-
Oct 7, 2020
“If privacy is outlawed, only outlaws will have privacy.” - Philip Zimmermann Breach at food delivery service Chowbus reportedly affects hundreds of thousands of customers Two months after securing a $33 million funding round from investors, food delivery startup Chowbus is… read more »
-
Oct 5, 2020
“First we thought the PC was a calculator. Then we found out how to turn numbers into letters with ASCII — and we thought it was a typewriter. Then we discovered graphics, and we thought it was a television. With… read more »
-
Oct 2, 2020
“It takes 20 years to build a reputation and few minutes of cyber-incident to ruin it.” — Stephane Nappo Windows Subsystem for Linux 2 bypasses the Windows 10 Firewall The Windows Subsystem for Linux 2 will bypass the Windows 10… read more »
-
Sep 30, 2020
“Privacy means people know what they’re signing up for, in plain language, and repeatedly. I believe people are smart. Some people want to share more than other people do. Ask them.” – Steve Jobs
… read more »
-
Sep 28, 2020
“We've arranged a civilization in which most crucial elements profoundly depend on science and technology.” - Carl Sagan
… read more »
-
Sep 27, 2020
Yes, the title is an hommage to the science fiction short story by British author Arthur C. Clarke, which was used as a starting point for the 1968 novel and film ”2001: A Space Odyssey”. This new LP is set… read more »
-
Sep 21, 2020
CloudBrute is a multiple platform tool that finds and enumerates a target company’s cloud infrastructure, files, open buckets, applications, and databases hosted on top cloud providers (Amazon, Google, Microsoft, DigitalOcean, Alibaba, Vultr, Linode), and possibly applications behind proxy servers. The tool [1], developed in GO by security researcher… read more »
-
Sep 17, 2020
Mimikatz' developer Benjamin Delpy, has updated the latest version of the well-known tool to exploit the ZeroLogon vulnerability. Mimikatz Mimikatz [2] is an open source tool designed to target devices running Windows OS and can run pass-the-hash, pass-the-ticket, kerberoasting, and more. ZeroLogon (CVE-2020-1472) Discovered by Secura's… read more »
-
Sep 14, 2020
Red Commander is a red team C2 infrastructure built in Amazon AWS using Ansible. The tool [1] is developed by Alex Williams, security consultant at GuidePoint Security, and can help pentesters improve their defensive responses but can also be used by adversaries to simulate their attacks.… read more »
-
Sep 11, 2020
At the DEF CON 2020, the security researcher Erik Hunstad has released a new tool that can help users to evade censorship and bypass firewalls to keep services up inside problematic areas of the globe. Domain fronting, the technique of… read more »
-
Sep 9, 2020
The Wall Street Journal has published a post about a company called Anomaly Six LLC, that develop an SDK used by "more than 500 mobile applications". Through that SDK, the company collects location data from users, which it then sells [1]: Anomaly… read more »
-
Sep 7, 2020
In a previous post, I've talked about the idea of go back to record some songs using real instruments.On my new LP ”Singularity”, published on major streaming services today, I've recorded a lot of real instruments in disguise. Indeed, all… read more »
-
Sep 4, 2020
PowerZure is a framework designed to perform reconnaissance and exploitation of the Azure cloud platform, Azure Active Directory, and associated resources. The project [1] is maintained by Ryan Hausknecht, who recently released a new version (2.0) of the framework. The tool is… read more »
-
Sep 2, 2020
Security pentester Jean Maes published a tool on Github called Backdoorplz. Backdoorplz [1] is a portable executable (PE) file that creates a user ("LegitAdmin" with password "Backdoor123!") on a Windows device and adds it to the local administrators group of granting administrator privileges to the user. The command… read more »
-
Aug 31, 2020
In order to perform a correct forensic analysis on a Apple device, a basic knowledge of storage, file allocation methods relevant files paths is always required. So, let’s try to write down some basic information… The HFS+ filesystem The Hierarchical… read more »
-
Aug 28, 2020
"Fish Tank" is the title of my new EP, released last week on all major streaming services. It comes from a set of musical ideas collected during the COVID-19 lockdown occured in Italy in the past months. I lived for… read more »
-
Aug 26, 2020
There are many version of Mimikatz, and today I’d like to share a C# port, “SharpKatz”. SharpKatz has been developed by security researcher b4rtik, and released on Github [1]. The tool implements the Sekurlsa module of Mimikatz used for attacks such… read more »
-
Aug 24, 2020
“We will have more Internet, larger numbers of users, more mobile access, more speed, more things online and more appliances we can control over the Internet.” - Vinton Cerf Primary Indian ticket vendor suffers crippling data breach One of India’s… read more »
-
Aug 21, 2020
A really interesting talk by Szymon Ziolkowski and Tyron Kemp by SensePost, presented at BlackHat USA 2020. During their engagements, researchers found various networks vulnerable to insecure, misconfigured, and often overlooked networking protocols, including dynamic routing protocols (referred to as DRP‘s) and… read more »
-
Aug 19, 2020
The Boeing 747 is one of the best known and most popular airliners of all time. Designed in the 1960s and entered service in 1970, it was the largest airliner in the world in terms of passenger capacity for 37… read more »