Tag Archives: Software Security

Book Review: PoC||GTFO

Yes, I’m back to blogging and doing a book review. I guess better late than never 🙂 This time I’m reviewing the holy hacker book: International Journal of Proof-of-Concept or Get The Fuck Out (PoC||GTFO, ISBN-13: 978-1-59327-880-9). The book sums … Continue reading

Posted in Books, Pentest, Privacy, Security, Technology | Tagged , , , , , | 2 Comments

Equation APT analysis using Security Data Science platform: BinSecSweeper

As many readers already know, at VULNEX we have been working on our BinSecSweeper project whose development began in 2013 thanks to an award by US DARPA within its pilot program Cyber Fast Track (CFT) and we were the only … Continue reading

Posted in Privacy, Security, Technology | Tagged , , , , , , , | Leave a comment

Race to 0day in Nation State Operating Systems

Operating System change is coming… We all know that Windows still dominates the desktop arena with Linux and MacOS trying to catch up and that Android dominates the mobile space with iOS and Windows Phone trying to catch up as … Continue reading

Posted in Privacy, Security, Technology | Tagged , , , , | Leave a comment

Cyber Intelligence Universe

In recent years all “cyber” is fashionable, and intelligence applied to the cyber world could not be less! The concept of intelligence has an offensive meaning due to the use by intelligence and military agencies, but now too many security … Continue reading

Posted in Pentest, Security, Technology, Threat Modeling | Tagged , , , , | Leave a comment

Heartbleed: pain, blood and code

All alarms went off last week when a serious security flaw called Heartbleed in the OpenSSL cryptographic library was published. This library is used by a large part of the servers on the Internet as well as much security software. … Continue reading

Posted in Pentest, Security, Technology | Tagged , , , | Leave a comment

VULNEX Award and RSA USA speaker experience!

February has been both very interesting and busy! On February 17th I had the pleasure of collecting the first award of VULNEX by Spanish security magazine Red Seguridad for IT Innovation for our collaboration with DARPA (Defense Advanced Research Projects … Continue reading

Posted in Conference, Privacy, Security, Technology | Tagged , , , , , | Leave a comment

Enterprise Computer Security must CHANGE

Last week I had the pleasure of giving a talk entitled “Cyber Security: time for change” on my vision of corporate cyber security posture during an event organized by Page Personnel Spain (thanks for having me!), and I already advance … Continue reading

Posted in Pentest, Privacy, Security, Technology | Tagged , , , , , | Leave a comment

AppSecUSA & BinSecSweeper Talk

Last week the OWASP AppSecUSA 2013 conference was held in the legendary New York City , where I had the pleasure of giving a talk on security software development title “Verify Your Software for Security Bugs” and present my new … Continue reading

Posted in Conference, Pentest, Security, Technology | Tagged , , , , , , , | Leave a comment

AppSec: Myths about Obfuscation and Reversing Python

Python is an easy and powerful programming language that allows us to write sophisticated programs: Dropbox and BitTorrent are excellent examples. It is common that Python programs are delivered in source code, but in some cases different techniques like obfuscation … Continue reading

Posted in Pentest, Privacy, Security, Technology | Tagged , , , , , | 13 Comments

OWASP Top Ten 2013 free workshop

Yesterday, July 17th, I taught a free workshop about the OWASP Top Ten 2013 which was published recently that describes the 10 most common vulnerabilities in Web applications. This free workshop is a collaboration between the Catedral de Innovación of … Continue reading

Posted in Security, Technology, Threat Modeling | Tagged , , , , , , | Leave a comment