Latest Security News
-
Botnet exploits GeoVision zero-day to install Mirai malware
-
A malware botnet is exploiting a zero-day vulnerability in end-of-life
GeoVision devices to compromise and recruit them for likely DDoS or
cryptomining att...
56 minutes ago
-
Bitfinex hacker Ilya Lichtenstein was sentenced to 5 years in prison
-
Bitfinex hacker, Ilya Lichtenstein, who stole 1 billion worth of Bitcoins
from Bitfinex in 2016, has been sentenced to five years in prison. “Ilya
Lichtens...
1 hour ago
-
DHS intros framework for AI safety and security, in healthcare and elsewhere
-
The U.S. Department of Homeland Security on Thursday published a new set of
actionable recommendations to help promote safe and secure development and
de...
5 hours ago
-
Good Essay on the History of Bad Password Policies
-
Stuart Schechter makes some good points on the history of bad password
policies:
Morris and Thompson’s work brought much-needed data to highlight a probl...
8 hours ago
-
An Interview With the Target & Home Depot Hacker
-
In December 2023, KrebsOnSecurity revealed the real-life identity of
Rescator, the nickname used by a Russian cybercriminal who sold more than
100 million ...
15 hours ago
-
CVE-2024-43451 allows stealing NTLMv2 hash | Kaspersky official blog
-
Patch Tuesday, November 2024: CVE-2024-43451, used in real attacks, permits
stealing an NTLMv2 hash with minimal interaction from the victim.
1 day ago
-
North Korean hackers target cryptocurrency with malware
-
North Korean hackers target cryptocurrency with malware l33tdawg Fri,
11/08/2024 - 09:11
1 week ago
-
Yavor Kolev, Bulgaria, The City of Troyan and The Dipshits That Ruled
Everyone and Everything - A True First-Account Personal of Their True Story
-
В момента кой е по прост от циганин? Това сте вие майка ти и циганинът баща
ти. И всички други цигани който вие си мислите че са повече от вас. Дано
успе...
1 week ago
-
Quickpost: The Electric Energy Consumption Of A Wired Doorbell
-
I have a classic wired doorbell at home: the 230V powered transformer
produces 12V on its secondary winding. The circuit on that secondary
winding powers a...
1 week ago
-
הגליון המאה שישים ושבעה של DigitalWhisper שוחרר!
-
הגליון המאה שישים ושבעה של DigitalWhisper שוחרר!פורסם ב- October 31, 2024
12:09:43, על ידי- cp77fk4r
ברוכים הבאים לדברי הפתיחה של הגליון ה-167 של Digit...
2 weeks ago
-
What Are Normal Users Supposed to Do with IDS Alerts from Network Gear?
-
Probably once a week, I see posts like this in the r/Ubiquiti subreddit.
Ubiquiti makes network gear that includes an "IDS/IPS" feature. I own some
older U...
5 weeks ago
-
Recommended: Open Sourcing Venator
-
I recommended Open Sourcing Venator on TysonRhame.
About me: http://www.chuvakin.org
5 weeks ago
-
SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From
Attacks And Exploits
-
SafeLine is a self-hosted *WAF(Web Application Firewall)* to protect your
web apps from attacks and exploits.
A web application firewall helps protect w...
1 month ago
-
What to Do With Products Without SSO?
-
First, let’s get this out of the way: SaaS vendors that lock Single Sign-On
(SSO) behind enterprise-only plans are disadvantaging their customers and
the i...
1 month ago
-
Eye care company suffers 377K-record data breach
-
Panorama Eyecare, a Fort… read more
5 months ago
-
-
זמין מיידית לעבודה חדשה
-
שלום למבקרים באתר, אני זמין כעת מיידית לעבודה חדשה, כשכיר או כעצמאי, כמובן
בתחום אבטחת המידע. אפשר למצוא פרטים מקצועיים נוספים אודותיי וגם ליצור אתי
קשר ...
1 year ago
-
What a lovely sunset
-
Oh, hi. Long time no blog, eh?
