Clik here to view.
PandaLabs: PowerLocker
PowerLocker, also called PrisonLocker, is a new family of ransomware which in addition to encrypting files on the victim’s computer (as with other such malware) threatens to block users’ computers...
View ArticleClik here to view.
Wired: Threat Level: Hacker Lexicon: What Are White Hat, Gray Hat, and Black...
Here's how to distinguish the colors of the hacker rainbow. The post Hacker Lexicon: What Are White Hat, Gray Hat, and Black Hat Hackers? appeared first on WIRED.
View ArticleClik here to view.
ArsTechnica: Security Content: Watershed SHA1 collision just broke the WebKit...
Enlarge (credit: youngthousands)Thursday's watershed attack on the widely used SHA1 hashing function has claimed its first casualty: the version control system used by the WebKit browser engine, which...
View ArticleClik here to view.
McAfee Avert Labs: Taking a Look at W32/Ramnit
Today we’re going to take a look at an interesting file-infector virus. W32/Ramnit infects EXE, DLL and HTML files. That last one is right; W32/Ramnit also infects HTML files to replicate itself.Let’s...
View Articlehoneyblog: 2011 Honeynet Project Security Workshop Slides + Videos
The slides and videos from the 2011 Honeynet Project Security Workshop (Paris) are now available! You can get the material from http://www.honeynet.org/SecurityWorkshops/2011_Paris. About the...
View ArticleLost In Security: Españoles por la BlackHat
Siguiendo con la estela del artículo publicado 'Españoles por la Phrack', vuelvo a la carga con un artículo parecido, pero en este caso sobre una de las conferencias de seguridad que más conoce la...
View ArticleLost In Security: El último superviviente (II) - iOS
En el pasado artículo estuvimos revisando los puntos débiles que tiene un malware a la hora de sobrevivir un reinicio del sistema, y nos centramos en OSX. Ahora toca el turno a iOS, que al ser una...
View ArticleClik here to view.
Un informático en el lado del mal: Cómo encontramos tu HTTP Response...
Las vulnerabilidades de HTTP Response Splitting pueden ser utilizadas para hacer muchos ataques peligrosos. De hecho, están catalogadas con un nivel de criticidad alto y cuando aparecen se deben cerrar...
View ArticleClik here to view.
Didier Stevens: Update: rtfdump.py Version 0.0.5
This new version of rtfdump.py adds object extraction (-E) and can also handle objects obfuscated with \dde0000…rtfdump_V0_0_5.zip (https) MD5: 14475C70D992FB72306D5F83815DDE19 SHA256:...
View ArticleClik here to view.
SANS Internet Storm Center, InfoCON: green: It is Tax Season - Watch out for...
This week I received an email looking very realistic with a Word document that made it through the AV gateway from the Canadian Revenue Agency, it is tax season after all and everyone must be extra...
View ArticleClik here to view.
Un informático en el lado del mal: And the next week: MWC (Barcelona) y...
Los domingos empieza a ser traición que os traiga la lista de eventos para la semana que viene, pero esta va a ser muy sencilla, pues hay dos eventos muy destacados y no hay muchos más en paralelo....
View ArticleClik here to view.
Didier Stevens: Update: translate.py Version 2.4.0
I added a feature similar to “here files” to translate.py. It’s something I already did in xor-kpa.py.In stead of using an input filename, the content can also be passed in the argument. To achieve...
View ArticleSANS Internet Storm Center, InfoCON: green: CRA Maldoc Analysis, (Sun, Feb 26th)
I took a look at Guy font-family:Helvetica Neue width:1267px" />Didier Stevens Microsoft MVP Consumer Securityblog.DidierStevens.comDidierStevensLabs.com (c) SANS Internet Storm Center....
View ArticleSANS Internet Storm Center, InfoCON: green: Dynamite Phishing , (Mon, Feb 27th)
Last week I ran across a very successful phishing campaign, whats odd in most ways it was nothing special. The attacker was using this more like a worm, where stolen credentials would be used within...
View ArticleSANS Internet Storm Center, InfoCON: green: ISC Stormcast For Monday,...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
Un informático en el lado del mal: AURA: The heart of the 4th Platform
Ayer en Barcelona fue el día en el que lanzamos en Telefónica la que habíamos denominado, con nombre código, Cuarta Plataforma. Ésta, de la que se había hablado mucho, es una plataforma de Cognitive...
View ArticleClik here to view.
Darknet - The Darkside: Termineter – Smart Meter Security Testing Framework
Termineter is a Python Smart Meter Security Testing framework which allows authorised individuals to test Smart Meters for vulnerabilities such as energy consumption fraud, network hijacking, and more....
View ArticleFortinet FortiGuard Blog: You don't need to break my heart...
X-ray image of installed pacemaker showing wire routing - Image from Wikipedia A few days ago, journalists reported a man had been charged with arson using data retrieved from his own pacemaker (see...
View ArticleFortinet FortiGuard Blog: Five Areas for Cybersecurity Innovation in 2017
The world never stands still. In the technology space, this means that constant innovation and discovery is the key to a solution provider’s survival and growth. In the cybersecurity arena, this creed...
View ArticleClik here to view.
ArsTechnica: Security Content: Google reports “high-severity” bug in Edge/IE,...
Enlarge (credit: Ccetsnakebite)A member of Google's Project Zero security research team has disclosed a high-severity vulnerability in Microsoft's Edge and Internet Explorer browsers that reportedly...
View Article
