SSL Domain Fronting 101
If you’re new to the domain fronting concept, I suggest you start by reading Simplifying Domain Fronting .
http://www.rvrsh3ll.net/blog/offensive/ssl-domain-fronting-101/
If you’re new to the domain fronting concept, I suggest you start by reading Simplifying Domain Fronting .
http://www.rvrsh3ll.net/blog/offensive/ssl-domain-fronting-101/
TUTELAGE: Malware Defense Infrastructure (NSA/CSS)
https://www.slideshare.net/kibyesUn/nsa-css-tutelage
#tutelage #malware
https://www.slideshare.net/kibyesUn/nsa-css-tutelage
#tutelage #malware
Tracking terrorists online might invade your #privacy
http://www.bbc.com/future/story/20170808-tracking-terrorists-online-might-invade-your-privacy
http://www.bbc.com/future/story/20170808-tracking-terrorists-online-might-invade-your-privacy
WPScripts
Coleccion de Scripts para auditar redes WiFi con el Protocolo WPS activo
https://github.com/0x90/wps-scripts
Enviado por @Drok3r
Coleccion de Scripts para auditar redes WiFi con el Protocolo WPS activo
https://github.com/0x90/wps-scripts
Enviado por @Drok3r
GitHub
GitHub - 0x90/wps-scripts: WPS hacking scripts
WPS hacking scripts. Contribute to 0x90/wps-scripts development by creating an account on GitHub.
Malicious code written into DNA infects the computer that reads it
https://techcrunch.com/2017/08/09/malicious-code-written-into-dna-infects-the-computer-that-reads-it/amp/
https://techcrunch.com/2017/08/09/malicious-code-written-into-dna-infects-the-computer-that-reads-it/amp/
How to Calculate Network Addresses with ipcalc
https://www.linux.com/learn/intro-to-linux/2017/8/how-calculate-network-addresses-ipcalc
https://www.linux.com/learn/intro-to-linux/2017/8/how-calculate-network-addresses-ipcalc
Pafish - Tool to Detect Sandboxes and Analysis Environments in the Same Way as… https://github.com/a0rtega/pafish #Malware #MalwareAnalysis
New Type of Brute Force Attack on Office 365 Accounts
Sophisticated and coordinated hackers are constantly adapting and using innovative techniques to gain unauthorized access to corporate data. Recently, 48 Office 365 customers experienced exactly this kind of threat where an attacker implemented a new strategy to try to access high-level information.
The brute force login attack was unique in that it was directed against a few key targets across multiple companies instead of casting a wider net against as many users as possible. There were 100,000 failed-login attempts originating from 67 IPs and 12 networks over a period of nearly 7 months.
https://www.tripwire.com/state-of-security/featured/new-type-brute-force-attack-office-365-accounts/
Sophisticated and coordinated hackers are constantly adapting and using innovative techniques to gain unauthorized access to corporate data. Recently, 48 Office 365 customers experienced exactly this kind of threat where an attacker implemented a new strategy to try to access high-level information.
The brute force login attack was unique in that it was directed against a few key targets across multiple companies instead of casting a wider net against as many users as possible. There were 100,000 failed-login attempts originating from 67 IPs and 12 networks over a period of nearly 7 months.
https://www.tripwire.com/state-of-security/featured/new-type-brute-force-attack-office-365-accounts/
APT28 Targets Hospitality Sector, Presents Threat to Travelers.
The malicious document – Hotel_Reservation_Form.doc (MD5: 9b10685b774a783eabfecdb6119a8aa3), as seen in Figure 1 – contains a macro that base64 decodes a dropper that then deploys APT28’s signature GAMEFISH malware (MD5: 1421419d1be31f1f9ea60e8ed87277db), which uses mvband.net and mvtband.net as command and control (C2) domains.
https://www.fireeye.com/blog/threat-research/2017/08/apt28-targets-hospitality-sector.html
The malicious document – Hotel_Reservation_Form.doc (MD5: 9b10685b774a783eabfecdb6119a8aa3), as seen in Figure 1 – contains a macro that base64 decodes a dropper that then deploys APT28’s signature GAMEFISH malware (MD5: 1421419d1be31f1f9ea60e8ed87277db), which uses mvband.net and mvtband.net as command and control (C2) domains.
https://www.fireeye.com/blog/threat-research/2017/08/apt28-targets-hospitality-sector.html
FireEye
APT28 Targets Hospitality Sector, Presents Threat to Travelers
The hospitality sector is being actively targeted in a campaign that FireEye attributes with moderate confidence to APT28.
