Latest Security News
-
Malicious npm packages target Ethereum developers
-
Malicious npm packages target Ethereum developers, impersonating Hardhat
plugins to steal private keys and sensitive data. Hardhat, by the Nomic
Foundation...
7 hours ago
-
New FireScam Android data-theft malware poses as Telegram Premium app
-
A new Android malware named 'FireScam' is being distributed as a premium
version of the Telegram app via phishing websites on GitHub that mimick the
RuStor...
15 hours ago
-
Friday Squid Blogging: Anniversary Post
-
I made my first squid post nineteen years ago this week. Between then and
now, I posted something about squid every week (with maybe only a few
exception...
1 day ago
-
Looking ahead to 2025 with HIMSS Media, part 1
-
Enterprise Taxonomy:
Population and Public Health
Finance
Analytics
AI
Cybersecurity and Privacy
Strategic Planning
Care
Business
Data and Information
Org...
1 day ago
-
What Are Koobface Botnet Masters Leded (Ded Mazai) and Anton Nikolaevich
Korotchenko (Антон Николаевич Коротченко) Koobface Botnet Master KrotReal
Up To?
-
Dear blog readers,
In this post I'll post some recent actionable intelligence on the Koobface
botnet's master Leded (Ded Mazai) and Anton Nikolaevich Kor...
3 days ago
-
Overview of Content Published in December
-
Here is an overview of content I published in December: Blog posts: Update:
1768.py Version 0.0.22 Update: oledump.py Version 0.0.78 SANS ISC Diary
entries...
3 days ago
-
U.S. Army Soldier Arrested in AT&T, Verizon Extortions
-
Federal authorities have arrested and indicted a 20-year-old U.S. Army
soldier on suspicion of being Kiberphant0m, a cybercriminal who has been
selling and...
5 days ago
-
הגליון המאה שישים ותשעה של DigitalWhisper שוחרר!
-
הגליון המאה שישים ותשעה של DigitalWhisper שוחרר!פורסם ב- December 29, 2024
22:29:13, על ידי- cp77fk4r
ברוכים הבאים לדברי הפתיחה של הגליון ה-169 של Digi...
6 days ago
-
Cybersecurity trends in 2025 | Kaspersky official blog
-
How to guard against new threats in 2025: seven resolutions to boost
cybersecurity
1 week ago
-
Andrew Hay’s 2025 Cybersecurity Predictions
-
As we approach 2025, the ever-evolving landscape of cybersecurity continues
to challenge professionals and organizations alike. Based on observed
trends an...
3 weeks ago
-
Recommended: Is Security Analytics the key to High-Fidelity, Context-Rich
Alerts?
-
I recommended Is Security Analytics the key to High-Fidelity, Context-Rich
Alerts? on TysonRhame.
About me: http://www.chuvakin.org
4 weeks ago
-
North Korean hackers posing as IT workers steal over $1B in cyberattack
-
North Korean hackers posing as IT workers steal over $1B in cyberattack
l33tdawg Fri, 11/29/2024 - 10:31
5 weeks ago
-
What Are Normal Users Supposed to Do with IDS Alerts from Network Gear?
-
Probably once a week, I see posts like this in the r/Ubiquiti subreddit.
Ubiquiti makes network gear that includes an "IDS/IPS" feature. I own some
older U...
2 months ago
-
SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From
Attacks And Exploits
-
SafeLine is a self-hosted *WAF(Web Application Firewall)* to protect your
web apps from attacks and exploits.
A web application firewall helps protect w...
3 months ago
-
What to Do With Products Without SSO?
-
First, let’s get this out of the way: SaaS vendors that lock Single Sign-On
(SSO) behind enterprise-only plans are disadvantaging their customers and
the i...
3 months ago
-
Eye care company suffers 377K-record data breach
-
Panorama Eyecare, a Fort… read more
6 months ago
-
-
זמין מיידית לעבודה חדשה
-
שלום למבקרים באתר, אני זמין כעת מיידית לעבודה חדשה, כשכיר או כעצמאי, כמובן
בתחום אבטחת המידע. אפשר למצוא פרטים מקצועיים נוספים אודותיי וגם ליצור אתי
קשר ...
1 year ago
-
What a lovely sunset
-
Oh, hi. Long time no blog, eh?
Well, it is time to sunset this blog, I will be deleting it in the next few
weeks.
So long, and thanks for all the fis...
1 year ago
-
Simple PHP webshell with php filter chains
-
Recently found an LFI in a PHP application and one of the cool things I
learned about recently was PHP filter chains. More info here:
https://www.synacktiv...
1 year ago
-
A Scam in the Family—How a Close Relative Lost $100,000 to an Elder Scam
-
Written by James Schmidt Editor’s Note: We often speak of online scams in
our blogs, ones that cost victims hundreds...
The post A Scam in the Family—Ho...
1 year ago
-
Symantec Identity: Stepping Up to Meet the COVID-19 Crisis
-
COVID-19 confronted healthcare providers and governments with unprecedented
requests for access, aid, and assistance. Here’s how one team at Symantec
is ri...
4 years ago
-
SSRFing External Service Interaction and Out of Band Resource Load
(Hacker's Edition)
-
In the recent past we encountered two relativly new type of Attacks.
External Service Interaction (ESI) and Out-of-band resource loads (OfBRL).
1. An ...
4 years ago
-
Getting DNS Client Cached Entries with CIM/WMI
-
What is DNS Cache The DNS cache maintains a database of recent DNS
resolution in memory. This allows for faster resolution of hosts that have
been queried ...
