security Archive

BlackArch Linux

While reading through my feed I came across a post from RedesZone which speaks about the latest release of BlackArch Linux. As it seems BlackArch is a pentesting distro built on top of Arch Linux and it’s main advantage is the bundle of over 1500 tools for security professionals. The complete list of tools can

Most people don’t really care

While reading an article on Ars Technica about the fact that 20 hotel chains were hacked and credit card data was exposed I remembered about a local case I came across a while back with a small rural hotel where the reservation system was using an old PHP form to submit the reservation data via

Full Path Disclosure from Kaspersky

If you’d go now to the Kaspersky Cybermap website from a country other than an English speaking one, you would be prompted with a PHP notice and a PHP warning which cause a full path disclosure on Kaspersky’s website: Apparently the cybermap script is supposed to pull the verbiage related with languages other than English

Where Android beats Windows

For quite a while Windows was seen as the worst operating system ever in terms os security. There were so many vulnerabilities in the proprietary source code built by Microsoft that in the early 2000’s in the dawn of botnets a lot of people thought Windows is doomed. And if that weren’t enough the third party

Let’s Encrypt came too late

When I first heard about Let’s Encrypt I was pretty skeptical simply because I didn’t think someone could offer for free what Comodo and many others were offering for at least $50 a year without any backfires. And if the unfair competition perfectly patented before by companies like Microsoft would have been the least of