Tag Archives: attack vector

Mirai DDoS Botnet: Source Code & Binary Analysis

Mirai is a DDoS botnet that has gained a lot of media attraction lately due to high impact attacks such as on journalist Brian Krebs and also for one of the biggest DDoS attacks on Internet against ISP Dyn, cutting … Continue reading

Posted in Privacy, Security, Technology | Tagged , , , , , , | Leave a comment

A Security Breach Can Hurt You, More Than You Think!

Week after week we read about security breaches in top websites around the world, where millions of user’s data are exposed and the company not even reply with an apology. Until now nobody in management (your typical C-level) assumed any … Continue reading

Posted in Security, Technology | Tagged , , , | Leave a comment

Race to 0day in Nation State Operating Systems

Operating System change is coming… We all know that Windows still dominates the desktop arena with Linux and MacOS trying to catch up and that Android dominates the mobile space with iOS and Windows Phone trying to catch up as … Continue reading

Posted in Privacy, Security, Technology | Tagged , , , , | Leave a comment

Cyber Intelligence Universe

In recent years all “cyber” is fashionable, and intelligence applied to the cyber world could not be less! The concept of intelligence has an offensive meaning due to the use by intelligence and military agencies, but now too many security … Continue reading

Posted in Pentest, Security, Technology, Threat Modeling | Tagged , , , , | Leave a comment

Theoretical attacks on a Sex Robot: Roxxxy

The True Companion company markets for the last few years the first robot to have sex with: Roxxxy. Unfortunately it is not possible to find too much information about the technical features of the robot on the company website, but … Continue reading

Posted in Security, Technology, Uncategorized | Tagged , , | 2 Comments

Heartbleed: pain, blood and code

All alarms went off last week when a serious security flaw called Heartbleed in the OpenSSL cryptographic library was published. This library is used by a large part of the servers on the Internet as well as much security software. … Continue reading

Posted in Pentest, Security, Technology | Tagged , , , | Leave a comment

The need to evolve defensive security to offensive security

This morning I saw a job offer from Facebook looking for offensive security engineers and I thought it would be a wonderful opportunity to explore this idea and its application in corporate security. Traditionally information security in enterprises has a … Continue reading

Posted in Pentest, Security | Tagged , , , | 2 Comments

Enterprise Computer Security must CHANGE

Last week I had the pleasure of giving a talk entitled “Cyber Security: time for change” on my vision of corporate cyber security posture during an event organized by Page Personnel Spain (thanks for having me!), and I already advance … Continue reading

Posted in Pentest, Privacy, Security, Technology | Tagged , , , , , | Leave a comment

AppSec: Myths about Obfuscation and Reversing Python

Python is an easy and powerful programming language that allows us to write sophisticated programs: Dropbox and BitTorrent are excellent examples. It is common that Python programs are delivered in source code, but in some cases different techniques like obfuscation … Continue reading

Posted in Pentest, Privacy, Security, Technology | Tagged , , , , , | 13 Comments

OWASP Top Ten 2013 free workshop

Yesterday, July 17th, I taught a free workshop about the OWASP Top Ten 2013 which was published recently that describes the 10 most common vulnerabilities in Web applications. This free workshop is a collaboration between the Catedral de Innovación of … Continue reading

Posted in Security, Technology, Threat Modeling | Tagged , , , , , , | Leave a comment