Mozilla engineers have started work on a project named Lockbox that they describe as "a work-in-progress extension [...] to improve upon Firefox's built-in password management."

SQL Injection Tutorial – Sql Injection cheat sheet . SQL injection allows us to remotely pull down all the tables, login usernames and admin accounts for a website.  The most powerful tool for SQL injection is SQLMAP, which we can use on Windows and Kali…

Collection of scripts and templates to generate Office documents embedded with the DDE, macro-less command execution technique. - 0xdeadbeefJERKY/Office-DDE-Payloads

SANS Internet Storm Center - A global cooperative cyber threat / internet security monitor and alert system. Featuring daily handler diaries with summarizing and analyzing new threats to networks and internet security events.

Top Alternative Operating Systems - There's only one rule - no Microsoft Windows, Apple or Linux Based operating systems

One of the main drawbacks of Powershell command prompt compared to bash was the inability to keep a history of executed commands. The command history could be

Threat-Intelligence-Data - Snort_rules detection bad actors.

Se ha identificado una vulnerabilidad de ejecución remota de código en Hewlett Packard Enterprise Intelligent Management Center (iMC).

Oracle ha publicado una vulnerabilidad de severidad crítica cuya explotación puede llevarse a cabo de forma remota y sin necesidad de autenticarse en el sistema. Un atacante podría llegar a comprometer totalmente al Oracle Identity Manager.

Technical articles, content and resources for IT Professionals working in Microsoft technologies

Boletín de noticias de seguridad informática unaaldia, ofrecido por Hispasec

A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group

Apple has patched the KRACK vulnerability in iOS and elsewhere in its product line, closing a key re-installation vulnerability in the WPA2 protocol implemented used by its software.

WordPress versions prior to 4.8.3 are affected by a vulnerability. A remote attacker could exploit this vulnerability to obtain sensitive information.US-CERT encourages users and administrators to review the WordPress Security Release and upgrade to WordPress…

This is the far side of ice, the view of the matrix I've never seen before...

Security firm Sophos uncovered a zero day exploit that targets a 24-year-old data exchange protocol, and it can be used to silently attack machines with very little means of detection.

Nueva actualización para WordPress, la 4.8.3 considerada de seguridad que soluciona un problema grave de seguridad sobre la función $wpdb->prepare() que a pesar de no ser vulnerable por si misma podría llegar a inyectar código SQL a través de peticiones inseguras…