Clik here to view.
McAfee Avert Labs: Taking a Look at W32/Ramnit
Today we’re going to take a look at an interesting file-infector virus. W32/Ramnit infects EXE, DLL and HTML files. That last one is right; W32/Ramnit also infects HTML files to replicate itself.Let’s...
View Articlehoneyblog: 2011 Honeynet Project Security Workshop Slides + Videos
The slides and videos from the 2011 Honeynet Project Security Workshop (Paris) are now available! You can get the material from http://www.honeynet.org/SecurityWorkshops/2011_Paris. About the...
View ArticleLost In Security: Españoles por la BlackHat
Siguiendo con la estela del artículo publicado 'Españoles por la Phrack', vuelvo a la carga con un artículo parecido, pero en este caso sobre una de las conferencias de seguridad que más conoce la...
View ArticleLost In Security: El último superviviente (II) - iOS
En el pasado artículo estuvimos revisando los puntos débiles que tiene un malware a la hora de sobrevivir un reinicio del sistema, y nos centramos en OSX. Ahora toca el turno a iOS, que al ser una...
View ArticleClik here to view.
KPNC: vulnerability in… WinCalc (Win7, x64)
I will never go out of business in this country. thanks to Microsoft. who would have thought that wincalcis vulnerable? I have not checked all systems yet, so this is my configuration: Windows 7...
View ArticleClik here to view.
PandaLabs: PowerLocker
PowerLocker, also called PrisonLocker, is a new family of ransomware which in addition to encrypting files on the victim’s computer (as with other such malware) threatens to block users’ computers...
View ArticleClik here to view.
Un informático en el lado del mal: Hay otro Internet en las Wireless...
Muchas veces, cuando se habla de la Deep Web se tiende a pensar que esta es lo mismo que TOR, y ni mucho menos es así. La Deep Web es un concepto mucho más genérico que habla de aquellos contenidos que...
View ArticleSANS Internet Storm Center, InfoCON: green: Distraction as a Service, (Sat,...
Have you noticed that some security projects never seem to get finished? Despite the best of intentions, often times they linger, sometimes for years. I believe that distractions play a role in...
View ArticleNiels Provos: Forging a Wolf Tooth Spear: Part 2
Here is Part 2 of my new A Spear Born of Fire video series. My journey in forging the famous Finnish Wolf Tooth Spear from Rovaniemi, Marikkovaara is making slow but steady progress. In this video, I...
View ArticleClik here to view.
Un informático en el lado del mal: Citas para la última semana de Marzo...
En esta última semana de Marzo de 2017 que se nos viene encima, tenemos alguna acción que puede ser interesante. No os traigo muchas referencias, pero sí que algunas curiosas, como el seminario de las...
View ArticleClik here to view.
Un informático en el lado del mal: Big Data Security Tales: Riak NoSQL...
Haciendo recorrido a motores y tecnologías de Big Data de amplio uso, como parte de nuestro trabajo de actualización y mejora de los plugins de Faast, llegamos a Riak. Éste es un motor NoSQL que goza...
View ArticleSANS Internet Storm Center, InfoCON: green: ISC Stormcast For Monday, March...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleFortinet FortiGuard Blog: Threat Perspective: Risky Business, A Look Inside...
We recently talked with Ladi Adefala to get a better understanding of how the dark, mysterious underground of cyber crime is helping to fuel this growth, and how it impacts businesses and individuals.
View ArticleSANS Internet Storm Center, InfoCON: green: Symantec vs. Google: The CA Fight...
Google has long been vocal about Symantecs use of test certificates. Google alleged that Symantec does not provide sufficient controls to prevent an abuse of its widely respected certificate authority....
View ArticleClik here to view.
ArsTechnica: Security Content: Doxed by Microsoft’s Docs.com: Users...
EnlargeOn March 25, security researcher Kevin Beaumont discovered something very unfortunate on Docs.com, Microsoft's free document-sharing site tied to the company's Office 365 service: its homepage...
View ArticleClik here to view.
Darknet - The Darkside: HashPump – Exploit Hash Length Extension Attack
HashPump is a C++ based command line tool to exploit the Hash Length Extension Attack with various hash types supported, including MD4, MD5, SHA1, SHA256, and SHA512. There’s a good write-up of how to...
View ArticleMetasploit: How to Recondition Batteries at Home
“How to bring your beat up batteries back from the dead... and add an extra two... three... even four years of operation with little effort and almost no investment whatsoever!” Dear friend,...
View ArticleClik here to view.
Un informático en el lado del mal: Latch’sApp: Un hack para exfiltrar datos...
La pasada semana celebramos la IV Edición de nuestro Equinox, un evento interno en el que cualquier persona de CDO puede participar y llevar a cabo sus ideas más locas. En esta ocasión era mi segunda...
View ArticleFortinet FortiGuard Blog: The Essential 8: ASD’s strategies to mitigate cyber...
The Australian Signals Directorate’s (ASD) ‘Essential 8’ strategies to mitigate cyber security incidents represent a set of cyber security best practices that, when implemented successfully, will...
View ArticleClik here to view.
ArsTechnica: Security Content: Ransomware scammers exploited Safari bug to...
(credit: Lookout)Ransomware scammers have been exploiting a flaw in Apple's Mobile Safari browser in a campaign to extort fees from uninformed users. The scammers particularly target those who viewed...
View Article