a look at an interesting file-infector virus. W32/Ramnit infects EXE, DLL and HTML files. That last one is right; W32/Ramnit also infects HTML files to replicate itself.Let’s...
View Articlehoneyblog: 2011 Honeynet Project Security Workshop Slides + Videos
The slides and videos from the 2011 Honeynet Project Security Workshop (Paris) are now available! You can get the material from http://www.honeynet.org/SecurityWorkshops/2011_Paris. About the...
View ArticleLost In Security: Españoles por la BlackHat
Siguiendo con la estela del artículo publicado 'Españoles por la Phrack', vuelvo a la carga con un artículo parecido, pero en este caso sobre una de las conferencias de seguridad que más conoce la...
View ArticleLost In Security: El último superviviente (II) - iOS
En el pasado artículo estuvimos revisando los puntos débiles que tiene un malware a la hora de sobrevivir un reinicio del sistema, y nos centramos en OSX. Ahora toca el turno a iOS, que al ser una...
View ArticleClik here to view.
KPNC: vulnerability in… WinCalc (Win7, x64)
I will never go out of business in this country. thanks to Microsoft. who would have thought that wincalcis vulnerable? I have not checked all systems yet, so this is my configuration: Windows 7...
View ArticleClik here to view.
PandaLabs: PowerLocker
PowerLocker, also called PrisonLocker, is a new family of ransomware which in addition to encrypting files on the victim’s computer (as with other such malware) threatens to block users’ computers...
View ArticleClik here to view.
Wired: Threat Level: Hacker Lexicon: What Are White Hat, Gray Hat, and Black...
Here's how to distinguish the colors of the hacker rainbow. The post Hacker Lexicon: What Are White Hat, Gray Hat, and Black Hat Hackers? appeared first on WIRED.
View ArticleClik here to view.
SANS Internet Storm Center, InfoCON: green: .PUB Analysis, (Sat, Sep 24th)
Xavier reported a maldoc campaign using Microsoft Publisher files. These files can be analyzed just like malicious Word files.oledump.py reveals VBA macros in this sample:The VBA macro contains calls...
View ArticleClik here to view.
Un informático en el lado del mal: Crypt4you: MOOCs gratuitos de Seguridad...
Uno de los proyectos de formación lanzados por los doctores Jorge Ramió y Alfonso Muñoz - autores del libro de Criptografía: De la cifra clásica a RSA, mantienen varios proyectos de seguridad de la...
View ArticleSANS Internet Storm Center, InfoCON: green: Defining Threat Intelligence...
IntroductionSetting up the requirements is the first task to be completed before investing time in researching and collecting any type of intelligence. However, in many conversations on the topic I...
View ArticleClik here to view.
Un informático en el lado del mal: Siri en iOS 10 vuelve a ser un agujero de...
Si hace no mucho os decía que Apple había cerrado el leak de Siri que permitía saber los datos del dueño del iPhone con solo preguntar "¿Quién soy?" hoy vengo a deciros que tras actualizar a iOS...
View ArticleSANS Internet Storm Center, InfoCON: green: VBA and P-code, (Mon, Sep 26th)
I want to draw your attention to some great work Dr. Bontchev did.pcodedmp.py is a VBA P-code disassembler. Microsoft Office documents contain VBA macros in several forms. They contain the source code,...
View Article