Clik here to view.
Un informático en el lado del mal: FingBox: Revisión de un "Security Appliance"
Antes de comenzar con este artículo, quiero dejar un par de avisos para que se entienda mejor todo. En primer lugar el dispositivo descrito a continuación "FingBox" no es un firewall, ni actúa como tal...
View ArticleClik here to view.
Un informático en el lado del mal: El pregón de las Fiestas Patronales de...
Mi vida la he hecho en Móstoles (en mi perfil de Twitter así lo pone). Sigo paseando por mi viejo barrio de La Loma, por mi CalleBarcelona, por los restaurantes a los que voy a comer cada poco. Con...
View ArticleClik here to view.
Un informático en el lado del mal: Windows 10 x64: Escalada de privilegios a...
El verano, y sus vacaciones, toca a su fin y la vuelta ‘al cole’ es ya una realidad para muchos. Con las pilas cargadas así vuelvo después de un tiempo de desconexión y de viajes. Incluso, en período...
View ArticleClik here to view.
AlienVault Blogs: Cyber Security Awareness Month - Phishing
It’s September, which means it’s almost October, which is National Cyber Security Awareness Month (NCSAM)!NCSAM was launched by the National Cyber Security Alliance & the U.S. Department of...
View ArticleClik here to view.
/dev/random: Hack.lu 2018 is ahead!
During this summer, I went to SANSFire, Defcon and BSidesLV. Usually, the month of September is lighter without big events for me. This is to prepare for the next wave of conferences ahead! Of course,...
View ArticleDidier Stevens: Overview of Content Published in August
Here is an overview of content I published in August:Blog posts:Update: PDFiD.py Version 0.2.5Update: oledump.py Version 0.0.37Update: format-bytes Version 0.0.5Quickpost: Revisiting JA3Obtaining...
View ArticleClik here to view.
Un informático en el lado del mal: Eventos, charlas, pregones y conferencias...
Hacía tiempo que no os traía una actualización de la agenda, pero viendo que ya empieza a moverse el mes con eventos, charlas y pregones, os traigo una actualización de las citas más importantes. Aquí...
View ArticleClik here to view.
...And you will know me by the trail of bits: Contract upgrade anti-patterns
A popular trend in smart contract design is to promote the development of upgradable contracts. At Trail of Bits, we have reviewed many upgradable contracts and believe that this trend is going in the...
View ArticleClik here to view.
AlienVault Blogs: Malware Analysis for Threat Hunting
If you're not into Wireshark, procmon and Windows Sysinternals you might be in the wrong place :) Malware analysis allows the analyst to see what actions are taken and allows us to use those actions to...
View ArticleClik here to view.
ArsTechnica: Security Content: Google wants to get rid of URLs but doesn’t...
Enlarge/ This is how a Chrome 57 displays https://www.xn--80ak6aa92e.com/. Note the https://www.apple.com in the address bar. Uniform Resource Locators (URLs), the online addresses that make up such an...
View ArticleClik here to view.
Cisco Talos: Malicious MDM: Let's Hide This App
This blog post is authored byWarren Mercer and Paul Rascagneres with contributions from Nick BiasiniSummarySince our initial discovery of a malicious mobile device management (MDM) platform that was...
View ArticleClik here to view.
...And you will know me by the trail of bits: Rattle – an Ethereum EVM binary...
Most smart contracts have no verified source code, but people still trust them to protect their cryptocurrency. What’s more, several large custodial smart contracts have had security incidents. The...
View ArticleClik here to view.
/dev/random: [SANS ISC] Malicious PowerShell Compiling C# Code on the Fly
I published the following diary on isc.sans.edu: “Malicious PowerShell Compiling C# Code on the Fly“:What I like when hunting is to discover how attackers are creative to find new ways to infect their...
View ArticleClik here to view.
AlienVault Blogs: Malware Analysis using Osquery Part 2
In the first part of this series, we saw how you can use Osquery to analyze and extract valuable information about malware’s behavior. In that post, we followed the activity of the known Emotet loader,...
View ArticleClik here to view.
Cisco Talos: Vulnerability Spotlight: TALOS-2018-0560 - ERPNext SQL Injection...
Vulnerabilities discovered by Yuri Kramar from the Cisco Security Advisor TeamOverviewTalos is disclosing multiple SQL injection vulnerabilities in the Frappe ERPNext Version 10.1.6 application. Frappe...
View ArticleClik here to view.
ArsTechnica: Security Content: Windows 10 support extended again: September...
Enlarge/ Licensing is not really the easiest topic to illustrate. (credit: Peter Bright)In its continued efforts to encourage corporate customers to make the switch to Windows 10, Microsoft is shaking...
View ArticleClik here to view.
Un informático en el lado del mal: La calma tras la tempestad en mitad de la...
Las luces de las farolas van pasando por encima del cristal. Despacio. Llevo el coche a las revoluciones a las que voy yo. Bajas. A estas horas de la noche ya no me funciona el cerebro. Bueno, es...
View ArticleClik here to view.
Un informático en el lado del mal: Algunas reacciones con Movistar Home
Queda ya muy poco para que los "Early Adopters" puedan reservar su Movistar Home en España. Tan poco, como que será en unos días tal y como os dejé escrito en mi artículo sobre los Deadlines,...
View ArticleClik here to view.
/dev/random: [SANS ISC] Crypto Mining in a Windows Headless Browser
I published the following diary on isc.sans.edu: “Crypto Mining in a Windows Headless Browser“:Crypto miners in the browser are not new. Delivery through malicious or compromised piece of javascript...
View ArticleClik here to view.
Cisco Talos: Vulnerability Spotlight: CVE-2018-3952 / CVE-2018-4010 -...
Discovered by Paul Rascagneres.OverviewCisco Talos has discovered two similar vulnerabilities in the ProtonVPN and NordVPN VPN clients. The vulnerabilities allow attackers to execute code as an...
View Article