Fortinet FortiGuard Blog: Analysis: Inspecting Mach Messages in macOS...
Mach IPC and Mach message are the foundation for many communications that occur in macOS. The question that many threat researchers ask is, “how can we inspect these Mach messages in user-mode or...
View ArticleClik here to view.
...And you will know me by the trail of bits: The Good, the Bad, and the Weird
Let’s automatically identify weird machines in software.Combating software exploitation has been a cat-and-mouse game ever since the Morris worm in 1988. Attackers use specific exploitation primitives...
View ArticleClik here to view.
/dev/random: [SANS ISC] Dissecting Malicious Office Documents with Linux
I published the following diary on isc.sans.edu: “Dissecting Malicious Office Documents with Linux”:A few months ago, Rob wrote a nice diary to explain how to dissect a (malicious) Office document...
View ArticleClik here to view.
AlienVault Blogs: Things I Hearted this Week, 26th October 2018
Wordpress Wants to Erase its PastI was just flexing my clickbait title muscles with the heading here. But according to a talk at DerbyCon, the WordPress security team stated its biggest battle is not...
View ArticleClik here to view.
Un informático en el lado del mal: Eventos de aquí a Halloween @0xWord @LUCA_d3
Desde hoy hasta que llegue la noche del 31 de Octubre, donde pienso disfrazarme de algo terrorífico para hacer felices a Mi Hacker y Mi Survivor, hay una serie de eventos que hoy os dejo por...
View ArticleClik here to view.
Cisco Talos: Vulnerability Spotlight: Talos-2018-0694 - MKVToolNix mkvinfo...
Piotr Bania, Cory Duplantis and Martin Zeiser of Cisco Talos discovered this vulnerability. OverviewToday, Cisco Talos is disclosing a vulnerability that we identified in the MKVToolNix mkvinfo utility...
View ArticleClik here to view.
/dev/random: Post-BruCON Experience – Running a Wall of Sheep in the Wild
The use of a Wall of Sheep is nice to raise the security awareness of your audience. A Wall of Sheep is a tool used to demonstrate what can happen when users connect to a wild network without a minimum...
View ArticleClik here to view.
Cisco Talos: Threat Roundup for October 19 to October 26
Today, Talos is is publishing a glimpse into the most prevalent threats we've observed between Oct. 19 and Oct. 26. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead,...
View ArticleClik here to view.
Didier Stevens: Update: file-magic.py Version 0.0.3
This is an update with a custom definition to recognize compressed RTF.file-magic_V0_0_3.zip (https) MD5: C46EBA4BC6BC63E097A86E30E6DE5432 SHA256:...
View ArticleClik here to view.
SANS Internet Storm Center, InfoCON: green: 
Threat Hunting &...
Ladies and gentlemen, for our main attraction, I give you...The HELK vs APTSimulator, in a Death Battle! The late, great Randy "Macho Man" Savage said many things in his day, in his own special way,...
View ArticleSANS Internet Storm Center, InfoCON: green: ISC Stormcast For Friday, April...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
Un informático en el lado del mal: El experimento del HoneyPot en Internet de...
Nuestros compañeros de la unidad de ciberseguridad de ElevenPaths tienen siempre un oído en la red. Nuestro servicio de CyberThreats se basa precisamente en eso, en saber qué es lo que está pasando en...
View ArticleClik here to view.
Didier Stevens: Update: file-magic.py Version 0.0.4
I added a new option to file-magic.py to limit identification to the custom definitions: -C.file-magic_V0_0_4.zip (https) MD5: CCF170F09B1442D27AE6519A0BB0CBAB SHA256:...
View Article...And you will know me by the trail of bits: How contract migration works
Smart contracts can be compromised: they can have bugs, the owner’s wallet can be stolen, or they can be trapped due to an incorrect setting. If you develop a smart contract for your business, you must...
View ArticleClik here to view.
AlienVault Blogs: MadoMiner Part 2 - Mask
This is a guest post by independent security researcher James Quinn. If you have not yet read the first part of the MadoMiner analysis, please do so now. This analysis will pick up where Part 1...
View ArticleClik here to view.
Didier Stevens: Update: format-bytes.py Version 0.0.6
When using option -f to specify struct members, you can now also use new option -n (annotations) to annotate members.Like in this example:format-bytes_V0_0_6.zip (https) MD5:...
View ArticleClik here to view.
Un informático en el lado del mal: 0xWord Comics: Armatura Tomo I
No hace falta que os diga que soy un amante de los cómics. Me encantaría haber sabido dibujar mejor y poder ser un dibujante de cómics, como Salvador Larroca o como Arthur Adams, o Jan, o muchos de los...
View ArticleAlienVault Blogs: AlienVault Open Threat Exchange Hits Major Milestone with...
Today, I’m excited to announce that AlienVault® Open Threat Exchange® (OTX™) has grown to 100,000 global participants, representing 36% percent year-over-year growth. AlienVault OTX, launched in 2012,...
View ArticleClik here to view.
Cisco Talos: Talos Vulnerability Discovery Year in Review - 2018
IntroductionCisco Talos' Vulnerability Discovery Team investigates software and operating system vulnerabilities in order to discover them before malicious threat actors. We provide this information to...
View Article