Natural disasters are unexpected events that can cause severe financial and environmental loss as well as the loss of human life. As an enterprise, it is our responsibility to ensure that proper recovery strategies are in place, just in case these natural calamities occur. In order to tackle these […]
In my last article, I explained some of the problems millions of users have had with the most popular productivity applications.
Microsoft and Adobe are trying to get users to buy SaaS (software as a service) products. I figure they see two upsides to that. One, they project they’ll make […]
2014 has been a very interesting year with some really big data breaches on companies like Sony, eBay, Dominos and widespread software vulnerabilities like Shellshock and Heartbleed. The number of security breaches continue to rise and with the introduction of wearables and rise in the use of smartphones, we […]
The null character is a control character with the value zero. It is presented in many character sets such as ASCII (American Standard Code of for Information Interchange), Unicode (Universal Character Set) and EBCDIC (Extended Binary Codded Decimal Interchange Code), as well as in programming languages like C, PHP, […]
In this article we will look at all the things you need to do to set up a pentesting platform on iOS 8 and be comfortable with using all the tools.
Jailbreaking your device
If your device is running iOS 8.1 or earlier, you can use pangu to jailbreak your device. […]
This technique is used in scenarios where critical information such as Social Security Number (SSN) or Personal Identification Number (PIN) is otherwise not easily available.
Basically, web injects is a technique of injecting unauthorized web content into incoming HTTP response data.
The web page content manipulation is possible through browser […]
Cyber security is of paramount importance nowadays, since there are ongoing threats jeopardizing our overall web experience. Malware and hackers have been getting more sophisticated, and there have been more difficulties in trying to keep all the dangers at bay.
This is why it is a great thing to become […]
Why are malware authors so interested in banking malware? Simply because this is where the money is! Nowadays, banking malware, specifically banking Trojans, are reaching alarming new levels of sophistication. Each day, new names and new variations are constantly being introduced into the wild to thwart detection by antivirus […]
With just a few days until the end of 2014, it’s time to analyze what’s happened in the last twelve months. I would like to analyze with you the main events that have characterized the security threat landscape in 2014 and try to make predictions for 2015.
2014: Reviewing my predictions
With the assumption that readers have read Part 1 of this topic, this article will contain the other part of this article, i.e. what benefits an attacker gets from flux networks, why it is difficult to detect flux networks in your environments, and recommended ways to detect a fast […]
It’s a real bummer when people spend a lot of their money on AAA PC games only to not be able to play them. Major publishers like EA, Activision, and Ubisoft are pushing their own online services, requiring their PC and console games to connect to their servers for […]
During an analysis, it can be really useful to know some common instructions with which malware, and more specifically shellcodes, achieve their goals.
As we can imagine, these sets of common instructions could be used first to locate and later to analyze and/or to identify general threats: embedded or injected […]
A VPN (Virtual Private Network) enables connections between clients and servers from multiple different internal networks across a public network (like the Internet) as if the nodes were located in the same private network. Since the communication is transferred across the public network, it must be properly encrypted to […]
Hopefully you are familiar with Assembly language and have some little knowledge on how to use reverse engineering tools such as Debuggers, Disassemblers, PE Analyzers, etc.
This article will only concentrate on the RSA cryptosystem and how to reverse it to get a valid key for your name. We will […]
Years of discussion on the right to have a free and open Internet have not yet solved the matter, and the issue is still a subject of heated debate for stakeholders: users, telecommunications companies and governments. The discussion revolves not only around the ability of government to control information […]
In this article, we will see how a developer can perform basic checks to programmatically detect if the app is running on an emulator and stop executing the app if an emulator is detected. We will then see how an attacker can easily bypass these checks by using some […]
In this series of articles, we will learn about a not-so-new type of attack, but one of the most difficult attacks to control. Yes, we will lean about the demon Fast Flux!! In this article, we will learn about what exactly Fast Flux is, types of Fast Flux, and […]
The rapid diffusion of mobile technology and the convergence of numerous services that use the paradigms, including social networking, cloud computing and payment, are urging IT and security industries to develop new solutions for the user authentication.
Passcodes, PINs and thumbprints are a few samples of mechanisms that could be […]
The term “jailbreaking” refers to circumventing security measures of a mobile operating system with the aim to install unauthorized software. The term originates from the very first hacks on iPhones. The purpose of these hacks was to break the jailed environment of iPhones, which imposed restrictions on what […]
In this article, we will discuss broken cryptography in Android applications. Broken cryptography attacks come into the picture when an app developer wants to take advantage of encryption in his application. This article covers the possible ways where vulnerabilities associated with broken cryptography may be introduced in Android apps. […]