The National Cybersecurity Institute (INCIBE) and the Organization of American States (OAS) annually organize the Cybersecurity Summer BootCamp, an international training program specialized in cybersecurity aimed at Policy Makers, Security Forces and Bodies, the Public Prosecutor’s Office, Judges and Magistrates and Cyber Incident Response Center Specialists.

This year 2021 the sixth edition of this event will take place, already consolidated as a unique event and of international reference, which is committed to offering cutting-edge training in cybersecurity.

 

Forensic incident workshop:

Real case of credit card skimmer in electronic commerce site

Speaker: Yago Fernández Hansen

Theme: Digital Forensics and Incident Response (DFIR)

Category: Police investigation

Language: Spanish

Date: July 15, 2021

Time: 16:00

Duration: 3h

 

Workshop index:

• Presentation of the workshop. Summary of contents
• Download of the forensic tool by attendees
• Introduction to the actual incident. Credit card theft on a website
• Premises for performance
• Planning
• Obtaining information about the infrastructure
• Hands on lab
• Conclusions, requests and questions

 

Workshop instructions:

• Download the following files and programs before the date of the workshop. Some are large and will require longer times for downloading and installing. Follow the instructions noted below each button.

The post Cybersecurity Summer BootCamp 2021 appeared first on Yago Hansen CV.

Second part published on “The Apple and Google Plan” this time with @yadox our friend and fellow expert in Cybersecurity together with our colleagues will help us understand how our privacy and data will be managed. Maybe we have opened the Pandora’s box or it is already open for a long time. We will tell you our opinions and we will go further, thank Yago Hansen and Yago Jesus for collaborating on these two episodes. Now it’s up to you to play and share the episode. Greetings Applelians.

https://applelianos.podbean.com/e/el-plan-de-apple-y-google-con-yadox-2-parte/

The post Applelianos Community appeared first on Yago Hansen CV.

Pocas personas escriben código y sin embargo el código afecta a muchas personas. Esta es la premisa de un mundo virtual donde las leyes físicas de la naturaleza no son aplicables, el código es ahora la ley que dicta el comportamiento de los internautas. Esta nueva sociedad digital tiene varias tendencias paralelas al mundo físico en el cual vivimos, entre ellas la lucha por el control. De aquí nace el hacktivismo, el activismo y desobediencia social que lucha por tener una voz y pelea por sus derechos.

Programas de radio en Podcast

En este programa se exploran las distintas tendencias de un nuevo mundo digital que no es conocido por muchos. Se dan a conocer las subculturas que han ido creciendo en Internet debido al impulso tecnológico, donde lo que se consideraba ‘underground’ o ‘marginal’ es ahora un impulso social. Se dará a conocer las amenazas cibernéticas que desatan una guerra digital, las tendencias de seguridad informática y un mundo de activistas sociales que luchan ante las corporaciones. Se dará a conocer el mundo de los Hackers.

Robo de identidad en Internet

TITULO: Robo de identidad en Internet
SINOPSIS: En este primer programa de Mundo Hacker debatimos sobre el robo de identidades en Internet. Explica sobre las conductas criminales sobre el robo de identidad y el mal uso que se puede hacer de ella.
PARTICIPANTES: Antonio Ramos Varón, Jean Paul García Morán, Yanko Kolev

La sensibilidad de los datos privados en el e-mail

TITULO: Datos privados en e-mail
SINOPSIS: En los últimos tiempos se habla mucho del robo de información en los sistemas públicos de correo electrónico, como Hotmail, Yahoo, G-mail, etc.
PARTICIPANTES: Antonio Ramos Varón, Jean Paul García Morán, Yanko y Jacinto

Hacktivismo, activismo Social de los hackers

TITULO: Hacktivismo
SINOPSIS: Debate sobre las actividades de grupos sociales hackers o hacktivistas como medio de protesta social y activismo social ético y no-ético.
PARTICIPANTES: Antonio Ramos Varón, Jean Paul García Morán, Jacinto y Yanko

