-
Mar 7, 2017
Theoretically invisible to standard anti-malware defenses. Cisco’s Talos threat research group has recently discovered a new kind of RAT (Remote Access Trojan), called DNSMessenger. DNSMessenger is completely fileless, it works only in memory and don’t save data on filestystem. Furthermore it… read more »
-
Mar 6, 2017
What can go wrong in the BitTorrent protocol once SHA1 collisions become reality? A few days after the disclosure of SHAttered, it begins to pop up some ‘practical’ use of SHA1 collisions: The BitErrant attack is a fun little exploit that… read more »
-
Mar 3, 2017
Which editor is used by real programmers?
XKCD tries to answer:
https://xkcd.com/378/
Emacs, Nano, Vim, ed, cat or…butterflies?
(Found on nixCraft’s twitter stream)
… read more »
-
Mar 2, 2017
An interesting video by TED-Ed About the daily practice related to the music I already released a nice video of Tatyana Ryzhkova. In this video Annie Bosler and Don Greene instead explain how practice affects the inner workings of our brains:… read more »
-
Mar 1, 2017
With a lot of important guests! Frank Vincent Zappa (December 21, 1940 — December 4, 1993) was an American musician, composer, songwriter, producer, guitarist, actor, and filmmaker whose work was characterized by nonconformity, free-form improvisation, sound experiments, musical virtuosity, and satire of… read more »
-
Feb 28, 2017
A web application that gives users specific recommendations for securing their computers, smartphones and tablets Stethoscope was developed by Netflix as part of its “User Focused Security” approach, which is based on the theory that it is better to provide employees… read more »
-
Feb 27, 2017
Do we bet that such technique will appear in the next season of Mr. Robot? A team of researchers of the Cyber Security Research Center at Ben-Gurion University of the Negev in Israel have disclosed a new technique that can be… read more »
-
Feb 24, 2017
“We have broken SHA-1 in practice.” SHA-1 was introduced in 1995 and, in 2015, researchers disclosed a method that lowered the cost of an SHA-1 collision to $75,000-$120,000 using Amazon’s EC2 cloud over a period of a few months. Despite… read more »
-
Feb 23, 2017
By now is pretty obvious my respect towards Tatyana Ryzhkova The talented Tatyana Ryzhkova has recently published a new video on her Youtube channel where provides five suggestions for daily practice. In short, the tips are the following: Set concrete goals… read more »
-
Feb 22, 2017
A new malware campaign targets Chrome users NeoSmart Technologies recently identified a malicious campaign that spreads through legitimate, but compromised, websites: Today while browsing a (compromised) WordPress site that shall remain unnamed, I came across a very interesting “hack” that was… read more »
-
Feb 22, 2017
You are wrong! Alisson Moretto has published on Github BeeLogger, a really simple-to-use python script that generates a Windows keylogger and sends it using a gmail account: Generate gmail emailing keyloggers to windows on linux, powered by python and compiled by… read more »
-
Feb 21, 2017
“Time to panic? Don’t!” Really useful article published on Emsisoft blog, a base step-by-step guide to remove ransomware. Emsisoft are proud associate partners of No More Ransom, an initiative by the National High Tech Crime Unit of the Netherlands’ police, Europol’s… read more »
-
Feb 20, 2017
You can, with HERCULES! HERCULES is a tool, developed in Go by Ege Balcı, that can generate payloads that elude antivirus software. The tool is useful to generate PoC in order to check the accuracy of various antivirus solutions: the… read more »
-
Feb 17, 2017
A project by Shane Speal, the “king of the Cigar Box Guitar” Do you have a free weekend and do you want to have fun with DIY? On this article on GuitarWorld, Shane Speal proposes a funny project for the construction… read more »
-
Feb 16, 2017
Seriously, are you still using Yahoo email services? Yahoo is warning more of its users that their accounts might have still accessed by unauthorised parties. Yahoo believes that malicious users, using the proprietary code stolen in the recent databreach, can… read more »
-
Feb 16, 2017
A great python script! hashID is a tool written in Python 3 useful to identify the different types of hashes used to encrypt data and passwords. It supports the identification of over 220 unique hash types using regular expressions and it is… read more »
-
Feb 15, 2017
Why using Wireshark? PacketTotal is an online engine for analyzing .pcap files and visualizing the network traffic within, useful for malware analysis and incident response. PacketTotal leverages features of BRO IDS and Suricata to flag malicious/suspicious traffic, display detailed protocol information,… read more »
-
Feb 14, 2017
It can sound like science fiction, but it is possible! (Running in RAM!) And you can do with this script developed by Héctor Martín Cantero: A script to completely take over a running Linux system remotely, allowing you to log into… read more »
-
Feb 13, 2017
A powerful online interactive environment for programming languages By pure chance i came across repl.it, a site that provides a free online IDE for testing more than 30 different programming languages with interesting features for teacher, like the ‘classrooms’: What… read more »
-
Feb 10, 2017
The explanation in an interesting article by James Coote Dear security experts, paladins of incident response who spend your days fighting against phishing campaigns, have you ever wondered how it is made a phishing campaign? This very accurate article by James… read more »