-
Feb 22, 2017
A new malware campaign targets Chrome users NeoSmart Technologies recently identified a malicious campaign that spreads through legitimate, but compromised, websites: Today while browsing a (compromised) WordPress site that shall remain unnamed, I came across a very interesting “hack” that was… read more »
-
Feb 22, 2017
You are wrong! Alisson Moretto has published on Github BeeLogger, a really simple-to-use python script that generates a Windows keylogger and sends it using a gmail account: Generate gmail emailing keyloggers to windows on linux, powered by python and compiled by… read more »
-
Feb 21, 2017
“Time to panic? Don’t!” Really useful article published on Emsisoft blog, a base step-by-step guide to remove ransomware. Emsisoft are proud associate partners of No More Ransom, an initiative by the National High Tech Crime Unit of the Netherlands’ police, Europol’s… read more »
-
Feb 20, 2017
You can, with HERCULES! HERCULES is a tool, developed in Go by Ege Balcı, that can generate payloads that elude antivirus software. The tool is useful to generate PoC in order to check the accuracy of various antivirus solutions: the… read more »
-
Feb 17, 2017
A project by Shane Speal, the “king of the Cigar Box Guitar” Do you have a free weekend and do you want to have fun with DIY? On this article on GuitarWorld, Shane Speal proposes a funny project for the construction… read more »
-
Feb 16, 2017
Seriously, are you still using Yahoo email services? Yahoo is warning more of its users that their accounts might have still accessed by unauthorised parties. Yahoo believes that malicious users, using the proprietary code stolen in the recent databreach, can… read more »
-
Feb 16, 2017
A great python script! hashID is a tool written in Python 3 useful to identify the different types of hashes used to encrypt data and passwords. It supports the identification of over 220 unique hash types using regular expressions and it is… read more »
-
Feb 15, 2017
Why using Wireshark? PacketTotal is an online engine for analyzing .pcap files and visualizing the network traffic within, useful for malware analysis and incident response. PacketTotal leverages features of BRO IDS and Suricata to flag malicious/suspicious traffic, display detailed protocol information,… read more »
-
Feb 14, 2017
It can sound like science fiction, but it is possible! (Running in RAM!) And you can do with this script developed by Héctor Martín Cantero: A script to completely take over a running Linux system remotely, allowing you to log into… read more »
-
Feb 13, 2017
A powerful online interactive environment for programming languages By pure chance i came across repl.it, a site that provides a free online IDE for testing more than 30 different programming languages with interesting features for teacher, like the ‘classrooms’: What… read more »
-
Feb 10, 2017
The explanation in an interesting article by James Coote Dear security experts, paladins of incident response who spend your days fighting against phishing campaigns, have you ever wondered how it is made a phishing campaign? This very accurate article by James… read more »
-
Feb 9, 2017
Similar to the well known Heartbleed vulnerability Ticketbleed is a vulnerability (CVE-2016–9244) in the TLS/SSL stack of F5 BIG-IP appliances allowing a remote attacker to extract up to 31 bytes of uninitialized memory at a time, that can potentially contain… read more »
-
Feb 9, 2017
Find out which HTTP requests your website triggers in the background and where they call out to This is not my discovery, but a very useful resource found through a Florian Roth tweet: [embed]https://twitter.com/cyb3rops/status/828581308792176646[/embed] urlscan.io is a service which analyses websites… read more »
-
Feb 8, 2017
If you are a runner that gives up at the first difficulty, here some advice from the “Czech Locomotive” 0. Who was Emil Zátopek? From Wikipedia: Emil Zátopek was a Czechoslovak long-distance runner best known for winning three gold medals at… read more »
-
Feb 7, 2017
Maybe i have reinvented the wheel… …but i think is useful to share this discovery. I recently had the opportunity to analyze an email with attached a link that downloads a suspicious file. From a first analysis, it seemed be a .lnk… read more »
-
Feb 6, 2017
Let’s try to separate fact from fiction If you happen to meet some musician who claims that 432 Hz is “the natural frequency of the Universe”, which this frequency has the power of “attract the masses to the music” and cure… read more »
-
Feb 3, 2017
A great collection of useful tools Paul Cucu has published on Heimdal Security Blog a really good article on malware removal, a useful guided checklist for removal malicious software from PCs: So how do you remove malware? Let’s not waste time… read more »
-
Feb 2, 2017
Patch your CMS Now! Just a very quick post to warn you of a new vulnerability discovered by Sucuri on Wordpress. The vulnerability could be exploited by an unauthenticated attacker to inject malicious content, to modify posts, pages and any other… read more »
-
Feb 2, 2017
Pretty simple: verify your backups! GitLab.com is in crisis after experiencing a severe data loss caused by human errors and ineffectual backups. What happened? On Tuesday evening, one database experience a severe performance degradation, and the sysadmin tries to start an… read more »
-
Feb 1, 2017
…and lets hackers turn your router into a botnet! Trustwave has disclosed a flaw that affects Netgears routers. As the security researcher Simon Kenin explains, the vulnerability allows attackers to exploit the router’s password recovery system to bypass authentication and gain… read more »