Latest Security News
-
Good Essay on the History of Bad Password Policies
-
Stuart Schechter makes some good points on the history of bad password
policies:
Morris and Thompson’s work brought much-needed data to highlight a probl...
1 hour ago
-
U.S. CISA adds Palo Alto Networks Expedition bugs to its Known Exploited
Vulnerabilities catalog
-
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Palo Alto
Networks Expedition bugs to its Known Exploited Vulnerabilities catalog.
The U....
3 hours ago
-
An Interview With the Target & Home Depot Hacker
-
In December 2023, KrebsOnSecurity revealed the real-life identity of
Rescator, the nickname used by a Russian cybercriminal who sold more than
100 million ...
8 hours ago
-
Microsoft just killed the Windows 10 Beta Channel again
-
Five months after reviving it in June, Microsoft has shut down the Windows
10 Beta Channel and will move all enrolled Windows Insiders to the Release
Prev...
13 hours ago
-
CVE-2024-43451 allows stealing NTLMv2 hash | Kaspersky official blog
-
Patch Tuesday, November 2024: CVE-2024-43451, used in real attacks, permits
stealing an NTLMv2 hash with minimal interaction from the victim.
1 day ago
-
ASPR seeks feedback on public health orgs' cybersecurity needs
-
The Joint Public Health Cybersecurity Task Group, the Healthcare and Public
Health Sector Coordinating Council and the Healthcare and Public Health
Secto...
1 day ago
-
North Korean hackers target cryptocurrency with malware
-
North Korean hackers target cryptocurrency with malware l33tdawg Fri,
11/08/2024 - 09:11
1 week ago
-
Yavor Kolev, Bulgaria, The City of Troyan and The Dipshits That Ruled
Everyone and Everything - A True First-Account Personal of Their True Story
-
В момента кой е по прост от циганин? Това сте вие майка ти и циганинът баща
ти. И всички други цигани който вие си мислите че са повече от вас. Дано
успе...
1 week ago
-
Quickpost: The Electric Energy Consumption Of A Wired Doorbell
-
I have a classic wired doorbell at home: the 230V powered transformer
produces 12V on its secondary winding. The circuit on that secondary
winding powers a...
1 week ago
-
הגליון המאה שישים ושבעה של DigitalWhisper שוחרר!
-
הגליון המאה שישים ושבעה של DigitalWhisper שוחרר!פורסם ב- October 31, 2024
12:09:43, על ידי- cp77fk4r
ברוכים הבאים לדברי הפתיחה של הגליון ה-167 של Digit...
2 weeks ago
-
What Are Normal Users Supposed to Do with IDS Alerts from Network Gear?
-
Probably once a week, I see posts like this in the r/Ubiquiti subreddit.
Ubiquiti makes network gear that includes an "IDS/IPS" feature. I own some
older U...
4 weeks ago
-
Recommended: Open Sourcing Venator
-
I recommended Open Sourcing Venator on TysonRhame.
About me: http://www.chuvakin.org
5 weeks ago
-
SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From
Attacks And Exploits
-
SafeLine is a self-hosted *WAF(Web Application Firewall)* to protect your
web apps from attacks and exploits.
A web application firewall helps protect w...
1 month ago
-
What to Do With Products Without SSO?
-
First, let’s get this out of the way: SaaS vendors that lock Single Sign-On
(SSO) behind enterprise-only plans are disadvantaging their customers and
the i...
1 month ago
-
Eye care company suffers 377K-record data breach
-
Panorama Eyecare, a Fort… read more
5 months ago
-
-
What a lovely sunset
-
Oh, hi. Long time no blog, eh?
Well, it is time to sunset this blog, I will be deleting it in the next few
weeks.
So long, and thanks for all the fis...
1 year ago
-
Simple PHP webshell with php filter chains
-
Recently found an LFI in a PHP application and one of the cool things I
learned about recently was PHP filter chains. More info here:
https://www.synacktiv...
1 year ago
-
Hello world!
-
Welcome to WordPress. This is your first post. Edit or delete it, then
start writing!
1 year ago
-
A Scam in the Family—How a Close Relative Lost $100,000 to an Elder Scam
-
Written by James Schmidt Editor’s Note: We often speak of online scams in
our blogs, ones that cost victims hundreds...
The post A Scam in the Family—Ho...
1 year ago
-
Hacking Solidity For fun and profit
-
Introduction
After a long period of silence I am now going to write a post for hacking
Solidity smart contracts for dummies (like me). The easiest way to p...
