SANS Internet Storm Center, InfoCON: green: ISC Stormcast For Friday, May...
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
View ArticleSANS Internet Storm Center, InfoCON: green: When Bad Guys are Pwning Bad...
A few months ago, I wrote a diary about webshells[1] and the numerous interesting features they offer. Theyre plenty of web shells available, there are easy to find and install. They are usually...
View ArticleClik here to view.
Un informático en el lado del mal: WordPress aún más seguro con Latch Lock...
Una de las opciones que pusimos hace tiempo en Latch es la posibilidad de que el administrador del sitio forzara algo que llamamos Lock Latches after Request, lo que reduce la superficie de exposición...
View ArticleClik here to view.
/dev/random: [SANS ISC] When Bad Guys are Pwning Bad Guys…
I published the following diary on isc.sans.org: “When Bad Guys are Pwning Bad Guys…“.A few months ago, I wrote a diary about webshells[1] and the numerous interesting features they offer. They’re...
View ArticleClik here to view.
Wired: Threat Level: Hacker Lexicon: What Are White Hat, Gray Hat, and Black...
Here's how to distinguish the colors of the hacker rainbow. The post Hacker Lexicon: What Are White Hat, Gray Hat, and Black Hat Hackers? appeared first on WIRED.
View ArticleClik here to view.
ArsTechnica: Security Content: Gizmodo went phishing with the Trump team—will...
Enlarge/ Go phishing the White House and you may need a bigger boat. (credit: Lsuff)Earlier this week, the team at Gizmodo's Special Projects Desk published a report on how they "phished" members of...
View ArticleClik here to view.
ArsTechnica: Security Content: Massive ransomware attack hits UK hospitals,...
Enlarge (credit: Health Service Journal)A large number of hospitals, GPs, and walk-in clinics across England have been locked down by a ransomware attack, reports suggest. There are also some reports...
View ArticleSANS Internet Storm Center, InfoCON: green: Massive wave of ransomware...
For a few hours, bad news are spreading quickly about a massive wave of infections by a new ransomware called WannaCry width:600px" /> (Source: MalwareTech)Big targets have been telecom operators...
View ArticleClik here to view.
ArsTechnica: Security Content: An NSA-derived ransomware worm is shutting...
EnlargeA highly virulent new strain of self-replicating ransomware shut down computers all over the world, in part by appropriating a National Security Agency exploit that was publicly released last...
View ArticleClik here to view.
Un informático en el lado del mal: El ataque del ransomware #WannaCry
Es desde hace doce años que vengo escribiendo este blog y nunca he escurrido el bulto cuando algo sucede, y por eso escribo hoy de este tema que tantos titulares ha despertado. Los que trabajamos en...
View ArticleFortinet FortiGuard Blog: Protecting Your Organization from the WCry Ransomware
Ransomware has become the fastest growing malware threat, targeting everyone from home users to healthcare systems to corporate networks. Tracking analysis shows that there has been an average of more...
View ArticleClik here to view.
ArsTechnica: Security Content: WCry is so mean Microsoft issues patch for 3...
Enlarge (credit: Health Service Journal)A day after a ransomware worm infected 75,000 machines in 100 countries, Microsoft is taking the highly unusual step of issuing patches that immunize Windows XP,...
View ArticleClik here to view.
Didier Stevens: Update: re_search.py Version 0.0.5
When I used my re-search.py tool to extract Bitcoin addresses from the latest WCry samples, I found a small bug. This version is a bugfix (bug introduced in version 0.0.4).re-search_V0_0_5.zip (https)...
View ArticleClik here to view.
Didier Stevens: Quickpost: WannaCry Killswitch Check Is Not Proxy Aware
It looks like #WannaCry’s killswitch check (www[.]iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea[.]com) is not proxy aware:Organizations that use proxies will not benefit from the killswitch.Sample:...
View ArticleClik here to view.
McAfee Avert Labs: Taking a Look at W32/Ramnit
Today we’re going to take a look at an interesting file-infector virus. W32/Ramnit infects EXE, DLL and HTML files. That last one is right; W32/Ramnit also infects HTML files to replicate itself.Let’s...
View Articlehoneyblog: 2011 Honeynet Project Security Workshop Slides + Videos
The slides and videos from the 2011 Honeynet Project Security Workshop (Paris) are now available! You can get the material from http://www.honeynet.org/SecurityWorkshops/2011_Paris. About the...
View ArticleLost In Security: Españoles por la BlackHat
Siguiendo con la estela del artículo publicado 'Españoles por la Phrack', vuelvo a la carga con un artículo parecido, pero en este caso sobre una de las conferencias de seguridad que más conoce la...
View ArticleLost In Security: El último superviviente (II) - iOS
En el pasado artículo estuvimos revisando los puntos débiles que tiene un malware a la hora de sobrevivir un reinicio del sistema, y nos centramos en OSX. Ahora toca el turno a iOS, que al ser una...
View ArticleClik here to view.
KPNC: vulnerability in… WinCalc (Win7, x64)
I will never go out of business in this country. thanks to Microsoft. who would have thought that wincalcis vulnerable? I have not checked all systems yet, so this is my configuration: Windows 7...
View ArticleClik here to view.
PandaLabs: PowerLocker
PowerLocker, also called PrisonLocker, is a new family of ransomware which in addition to encrypting files on the victim’s computer (as with other such malware) threatens to block users’ computers...
View Article