Clik here to view.
The Russian ICC (XI): the ecosystem of intelligence. Companies
When we talk about the relationship of Russian services with companies in the country, it is necessary to emphasize that these services are not interested in any type of organization, only those that...
View ArticleThe Russian ICC (XII): The intelligence ecosystem. Web brigades
The known Web Brigades (or G-team) are groups theoretically linked to the Russian government which participate in forums, social networks, blogs, information websites … to generate a positive image of...
View ArticleClik here to view.
Some vulnerability in ASUS routers
A few months ago, I changed my old TP-LINK router to an ASUS. Since it is the de facto manufacturer recommended by my ISP, in order to avoid any complications that could lead to delays in getting my...
View ArticleClik here to view.
The Russian ICC (XIII): The intelligence ecosystem. Patriotic hackers
The concept of patriotic hacker can be understood as the attacker, in the cyber field, whose activities support in one way or another his country in a real conflict, directed against the enemy of the...
View ArticleClik here to view.
The Russian ICC (XIV): The intelligence ecosystem. Cybercrime
The relations of the Kremlin (by extension, of its intelligence services) with “classic” organized crime, with Russian mafias, is a fact more or less proven. Without going any further, in documents...
View ArticleThe Russian ICC (XV): objectives. Information needs
Let us recapitulate: so far we have made several entries concerning the Russian ICC, in which we have contextualized Russian intelligence, we have described its different services with cyber...
View ArticleClik here to view.
The Russian ICC (XVI): objectives. Countries
Any country in the world is a potential target of Russian-or non-Russian-espionage. As an example, infiltration in America has historically been high, not only in the United States, a country of...
View ArticleClik here to view.
The Russian ICC (XVII): objectives. Spain
The First General Directorate of the KGB was responsible for all operations of the service outside the USSR; this Directorate included departments focused on different geographical areas of the world,...
View ArticleClik here to view.
The Russian ICC (XVIII). Conclusions
For a few months we have published a series of posts about Russian cyber intelligence in SecurityArtWork, which we hope you have liked and they have helped you to better understand Russian...
View ArticleClik here to view.
Linux.IotReaper Analysis
A couple of days ago we learned about the existence of a new threat IoT considerably more elaborated than any of the ones detected to date...
View ArticleClik here to view.
Security of blockchain-based smart contracts I
Recently, blockchain technology has been advocated as a game changer for many industries. Distributed ledger technology that has emerged out of Bitcoin has promising applications beyond digital...
View ArticlePublication of the NIS Implementation Regulation (for digital service providers)
(This entry has been prepared in collaboration with Ana Marzo, from Equipo Marzo, which provided a good part of the information). Just a couple of weeks ago Ana March, from Equipo Marzo, an attorney...
View ArticleClik here to view.
Analysis of Linux.Okiru
In keeping with our campaign of detection and documentation of IoT botnets, a few days ago we found another threat not classified before. It was first uploaded to the VirusTotal platform on November 3...
View ArticleClik here to view.
Security of blockchain-based smart contracts II – Known Vulnerabilities and...
In the previous part of this series on blockchain security we looked at the risks associated with deploying autonomously executing smart contracts on a public blockchain. We also introduced some...
View ArticleClik here to view.
‘Reversing’ of malware network protocols with ‘angr’
One of the most difficult objectives to obtain in the analysis of a malicious binary is usually discovering all of the functionalities that it has. If in addition, these functions are only executed at...
View ArticleThe tools of Gods
Today at SAW we are not going to talk about security but about religion. About the true religion, the good one: about Unix. And about its gods: Kernighan, Ritchie, Thompson … we could cite a few. And...
View ArticleExchange forensics: The mysterious case of ghost mail (I)
(Note: This is a fiction story, the characters and situations are not real, the only real thing is the technical part, which is based on a mixture of work done, experiences of other colleagues and...
View ArticleClik here to view.
Restricted Zone: Geopositioning not allowed
The tendency to “be permanently connected” places at our disposal a series of tools with which to “make our lives more comfortable” but this, in turn, exposes us to multiple threats that may negatively...
View ArticleClik here to view.
CSIRT.es (in English)
Yesterday, CCN-CERT published the communiqué related to the re-launch of the CSIRT.es group, a forum that brings together the response teams to Spanish incidents or areas of action in Spain, and whose...
View ArticleThe GDPR is not a one-day thing
The 25th of May has finally arrived. The D day where all personal data is protected. Where security incidents will no longer occur. Where all the processing of personal data becomes legitimate. Where...
View Article