Monthly Archives: February 2016

Using the Microsoft EMET security tool to hack itself

[pheThe security researchers at FireEye Abdulellah Alsaheel and Raghav Pande have found a way to exploit Microsoft EMET (Enhanced Mitigation Experience Toolkit) to hack itself. The security researchers at FireEye security Abdulellah Alsaheel and Raghav Pande have found a way to … Continue reading

Posted in Cyber Security, Malware, Vulnerabilidad | Tagged | Leave a comment

90 Percent of All SSL VPNs Use Insecure or Outdated Encryption

Many SSL VPNs don’t use the latest encryption tech. Information security firm High-Tech Bridge has conducted a study of SSL VPNs (Virtual Private Networks) and discovered that nine out of ten such servers don’t provide the security they should be offering, … Continue reading

Posted in Vulnerabilidad | Leave a comment

Tim Cook goes off-script describing FBI iPhone backdoor request as ‘cancer’

Say what you like about Apple, one thing is for sure — it is one of the most scripted and tightly-controlled companies in existence. Everything is stage-managed to within an inch of its existence. Leaks about upcoming releases are rare, … Continue reading

Posted in Malware | Tagged | Leave a comment

Operation Blockbuster Coalition Ties Destructive Attacks to Lazarus Group

The nation-state sponsored hacker group allegedly behind the 2014 attack against Sony Pictures Entertainment has been linked to similar intrusions against a number of companies in South Korea including the Dark Seoul and Operation Troy attacks. A coalition of security … Continue reading

Posted in Vulnerabilidad | Leave a comment

HOW TO SECURE DATABASES?

Databases can be a treasure trove of confidential data. Normally most databases contain confidential information, private data of companies, people, intellectual property, employees or customers. Confidential data may include the customer data, employee’s salary data, employee address data, patient records, … Continue reading

Posted in Cyber Security | Tagged , , | Leave a comment

Analysis of CVE-2016-0059 – Microsoft IE Information Disclosure Vulnerability Discovered by Fortinet

This month Microsoft patched two vulnerabilities which were discovered and reported by me, one is an information disclosure vulnerability in Internet Explorer (IE) (CVE-2016-0059 in MS16-009), the other is a memory corruption vulnerability in Microsoft Office (CVE-2016-0055 in MS16-015). In this blog, we will … Continue reading

Posted in Vulnerabilidad | Tagged | Leave a comment

Google Paid $25,633.70 for a Critical Chrome Bug

Google fixes bug for SOP and sandbox mode escape. Google has released version 48.0.2564.116 of its Chrome browser to address a critical issue regarding the browser’s SOP (Same-Origin Policy). The Google Chrome Security team was alerted to the presence of this … Continue reading

Posted in Vulnerabilidad | Leave a comment