-
Mar 20, 2017
The vulnerability is still unpatched Cisco has published an advisory concerning a vulnerability in its product, discovered while analyzing the “Vault 7” documentation published by Wikileaks last week. The vulnerability affects the Cluster Management Protocol in Cisco IOS and Cisco… read more »
-
Mar 20, 2017
A constantly updated list of OSINT Sources I continue the publication of my lists of OSINT sources, this time with a list focused on social networks public data. Twitter AllMyTweets View all tweets from any Twitter user on one page.… read more »
-
Mar 17, 2017
One of the most important guitarists of the 19th century A very interesting article of Daniel Nistico on Classical Guitar N Stuff, that made me discover Sidney Pratten and her method book: “Guitar School”. Catharina Josepha Pratten (1821–1895) was one of… read more »
-
Mar 16, 2017
All the informations are online, you just need to know how to find them In a previous post, we discovered the real power of OSINT sources, now let’s start to see some helpful links from my personal list. Today the focus… read more »
-
Mar 15, 2017
“A good rule of the Internet is to never tell 4chan something is impossible.” What happened between Shia LaBeouf and some users of 4chan? The news now is fairly well known, but I try to summarize the main points of… read more »
-
Mar 14, 2017
Validate compiler/linker settings and other security-relevant binary characteristics BinSkim is one of the tools released by Microsoft with Open Source license. Is a binary static analysis tool that scans Windows Portable Executable (PE) files in order to validate compiler/linker settings… read more »
-
Mar 13, 2017
Really simple tool, but very effective! Infoga is a python script that allows gathering email information with Google, Bing, and Shodan: Infoga is a tool for gathering e-mail accounts information from different public sources (search engines, pgp key servers). Is… read more »
-
Mar 9, 2017
Upgrade now, some attacks are already in progress! Another serious vulnerability was discovered in Apache Struts 2. Affected versions Apache Struts 2.3.5–2.3.31 Apache Struts 2.5–2.5.10 The vulnerability The vulnerability (CVE-2017–5638), firstly reported by the security researcher Nike Zheng, is a… read more »
-
Mar 9, 2017
“Seriously? Are you still using VBA?” Do you think that Visual Basic for Applications is ugly, slow, cumbersome, old and confusing? Well … I agree with you! But if you need to create a macro in Excel for IP lookup in a… read more »
-
Mar 8, 2017
CIA hackers are targeting smartphones, computers, Smart TV, and… cars? Yesterday, WikiLeaks published thousands leaked internal CIA documents. https://xkcd.com/1808/ The leak, dubbed “Vault 7”, is claimed to be “the largest ever publication of confidential documents on the agency” [embed]https://wikileaks.org/ciav7p1/[/embed] The first documents… read more »
-
Mar 8, 2017
Some useful tips from Flashpoint Chris Camacho and Pierre Lamy from Flashpoint have published and interesting article on corporate blog titled “Best Practices for Addressing Four Common Threats”. As cyber threat actors strive to acquire increasingly advanced skills and develop… read more »
-
Mar 7, 2017
Theoretically invisible to standard anti-malware defenses. Cisco’s Talos threat research group has recently discovered a new kind of RAT (Remote Access Trojan), called DNSMessenger. DNSMessenger is completely fileless, it works only in memory and don’t save data on filestystem. Furthermore it… read more »
-
Mar 6, 2017
What can go wrong in the BitTorrent protocol once SHA1 collisions become reality? A few days after the disclosure of SHAttered, it begins to pop up some ‘practical’ use of SHA1 collisions: The BitErrant attack is a fun little exploit that… read more »
-
Mar 3, 2017
Which editor is used by real programmers?
XKCD tries to answer:
https://xkcd.com/378/
Emacs, Nano, Vim, ed, cat or…butterflies?
(Found on nixCraft’s twitter stream)
… read more »
-
Mar 2, 2017
An interesting video by TED-Ed About the daily practice related to the music I already released a nice video of Tatyana Ryzhkova. In this video Annie Bosler and Don Greene instead explain how practice affects the inner workings of our brains:… read more »
-
Mar 1, 2017
With a lot of important guests! Frank Vincent Zappa (December 21, 1940 — December 4, 1993) was an American musician, composer, songwriter, producer, guitarist, actor, and filmmaker whose work was characterized by nonconformity, free-form improvisation, sound experiments, musical virtuosity, and satire of… read more »
-
Feb 28, 2017
A web application that gives users specific recommendations for securing their computers, smartphones and tablets Stethoscope was developed by Netflix as part of its “User Focused Security” approach, which is based on the theory that it is better to provide employees… read more »
-
Feb 27, 2017
Do we bet that such technique will appear in the next season of Mr. Robot? A team of researchers of the Cyber Security Research Center at Ben-Gurion University of the Negev in Israel have disclosed a new technique that can be… read more »
-
Feb 24, 2017
“We have broken SHA-1 in practice.” SHA-1 was introduced in 1995 and, in 2015, researchers disclosed a method that lowered the cost of an SHA-1 collision to $75,000-$120,000 using Amazon’s EC2 cloud over a period of a few months. Despite… read more »
-
Feb 23, 2017
By now is pretty obvious my respect towards Tatyana Ryzhkova The talented Tatyana Ryzhkova has recently published a new video on her Youtube channel where provides five suggestions for daily practice. In short, the tips are the following: Set concrete goals… read more »