Clik here to view.
Darknet - The Darkside: China To Outlaw All Unapproved VPN Services
So the latest news from behind the Great Firewall of China is that they plan to crack down on all unapproved VPN services. This means all VPN providers, cloud service providers and ISPs will have to...
View ArticleClik here to view.
/dev/random: Quick Integration of MISP and Cuckoo
With the number of attacks that we are facing today, defenders are looking for more and more IOC’s (“Indicator of Compromise) to feed their security solutions (firewalls, IDS, …). It becomes impossible...
View ArticleClik here to view.
ArsTechnica: Security Content: President Trump is still using his “old,...
Enlarge/ The Samsung Galaxy S7 and S7 Edge, Samsung's most recent (non-exploding) flagship smartphones. (credit: Ron Amadeo)Donald Trump continues to use his "old, unsecured Android phone" since taking...
View ArticleClik here to view.
Un informático en el lado del mal: Bitcoin: La tecnología Blockchain y su...
Hoy tenemos un nuevo libro dentro de la colección de títulos que forman el catálogo de 0xWord. En este caso, uno dedicado a la criptomoneda Bitcoin y la tecnología Blockchain que hay detrás de ella. Ha...
View ArticleSANS Internet Storm Center, InfoCON: green: ISC Stormcast For Thursday,...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
SecutityByDefault: Utilizando la esteganografía para salir del radar de...
Voy a contar una anécdota realizando un hacking ético a un banco internacional. El reto propuesto por el jefe de Seguridad, era poder exportar una parte de la BD clientes de la empresa (que para hacer...
View ArticleSANS Internet Storm Center, InfoCON: green: IOC's: Risks of False Positive...
Yesterday, I wrote a blog post[1] which explained how to interconnect a Cuckoo[2] sandbox and the MISP[3] sharing platform. MISP has a nice REST API that allows you to extract useful IOCs in different...
View ArticleClik here to view.
/dev/random: [SANS ISC Diary] IOC’s: Risks of False Positive Alerts Flood Ahead
I published the following diary on isc.sans.org: “IOC’s: Risks of False Positive Alerts Flood Ahead“.Yesterday, I wrote a blog post which explained how to interconnect a Cuckoo sandbox and the MISP...
View ArticleClik here to view.
PandaLabs: PowerLocker
PowerLocker, also called PrisonLocker, is a new family of ransomware which in addition to encrypting files on the victim’s computer (as with other such malware) threatens to block users’ computers...
View ArticleClik here to view.
Wired: Threat Level: Hacker Lexicon: What Are White Hat, Gray Hat, and Black...
Here's how to distinguish the colors of the hacker rainbow. The post Hacker Lexicon: What Are White Hat, Gray Hat, and Black Hat Hackers? appeared first on WIRED.
View ArticleClik here to view.
ArsTechnica: Security Content: Now there’s a better way to prevent Facebook...
The Facebook signature wall in question is much bigger than this one, by the way. (credit: Matteo Artizzu)Facebook is enhancing its existing protection against account takeovers with cryptographically...
View ArticleFortinet FortiGuard Blog: 2017 Cybersecurity Predictions for Financial...
As technology within the financial services industry continues to evolve, so too does the threat landscape. Fortinet offers cybersecurity predictions for 2017.
View ArticleFortinet FortiGuard Blog: Deep Analysis of Android Rootnik Malware Using...
Recently, we found a new Android rootnik malware which uses open-sourced Android root exploit tools and the MTK root scheme from the dashi root tool to gain root access on an Android device. The...
View ArticleFortinet FortiGuard Blog: Deep Analysis of Android Rootnik Malware Using...
Deep Analysis of Android Rootnik Malware Using Advanced Anti-Debug and Anti-Hook, Part II: Analysis of The Scope of Java By Kai Lu In part I of this blog, we have finished the analysis of native...
View ArticleClik here to view.
ArsTechnica: Security Content: Site that sold access to 3.1 billion passwords...
EnlargeLeakedSource, a legally and ethically questionable website that sold access to a database of more than 3.1 billion compromised account passwords, has disappeared amid an unconfirmed report that...
View ArticleClik here to view.
Un informático en el lado del mal: Google dice: "Este sitio puede haber sido...
Desde los equipos de seguridad de Google tratan de evitar que los usuarios que navegan con Chrome se vean afectados con un problema de seguridad cuando visitan un sitio web que haya podido ser...
View ArticleSANS Internet Storm Center, InfoCON: green: ISC Stormcast For Friday, January...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
ArsTechnica: Security Content: “You took so much time to joke me”—two hours...
Tech support scammers in India got trapped on the phone with me for nearly two hours, and all they got was a revocation of their remote access software ID. (credit: Aurich Lawson)Technical support...
View ArticleClik here to view.
KPNC: vulnerability in… WinCalc (Win7, x64)
I will never go out of business in this country. thanks to Microsoft. who would have thought that wincalcis vulnerable? I have not checked all systems yet, so this is my configuration: Windows 7...
View ArticleClik here to view.
ArsTechnica: Security Content: It might be time to stop using antivirus
Enlarge (credit: Thinkstock / Aurich Lawson)Former Firefox developer Robert O'Callahan, now a free agent and safe from the PR tentacles of his corporate overlord, says that antivirus software is...
View Article