4 years ago
-
How Reverse Engineering (and Cyber-Criminals’ Mistakes) Can Help You When
You’ve Been a Ransomware Victim
-
Ransomware is a type of malware that threatens to publish the victim’s data
or perpetually block access to it unless a ransom is paid. In the last two
year...
5 years ago
-
-
Random CSO Musing
-
One of the biggest challenges of running a security organization is
balancing the ongoing efforts, with strategic directions, all while keeping
the “pressu...
6 years ago
-
Lucky Break
-
One of the things I do from time to time is throw out an open ended
question on Twitter. Sometimes I’m making a point, sometimes I just want
to amuse myse...
6 years ago
-
Indonesian Spam Communities
-
In our last post we tried to shed some light at what seemed to appear as a
very common PayPal phishing email at first glance, but evidently turned out
to b...
6 years ago
-
TekThing 161 – Bitcoin Sucks For Gaming PCs!!! Our Video Gear, Fingbox Home
Network Security
-
—— Thank You Patrons! Without your support via patreon.com/tekthing, we
wouldn’t be able to make the show for you every week!
https://www.patreon.com/tekth...
6 years ago
-
Romania is vice-champion at the European Cyber Security
-
CERT-RO The National Response Center for Cyber Security Incidents affirmed
on Friday that Romania, for the second consecutive year, has become the
European...
7 years ago
-
CoalaBot : http Ddos Bot
-
CoalaBot appears to be build on August Stealer code (Panel and Traffic are
really alike)
I found it spread as a tasks in a Betabot and in an Andromeda sp...
7 years ago
-
Social-Engineer Toolkit (SET) v7.7 “Blackout” Released
-
TrustedSec is proud to announce a major release of the Social-Engineer
Toolkit (SET) v7.7. This version incorporates support for hostnames in the
HTA att...
7 years ago
-
Big Changes Around the Corner for the IoT
-
The IoT is transforming before our eyes due to increasing regulations,
growing demand for security standards and advancements in the telecom
industry.
T...
7 years ago
-
ClearEnergy ransomware can destroy process automation logics in critical
infrastructure, SCADA and industrial control systems.
-
Schneider Electric, Allen-Bradley, General Electric (GE) and more vendors
are vulnerable to ClearEnergy ransomware. Researchers at CRITIFENCE®
Critical I...
7 years ago
-
ROOTCON 10 Capture The Flag Statistics
-
During ROOTCON 10, we introduced a new dedicated track for our Capture The
Flag, with the comfortable CTF tables and chairs the game was well
participated ...
8 years ago
-
קיר הבושה: מחצית ראשונה של שנת 2016 - מגמות בפגיעה במידע רפואי בארה"ב
-
תרגום מאמר :
http://www.healthcareinfosecurity.com/wall-shame-mid-year-2016-breach-trends-a-9245
שני דברים שאני, יאיר, לוקח מהמאמר הזה כלקחים נכון להיום:1....
8 years ago
-
The ‘Compliance Only / CISSP / Minimum Viable Product / HR firewall’
infosec trapezoid of fuck
-
Yesterday (thurs, 3/24/16) I went on a tirade on twitter, regarding an
experience I had in San Francisco during RSA week, while at a vendor party.
I’ll let...
8 years ago
-
Citadel 0.0.1.1 (Atmos)
-
Guys of JPCERT, 有難う御座います!
Released an update to their Citadel decrypter to make it compatible with
0.0.1.1 sample.
Citadel 0.0.1.1 don't have a lot of do...
8 years ago
-
Dridex Down Under
-
Raytheon | Websense® Security Labs™ has been tracking malicious email
campaigns associated with the Dridex banking Trojan since 2014. An
interesting deve...
9 years ago
-
[Updated] Nurturing JavaScript Obfuscation and Fast Flux DNS - "Whats App
Voicemail Spamming" for Russian Online Pharmacies!
-
Recently, we analyzed that spammers are doing "Whats App Fake Voicemail"
spamming to trick end-users to visit online pharmacies' websites. There are
high...
9 years ago
-
What Verizon Missed in the Latest Threat Reports
-
* By: Zuk Avraham, Joshua Drake, Yaniv Karta, Jimmy Sha *
* Read the full report - here Recently, Veriz...
9 years ago
-
Forensic
-
אחת מהבעיות העיקריות בביצוע תהליך FORENSIC הוא לאחר ביצוע תהליך שיכפול ה -
Harddisk (על פי כל התקנים של שיכפול ביט אחרי ביט), היא לבצע מחקר על *מחשב
חי...
9 years ago
-
Blog Moved
-
Please see the Trustwave SpiderLabs Blog.
9 years ago
-
TrustKeeper Scan Engine Update – February 4, 2015
-
The latest update to the TrustKeeper scan engine that powers our Trustwave
Vulnerability Management product (including both internal and external
vulnerabi...
9 years ago
-
RSA Announces End of RSA Security Conference
-
Aims to bring clarity to cloudy marketing messages through exhibit hall
chotskies Bedford, MA., – April 1, 2014 – RSA, the security division of
EMC, today ...
10 years ago
-
botCloud – an emerging platform for cyber-attacks
-
Hosting network services on Cloud platforms is getting more and more
popular. It is not in the scope of this article to elaborate the advantage
of using Cl...
12 years ago
-
mimikatz: Tool To Recover Cleartext Passwords From Lsass
-
I meant to blog about this a while ago, but never got round to it. Here’s a
brief post about very cool feature of a tool called mimikatz. I’m very
grateful...
13 years ago
-
Pentestify.
-
i’m over here now.
13 years ago
-
-
-
-
-
-
-
-
-
