Tag Archives: Information Security

Book Review: PoC||GTFO

Yes, I’m back to blogging and doing a book review. I guess better late than never 🙂 This time I’m reviewing the holy hacker book: International Journal of Proof-of-Concept or Get The Fuck Out (PoC||GTFO, ISBN-13: 978-1-59327-880-9). The book sums … Continue reading

Posted in Books, Pentest, Privacy, Security, Technology | Tagged , , , , , | 2 Comments

A Security Breach Can Hurt You, More Than You Think!

Week after week we read about security breaches in top websites around the world, where millions of user’s data are exposed and the company not even reply with an apology. Until now nobody in management (your typical C-level) assumed any … Continue reading

Posted in Security, Technology | Tagged , , , | Leave a comment

Cyber Intelligence Universe

In recent years all “cyber” is fashionable, and intelligence applied to the cyber world could not be less! The concept of intelligence has an offensive meaning due to the use by intelligence and military agencies, but now too many security … Continue reading

Posted in Pentest, Security, Technology, Threat Modeling | Tagged , , , , | Leave a comment

Heartbleed: pain, blood and code

All alarms went off last week when a serious security flaw called Heartbleed in the OpenSSL cryptographic library was published. This library is used by a large part of the servers on the Internet as well as much security software. … Continue reading

Posted in Pentest, Security, Technology | Tagged , , , | Leave a comment

Enterprise Computer Security must CHANGE

Last week I had the pleasure of giving a talk entitled “Cyber Security: time for change” on my vision of corporate cyber security posture during an event organized by Page Personnel Spain (thanks for having me!), and I already advance … Continue reading

Posted in Pentest, Privacy, Security, Technology | Tagged , , , , , | Leave a comment

AppSecUSA & BinSecSweeper Talk

Last week the OWASP AppSecUSA 2013 conference was held in the legendary New York City , where I had the pleasure of giving a talk on security software development title “Verify Your Software for Security Bugs” and present my new … Continue reading

Posted in Conference, Pentest, Security, Technology | Tagged , , , , , , , | Leave a comment

A Spanish startup selected by the DARPA Cyber Fast Track (CFT)

The security landscape changed in August 2011 at the Black Hat Conference when the legendary hacker of the L0pht Peiter “Mudge” Zatko presented the new program Cyber Fast Track (CFT) (DARPA-PA-11-52) from DARPA (Defense Advanced Research Projects Agency of the … Continue reading

Posted in Business, Pentest, Security, Technology | Tagged , , , , , | Leave a comment

What’s the point of reporting 0day?

In the last weeks the news related to PRISM has not stopped since leaked by Edward Snowden, who worked for Booz Allen Hamilton, a defense contractor for the NSA. One interesting outcome of these leaks is the NSA access to … Continue reading

Posted in Business, Microsoft, Pentest, Security, Technology | Tagged , , , , , , , , , , | Leave a comment

AppSec: Build Rooted Detection in your App

For various reasons many Apps need to detect if the phone has been “rooted” and in this article will see different techniques for this purpose. Since it is common to see this type of questions in development forums, I thought … Continue reading

Posted in Pentest, Privacy, Security, Technology, Threat Modeling | Tagged , , , , , , , | Leave a comment

My 10 Cyber Weapons Tool List

Few weeks ago the media did publish that the US Air Force has classified 6 tools as cyber weapons, no doubt a hot topic. For this post I will do the same and put a list of 10 tools that … Continue reading

Posted in Pentest, Security, Technology | Tagged , , , , , , , , , , | 1 Comment