2 years ago
-
Tracking WMI Activity with PSGumshoe
-
WMI (Windows Management Instrumentation) is the Microsoft implementation of
the Web-Based Enterprise Management (WBEM) and Common Information Model
(CIM) s...
2 years ago
-
Renewed SideWinder Activity in South Asia
-
A few months ago, Trend Micro released a post which encapsulated the
SideWinder APT group activity in the past year, showcasing SideWinder’s
mobile malware...
3 years ago
-
Jupyter Notebook for crt.sh Queries
-
I created a Jupyter Notebook to query the crt.sh website, dump the results
into a pandas data frame, and then printing out the unique list of results
to th...
3 years ago
-
Symantec Identity: Stepping Up to Meet the COVID-19 Crisis
-
COVID-19 confronted healthcare providers and governments with unprecedented
requests for access, aid, and assistance. Here’s how one team at Symantec
is ri...
4 years ago
-
UNSINKABLE meets UNTHINKABLE פוסט לציון 108 שנים לטביעתה של הטיטניק והלקחים
להגנת סייבר בימינו אנו
-
פוסט זה הוא עדכון משמעותי לפוסט שנכתב במקור בשנת 2012 לאחר צפיה בסרט תיעודי
ששודר באותה השנה, במלאת 100 שנה לטביעת הטיטניק. בעדכון זה ננפץ כמה פרות
קדושות ...
4 years ago
-
How Reverse Engineering (and Cyber-Criminals’ Mistakes) Can Help You When
You’ve Been a Ransomware Victim
-
Ransomware is a type of malware that threatens to publish the victim’s data
or perpetually block access to it unless a ransom is paid. In the last two
year...
5 years ago
-
-
Lucky Break
-
One of the things I do from time to time is throw out an open ended
question on Twitter. Sometimes I’m making a point, sometimes I just want
to amuse myse...
6 years ago
-
TekThing 161 – Bitcoin Sucks For Gaming PCs!!! Our Video Gear, Fingbox Home
Network Security
-
—— Thank You Patrons! Without your support via patreon.com/tekthing, we
wouldn’t be able to make the show for you every week!
https://www.patreon.com/tekth...
6 years ago
-
Romania is vice-champion at the European Cyber Security
-
CERT-RO The National Response Center for Cyber Security Incidents affirmed
on Friday that Romania, for the second consecutive year, has become the
European...
6 years ago
-
CoalaBot : http Ddos Bot
-
CoalaBot appears to be build on August Stealer code (Panel and Traffic are
really alike)
I found it spread as a tasks in a Betabot and in an Andromeda sp...
7 years ago
-
Social-Engineer Toolkit (SET) v7.7 “Blackout” Released
-
TrustedSec is proud to announce a major release of the Social-Engineer
Toolkit (SET) v7.7. This version incorporates support for hostnames in the
HTA att...
7 years ago
-
[Virus Bulletin Conference] The TAO of Automated Iframe Injectors -
Building Drive-by Platforms For Fun and Profit
-
In this paper, we present the design of distributed infection model used by
attackers to inject malicious iframes on the fly to conduct large scale
driv...
7 years ago
-
Big Changes Around the Corner for the IoT
-
The IoT is transforming before our eyes due to increasing regulations,
growing demand for security standards and advancements in the telecom
industry.
T...
7 years ago
-
ClearEnergy ransomware can destroy process automation logics in critical
infrastructure, SCADA and industrial control systems.
-
Schneider Electric, Allen-Bradley, General Electric (GE) and more vendors
are vulnerable to ClearEnergy ransomware. Researchers at CRITIFENCE®
Critical I...
7 years ago
-
ROOTCON 11 Venue
-
This years ROOTCON 11 will be held at Taal Vista Hotel in Tagaytay on
September 21-22, 2017. We announced the venue as early as now so you can
plan ahead...
7 years ago
-
The ‘Compliance Only / CISSP / Minimum Viable Product / HR firewall’
infosec trapezoid of fuck
-
Yesterday (thurs, 3/24/16) I went on a tirade on twitter, regarding an
experience I had in San Francisco during RSA week, while at a vendor party.
I’ll let...
8 years ago
-
Citadel 0.0.1.1 (Atmos)
-
Guys of JPCERT, 有難う御座います!
Released an update to their Citadel decrypter to make it compatible with
0.0.1.1 sample.
Citadel 0.0.1.1 don't have a lot of do...
