Last year, a security researcher alerted Equifax that anyone could have stolen the personal data of all Americans. The company failed to heed the warning.

tl;dr  I found a severe issue in the Slack 's SAML implementation that allowed me to bypass the authentication. This has now been solved by...

Sample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC). - joaomatosf/JavaDeserH2HC

En determinadas ocasiones, necesitamos utilizar nuestra máquina de auditorías de manera anónima. La mayor parte de herramientas cuentan con una opción para configurar un proxy, ya sea http o sock, …

Security researchers have spotted a new Android banking trojan named LokiBot that turns into ransomware and locks users' phones when they try to remove its admin privileges.

Google Introduces Advanced Protection program for extra paranoid users to protect their accounts from targeted attacks.

Last month, we identified three plugins with critical object injection vulnerabilities, all being exploited in the wild. We deployed new and improved firewall rules to block that kind of exploit. While analyzing our attack data, we recently discovered that…

We’re pleased to announce the second release candidate for Qubes 4.0! As usual, this release candidate includes numerous bug fixes over the previous one. Two of the most important changes are: ...

Sockbot es un malware capaz de registrar dispositivos en una botnet y realizar ataques de denegación de servicios distribuídos.

After last week we had the KRACK and ROCA cryptographic attacks, this week has gotten off to a similarly "great" start with the publication of a new crypto attack known as DUHK (Don't Use Hard-coded Keys)

Extract common Windows artifacts from source images and VSCs - Silv3rHorn/ArtifactExtractor

I can confirm - Vaccination for #badrabbit: Create the following files c:\windows\infpub.dat && c:\windows\cscc.dat - remove ALL PERMISSIONS (inheritance) and you are now vaccinated. :)

Although this type of strain might not be as well covered as other flashy strains, fileless malware is a hidden threat that should concern businesses.

Multi-Honeypot Platform based on glastopf, kippo, honeytrap and dionaea, the network IDS/IPS suricata, elasticsearch-logstash-kibana, ewsposter and docker

Todavía se puede actualizar gratis de Windows 7 a Windows 10 Fall Creators Update de forma gratuita mediante tecnologías de asistencia

Ya se puede descargar lo último de CAINE (Computer Aided INvestigative Environment). Una distribución GNU/Linux de origen italiano y especializada en la informática forense, que se puede ejecutar e…