Latest Security News
-
Friday Squid Blogging: Squid Game Season Two Teaser
-
The teaser for *Squid Game* Season Two dropped.
Blog moderation policy.
1 hour ago
-
Microsoft ends development of Windows Server Update Services (WSUS)
-
Microsoft has officially announced that Windows Server Update Services
(WSUS) is now deprecated, but plans to maintain current functionality and
continue p...
6 hours ago
-
Tor Project responded to claims that law enforcement can de-anonymize Tor
users
-
The maintainers of the Tor Project have responded to claims that German
police have devised a technique to deanonymize users. The maintainers of
the Tor Pr...
7 hours ago
-
File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File
Such As The Things A File Pumper Would Add
-
file-unpumper is a powerful command-line utility designed to clean and
analyze Portable Executable (PE) files. It provides a range of features to
help d...
15 hours ago
-
This Windows PowerShell Phish Has Scary Potential
-
Many GitHub users this week received a novel phishing email warning of
critical security holes in their code. Those who clicked the link for
details were a...
1 day ago
-
Vendor Notebook: New cybersecurity and EHR performance upgrades
-
A new set of artificial intelligence and zero trust integrations in the
Crowdstrike Falcon cybersecurity platform could improve detection and
response ca...
1 day ago
-
Spearphishing tricks in mass emails | Kaspersky official blog
-
An example of spearphishing tricks used in a mass email: text in images,
PDF files, QR codes, ghost spoofing, DocuSign imitation, and Cloudflare
verification.
1 day ago
-
Spamvertized Github Powershell Malicious Software Executing Campaign
Spotted in the Wild
-
Dear blog readers,
I've recently intercepted a currently circulating spamvertised campaign
enticing users into interacting with a Powershell script ultim...
2 days ago
-
What to Do With Products Without SSO?
-
First, let’s get this out of the way: SaaS vendors that lock Single Sign-On
(SSO) behind enterprise-only plans are disadvantaging their customers and
the i...
4 days ago
-
Overview of Content Published in August
-
Here is an overview of content I published in August: SANS ISC Diary
entries: OOXML Spreadsheets Protected By Verifier Hashes Wireshark
4.4.0rc1’s Custom C...
2 weeks ago
-
הגליון המאה שישים וחמישה של DigitalWhisper שוחרר!
-
הגליון המאה שישים וחמישה של DigitalWhisper שוחרר!פורסם ב- August 31, 2024
19:12:09, על ידי- cp77fk4r
ברוכים הבאים לדברי הפתיחה של הגליון ה-165 של Digit...
2 weeks ago
-
Recommended: Recognizing dark humor and cynicism
-
I recommended Recognizing dark humor and cynicism on TysonRhame.
About me: http://www.chuvakin.org
1 month ago
-
My First Book is 20 Years Old Today
-
On this day in 2004, Addison-Wesley/Pearson published my first book, The
Tao of Network Security Monitoring: Beyond Intrusion Detection.
This post from 2...
2 months ago
-
China's APT40 gang is ready to attack vulns within hours or days of public
release
-
China's APT40 gang is ready to attack vulns within hours or days of public
release l33tdawg Tue, 07/09/2024 - 02:53
2 months ago
-
Eye care company suffers 377K-record data breach
-
Panorama Eyecare, a Fort… read more
3 months ago
-
-
זמין מיידית לעבודה חדשה
-
שלום למבקרים באתר, אני זמין כעת מיידית לעבודה חדשה, כשכיר או כעצמאי, כמובן
בתחום אבטחת המידע. אפשר למצוא פרטים מקצועיים נוספים אודותיי וגם ליצור אתי
קשר ...
1 year ago
-
What a lovely sunset
-
Oh, hi. Long time no blog, eh?
Well, it is time to sunset this blog, I will be deleting it in the next few
weeks.
So long, and thanks for all the fis...
