SANS Internet Storm Center, InfoCON: green: ISC Stormcast For Monday, January...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
Darknet - The Darkside: dns2proxy – Offensive DNS server
dns2proxy is an offensive DNS server that offers various features for post-exploitation once you’ve changed the DNS server of a victim. It’s very frequently used in combination with sslstrip. Features...
View ArticleSANS Internet Storm Center, InfoCON: green: How to Have Fun With IPv6...
I may extend this with a second entry later this week. But as so often, I found myself on a long flight with some time on my hands, and since the IETF just released a new RFC regarding IPv6 atomic...
View ArticleClik here to view.
ArsTechnica: Security Content: Virulent Android malware returns, gets >2...
Enlarge (credit: portal gda)A virulent family of malware that infected more than 10 million Android devices last year has made a comeback, this time hiding inside Google Play apps that have been...
View ArticleSANS Internet Storm Center, InfoCON: green: Critical Vulnerability in Cisco...
The Google 0-Day project announced a critical remote code execution vulnerability in Ciscos WebEx plugin for Google Chrome. This vulnerability allows a remote attacker to execute arbitrary code on the...
View ArticleSANS Internet Storm Center, InfoCON: green: All things Apple Updated today:...
=============== Rob VandenBrink Metafore (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
ArsTechnica: Security Content: Widely used WebEx plugin for Chrome will...
Enlarge (credit: Tavis Ormandy)The Chrome browser extension for Cisco Systems WebEx communications and collaboration service was just updated to fix a vulnerability that leaves all 20 million users...
View ArticleSANS Internet Storm Center, InfoCON: green: ISC Stormcast For Tuesday,...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
Un informático en el lado del mal: Esta Wi-Fi es de pago para todos menos...
La historia que os voy a narrar inicia su andadura en un avión rumbo a los Estados Unidos aunque he de decir que mi destino final era un país asiático. Resulta que este vuelo, como muchos vuelos...
View ArticleClik here to view.
SecutityByDefault: Entrevista a Michael Boelen, el creador de Lynis y rkhunter
Seguro que a quienes os ha tocado administrar y securizar máquinas Linux, tenéis a Lynis como una de las herramientas de cabecera, para poder comprobar si os habéis dejado algún agujero por tapar. De...
View ArticleLost In Security: El último superviviente (II) - iOS
En el pasado artículo estuvimos revisando los puntos débiles que tiene un malware a la hora de sobrevivir un reinicio del sistema, y nos centramos en OSX. Ahora toca el turno a iOS, que al ser una...
View ArticleClik here to view.
KPNC: vulnerability in… WinCalc (Win7, x64)
I will never go out of business in this country. thanks to Microsoft. who would have thought that wincalcis vulnerable? I have not checked all systems yet, so this is my configuration: Windows 7...
View ArticleClik here to view.
PandaLabs: PowerLocker
PowerLocker, also called PrisonLocker, is a new family of ransomware which in addition to encrypting files on the victim’s computer (as with other such malware) threatens to block users’ computers...
View ArticleClik here to view.
ArsTechnica: Security Content: Ransomware app hosted in Google Play infects...
(credit: Aurich Lawson)Google Play, the official market for Android apps, was caught hosting a ransomware app that infected at least one real-world handset, security researchers said Tuesday.The...
View ArticleClik here to view.
Un informático en el lado del mal: Cómo saltarse UAC en WIndows 7 y Windows...
WinSxS, Windows Side-by-Side, se introdujo con Windows Server 2008 y es un almacén dónde el sistema contiene componentes de Windows que se pueden utilizar durante las instalaciones o componentes que...
View ArticleSANS Internet Storm Center, InfoCON: green: ISC Stormcast For Wednesday,...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleSANS Internet Storm Center, InfoCON: green: Malicious SVG Files in the Wild,...
In November 2016, the Facebook messenger application was used to deliver malicious SVG files to people [1]. SVG files (or Scalable Vector Graphics) are vector images that can be displayed in most...
View ArticleClik here to view.
/dev/random: [SANS ISC Diary] Malicious SVG Files in the Wild
I published the following diary on isc.sans.org: “Malicious SVG Files in the Wild“.In November 2016, the Facebook messenger application was used to deliver malicious SVG files to people [1]. SVG files...
View ArticleFortinet FortiGuard Blog: The Analysis of ISC BIND NSEC Record Handling DoS...
The latest patch for BIND from the Internet Systems Consortium (ISC) fixes a NESC record-related bug. Remote BIND recursive servers may crash when attempting to handle the specifically-crafted query...
View ArticleClik here to view.
ArsTechnica: Security Content: Kaspersky Lab’s top investigator reportedly...
In a move that stunned some security researchers, a top investigator at Russia's largest antivirus provider, Kaspersky Lab, has been arrested in an investigation into treason, a crime that upon...
View Article