...And you will know me by the trail of bits: Introduction to Verifiable...
Finding randomness on the blockchain is hard. A classic mistake developers make when trying to acquire a random value on-chain is to use quantities like future block hashes, block difficulty, or...
View ArticleClik here to view.
AlienVault Blogs: Things I Hearted this Week, 12th October 2018
What is a Vulnerability?The part that most people don’t seem to understand enough is that an attack only matters if something is at stake. A transaction of some sort needs to occur, otherwise it...
View ArticleClik here to view.
/dev/random: [SANS ISC] More Equation Editor Exploit Waves
I published the following diary on isc.sans.edu: “More Equation Editor Exploit Waves“:This morning, I spotted another wave of malicious documents that (ab)use again CVE-2017-11882 in the Equation...
View ArticleClik here to view.
Cisco Talos: Threat Roundup for October 5 to October 12
Today, as we do every week, Talos is giving you a glimpse into the most prevalent threats we’ve observed this week — covering the dates between Oct. 5 and 12. As with previous roundups, this post isn’t...
View ArticleClik here to view.
Un informático en el lado del mal: LUCA Innovation Day 2018: (1 de 3) From...
El pasado 4 de Octubre tuvo lugar nuestro LUCA Innovation Day 2018, en el que el auditorio estuvo totalmente lleno, además de tener que habilitar un segundo auditorio y las conexiones por streaming...
View ArticleClik here to view.
Un informático en el lado del mal: LUCA Innovation Day 2018: (2 de 3)...
Continuando la historia de nuestro LUCA Innovation Day 2018, la segunda parte del evento estuvo marcada por el core de negocio de nuestra unidad LUCA Data-Driven Decisions. Han sido ya dos años desde...
View ArticleClik here to view.
Un informático en el lado del mal: LUCA Innovation Day 2018: (3 de 3)...
La última parte del LUCA Innovation Day 2018 la dedicamos a un tema concreto muy específico que tiene que ver con la Inteligencia Artificial. En concreto, al uso de las Generative Adversarial Networks...
View ArticleClik here to view.
AlienVault Blogs: Security Travel Tips
In honor of NCSAM, we decided to ask the Twitter community for security travel tips, to help us be more safe when travelling. Here's the original Tweet:Want some AlienVault swag? Send us your top tip...
View ArticleClik here to view.
Darknet - The Darkside: CHIPSEC – Platform Security Assessment Framework For...
CHIPSEC is a platform security assessment framework for PCs including hardware, system firmware (BIOS/UEFI), and platform components for firmware hacking.It includes a security test suite, tools for...
View ArticleClik here to view.
Cisco Talos: Old dog, new tricks - Analysing new RTF-based campaign...
This blog post was authored by Edmund Brumaghin and Holger Unterbrink with contributions from Emmanuel Tacheau.Executive SummaryCisco Talos has discovered a new malware campaign that drops the...
View ArticleClik here to view.
Un informático en el lado del mal: Docker Distroless Images: Cómo crear...
Al par que escribimos este artículo nos encanta Docker, por eso hemos hablado aquí de sus aplicaciones y bondades más de una vez, como por ejemplo "Cómo montar con Docker un entorno de pentesting parte...
View ArticleClik here to view.
ArsTechnica: Security Content: Already facing an uphill misinformation fight,...
Enlarge/ A partial screenshot of one of the scam profiles pushing an adult dating scam on Facebook. Responding to critics in the US Congress and elsewhere who say Facebook isn’t doing enough to stop...
View ArticleAlienVault Blogs: AT&T Business Summit 2018 - First Impressions and Recap
From the 25th to the 28th of September 2018, I had the opportunity to attend the AT&T Business Summit in Dallas.I walked away with a whole new perspective on AT&T business, what a conference...
View ArticleClik here to view.
Zero in a bit: Removing the Barriers to Secure Development and Scalable...
It is not uncommon for organizations to have “appsec programs” and not actually affect the security of their applications. What good is it if the applications coming out of that program aren’t any...
View ArticleClik here to view.
Cisco Talos: Vulnerability Spotlight: Linksys ESeries Multiple OS Command...
These vulnerabilities were discovered by Jared Rittle of Cisco Talos.Cisco Talos is disclosing several vulnerabilities in the operating system on the Linksys E Series of routers.Multiple exploitable OS...
View ArticleClik here to view.
/dev/random: Hack.lu 2018 Wrap-Up Day #1
The 14th edition (!) of hack.lu is ongoing in Luxembourg. I arrived yesterday to attend the MISP summit which was a success. It’s great to see that more and more people are using this information...
View ArticleClik here to view.
ArsTechnica: Security Content: Apple, Google, Microsoft, and Mozilla come...
Enlarge (credit: Indigo girl / Flickr)Apple, Google, Microsoft, and Mozilla have announced a unified plan to deprecate the use of TLS 1.0 and 1.1 early in 2020.TLS (Transport Layer Security) is used to...
View ArticleClik here to view.
Un informático en el lado del mal: Late Motiv Especial 18-Oct: Apúntate al...
Ayer cerramos la web de pre-reservas para "early adopters" de Movistar Home. Realmente deberíamos haberla cerrado la semana pasada, pero como teníamos un poco más de stock, queríamos ver si...
View ArticleClik here to view.
AlienVault Blogs: Best Cloud Tech Jokes and Memes
We ran a contest in Spiceworks recently, asking folks for their best cloud tech jokes. Here are some of the funniest ones:Those SpiceHeads sure have great senses of humor, of a highly techie variety!
View ArticleClik here to view.
Darknet - The Darkside: Four Year Old libssh Bug Leaves Servers Wide Open
A fairly serious 4-year old libssh bug has left servers vulnerable to remote compromise, fortunately, the attack surface isn’t that big as neither OpenSSH or the GitHub implementation are affected.The...
View Article