Summary The Android application provided by Private Internet Access (PIA) VPN service can be crashed by downloading a large file containing a list of current VPN servers. This can be exploited by a…

NOTE: All the methods I have explained are at your own risk

Executive Summary SnatchLoader is a “downloader” malware—a type of malware that specializes in distributing (or loading) other malware onto infected comput

I made a tool to check if your TPM chip is bad. Well, it extracts the SRK public key and checks if it’s good or bad. If the SRK is bad then you can bet all o...

According to researchers at Zscaler, ads are redirecting browsers to malicious landing pages hosting the Terror exploit kit.

Boletín de noticias de seguridad informática unaaldia, ofrecido por Hispasec

Last year, a security researcher alerted Equifax that anyone could have stolen the personal data of all Americans. The company failed to heed the warning.

tl;dr  I found a severe issue in the Slack 's SAML implementation that allowed me to bypass the authentication. This has now been solved by...

Sample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC). - joaomatosf/JavaDeserH2HC

En determinadas ocasiones, necesitamos utilizar nuestra máquina de auditorías de manera anónima. La mayor parte de herramientas cuentan con una opción para configurar un proxy, ya sea http o sock, …

Security researchers have spotted a new Android banking trojan named LokiBot that turns into ransomware and locks users' phones when they try to remove its admin privileges.

Google Introduces Advanced Protection program for extra paranoid users to protect their accounts from targeted attacks.

Last month, we identified three plugins with critical object injection vulnerabilities, all being exploited in the wild. We deployed new and improved firewall rules to block that kind of exploit. While analyzing our attack data, we recently discovered that…

We’re pleased to announce the second release candidate for Qubes 4.0! As usual, this release candidate includes numerous bug fixes over the previous one. Two of the most important changes are: ...

Sockbot es un malware capaz de registrar dispositivos en una botnet y realizar ataques de denegación de servicios distribuídos.

After last week we had the KRACK and ROCA cryptographic attacks, this week has gotten off to a similarly "great" start with the publication of a new crypto attack known as DUHK (Don't Use Hard-coded Keys)

Extract common Windows artifacts from source images and VSCs - Silv3rHorn/ArtifactExtractor