Clik here to view.
/dev/random: HITB Amsterdam 2017 Day #1 Wrap-Up
I’m back in Amsterdam for the 8th edition of the security conference Hack in the Box. Last year, I was not able to attend but I’m attending it for a while (you can reread all my wrap-up’s here). What...
View ArticleClik here to view.
Un informático en el lado del mal: Publicada OWASP Top Ten 2017 Release...
El proyecto OWASP (Open Web Application Security Project) nació hace más de una década y desde entonces se ha dedicado a trabajar en la mejora de la seguridad de las aplicaciones web (y más tarde en...
View ArticleSANS Internet Storm Center, InfoCON: green: ISC Stormcast For Friday, April...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleLost In Security: El último superviviente (II) - iOS
En el pasado artículo estuvimos revisando los puntos débiles que tiene un malware a la hora de sobrevivir un reinicio del sistema, y nos centramos en OSX. Ahora toca el turno a iOS, que al ser una...
View ArticleFortinet FortiGuard Blog: 4 Financial Services Cybersecurity Pain Points and...
The cloud, Internet of Things (IoT), mobility, and big data analytics are four primary trends that are driving change, and financial services organizations are being tasked to keep up. While digital...
View ArticleClik here to view.
ArsTechnica: Security Content: NSA-leaking Shadow Brokers just dumped its...
Enlarge/ A computer screen displaying Eternalromance, one of the hacking tools dumped Friday by Shadow Brokers. (credit: Matthew Hickey)The Shadow Brokers—the mysterious person or group that over the...
View ArticleClik here to view.
/dev/random: HITB Amsterdam 2017 Day #2 Wrap-Up
After a nice evening with some beers and an excellent dinner with infosec peers, here is my wrap-up for the second day. Coffee? Check! Wireless? Check! Twitter? Check!As usual, the day started with a...
View ArticleClik here to view.
Un informático en el lado del mal: Un bot de Telegram protegido con Latch en...
Como es sabido, una de las funcionalidades atractivas y muy utilizadas en Telegram es la posibilidad de crear e interactuar con bots. La API para crear bots de Telegram es pública y justamente por eso...
View ArticleSANS Internet Storm Center, InfoCON: green: Wireshark 2.2.6 available ->...
-- Rick Wanner MSISE - rwanner at isc dot sans dot edu - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected) (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons...
View ArticleSANS Internet Storm Center, InfoCON: green: VMWare Security Advisory ->...
-- Rick Wanner MSISE - rwanner at isc dot sans dot edu - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected) (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons...
View ArticleSANS Internet Storm Center, InfoCON: green: ETERNALBLUE: Confirmed Unpatched...
[This exploit is now confirmed to work]To protect yourself from this exploit, disable SMBv1 (see this KB article by Microsoft about details), and make sure you are blocking port 445. So far I havent...
View ArticleClik here to view.
McAfee Avert Labs: Taking a Look at W32/Ramnit
Today we’re going to take a look at an interesting file-infector virus. W32/Ramnit infects EXE, DLL and HTML files. That last one is right; W32/Ramnit also infects HTML files to replicate itself.Let’s...
View Articlehoneyblog: 2011 Honeynet Project Security Workshop Slides + Videos
The slides and videos from the 2011 Honeynet Project Security Workshop (Paris) are now available! You can get the material from http://www.honeynet.org/SecurityWorkshops/2011_Paris. About the...
View ArticleLost In Security: Españoles por la BlackHat
Siguiendo con la estela del artículo publicado 'Españoles por la Phrack', vuelvo a la carga con un artículo parecido, pero en este caso sobre una de las conferencias de seguridad que más conoce la...
View ArticleClik here to view.
ArsTechnica: Security Content: Mysterious Microsoft patch killed 0days...
Enlarge (credit: NSA)Contrary to what Ars and the rest of the world reported Friday, none of the published exploits stolen from the National Security Agency work against currently supported Microsoft...
View ArticleClik here to view.
Un informático en el lado del mal: Cursos, charlas y conferencias del 17 al...
Se acaba ya el tiempo de vacaciones en Semana Santa y toca volver al trabajo, a los estudios, y a disfrutar el tiempo aprendiendo cosas nuevas. Así que, por si estás pensando ya en lo que tienes que...
View ArticleSANS Internet Storm Center, InfoCON: green: Detecting SMB Covert Channel...
With Fridays release of additional Shadowbroker tools, a lot of attention was spent on exploits with names like Eternalblue, which exploited only recently patched vulnerabilities. Another item of...
View ArticleClik here to view.
Un informático en el lado del mal: Presto Parking: ¿Un sitio web...
Hace unos días decidí ir al centro a hacer unas gestiones, y como tenía que aparcar en zona azul me descargué una app llamada "Presto Parking" que permite el pago telemático de la zona azul a través...
View ArticleSANS Internet Storm Center, InfoCON: green: ISC Stormcast For Monday, April...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View Article