Well, it is time to sunset this blog, I will be deleting it in the next few
weeks.
So long, and thanks for all the fis...
1 year ago
-
Simple PHP webshell with php filter chains
-
Recently found an LFI in a PHP application and one of the cool things I
learned about recently was PHP filter chains. More info here:
https://www.synacktiv...
1 year ago
-
Hello world!
-
Welcome to WordPress. This is your first post. Edit or delete it, then
start writing!
1 year ago
-
A Scam in the Family—How a Close Relative Lost $100,000 to an Elder Scam
-
Written by James Schmidt Editor’s Note: We often speak of online scams in
our blogs, ones that cost victims hundreds...
The post A Scam in the Family—Ho...
1 year ago
-
Hacking Solidity For fun and profit
-
Introduction
After a long period of silence I am now going to write a post for hacking
Solidity smart contracts for dummies (like me). The easiest way to p...
2 years ago
-
Tracking WMI Activity with PSGumshoe
-
WMI (Windows Management Instrumentation) is the Microsoft implementation of
the Web-Based Enterprise Management (WBEM) and Common Information Model
(CIM) s...
2 years ago
-
Renewed SideWinder Activity in South Asia
-
A few months ago, Trend Micro released a post which encapsulated the
SideWinder APT group activity in the past year, showcasing SideWinder’s
mobile malware...
3 years ago
-
Jupyter Notebook for crt.sh Queries
-
I created a Jupyter Notebook to query the crt.sh website, dump the results
into a pandas data frame, and then printing out the unique list of results
to th...
3 years ago
-
Symantec Identity: Stepping Up to Meet the COVID-19 Crisis
-
COVID-19 confronted healthcare providers and governments with unprecedented
requests for access, aid, and assistance. Here’s how one team at Symantec
is ri...
4 years ago
-
UNSINKABLE meets UNTHINKABLE פוסט לציון 108 שנים לטביעתה של הטיטניק והלקחים
להגנת סייבר בימינו אנו
-
פוסט זה הוא עדכון משמעותי לפוסט שנכתב במקור בשנת 2012 לאחר צפיה בסרט תיעודי
ששודר באותה השנה, במלאת 100 שנה לטביעת הטיטניק. בעדכון זה ננפץ כמה פרות
קדושות ...
4 years ago
-
How Reverse Engineering (and Cyber-Criminals’ Mistakes) Can Help You When
You’ve Been a Ransomware Victim
-
Ransomware is a type of malware that threatens to publish the victim’s data
or perpetually block access to it unless a ransom is paid. In the last two
year...
5 years ago
-
-
Lucky Break
-
One of the things I do from time to time is throw out an open ended
question on Twitter. Sometimes I’m making a point, sometimes I just want
to amuse myse...
6 years ago
-
TekThing 161 – Bitcoin Sucks For Gaming PCs!!! Our Video Gear, Fingbox Home
Network Security
-
—— Thank You Patrons! Without your support via patreon.com/tekthing, we
wouldn’t be able to make the show for you every week!
https://www.patreon.com/tekth...
6 years ago
-
Romania is vice-champion at the European Cyber Security
-
CERT-RO The National Response Center for Cyber Security Incidents affirmed
on Friday that Romania, for the second consecutive year, has become the
European...
6 years ago
-
CoalaBot : http Ddos Bot
-
CoalaBot appears to be build on August Stealer code (Panel and Traffic are
really alike)
I found it spread as a tasks in a Betabot and in an Andromeda sp...
7 years ago
-
Social-Engineer Toolkit (SET) v7.7 “Blackout” Released
-
TrustedSec is proud to announce a major release of the Social-Engineer
Toolkit (SET) v7.7. This version incorporates support for hostnames in the
HTA att...
7 years ago
-
[Virus Bulletin Conference] The TAO of Automated Iframe Injectors -
Building Drive-by Platforms For Fun and Profit
-
In this paper, we present the design of distributed infection model used by
attackers to inject malicious iframes on the fly to conduct large scale
driv...