1 year ago
-
Simple PHP webshell with php filter chains
-
Recently found an LFI in a PHP application and one of the cool things I
learned about recently was PHP filter chains. More info here:
https://www.synacktiv...
1 year ago
-
Hello world!
-
Welcome to WordPress. This is your first post. Edit or delete it, then
start writing!
1 year ago
-
A Scam in the Family—How a Close Relative Lost $100,000 to an Elder Scam
-
Written by James Schmidt Editor’s Note: We often speak of online scams in
our blogs, ones that cost victims hundreds...
The post A Scam in the Family—Ho...
1 year ago
-
Hacking Solidity For fun and profit
-
Introduction
After a long period of silence I am now going to write a post for hacking
Solidity smart contracts for dummies (like me). The easiest way to p...
2 years ago
-
Tracking WMI Activity with PSGumshoe
-
WMI (Windows Management Instrumentation) is the Microsoft implementation of
the Web-Based Enterprise Management (WBEM) and Common Information Model
(CIM) s...
2 years ago
-
Renewed SideWinder Activity in South Asia
-
A few months ago, Trend Micro released a post which encapsulated the
SideWinder APT group activity in the past year, showcasing SideWinder’s
mobile malware...
3 years ago
-
Jupyter Notebook for crt.sh Queries
-
I created a Jupyter Notebook to query the crt.sh website, dump the results
into a pandas data frame, and then printing out the unique list of results
to th...
3 years ago
-
Symantec Identity: Stepping Up to Meet the COVID-19 Crisis
-
COVID-19 confronted healthcare providers and governments with unprecedented
requests for access, aid, and assistance. Here’s how one team at Symantec
is ri...
4 years ago
-
UNSINKABLE meets UNTHINKABLE פוסט לציון 108 שנים לטביעתה של הטיטניק והלקחים
להגנת סייבר בימינו אנו
-
פוסט זה הוא עדכון משמעותי לפוסט שנכתב במקור בשנת 2012 לאחר צפיה בסרט תיעודי
ששודר באותה השנה, במלאת 100 שנה לטביעת הטיטניק. בעדכון זה ננפץ כמה פרות
קדושות ...
4 years ago
-
How Reverse Engineering (and Cyber-Criminals’ Mistakes) Can Help You When
You’ve Been a Ransomware Victim
-
Ransomware is a type of malware that threatens to publish the victim’s data
or perpetually block access to it unless a ransom is paid. In the last two
year...
5 years ago
-
-
Lucky Break
-
One of the things I do from time to time is throw out an open ended
question on Twitter. Sometimes I’m making a point, sometimes I just want
to amuse myse...
6 years ago
-
TekThing 161 – Bitcoin Sucks For Gaming PCs!!! Our Video Gear, Fingbox Home
Network Security
-
—— Thank You Patrons! Without your support via patreon.com/tekthing, we
wouldn’t be able to make the show for you every week!
https://www.patreon.com/tekth...
6 years ago
-
Romania is vice-champion at the European Cyber Security
-
CERT-RO The National Response Center for Cyber Security Incidents affirmed
on Friday that Romania, for the second consecutive year, has become the
European...
6 years ago
-
CoalaBot : http Ddos Bot
-
CoalaBot appears to be build on August Stealer code (Panel and Traffic are
really alike)
I found it spread as a tasks in a Betabot and in an Andromeda sp...
6 years ago
-
Social-Engineer Toolkit (SET) v7.7 “Blackout” Released
-
TrustedSec is proud to announce a major release of the Social-Engineer
Toolkit (SET) v7.7. This version incorporates support for hostnames in the
HTA att...
7 years ago
-
[Virus Bulletin Conference] The TAO of Automated Iframe Injectors -
Building Drive-by Platforms For Fun and Profit
-
In this paper, we present the design of distributed infection model used by
attackers to inject malicious iframes on the fly to conduct large scale
driv...
