-
May 1, 2017
“What is it, and how does it work?” A funny explanation of linux kernel, made with a comic by Consolia. https://consolia-comic.com/comics/kernel I think more developers should know how the linux kernel works. Regarding it as a black box only gets you… read more »
-
Apr 28, 2017
BGP Hijacking is an actual problem that we need to solve Yesterday i have read a brief but interesting article about BGP Hijacking written by Johannes B. Ullrich, published on SANS ISC InfoSec Forum. About BGP Hijacking i have already written… read more »
-
Apr 27, 2017
If you need to generate your own rules starting from recovered evidences YARA is a tool aimed at helping malware researchers to identify and classify malware samples. Basically, write some antivirus signatures (or essentially regular expressions) and it can search… read more »
-
Apr 26, 2017
Keep your eyes (and ears) open! Is it really possible to buy a non-original guitar? Yes! Furthermore it can happens in unexpected places like a used instruments store, as shown by these two videos made by Kennis Russell: [embed]https://www.youtube.com/watch?v=q-W3b3d4sz0[/embed] [embed]https://www.youtube.com/watch?v=t4QdOJ1B_kI[/embed] In… read more »
-
Apr 24, 2017
A script for dumping Linux memory and creating Volatility profiles I have already written something about dump of volatile memory on Linux systems.Recently i have discovered this useful script developed by Hal Pomeranz, that automate all steps required to perform… read more »
-
Apr 21, 2017
A really useful free training course ENISA (European Union Agency for Network and Information Security) is a centre of expertise for cyber security in Europe, with main mission of contribute to securing Europe’s information society by raising “awareness of network and… read more »
-
Apr 20, 2017
Useful to extract files from inside disk and memory images File carving is the process of reassembling computer files from fragments in the absence of filesystem metadata. This is done by analyzing the raw data and identifying what it is… read more »
-
Apr 19, 2017
In the last months, Apache Struts was afflicted by some serious 0-Day vulnerabilities, that allows remote code execution on unpatched hosts Every security expert trembles with fear when he reads “RCE” (Remote Code Execution) on a disclosure document, and read… read more »
-
Apr 18, 2017
The vulnerability affects Chrome, Firefox and Opera The security researcher Xudong Zheng has discovered a new technique for phishing attacks: using an homograph attack, Zheng discovers that is possible to display a fake domain names as the websites of legitimate services,… read more »
-
Apr 17, 2017
Just for fun!
Do you need a simple portscanner? Make it with a single line of Perl!
[embed]https://gist.github.com/andreafortuna/ab386f11d12d5305c069193f6680b25a[/embed]
Thats it! :-)
… read more »
-
Apr 14, 2017
…turn off your Windows computers for the weekend and go enjoy the nice weather! UPDATE: Microsoft response that exploits were patched in the last month update: Most of the exploits that were disclosed fall into vulnerabilities that are already patched in… read more »
-
Apr 14, 2017
Using the “Nmap Scripting Engine” I don’t think I need to explain what is Nmap: probably the most famous and used portscanner in the known universe. Nmap has a lot of feature, and one of them is a built-in… read more »
-
Apr 12, 2017
However, Microsoft has pached the vulnerability, so…update! On unpatched systems, the vulnerability is triggered by opening a document that opens a download warning, followed by a download from a malicious server that sends a dangerous document: The document is a… read more »
-
Apr 11, 2017
The attack might be trying to kill devices before they can join a botnet The security firm Radware has isolated, on their honeypots, two variants of a new bot attack targeting Internet of Things devices. Named BrickerBot, the bot gains access… read more »
-
Apr 10, 2017
Penetration tests on a very big network? APT2 can help you! A penetration test usually begins with a perimetral scan (es. using NMAP), after continues with a testing for services (and their default passwords).Finally performs testing of known exploits and if… read more »
-
Apr 7, 2017
Also in user-land Like Mimikittens, PowerMemory uses PowerShell to access Windows memory in user-land and extracts the credentials stored in ram: The method is totally new. It proves that it can be extremely easy to get credentials or any other… read more »
-
Apr 6, 2017
Security patch available only for Nexus & iOS A stack buffer overflow issue that affects all devices using Broadcom’s Wi-Fi stack was discovered by Google’s Project Zero researcher Gal Beniamini. The flaw affects Apple devices and also all android devices using… read more »
-
Apr 5, 2017
Some graphical tools and two command line tips I’ve had to search the occurrency of a string within some very large text files, as result of a “file carving” made with Autopsy. Usually on Windows I use Notepad ++, that provides… read more »
-
Apr 3, 2017
My own list Another (brief) list of OSINT sources, this time focused on fact checking services. Fact-Check Investigate (an issue) in order to verify the facts. ‘I didn’t fact-check the assertions in the editorial’ ‘reporters can’t be expected to fact-check every quotation’… read more »
-
Mar 30, 2017
You are insane! TrendMicro on its blog has published an article about a new 0-Day vulnerability that affects the WebDAV component of Microsoft Internet Information Services 6.0. The vulnerability ( CVE-2017–7269) is a bufferoverflow located into the webdav components of IIS:… read more »