SANS Internet Storm Center, InfoCON: green: ISC Stormcast For Thursday,...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
Un informático en el lado del mal: Cómo la NSA podría haber "troyanizado los...
Desde que los documentos filtrados por Edward Snowden salieron a la luz el mundo se ha estado haciendo muchas preguntas por los detalles técnicos de cómo lo hacían. Casos como la pertenencia de las...
View ArticleClik here to view.
ArsTechnica: Security Content: Clinton campaign chief’s iPhone was hacked and...
EnlargeUnconfirmed evidence builds a strong case that an Apple iCloud account belonging to Hillary Clinton's campaign chief, John Podesta, was accessed and possibly erased by hackers less than 12 hours...
View ArticleSANS Internet Storm Center, InfoCON: green: New tool: docker-mount.py, (Thu,...
In my postForensicating Docker, Part 1back in March (yes, I promise a Part 2 in the next couple of months, the $dayjob has slowed that down a bit), I talked a little about the AUFS layered filesystem...
View ArticleSANS Internet Storm Center, InfoCON: green: ISC Stormcast For Friday, October...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
Un informático en el lado del mal: Latch ARW: Una nueva herramienta contra el...
El ransomware sigue siendo un gran problema entre los usuarios de sistemas Microsoft Windows. Con la simple idea de ser un programa que se ejecuta con los privilegios de la cuenta del usuario para...
View ArticleClik here to view.
Didier Stevens: Analyzing Office Maldocs With Decoder.xls
There are Office maldocs out there with some complex payload decoding algorithms. Sometimes I don’t have the time to convert the decoding routines to Python, and then I will use the VBA interpreter in...
View ArticleSANS Internet Storm Center, InfoCON: green: pseudoDarkleech Rig EK, (Fri, Oct...
IntroductionSince Monday 2016-10-03, the pseudoDarkleech campaign has been using Rig exploit kit (EK) to distribute Cerber ransomware." />Shown above: An infection chain of events.Let" />Shown...
View ArticleClik here to view.
Darknet - The Darkside: DyMerge – Bruteforce Dictionary Merging Tool
DyMerge is a simple, yet powerful bruteforce dictionary merging tool – written purely in python – which takes given wordlists and merges them into one dynamic dictionary that can then be used as...
View ArticleClik here to view.
ArsTechnica: Security Content: Beware of all-powerful DDoS malware infecting...
Enlarge/ One of the Sierra Wireless devices that can be infected by Mirai. (credit: Sierra Wireless)This week, the US government-backed ICS-CERT warned that the troubling new generation of computer...
View ArticleClik here to view.
Un informático en el lado del mal: 20 de Octubre: Data-Driven Decissions -...
El próximo jueves 20 de Octubre es un día importante para nosotros. Ese día vamos a presentar en Telefónica una nueva unidad de negocio centrada en el mundo del Big Data. Al igual que en el caso de la...
View ArticleClik here to view.
McAfee Avert Labs: Taking a Look at W32/Ramnit
Today we’re going to take a look at an interesting file-infector virus. W32/Ramnit infects EXE, DLL and HTML files. That last one is right; W32/Ramnit also infects HTML files to replicate itself.Let’s...
View Articlehoneyblog: 2011 Honeynet Project Security Workshop Slides + Videos
The slides and videos from the 2011 Honeynet Project Security Workshop (Paris) are now available! You can get the material from http://www.honeynet.org/SecurityWorkshops/2011_Paris. About the...
View ArticleLost In Security: Españoles por la BlackHat
Siguiendo con la estela del artículo publicado 'Españoles por la Phrack', vuelvo a la carga con un artículo parecido, pero en este caso sobre una de las conferencias de seguridad que más conoce la...
View ArticleClik here to view.
SANS Internet Storm Center, InfoCON: green: Maldoc VBA Anti-Analysis, (Sat,...
I was asked for help with the analysis of sample 7c9505f2c041ba588bed854258344c43. Turns out this malicious Word document has some anti-analysis tricks (here is an older diary entry with other...
View ArticleClik here to view.
Un informático en el lado del mal: Ya puedes ver el Security Innovation Day...
Ya han pasado diez días desde que tuvo lugar nuestro Security Innovation Day 2016, y aunque os he ido contando algunas cosas, todavía queda por repasar un largo trecho. Os he hablado de la compra de...
View ArticleSANS Internet Storm Center, InfoCON: green: Analyzing Office Maldocs With...
In my last diary entry, I show how to decode VBA maldoc strings with Excel. A similar technique can be used to decode a payload (like shellcode).I explain this method in this video.Didier Stevens...
View ArticleSANS Internet Storm Center, InfoCON: green: ISC Stormcast For Monday, October...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
Didier Stevens: Update: oledump.py Version 0.0.25
This new version as a couple of new options (–decoderdir and –plugindir) and a bugfix.oledump_V0_0_25.zip (https) MD5: CED1602AEF505AE0388DB95414F9C00A SHA256:...
View ArticleClik here to view.
Infosec Events: Week 42 In Review – 2016
ResourcesPublished “SecDevOps Risk Workflow” Book (v0.57)– blog.diniscruz.com I just published version v0.57 of the (previously called) Jira Risk Workflow book.VulnerabilitiesThese 60 dumb passwords...
View Article