TARLOGIC's BLOG
Cybersecurity - Page 7

Cybersecurity articles with security analysis and ethical hacking technics information

Google messes up: Office 365 login portal is not from Microsoft
Google messes up: Office 365 login portal is not from Microsoft
Oscar Mallo, Nico Matovelle

«Office 365 login» With those words, many people start their workday to authenticate to Microsoft’s web tools, with which their companies are integrated. This Google search[...]

Read more
OWASP FSTM, stage 4: Extracting the filesystem
OWASP FSTM, stage 4: Extracting the filesystem
Antonio Vázquez, David Sandoval, Jesús María Gómez Moreno, Fran Álvarez Wic

Many IoT devices run an embedded Linux operating system that can be found included in the firmware image, along with the corresponding file systems. This article discusses the iden[...]

Read more
OWASP FSTM, stage 3: Analyzing firmware
OWASP FSTM, stage 3: Analyzing firmware
Jesús María Gómez Moreno, Fran Álvarez Wic, Antonio Vázquez y David Sandoval

Analyzing a firmware dump is not a simple task that can be summarized in simple steps to obtain a formula valid for all cases. Different techniques that can help extracting data fr[...]

Read more
OWASP FSTM, stage 2: Obtaining IOT device firmware
OWASP FSTM, stage 2: Obtaining IOT device firmware
Jesús María Gómez Moreno, Fran Álvarez Wic, Antonio Vázquez Blanco, David Sandoval

This article explains the possible mechanisms for obtaining IoT device firmware[...]

Read more
OWASP FSTM, stage 1: Information gathering and reconnaissance
OWASP FSTM, stage 1: Information gathering and reconnaissance
David Sandoval, Antonio Vázquez Blanco, Jesús Gómez y Fran Álvarez Wic

This article presents the first stage of the OWASP FSTM methodology for firmware analysis of IoT devices.[...]

Read more
If you trade in the Ethereum blockchain, you will lose your money. Here is why
If you trade in the Ethereum blockchain, you will lose your money. Here is why
Jaime Fábregas

You think you have developed a sense of how to invest in the cryptocurrency market? Maybe you can look at a price graph, add a couple of indicators, and tell whether the price will[...]

Read more
Tracking Ethereum blockchain crypto attackers: Measuring sandwich attacks
Tracking Ethereum blockchain crypto attackers: Measuring sandwich attacks
Jaime Fábregas

There are malicious actors perpetrating attacks in the Ethereum blockchain. However, due to its open and public nature, it is possible to identify and track down some of those atta[...]

Read more
CVE-2022-26134. Zero Day vulnerability affecting Atlassian Confluence
CVE-2022-26134. Zero Day vulnerability affecting Atlassian Confluence
Oscar Mallo

A remote code execution vulnerability affecting Atlassian Confluence products has recently been identified and assigned CVE-2022-26134. This vulnerability is exploitable without re[...]

Read more
PLCTool plugin support
PLCTool plugin support
Jesús María Gómez Moreno, Antonio Vázquez Blanco

The newly implemented plugin support of PLCTool allows for the addition of new functionalities without the need of modifying the base code This article presents PLCTool’s plugin [...]

Read more
Introduction to fuzzing: How to automatically discover bugs
Introduction to fuzzing: How to automatically discover bugs
Antonio Vázquez Blanco

Fuzzing techniques are used to detect security breaches and other bugs by generating inputs not contemplated by the programmer ¿What’s Fuzzing? – Security testing Fuzz[...]

Read more
1 4 5 6 7 8 9 10 14
Advanced penetration testing services