Last May 10 and 11 the course of Computer Forensic Expert was held in Reus (Spain) by the Asociación Nacional de Tasadores y Peritos Judiciales Informáticos (ANTPJI), which I am member and one of the instructors, where I had the pleasure of giving a talk on two of my passions such as Python and OSINT (Open Source Intelligence).
Python is a great language to quickly develop all kinds of powerful applications with lots of libraries . . . → Read More: OSINT + Python = Custom Hacking
The other day helping out a client to develop secure software it came to my mind that this topic could be of interest to my readers. Obviously this topic is quite wide, but in this article I will focus in a patch for the GCC compiler, which improves the protection of stack protector (stack canary) mitigating buffer overflow vulnerabilities.
Stack Protector Strong is a patch developed at Google and applied to the Chromium project (browser . . . → Read More: AppSec: Improve your software security with GCC Stack Protector Strong
If you like reverse engineering and want to learn all the secrets of IDA Pro, this is your book. This work written by Chris Eagle, a top expert on the subject, reveals the power of the best tool for reverse engineering. The IDA Pro, 2nd Edition (ISBN-13: 978-1593272890) along its 26 chapters describes how to use IDA Pro and all its options, as well as the decompiler, debugger and the emulator, and of course the . . . → Read More: Book Review: The IDA Pro Book, 2nd edition
Last Thursday 14 and Friday 15 March the Conference Black Hat Europe was held in the great city of Amsterdam, a mandatory event for cyber security experts.
For second year running I presented on R&D outlining the security posture of Anti-Theft programs for computers and Smartphones.
As always the event had interesting lectures and other not that much, but I recommend the reader to check them all and decide what you like most. The topics . . . → Read More: Back to Black Hat Europe and my talk on Anti-Theft
In time of crisis there is much speak about entrepreneurship as the engine to lift the economy, or at least in the Spanish crisis. Now well, who assists entrepreneurs?
As readers know I am the founder of VULNEX, a technology startup that offers highly specialized offensive and defensive cyber security services. In recent months I have been talking with tech giants such as Dell and IBM Spain to acquire a few servers that will allow . . . → Read More: Dell, IBM and possible other tech giants should be ashamed
You know you are in Texas when you get out of the plane and hear country music through the airport and I was there indeed because the 25 and 26th of October the OWASP AppSec USA conference was taking place in Austin, Texas, where I participated with a presentation on Web Honeypots.
The conference had more than 800 attendees, free and paid courses on different application security topics during the days 23 and 24, and . . . → Read More: AppSec USA 2012: the experience
Last June a malware that infected AutoCAD for Windows was identified and is responsible for the theft of thousands of documents. AutoCAD is a popular program for 2D and 3D drawings that is used to design all kinds of products, such as homes, cars, aerospace and in defense, so it is really interesting for industrial espionage. In this post we will study a malware known as Medre.
From a technical point of view is a . . . → Read More: Medre, AutoCAD Malware: The spy inside the cad
[Español] La semana pasada Kaspersky publicó un artículo sobre un nuevo malware que afectaba a iPhone y Android, y esta App estaba disponible en sus mercados oficiales. Al ser el primer malware que aparece en el iPhone Market he pensado que seria interesante examinarla, así que una vez obtenidas copias de ambas Apps hemos procedido a su análisis.
[English] Last week Kaspersky published an article about a new malware affecting Android and iPhone, and . . . → Read More: “Find And Call” Smartphone Malware Analysis