SANS Internet Storm Center, InfoCON: green: Kali Linux 2016.2 Release:...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
Un informático en el lado del mal: Cómo la Inteligencia Artificial y el Deep...
El uso de de técnicas de ofuscación de personas en fotografías es muy común. Desde técnicas que pixelan las caras de gente que aparece en una determinada foto hasta sistemas de difuminación (o bluring)...
View ArticleSANS Internet Storm Center, InfoCON: green: Malware Delivered via '.pub'...
While searching for new scenarios to deliver their malwares[1][2], attackers launched a campaignto deliver malicious code embedded in Microsoft Publisher[3] (.pub) files. The tool Publisher is less...
View ArticleClik here to view.
Darknet - The Darkside: DBPwAudit – Database Password Auditing Tool
DBPwAudit is a Java database password auditing tool that allows you to perform online audits of password quality for several database engines. The application design allows for easy adding of...
View ArticleSANS Internet Storm Center, InfoCON: green: ISC Stormcast For Tuesday,...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
Infosec Events: Week 36 In Review – 2016
ToolsWiFi-Pumpkin– github.com Framework for Rogue Wi-Fi Access Point AttackPython tools for penetration testers– github.com Python tools for penetration testersNmap 7.25BETA2 Birthday Release– nmap.org...
View ArticleClik here to view.
Un informático en el lado del mal: Windows 10 y el final del los ataques Pass...
La técnica del Pass the Hash está con nosotros desde hace muchos años, quizá 1999, pero no ha dejado de ayudar a los pentesters y auditores en su día a día. ¿Qué es eso del Pass the Hash? Para que...
View ArticleClik here to view.
/dev/random: [SANS ISC Diary] Malware Delivered via ‘.pub’ Files
I published the following diary on isc.sans.org: “Malware Delivered via ‘.pub’ Files“.While searching for new scenarios to deliver their malwares[1][2], attackers launched a campaign to deliver...
View ArticleClik here to view.
Room362.com: Snagging creds from locked machines
First off, this is dead simple and shouldn’t work, but it does. Also, there is no possible way that I’m the first one that has identified this, but here it is (trust me, I tested it so many ways to...
View ArticleClik here to view.
ArsTechnica: Security Content: More passwords, please: 98 million leaked from...
(credit: Marc Falardeau)Another major site breach from four years ago has resurfaced. Today, LeakedSource revealed that it had received a copy of a February 2012 dump of the user database of...
View ArticleClik here to view.
Dancho Danchev's Blog - Mind Streams of Information Security Knowledge: New...
We've, recently, intercepted, a, currently, circulating, malicious, spam, campaign, affecting, hundreds, of, users, globally, potentially, exposing, the, confidentiality, availability, and, integrity,...
View ArticleSANS Internet Storm Center, InfoCON: green: How to Set Up Your Own Malware...
I am sure what you really want is more malware ;-). But a few people asked for tricks to collect malware.Malware can be useful for a number of reasons: First of all, you could extract indicators of...
View ArticleSANS Internet Storm Center, InfoCON: green: ISC Stormcast For Wednesday,...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
ArsTechnica: Security Content: Meet PocketBlock, the crypto engineering game...
Enlarge/ The US Navy Bombe used during World War II to break Germany's Enigma encryption system. (credit: National Security Agency)When you're an applied cryptographer, teaching your preteen daughters...
View ArticleSANS Internet Storm Center, InfoCON: green: September 2016 Security Awareness...
--- Johannes B. Ullrich, Ph.D.STI|Twitter|LinkedIn (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleClik here to view.
Un informático en el lado del mal: Unas palabras sobre la "4ª Plataforma" y...
Cuando entré a trabajar en Telefónica lo hice porque había un proyecto transformador de la compañía que me gustaba mucho. Cosas como Telefónica Digital para desarrollar tecnologías en el mundo de...
View ArticleClik here to view.
Dancho Danchev's Blog - Mind Streams of Information Security Knowledge:...
Dear, blog, readers, are, you, on, Twitter? If, so, consider, following, me. Enjoy!
View ArticleClik here to view.
ArsTechnica: Security Content: Surprise! House Oversight report blames OPM...
OPM officials did nearly everything wrong as far as security goes and then lied about it, House Oversight Committee Republicans said in a final report on the OPM breach. (credit: Photo illustration by...
View ArticleSANS Internet Storm Center, InfoCON: green: Updated DShield Blocklist, (Wed,...
Earlier today, I updated how our block list is generated. The idea behind this is to avoid some false positives and to make the list more meaningful. As usual, please note that this list is as is and...
View ArticleClik here to view.
ArsTechnica: Security Content: Yes, you can hack cell phones like on Mr....
Enlarge (credit: NBCUniversal)Warning: This piece contains minor spoilers for the most recent episode of Mr. Robot (S2E9)Time and time again, Mr. Robot has proven to be a show that prides itself on...
View Article