How to create a subdomain enumeration toolkit
Introduction A domain name is an important part of the reconnaissance process during a security assessment or even for many bug bounty challenges. In this…
Categoria: computer security
Fuzzing introduction: Definition, types and tools for cybersecurity pros
Introduction Fuzzing is a black-box software testing technique and consists of finding implementation flaws and bugs by using malformed/semi-malformed payloads via automation. Fuzzing an application…
Ransomware deletion methods and the canary in the coal mine
Introduction Ransomware is an emergent threat. Every week, there is a new and notable outbreak of this class of data encryption malware. From Ragnar Locker to Netwalker, the threats…
NIST ransomware recovery guide: What you need to know
NIST ransomware recovery guide: What you need to know.
How to protect files with canary tokens
This article provides some hints and tricks on keeping data away from hackers. However, we will not describe an approach to stop the exploitation of vulnerabilities and the leak of information. Instead, a method based on canary tokens can be used by developers and IT professionals to receive alerts when something strange happens in their infrastructures and applications.
Para quando o fim dos ciber-ataques?
Para quando o fim dos ciber-ataques? Conheça aqui a matemática dos incidentes em Portugal submetidos durante 2020 no 0xSI_f33d.
RCE will not be fixed on Cisco EOL Business routers
RCE will not be fixed on Cisco EOL Business routers.
Facebook users’ leak – just another thread … the same data observed in 2019
Facebook users’ leak – just another thread … the same data observed in 2019.
Exchange chain CVE-2021-26855 and CVE-2021-27065 walkthrough
In recent days, Exchange has been exposed to several critical exploits explored in the wild. CVE-2021-26855 and CVE-2021-27065 are the two flaws involved in this…
A new malware dropper identified in 9 android apps on PlayStore
New malware dropper identified in 9 android apps on PlayStore.
Operação organizada a nível global derruba botnet do Emotet
Operação organizada a nível global derruba botnet do Emotet.
Vulnerabilidade recém descoberta permite obter RCE via ataques NTLM relay
Vulnerabilidade recém descoberta permite obter RCE via ataques NTLM relay.
Newsletter, 14 december 2020
Adrozek pode infetar 30.000 dispositivos num só dia Adrozek pode infetar 30.000 dispositivos num só dia, diz a Microsoft. . Ler mais Vulnerabilidade zeroday…
The global impact of the Fortinet 50.000 VPN leak posted online
The global impact of the Fortinet 50.000 VPN leak posted online, with many countries impacted, including Portugal.
Newsletter, 23 november 2020
20 Novembro, 2020 A equipa do Drupal CMS mitiga a vulnerabilidade CVE-2020-13671 (RCE) A equipa do Drupal CMS mitiga a vulnerabilidade CVE-2020-13671 que permite a…
Kali Linux 2020.4 Released: 6 novas features lançadas nesta nova versão
Kali Linux 2020.4 Released: 6 novas features lançadas nesta nova versão.