7 years ago
-
Big Changes Around the Corner for the IoT
-
The IoT is transforming before our eyes due to increasing regulations,
growing demand for security standards and advancements in the telecom
industry.
T...
7 years ago
-
ClearEnergy ransomware can destroy process automation logics in critical
infrastructure, SCADA and industrial control systems.
-
Schneider Electric, Allen-Bradley, General Electric (GE) and more vendors
are vulnerable to ClearEnergy ransomware. Researchers at CRITIFENCE®
Critical I...
7 years ago
-
ROOTCON 11 Venue
-
This years ROOTCON 11 will be held at Taal Vista Hotel in Tagaytay on
September 21-22, 2017. We announced the venue as early as now so you can
plan ahead...
7 years ago
-
The ‘Compliance Only / CISSP / Minimum Viable Product / HR firewall’
infosec trapezoid of fuck
-
Yesterday (thurs, 3/24/16) I went on a tirade on twitter, regarding an
experience I had in San Francisco during RSA week, while at a vendor party.
I’ll let...
8 years ago
-
Citadel 0.0.1.1 (Atmos)
-
Guys of JPCERT, 有難う御座います!
Released an update to their Citadel decrypter to make it compatible with
0.0.1.1 sample.
Citadel 0.0.1.1 don't have a lot of do...
8 years ago
-
Dridex Down Under
-
Raytheon | Websense® Security Labs™ has been tracking malicious email
campaigns associated with the Dridex banking Trojan since 2014. An
interesting deve...
8 years ago
-
What Verizon Missed in the Latest Threat Reports
-
* By: Zuk Avraham, Joshua Drake, Yaniv Karta, Jimmy Sha *
* Read the full report - here Recently, Veriz...
9 years ago
-
Forensic
-
אחת מהבעיות העיקריות בביצוע תהליך FORENSIC הוא לאחר ביצוע תהליך שיכפול ה -
Harddisk (על פי כל התקנים של שיכפול ביט אחרי ביט), היא לבצע מחקר על *מחשב
חיי...
9 years ago
-
Blog Moved
-
Please see the Trustwave SpiderLabs Blog.
9 years ago
-
TrustKeeper Scan Engine Update – February 4, 2015
-
The latest update to the TrustKeeper scan engine that powers our Trustwave
Vulnerability Management product (including both internal and external
vulnerabi...
9 years ago
-
RSA Announces End of RSA Security Conference
-
Aims to bring clarity to cloudy marketing messages through exhibit hall
chotskies Bedford, MA., – April 1, 2014 – RSA, the security division of
EMC, today ...
10 years ago
-
botCloud – an emerging platform for cyber-attacks
-
Hosting network services on Cloud platforms is getting more and more
popular. It is not in the scope of this article to elaborate the advantage
of using Cl...
11 years ago
-
mimikatz: Tool To Recover Cleartext Passwords From Lsass
-
I meant to blog about this a while ago, but never got round to it. Here’s a
brief post about very cool feature of a tool called mimikatz. I’m very
grateful...
12 years ago
-
Pentestify.
-
i’m over here now.
13 years ago
-
-
-
-
-
-
-
-
-
עתיקה בערך כמו ה talk back : " רק לינוקס" בהשוואה חלונות ,היא השאלה איזה AV עדיף לשים בבית , בחברה ,בענן וכו..
כנראה שהצורך לענות על שאלה זו הצדיק יצירת גורם בילתי תלוי המבצע בדיקות סדורות ומדרג את הפירמות בקטגוריות השונות.
תתפלאו , אבל הנתונים די מפתיעים!
המידע נגיש לכולם ( ניתן להוריד דוחות) .
לעיונכם
בחרתי להציג תוצאות מיבחן "עולם אמיתי" שנערך לאחרונה. התוצאות מיוחסות לחדשים אוגוסט - נובמבר 2012
לדעתי מדובר בגרסאות ביתיות אך יש גם דוחות לcorp's
FYI
סקירת מוצרי AV לMOBILE: