Thursday, October 1, 2015

Hacking with Spanish flavour

Read, practice and be constant. If you want to be a hacker and dedicate to computer security, forget collecting blogs, following an infinite list of Twitter accounts and seeing a few Youtube tutorials. This isn’t the way, but reading in depth, practicing as much as you can, and spending a lot of time. These are the advices of the Spanish hackstar Chema Alonso in his last video, which opens this post with an unusual 100% Spanish flavour. From Spanish cyber defense until cash dispensers. Olé.


“Through the years I receive a lot of petitions of advices about how to learn hacking or IT security”, says the famous expert of cyber security Chema Alonso, The Evil. A topic he wrote on countless occasions (for example, once, and once more, and once again), but he has so many petitions that he has decided to face them on video and explain not only his three main advices (read, practice, be constant), but also mention the basic book to start in this world, even making a tour along the blogosphere made in Spanish. Yes, he forgot us (CIGTR), but we don’t consider it this time ;-)

Another one who "sticks up for" and not for saying beautiful things precisely, was the responsible of the national Spanish cyber defense, the general Carlos Gómez López de Medina. He did it the last 24 of September in the Cyberdefense convention in Paris (Francia) and in his intervention exposed the reasons why Spain would be on the top of the fight against cybercrime. One Magazine brings us the most important part of this information, where we found words like Islamic State, national strategy or OTAN’s Center of Excellence.

We continue with the notorious Spanish accent of this post with the specialized blog Security By Default (yes, it's a Spanish blog despite of the name) who gives us in this recent dates a large and well documented post about the security in cash dispensers. It’s only an introduction to the topic, according to the authors, but with so many technical references and specific nomenclature that its reading is applicable both for the amateurs who talk to in his video Chema Alonso, and for the military in charge of López de Medina.

At last, in another Spanish referent source of the sector, like We Live Security, we found a classic 0-day: a critic vulnerability with a 9 in the CVSS score, which affects to one of the most popular tools for computer users, like the WinRAR compressor. The report, published on SecLists, is signed by the researcher Mohammed Reza Espargham, and talks about a vulnerability found in the software SFXv5.21, which allowed hackers to execute codes remotely to compromise a device.

Meanwhile, one conference more and more important is already going on : Navaja Negra, from Albacete. The information could have Spanish, English, Indian, Chinese, Russian, or other kind of accents all around the world. But the advices are universal and the worry is the same for any conscious user of digital tools: the key of a good experience is managing the best you can the risk who we are constantly exposed to.

0 comments:

Post a Comment