#Microsoft won't patch #Edge browser content security bypass
Tells Cisco's Talos it's a feature, not a bug. #Apple and #Google disasgree and fixed it
Which of Google, Apple and Microsoft think a content security bypass doesn't warrant a browser patch?…
http://go.theregister.com/feed/www.theregister.co.uk/2017/09/07/talos_says_msft_edge_content_security_bypass_is_a_feature_wont_be_patched/
Tells Cisco's Talos it's a feature, not a bug. #Apple and #Google disasgree and fixed it
Which of Google, Apple and Microsoft think a content security bypass doesn't warrant a browser patch?…
http://go.theregister.com/feed/www.theregister.co.uk/2017/09/07/talos_says_msft_edge_content_security_bypass_is_a_feature_wont_be_patched/
www.theregister.co.uk
Microsoft won't patch Edge browser content security bypass
Tells Cisco's Talos it's a feature, not a bug. Apple and Google disasgree and fixed it
#Google lanza un nuevo programa de certificación para programadores
https://developers.googleblog.com/2017/09/introducing-mobile-web-specialist.html?m=1
https://developers.googleblog.com/2017/09/introducing-mobile-web-specialist.html?m=1
Google Developers Blog
Introducing the Mobile Web Specialist Certification by Google Developers
News and insights on Google platforms, tools, and events.
Find a security policy template for your organization in the SANS Security Policy Resources: https://t.co/jckuVhsNac
www.sans.org
SANS - Information Security Resources | Information Security Policy Templates |
Free information security policy templates courtesy of the SANS Institute, Michele D. Guel, and other information security leaders.
#Pharming y #spim: los primos hermanos del #phishing y el #spam ¿Quieres información sobre estos tipos de ataques?
https://t.co/AA7OxLcYmL
https://t.co/AA7OxLcYmL
www.osi.es
Pharming y spim: los primos hermanos del phishing y el spam
PHARMING ¿Qué es el pharming? El pharming es un ciberataque que consiste en redireccionar el tráfico web de una página legítima hacia otra página falsa. ¿Cómo funciona el pharming? Mediante esta técnica, el atacante consigue que, cuando abramos nuestro navegador…
#Bug in #Windows #Kernel Could Prevent Security Software From Identifying #Malware
https://t.co/7IpgIoK6MA
https://t.co/7IpgIoK6MA
BleepingComputer
Bug in Windows Kernel Could Prevent Security Software From Identifying Malware
Malware developers can abuse a programming error in the Windows kernel to prevent security software from identifying if, and when, malicious modules have been loaded at runtime.
CVE-2017-0780: Denial-of-Service #Vulnerability can #Crash #Android Messages App https://t.co/UVmhfiFihe #TrendMicro
TrendLabs Security Intelligence Blog
CVE-2017-0780: Denial-of-Service Vulnerability can Crash Android Messages App - TrendLabs Security Intelligence Blog
CVE-2017-0780, a denial-of-service vulnerability we recently disclosed to Google, can let attackers remotely crash their victims’ Android Messages app.
Heap Exploitation
This short book is written for people who want to understand the internals of 'heap memory', particularly the implementation of glibc's 'malloc' and 'free' procedures, and also for security researchers who want to get started in the field of heap exploitation.
https://www.gitbook.com/book/dhavalkapil/heap-exploitation/details
This short book is written for people who want to understand the internals of 'heap memory', particularly the implementation of glibc's 'malloc' and 'free' procedures, and also for security researchers who want to get started in the field of heap exploitation.
https://www.gitbook.com/book/dhavalkapil/heap-exploitation/details
GitBook
Heap Exploitation · GitBook
heap-exploitation: This book on heap exploitation is a guide to understanding the internals of glibc's heap. It also describes, in detail, various attacks possible on the heap structure.
Locky ha vuelto. Esta vez vía spam robando más de 23 millones de email en solo 24 horas. https://t.co/YGykOS6Ayr #locky #spam
Bankinfosecurity
Locky Returns via Spam and Dropbox-Themed Phishing Attacks
A massive Locky ransomware campaign has been infecting devices via malware-laced spam messages as well as through fake Dropbox phishing pages. More than 23 million
Los #DDoS ya no son problema sólo para grandes empresas. Se han convertido en una amenaza también para #pymes https://t.co/qk5fOvJjXZ #DDoS
Dark Reading
7 Things to Know About Today's DDoS Attacks
DDoS attacks are no longer something that just big companies in a few industries need to worry about. They have become a threat to every business.
Server Directory Traversal at Huawei HG255s
https://youtu.be/n02toTFkLOU
https://youtu.be/n02toTFkLOU
YouTube
Server Directory Traversal at Huawei HG255s
Modem software version:
V100R001C163B025SP02
Exploit:
https://www.exploit-db.com/exploits/42634/
V100R001C163B025SP02
Exploit:
https://www.exploit-db.com/exploits/42634/
ShellBags Explorer 0.9.5.0 released!
https://binaryforay.blogspot.com.tr/2017/09/shellbags-explorer-0950-released.html
https://binaryforay.blogspot.com.tr/2017/09/shellbags-explorer-0950-released.html
Blogspot
ShellBags Explorer 0.9.5.0 released!
Changes in this version include: NEW: Additional GUIDs added NEW: Several new Shellbag types and extension blocks added NEW: SBECmd.exe ...
Tips for Reverse-Engineering Malicious Code – A New Cheat Sheet
https://zeltser.com/reverse-engineering-malicious-code-tips/
https://zeltser.com/reverse-engineering-malicious-code-tips/
Lenny Zeltser
Tips for Reverse-Engineering Malicious Code
Reversing malicious Windows executables involves examining static properties, identifying suspicious strings and API calls, performing behavioral analysis, and using disassemblers and debuggers. Key areas include understanding x86/x64 registers, common assembly…
The #ShadowBrokers Hacking Group Leaks #UNITEDRAKE, Another #Windows #Hacking Tool Stolen from #NSA 's Arsenal
https://thehackernews.com/2017/09/shadowbrokers-unitedrake-hacking.html
https://thehackernews.com/2017/09/shadowbrokers-unitedrake-hacking.html
The Hacker News
Shadow Brokers Leaks Another Windows Hacking Tool Stolen from NSA’s Arsenal
The Shadow Brokers hacking group has released UNITEDRAKE windows hacking malware to its monthly dump service subscribers.
Vulnerabilidad de ejecución de código en i-SENS SmartLog Diabetes Management Software #SCI https://t.co/754txSVJas
CERTSI
Vulnerabilidad de ejecución de código en i-SENS SmartLog Diabetes Management Software
El investigador independiente Mark Cross ha identificado en el producto de i-SENS una vulnerabilidad de ruta de busqueda no controlada, cuya explotación puede permitir a un atacante local ejecutar arbitrariamente código en el dispositivo afectado.