-
Feb 9, 2017
Similar to the well known Heartbleed vulnerability Ticketbleed is a vulnerability (CVE-2016–9244) in the TLS/SSL stack of F5 BIG-IP appliances allowing a remote attacker to extract up to 31 bytes of uninitialized memory at a time, that can potentially contain… read more »
-
Feb 9, 2017
Find out which HTTP requests your website triggers in the background and where they call out to This is not my discovery, but a very useful resource found through a Florian Roth tweet: [embed]https://twitter.com/cyb3rops/status/828581308792176646[/embed] urlscan.io is a service which analyses websites… read more »
-
Feb 8, 2017
If you are a runner that gives up at the first difficulty, here some advice from the “Czech Locomotive” 0. Who was Emil Zátopek? From Wikipedia: Emil Zátopek was a Czechoslovak long-distance runner best known for winning three gold medals at… read more »
-
Feb 7, 2017
Maybe i have reinvented the wheel… …but i think is useful to share this discovery. I recently had the opportunity to analyze an email with attached a link that downloads a suspicious file. From a first analysis, it seemed be a .lnk… read more »
-
Feb 6, 2017
Let’s try to separate fact from fiction If you happen to meet some musician who claims that 432 Hz is “the natural frequency of the Universe”, which this frequency has the power of “attract the masses to the music” and cure… read more »
-
Feb 3, 2017
A great collection of useful tools Paul Cucu has published on Heimdal Security Blog a really good article on malware removal, a useful guided checklist for removal malicious software from PCs: So how do you remove malware? Let’s not waste time… read more »
-
Feb 2, 2017
Patch your CMS Now! Just a very quick post to warn you of a new vulnerability discovered by Sucuri on Wordpress. The vulnerability could be exploited by an unauthenticated attacker to inject malicious content, to modify posts, pages and any other… read more »
-
Feb 2, 2017
Pretty simple: verify your backups! GitLab.com is in crisis after experiencing a severe data loss caused by human errors and ineffectual backups. What happened? On Tuesday evening, one database experience a severe performance degradation, and the sysadmin tries to start an… read more »
-
Feb 1, 2017
…and lets hackers turn your router into a botnet! Trustwave has disclosed a flaw that affects Netgears routers. As the security researcher Simon Kenin explains, the vulnerability allows attackers to exploit the router’s password recovery system to bypass authentication and gain… read more »
-
Jan 31, 2017
The vulnerability was disclosed last week Vulnerability researchers of Context has discovered a flaw in Samsung’s Galaxy S4, S4 Mini, S5 and Note 4 smartphones that could be exploited by remote attackers to reboot targeted devices. The security hole, already patched… read more »
-
Jan 30, 2017
“Sor played without nails. He generally used only the thumb, index and middle fingers.” I think that the blog of Rob MacKillop is inspiring and very useful. His research on the guitar technique is very interesting, especially regarding the use… read more »
-
Jan 27, 2017
My advice? Check often for updates! On January, 21 the security researcher Tavis Ormandy from Google Project Zero has disclosed a vulnerability the Webex Chrome extension that allows remote execution of commands on any computer with the extension installed (about 20… read more »
-
Jan 26, 2017
Hack like Mr. Robot, with Arduino! MalDuino is an Arduino-powered USB device which emulates a keyboard and has keystroke injection capabilities. MalDuino is an arduino-powered USB device which has keyboard injection capabilities. Once plugged in, MalDuino acts as a keyboard, typing… read more »
-
Jan 25, 2017
It seems possible: let’s analyze a recently published research Really interesting article by Martin Wagner about a technique that allows account hijacking on Whatsapp using the web interface of this messaging service. Whatsapp accounts are based on phone numbers. This… read more »
-
Jan 24, 2017
“Invest in yourself and try new things this year!” This article from Dan Musselman is very inspiring for me. 6 useful tips to be a more creative musician, 6 good propositions for 2017: As a musician, few things are more important… read more »
-
Jan 23, 2017
Free protection for freedom of speech Recently, DDoS attacks have become also a tool to silence independent journalists, small media and activist websites: also an attacker without much experience is now able to launch an attack that can take many small… read more »
-
Jan 20, 2017
“Uncovering the Inner Workings of EyePyramid”, from TrendMicro (…and a small gift for Italian readers) About EyePyramid I have already wrote something, bringing mainly analyzes conducted by researchers much more prepared than me. :-) But now I need to talk again about… read more »
-
Jan 19, 2017
“I need sugar to write good code!”
Funny strip from Commitstrip: how many calories do you need a day to write good code?
from http://www.commitstrip.com/en/2017/01/17/how-many-calories-do-you-need-a-day-to-write-good-code/
… read more »
-
Jan 18, 2017
A python script that reconstruct filesystem structures and recover files on NTFS filesystems RecuperaBit is a python script developed by Andrea Lazzarotto useful for attempting to reconstruct a corrupted NTFS filesystem. RecuperaBit attempts reconstruction of the directory structure regardless of:… read more »
-
Jan 17, 2017
A completely open-source mobile phone that you can assemble for 50$ You care about your privacy? You do not trust the manufacturers of smartphones and the backdoors that can be inserted into the firmware? You fear being intercepted? With just $50… read more »