Clik here to view.
Darknet - The Darkside: p0wnedShell – PowerShell Runspace Post Exploitation...
p0wnedShell is an offensive PowerShell Runspace Post Exploitation host application written in C# that does not rely on powershell.exe but runs PowerShell commands and functions within a PowerShell run...
View ArticleClik here to view.
ArsTechnica: Security Content: Reported “backdoor” in WhatsApp is in fact a...
EnlargeThe Guardian roiled security professionals everywhere on Friday when it published an article claiming a backdoor in Facebook's WhatsApp messaging service allows attackers to intercept and read...
View ArticleClik here to view.
Un informático en el lado del mal: Actividades de formación Online y eventos...
Poco a poco voy volviendo al ritmo de combate en mi actividad natural. Ha sido solo una semana desde que me volví a poner en la casilla de salida, pero las cosas se están acelerando a un ritmo que...
View ArticleSANS Internet Storm Center, InfoCON: green: Backup Files Are Good but Can Be...
Since we started to work with computers, we always heard the following advice: Make backups!. Everytime you have to change something in a file or an application, first make a backup of the existing...
View ArticleClik here to view.
/dev/random: [SANS ISC Diary] Backup Files Are Good but Can Be Evil
I published the following diary on isc.sans.org: “Backup Files Are Good but Can Be Evil“.Since we started to work with computers, we always heard the following advice: “Make backups!”. Everytime you...
View ArticleClik here to view.
McAfee Avert Labs: Taking a Look at W32/Ramnit
Today we’re going to take a look at an interesting file-infector virus. W32/Ramnit infects EXE, DLL and HTML files. That last one is right; W32/Ramnit also infects HTML files to replicate itself.Let’s...
View Articlehoneyblog: 2011 Honeynet Project Security Workshop Slides + Videos
The slides and videos from the 2011 Honeynet Project Security Workshop (Paris) are now available! You can get the material from http://www.honeynet.org/SecurityWorkshops/2011_Paris. About the...
View ArticleClik here to view.
Un informático en el lado del mal: Odin, identificando el Shadow IT en la era...
Durante este año hemos presentado en la 7ª edición de RootedCON Madrid, en la 3ª edición de la RootedCON Valencia y en la 6ª edición de Navaja Negra el proyecto "Odin", cuya única misión es impulsar...
View ArticleSANS Internet Storm Center, InfoCON: green: ISC Stormcast For Monday, January...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
Un informático en el lado del mal: El BUG de WhatsApp que permite que te...
Tras ver todos los casos de espionaje publicados tras los documentos filtrados por Edward Snowden, no hace falta decir que la sensibilidad de todo el mundo con el tema de la privacidad es alta. Por...
View ArticleClik here to view.
SecutityByDefault: Cuarta edición de Hackron: El congreso de seguridad de...
Recuerdo la ilusión que me hizo cuando hace 4 años me contactó Igor Lukic, uno de los organizadores de Hackron, con la idea de montar un evento de seguridad en Canarias. En la organización, mi buen...
View ArticleSANS Internet Storm Center, InfoCON: green: Whitelisting File Extensions in...
Last week, Xavier published a great diary about the dangers of leaving behind backup files on your web server. There are a few different ways to avoid this issues, and as usual, defense in depth...
View ArticleClik here to view.
Infosec Events: Week 3 In Review – 2017
ToolsAcunetix Free Manual Pen Testing Tools– www.acunetix.com Acunetix Manual Tools allow penetration testers to further automated testing.waveconverter– github.com Factoria Labs 2016 WaveConverter is...
View ArticleClik here to view.
Carnal0wnage Blog: DevOoops: Client Provisioning (Vagrant)
Notes from the 2015 Devoops TalkVagrant used to ship with a default keypair and was difficult to rotate.**fixed with new versions of Vagrant. Finding hosts using the default key still pretty likely.Did...
View ArticleLost In Security: Españoles por la BlackHat
Siguiendo con la estela del artículo publicado 'Españoles por la Phrack', vuelvo a la carga con un artículo parecido, pero en este caso sobre una de las conferencias de seguridad que más conoce la...
View ArticleClik here to view.
Darknet - The Darkside: ZGrab – Application Layer Scanner For ZMap
ZGrab is a Go-based application layer scanner that operates with ZMap and supports multiple protocols and services including TLS, IMAP, SMTP, POP3 etc. It also stores TLS version and can detect...
View ArticleSANS Internet Storm Center, InfoCON: green: ISC Stormcast For Tuesday,...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
ArsTechnica: Security Content: Who’s winning the cyber war? The squirrels, of...
Beware its furry cyber-wrath. (credit: Washington State)WASHINGTON, DC—For years, the government and security experts have warned of the looming threat of "cyberwar" against critical infrastructure in...
View ArticleSANS Internet Storm Center, InfoCON: green: domain_stats.py a web api for...
Last year, over the Thanksgiving break, Justin Henderson and I worked ona tool to provide a web API interface foranother tool I released last year called freq.py. freq.py is used to identify randomized...
View Article