IT Systems and networks administration

Linux Capabilities and how to avoid being root

Sudo and setuid permissions are common methods to allow normal users to perform privileged tasks. However, both mechanisms involve elevated privileges and potentially dangerous. Solution? Use of Linux kernel capabilities.

Tags:

The importance of system hardening

Complaining is part of human nature. When it rains, why is it raining? When it is hot, why is it hot? When Real Madrid wins, why does Barcelona not lose, and vice-versa? The issue is that we complain. However, we do not always think what we can do to change or improve the causes of our complaints. Of course, not everything is under our control or in our hands, but we can do a lot, beginning...

Tags:

iOS

Best practices

Data protection

Malware in Linux: Rootkits, concealment and detection

In previous papers have discussed the main types of rootkits in Linux and its operation. Some methods are described for this type of malware to hide and what you can do to try to detect them.

Tags:

Linux

Rootkit

Threats

Emerging Evasion Techniques: Domain Shadowing

The malware in general and in particular botnets maintain a constant battle to operate through internet and avoid detection. Techniques like blacklisting domains and sinkholing are bypassed with various countermeasures. Let's talk about domain, a recent mechanism of evasion.

Tags:

Botnet

Firewall

Malware in Linux: Kernel-mode-rootkits

The kernel-mode rootkits are one of the most fearsome threats because of their level of sophistication and difficulty of detection. Know how this type of rootkits in Linux systems work.

Tags:

Malware in Linux: Rootkits, introduction and classification

It is common to hear statements like "I can't possibly have a virus, because I use Linux" or "There aren't any viruses on Macs". It is very well known that these ideas are completely false. Here is a good place to look at why.

Tags:

Report on the Android Malware Situation

Being Android is the most widely used mobile platform, it has become the most frequently attacked system by cybercriminals.

Tags:

Android

Antivirus

Malware

Study of the security in cloud storage services: Analysis of Dropbox and Mega

Cloud storage services are receiving increasing popularity. But, how to choose among al the available alternatives? In this study, the main factors affecting security are described, creating a common framework for their analysis. Subsequently, these principles are applied for analyzing two of the main current solutions: Dropbox and Mega.

Tags:

Cloud computing

Cryptography

Studies & stats

SELinux and Mandatory Access Control

In a previous article about basic access control mechanisms in systems security we introduced Mandatory Access Control (MAC) as a more accurate mechamism than basic access control. Now we are talking about of SELinux as an example of Mandatory Access Control.

Tags:

Best practices

Linux

Vulnerability

Contactless payment? Not on my shift...

Mobile Pwn2Own 2014, an event focused on discovering vulnerabilities targeting last generation mobiles, compromised five top quality smartphones. Different techniques were used to compromise these, being NFC the technology used to vulnerate Samsung Galaxy 5 and LG Nexus 5 and getting control of the mobile. It is not the first time NFC stars in security news. Not too long ago we could see how a...

Tags:

Android

Biometrics

Social engineering

Corporate access

IT Systems and networks administration

Linux Capabilities and how to avoid being root

The importance of system hardening

Malware in Linux: Rootkits, concealment and detection

Emerging Evasion Techniques: Domain Shadowing

Malware in Linux: Kernel-mode-rootkits

Malware in Linux: Rootkits, introduction and classification

Report on the Android Malware Situation

Study of the security in cloud storage services: Analysis of Dropbox and Mega

SELinux and Mandatory Access Control

Contactless payment? Not on my shift...

Pages