7 years ago
-
Big Changes Around the Corner for the IoT
-
The IoT is transforming before our eyes due to increasing regulations,
growing demand for security standards and advancements in the telecom
industry.
T...
7 years ago
-
ClearEnergy ransomware can destroy process automation logics in critical
infrastructure, SCADA and industrial control systems.
-
Schneider Electric, Allen-Bradley, General Electric (GE) and more vendors
are vulnerable to ClearEnergy ransomware. Researchers at CRITIFENCE®
Critical I...
7 years ago
-
ROOTCON 11 Venue
-
This years ROOTCON 11 will be held at Taal Vista Hotel in Tagaytay on
September 21-22, 2017. We announced the venue as early as now so you can
plan ahead...
7 years ago
-
The ‘Compliance Only / CISSP / Minimum Viable Product / HR firewall’
infosec trapezoid of fuck
-
Yesterday (thurs, 3/24/16) I went on a tirade on twitter, regarding an
experience I had in San Francisco during RSA week, while at a vendor party.
I’ll let...
8 years ago
-
Citadel 0.0.1.1 (Atmos)
-
Guys of JPCERT, 有難う御座います!
Released an update to their Citadel decrypter to make it compatible with
0.0.1.1 sample.
Citadel 0.0.1.1 don't have a lot of do...
8 years ago
-
Dridex Down Under
-
Raytheon | Websense® Security Labs™ has been tracking malicious email
campaigns associated with the Dridex banking Trojan since 2014. An
interesting deve...
9 years ago
-
What Verizon Missed in the Latest Threat Reports
-
* By: Zuk Avraham, Joshua Drake, Yaniv Karta, Jimmy Sha *
* Read the full report - here Recently, Veriz...
9 years ago
-
Forensic
-
אחת מהבעיות העיקריות בביצוע תהליך FORENSIC הוא לאחר ביצוע תהליך שיכפול ה -
Harddisk (על פי כל התקנים של שיכפול ביט אחרי ביט), היא לבצע מחקר על *מחשב
חיי...
9 years ago
-
Blog Moved
-
Please see the Trustwave SpiderLabs Blog.
9 years ago
-
TrustKeeper Scan Engine Update – February 4, 2015
-
The latest update to the TrustKeeper scan engine that powers our Trustwave
Vulnerability Management product (including both internal and external
vulnerabi...
9 years ago
-
RSA Announces End of RSA Security Conference
-
Aims to bring clarity to cloudy marketing messages through exhibit hall
chotskies Bedford, MA., – April 1, 2014 – RSA, the security division of
EMC, today ...
10 years ago
-
botCloud – an emerging platform for cyber-attacks
-
Hosting network services on Cloud platforms is getting more and more
popular. It is not in the scope of this article to elaborate the advantage
of using Cl...
12 years ago
-
mimikatz: Tool To Recover Cleartext Passwords From Lsass
-
I meant to blog about this a while ago, but never got round to it. Here’s a
brief post about very cool feature of a tool called mimikatz. I’m very
grateful...
12 years ago
-
Pentestify.
-
i’m over here now.
13 years ago
-
-
-
-
-
-
-
-
-
השוואת מוצרי AV ע"י הארגון הבלתי תלוי av-comparatives.org
עתיקה בערך כמו ה talk back : " רק לינוקס" בהשוואה חלונות ,היא השאלה איזה AV עדיף לשים בבית , בחברה ,בענן וכו..
כנראה שהצורך לענות על שאלה זו הצדיק יצירת גורם בילתי תלוי המבצע בדיקות סדורות ומדרג את הפירמות בקטגוריות השונות.
תתפלאו , אבל הנתונים די מפתיעים!
המידע נגיש לכולם ( ניתן להוריד דוחות) .
לעיונכם
בחרתי להציג תוצאות מיבחן "עולם אמיתי" שנערך לאחרונה. התוצאות מיוחסות לחדשים אוגוסט - נובמבר 2012
לדעתי מדובר בגרסאות ביתיות אך יש גם דוחות לcorp's
FYI
סקירת מוצרי AV לMOBILE: