-
Jul 4, 2019
Yes, the answer is 42! :-) During analysis of a compromised Windows virtual machine, recently I've faced with a VmWare disk containing a SFS partition (id 42): # fdisk -l DISK1-flat.vmdk Disk DISK1-flat.vmdk: 200 GiB, 214748364800 bytes, 419430400 sectors Units:… read more »
-
Jul 1, 2019
Big changes in Apple, and some issue for the NASA... Privacy It’s the middle of the night. Do you know who your iPhone is talking to? Apple says, “What happens on your iPhone stays on your iPhone.” Our privacy experiment… read more »
-
Jun 26, 2019
I've already talked about my GNU/Linux workstations: my setup is often minimal and without graphical facilities. However, some facilities can be replicated without graphical tools and with a very small footprint on the system. For example, on my setup i've… read more »
-
Jun 24, 2019
What's the most important news? Facebook's Libra or Neon Genesis Evangelion on Netflix? Cybersecurity Malware sidesteps Google permissions policy with new 2FA bypass technique When Google restricted the use of SMS and Call Log permissions in Android apps in March… read more »
-
Jun 21, 2019
Jeux interdits, is a 1952 French war drama film directed by René Clément and based on François Boyer's novel. While not initially successful in France, the film was a hit elsewhere. It won the Golden Lion at the Venice Film… read more »
-
Jun 19, 2019
The starting idea comes from a colleague that asked me: "Is it possibile routing all system traffic thougth TOR, using it as a sort of VPN?". Yes, It's possible, using a specific feature of Tor. Tor has support for transparent… read more »
-
Jun 17, 2019
This week I want to launch a new section in my Weekly Roundup: "INBOX" will contain my answers to questions and suggestions from readers, which I receive frequently, also via email and social media. INBOX A new incident response tool… read more »
-
Jun 14, 2019
Ten ukulele arrangements of famous classical pieces, with fingering and tabs. In the musical field, I was born as a classical guitarist and, after my academic studies, I dedicated myself to other instruments, including my beloved ukulele. So, classical music… read more »
-
Jun 12, 2019
During a forensic investigation, Windows Event Logs are the primary source of evidence.Windows Event Log analysis can help an investigator draw a timeline based on the logging information and the discovered artifacts, but a deep knowledge of events IDs is… read more »
-
Jun 10, 2019
Another week, another BGP hijack… Privacy Disclosing Tor users' real IP address through 301 HTTP Redirect Cache Poisoning https://vimeo.com/339586722 This blog post describes a practical application of the ‘HTTP 301 Cache Poisoning” attack that can be used by a malicious… read more »
-
Jun 7, 2019
A great classic, often used in gigs and weddings. Johann Sebastian Bach wrote his Cello Suite no. 1 around 1720, though the work was not published until 1825.It is a work in seven movements, and the Prelude, mainly consisting of… read more »
-
Jun 5, 2019
A new fingerprinting technique, developed by a team of University of Cambridge, allows websites to uniquely identify a phone, based on data from the accelerometer, gyroscope, and magnetometer sensors. Usually web browser provides a range of information to the website,… read more »
-
Jun 3, 2019
What happened last week? Some vulnerabilities, a couple of science news, Good Omens for Amazon, and Bad Omens for ProtonMail Cybersecurity Reverse Engineering of a Not-so-Secure IoT Device The ‘Internet of Things’ is coming! It started as an overused marketing… read more »
-
May 31, 2019
A delightful guitar study by Ferdinando Carulli. This Andante in A minor by Ferdinando Carulli is part of the composer's "Méthode complète pour parvenir à pincer la guitare", Op. 241, first published in Paris around 1825. The piece has an… read more »
-
May 29, 2019
Recently i've worked on a cybersecurity incident that involved the use of Silver Tickets on Kerberos. I think may be useful a brief recap about this attack technique. What is Kerberos? Kerberos authentication is currently the default authorization technology used… read more »
-
May 27, 2019
Trump's ban for Huawei, and towel day! Cybersecurity PoC Exploit For Unpatched Windows 10 Zero-Day Flaw Published Online An anonymous hacker with an online alias "SandboxEscaper" today released proof-of-concept (PoC) exploit code for a new zero-day vulnerability affecting Windows 10… read more »
-
May 25, 2019
Happy Towel Day 2019! Towel Day is a tribute to Douglas Adams and takes place on May 25th, two weeks after Adams' death on May 11, 2001. During the Towel Day fans of Adams carry around a towel all day,… read more »
-
May 22, 2019
Some months ago i've written a post about keyloggers (because "during a malware analysis process is useful to know how a keylogger works"), where I've shared a simple Windows keylogger written in Python. Today I want to share another example,… read more »
-
May 20, 2019
Last week? A lot of new vulnerabilities in the wild! Privacy Google is using your Gmail account to track your purchases Do you think your email on Gmail is private? If so, you may want to think again, as your Gmail… read more »
-
May 17, 2019
This time the song is not simple: I hope that my transcription will be useful! Born in 1900, Pennsylvania, Roy Smeck was a virtuoso ukulele performer. Smeck had an incredible technique, and a great entertain attitude. He applies a lot… read more »