Safari null ptr crash:
<script>var s = new window.webkitOfflineAudioContext(2,44100*0x41414141, 44100);</script>
<script>var s = new window.webkitOfflineAudioContext(2,44100*0x41414141, 44100);</script>
RUSSIA'S 'FANCY BEAR' HACKERS USED LEAKED NSA TOOL TO TARGET HOTEL GUESTS.
https://www.wired.com/story/fancy-bear-hotel-hack/
https://www.wired.com/story/fancy-bear-hotel-hack/
Ad blocking is under attack!
Well, this is huge, so I'd like to draw your attention to what's happening right now. This is a very alarming case, and it concerns every ad blocker user.
https://blog.adguard.com/en/ad-blocking-is-under-attack/
Well, this is huge, so I'd like to draw your attention to what's happening right now. This is a very alarming case, and it concerns every ad blocker user.
https://blog.adguard.com/en/ad-blocking-is-under-attack/
Attacking Self-Hosted Skype for Business/Microsoft Lync Installations
https://www.trustedsec.com/2017/08/attacking-self-hosted-skype-businessmicrosoft-lync-installations/
https://www.trustedsec.com/2017/08/attacking-self-hosted-skype-businessmicrosoft-lync-installations/
TrustedSec
Cybersecurity Education from the Experts | TrustedSec Blog Posts
Learn more about how to safeguard your company through our educational blog posts on everything from updated tech to the newest scams infiltrating organizations today.
Vehículos autónomos hackeados con falsas señales de tráfico
Cada día somos testigos de nuevos avances en la conducción autónoma de vehículos. Muchas empresas presentan prototipos y algunos incluso ya lo tienen en producción como Tesla autopilot. Estos vehículos son capaces de analizar el entorno que les rodea y de esa forma conducir por ellos mismos, sin intervención humana alguna.
http://www.elladodelmal.com/2017/08/vehiculos-autonomos-hackeados-con.html
Cada día somos testigos de nuevos avances en la conducción autónoma de vehículos. Muchas empresas presentan prototipos y algunos incluso ya lo tienen en producción como Tesla autopilot. Estos vehículos son capaces de analizar el entorno que les rodea y de esa forma conducir por ellos mismos, sin intervención humana alguna.
http://www.elladodelmal.com/2017/08/vehiculos-autonomos-hackeados-con.html
Project Sonar - Mo' Data, Mo' Research
Since its inception, Rapid7's Project Sonar has aimed to share the data and knowledge we've gained from our Internet scanning and collection activities with the larger information security community. Over the years this has resulted in vulnerability disclosures, research papers, conference presentations, community collaboration and data. Lots and lots of data.
https://community.rapid7.com/community/infosec/blog/2017/05/09/sonar-mo-data-mo-research
Since its inception, Rapid7's Project Sonar has aimed to share the data and knowledge we've gained from our Internet scanning and collection activities with the larger information security community. Over the years this has resulted in vulnerability disclosures, research papers, conference presentations, community collaboration and data. Lots and lots of data.
https://community.rapid7.com/community/infosec/blog/2017/05/09/sonar-mo-data-mo-research
Malware Analysis ElmersGlue Ransomware (another skid #ransomware with hardcoded key)
https://www.youtube.com/watch?v=x11AQ3iu8dI
https://www.youtube.com/watch?v=x11AQ3iu8dI
YouTube
Malware Analysis ElmersGlue Ransomware
Ring Ø Labs is a Reverse Engineering site dedicated to analyzing malware, researching emergent security topics, and hacking the planet. www.RingZeroLabs.com ...
Así las cosas con el bitcoin en este momento 😬
1 #bitcoin = $67255.00 MXN
$3773.71 USD
1 USD = 17.82MXN
1 #bitcoin = $67255.00 MXN
$3773.71 USD
1 USD = 17.82MXN