“VirusTotal​ Windows Uploader” poor design of privacy

Something to share with you, which I am not sure is known enough: Recently, while I was tweaking a network monitoring systems, I noticed an upload of a file that its name included a full local Windows file path, ending with a name of a file I uploaded to VirusTotal, using their Windows application – ...

Possible vulnerability in F5 BIG-IP LTM

Possible vulnerability in F5 BIG-IP LTM
About a year ago, while I was performing a web site penetration test for a customer, I run a manual fuzzing phase, where I like to “question” even the most basic networking and application conventions, and this time it paid off more than the usual… The site was behind a “F5 Networks” BIG-IP device, running ...

How to protect yourself from the Samsung keyboard vulnerability in Android devices

A few weeks ago, on June 2015, the mobile devices security company “NowSecure”, has published a post about a vulnerability they have found, titled “Remote Code Execution as System User on Samsung Phones Summary”, discovered by its researcher, Mr. Ryan Welton. This research was also marked using two official vulnerability identifications of CVE-2015-4640 and CVE-2015-4641. ...

Microsoft’s detective

Just over a year ago, when I went through the logs of an IPS located at a dedicated and internal network (not facing the Internet or any external networks), I saw DHCP activity. Since this is a servers based environment, presumably they all should have a fixed IP address, so any DHCP activity may indicate ...