8 years ago
-
Dridex Down Under
-
Raytheon | Websense® Security Labs™ has been tracking malicious email
campaigns associated with the Dridex banking Trojan since 2014. An
interesting deve...
9 years ago
-
What Verizon Missed in the Latest Threat Reports
-
* By: Zuk Avraham, Joshua Drake, Yaniv Karta, Jimmy Sha *
* Read the full report - here Recently, Veriz...
9 years ago
-
Forensic
-
אחת מהבעיות העיקריות בביצוע תהליך FORENSIC הוא לאחר ביצוע תהליך שיכפול ה -
Harddisk (על פי כל התקנים של שיכפול ביט אחרי ביט), היא לבצע מחקר על *מחשב
חיי...
9 years ago
-
Blog Moved
-
Please see the Trustwave SpiderLabs Blog.
9 years ago
-
TrustKeeper Scan Engine Update – February 4, 2015
-
The latest update to the TrustKeeper scan engine that powers our Trustwave
Vulnerability Management product (including both internal and external
vulnerabi...
9 years ago
-
RSA Announces End of RSA Security Conference
-
Aims to bring clarity to cloudy marketing messages through exhibit hall
chotskies Bedford, MA., – April 1, 2014 – RSA, the security division of
EMC, today ...
10 years ago
-
botCloud – an emerging platform for cyber-attacks
-
Hosting network services on Cloud platforms is getting more and more
popular. It is not in the scope of this article to elaborate the advantage
of using Cl...
12 years ago
-
mimikatz: Tool To Recover Cleartext Passwords From Lsass
-
I meant to blog about this a while ago, but never got round to it. Here’s a
brief post about very cool feature of a tool called mimikatz. I’m very
grateful...
12 years ago
-
Pentestify.
-
i’m over here now.
13 years ago
-
-
-
-
-
-
-
-
-
-
יומן שבועי 21-27- אוקטובר 2012
חשבתי ככה לרשום לעצמי ראשי פרקים עבור אירועי אבטחה ושאר דברים מעניינים שנתקלתי בהם השבוע שעבר - עוד לא סגור באיזה יום - אבל הרעיון הוא להתמיד...המממ קשה... טוב נתחיל בניסוי:
-2012 21-27
- JAVA update - שוב חוזר הניגון ... למי שעוד לא עדכון -זה הזמן לשדרג ל 6.37 או ל 7.09 / אפשר להתחיל לזהות את גרסת ה JAVA המותקנת דרך אתר זה ולהתקדם באתר של JAVA לשדרוג - או לחלופין לשדרך אוטומאטית.דרך אגב ,לפגיעות האחרונה שהוגשה לריוויו ע"י חוקר אבטח מידע פולני - עדיין לא כתבו תיקון - לפי ORACLE יטופל ברבעון הראשון של 2013 , מומלץ למי שאין לו צורך בהרצת אפליקציות מבססות JAVA להסיר את תוסף הדפדפן עבור ג'אוה ,ובכל מקרה לעבוד עם כרום או FF ו .ל א עם IE
2. נסיון חדירה והתקפת CYBER על מחשבי המשטרה -עוד פרטים כאן , מקריאה ראשונית , נראה כי הנסיון מזכיר עשרות נסיונות שיכנוע ללחוץ על לינק או לפתוח קובץ דרך המייל ,בדרך כלל מיילים אלו קשורים לפשיעת סייבר - אך במקרה הספציפי הזה יתכן והיה מדוהר על מתקפת טרור קיברנטי ע"י אירן ( כך טוענים מומחי האבטחה שחקרו את העניין). קצת תמוהה בעיניי ,הצעד הקיצוני של ניתוק מחשבי המשטרה מהאינטרנט וממערכות נוספות מחשש לזליגת מידע ,ובנוסף חסימת DOK בכל החברה.
- האם אין למשטרה מערכות ניטור לזליגת מידע שעובדת על רקע קבוע?
- האם אין למשטרה יכולת לנתח פניות חשודות מתוך החברה לאינטרנט?
- מדוע לא חסום DOK כברירת מחדל?
- מעבר לאנטי וירוס המותקן במערכת הדואר - מדוע לא חוסמים במשטרה כ ל קובץ מסוכן כגון EXE ו DLL??? כל סוג כזה מומלץ שישלך לתיבה מיוחדש המאושרת רק ע"י אנשים אבטחת מידע.
- בקיצור ניראה כי פאניקה והחלטות קשות , היו כאן למחוויר.