Ransomware Payments Are Down
-
Chainalysis reports that worldwide ransomware payments were down in 2022.
Ransomware attackers extorted at least $456.8 million from victims in 2022,
dow...
Weekly Update 332
-
Breaches all over the place today! Well, this past week, and there's some
debate as to whether one of them is a breach, a scrape or if the term just
does...
Analyzing Malicious OneNote Documents
-
About a week ago, I was asked if I had tools for OneNote files. I don’t,
and I had no time to take a closer look. But last Thursday night, I had
some time ...
Happy 20th Birthday TaoSecurity Blog
-
Happy 20th birthday TaoSecurity Blog, born on 8 January 2003.
Thank you Blogger
Blogger (now part of Google) has continuously hosted this blog for 20
y...
Cybersecurity vs. Everyone
-
Cybersecurity leaders not only go against threat actors to defend the
organization but also find themselves at odds with other business
executives. How can...
Why encrypted backup is so important
-
You might have seen the news today that Apple is announcing a raft of
improvements to Macs and iOS devices aimed at improving security and
privacy. These i...
Rebooting
-
I’ve recently had some time to catch up on reading and research. I’ve
decided to start writing again here about cryptography, embedded systems,
and securit...
Heading to Techstrong
-
Posted under: General
The phone rang. On the other end, I heard a booming voice many of you are
familiar with. “Hey Mikey! What’s shaking? What’s your pla...
Satori Updates
-
I've continued to update Satori little by little out there on github.
Both updating the underlying code and fingerprints. Always happy to have
new id...
Ten years, how time flies.
-
Ten years, a decade, it’s a very long time, and yet passes in the blink of
an eye.
I joined Tenable ten years ago, and somehow they have not tired of me ...
The Future of the FTC: Part II
-
A previous blog post discussed FTC Chairwoman Slaughter’s first priority as
the newly designated chairwoman – the COVID-19 pandemic. The FTC’s second
prior...
WeirdAAL update - get EC2 snapshots
-
I watched a good DEF CON video on abusing public AWS Snapshots
https://www.youtube.com/watch?v=-LGR63yCTts
I, of course, wanted to check this out. There a...
SSTIC 2018
-
Nous sommes en 2018. Fuites de données, attaques massives, failles
structurelles, le monde constate chaque jour un peu plus à quel point la
sécurité est ...
En français svp?
-
Mir stelle fest, datt graff vereinfacht, zu Lëtzebuerg 100.000 Lëtzebuerger
schaffen, 100.000 net-Lëtzebuerger Residenten an 200.000 Frontalieren. Datt
ënn...
Rogue One Sequel already being filmed!
-
There’s some really interesting leaked photos and analysis by Charles
Goodman. “Leaked photos from the Rogue One sequel (Mainly Speculation –
Possible Spoi...
VulnHub Stapler 1 Solution 2
-
You can find Solution 1 here.
After spending a night on this, I finally managed to solve the 2nd way to
get limited shell on this box. Let's see how this ...
McAfee SiteList.xml password decryption
-
Recently, a very good friend of mine (@Sn0rkY) pointed me out the story of
a pentester who recovered the encrypted passwords from a McAfee
SiteList.xml fil...
Learning SDR
-
I recently launched Software Defined Radio with HackRF, an instructional
video series that I hope will make it easier than ever for people to learn
the bas...
USENIX Security Symposium Slides
-
We're very happy to present the paper
Revisiting SSL/TLS Implementations - New Bleichenbacher Side Channels and
Attacks
by Christopher Meyer, Juraj Somo...
New Insights into Email Spam Operations
-
Our group has been studying spamming botnets for a while, and our efforts
in developing mitigation techniques and taking down botnets have
contributed in d...
RSA Announces End of RSA Security Conference
-
Aims to bring clarity to cloudy marketing messages through exhibit hall
chotskies Bedford, MA., – April 1, 2014 – RSA, the security division of
EMC, today ...
Samsung Galaxy S5 could be cheaper than Galaxy S4
-
Good news for would-be Samsung Galaxy S5 customers - the main smartphone
may end up being more economical as opposed to Galaxy S4 was when it
established. ...
Why I _am_ Speaking At RSA 2014
-
There’s been quite a bit of drama with regards to whether or not to boycott
the RSA conference over a deal that the RSA security vendor had made with
the N...
Router backdoor reloaded...
-
S i vous avez aimé l'histoire de la backdoor D-Link, vous allez A-DO-RER
celle-ci. C'est encore sur /dev/ttyS0 que ça se passe, où on apprend que
les route...
One year after, end of Magnificent 7 project !
-
It has been a year already since the start of the Magnificient 7 program !
So what happened during this year ? We added some features to enhance your
analy...
Mobile Device Forensics - Course Update
-
It's been a few weeks since the last update, but things have been busy. The
Fall 2012 term is now in Week 5 (wow, the semester is flying by). We've
covered...
NWScript JIT engine: Wrap-up (for now)
-
Yesterday, I provided a brief performance overview of the MSIL JIT backend
versus my implementation of an interpretive VM for various workloads.
Today, I’l...