Las Raíces del hacktivismo

TITULO: Las Raíces del hacktivismo
SINOPSIS: Cultura underground sobre los mejores hackers dedicados al hacktivismo como tal del mundo.
PARTICIPANTES: Antonio Ramos Varón, Jean Paul García Morán, Jacinto

Ciberguerra

TITULO: Ciberguerra
SINOPSIS: En este programa tratamos sobre una posible guerra cibernética y las consecuencias que eso podría traer a Gobiernos y Corporaciones.
PARTICIPANTES: Antonio Ramos Varón, Jean Paul García Morán

Inseguridad inalámbrica

TITULO: Inseguridad inalámbrica
SINOPSIS: Tercer capítulo sobre tecnología Wi-Fi y los medios para securizarla, además de sus inseguridaddes vigentes
PARTICIPANTES: Antonio Ramos Varón, Jean Paul García Morán, Jacinto, Yago Hansen

Inseguridad Inalámbrica (I)

TITULO: Inseguridad Inalámbrica (I)
SINOPSIS: Es nuestro primer programa sobre redes inalábricas como Wi-Fi y su seguridad y vulnerabilidad. Presentamos los tipos de hacking y los autores y funciones de cada uno.
PARTICIPANTES: Antonio Ramos Varón, Jean Paul García Morán

Microsoft, la amenaza

TITULO: Microsoft, la amenaza
SINOPSIS: Debate sobre ciberrevolución que se creó en Chile al decidirse un acuerdo comercial por parte del Gobierno con Microsoft como proveedor de Software. Hacktivismo en contra de este acuerdo.
PARTICIPANTES: Antonio Ramos Varón, Jean Paul García Morán, Yago Hansen, Rubén

Firewalls

TITULO: Firewalls
SINOPSIS: Visión amplia y racional de los cortafuegos en formato software o appliance, para conocer a fondo estas herramientas.
PARTICIPANTES: Antonio Ramos Varón, Jean Paul García Morán, Fernado Picouto Ramos

Bluetooth Hacking

TITULO: Bluetooth Hacking
SINOPSIS: Angel y sus colegas comparten sus conocimientos sobre tecnologías inalámbricas Bluetooth y sus usos maliciosos.
PARTICIPANTES: Antonio Ramos Varón, Jacinto, Yanko Kolev, Angel García

Ficheros logs

TITULO: Ficheros logs
SINOPSIS: Describimos los ficheros logs, junto con su importancia y su presencia actual en todos los servidores y equipos de red afecta a cualquier movimiento en la red.
PARTICIPANTES: Antonio Ramos Varón, Jean Paul García Morán, Yanko Kolev

Canales seguros de comunicación

TITULO: Canales seguros de comunicación
SINOPSIS: Todo lo importantes sobre el establecimiento y uso de canales seguros de comunicación, principalmente en Internet.
PARTICIPANTES: Antonio Ramos Varón, Jean Paul García Morán, Yanko, Jacinto

Escaneadores de vulnerabilidades

TITULO: Escaneadores de vulnerabilidades
SINOPSIS: Conocimientos básicos sobre los escaneadores de vulnerabilidades para detectar errores o bugs y posteriormente utilizarlos para penetración en sistemas.
PARTICIPANTES: Antonio Ramos Varón, Jacinto

Inseguridad inalámbrica Wi-Fi (II)

TITULO: Inseguridad inalámbrica Wi-Fi (II)
SINOPSIS: Volvemos sobre el tema de la seguridad en las redes inalámbricas, especialmente Wi-Fi en este segundo programa relacionado.
PARTICIPANTES: Antonio Ramos Varón, Yago Hansen, Jacinto

Los protocolos ARP y RARP

TITULO: Los protocolos ARP y RARP
SINOPSIS: Uso del protocolo ARP y RARP como herramienta para hacking y consecuencias de su utilización en la resolucion de direcciones IP.
PARTICIPANTES: Antonio Ramos Varón, Jean Paul García Morán, Codename

IDS e IPS, detección de intrusos

TITULO: IDS e IPS, detección de intrusos
SINOPSIS: El especialista en seguridad Fernando Picouto da una buena explicación sobre la implementación y el funcionamiento de los sistemas de detección y prevención de intrusos.
PARTICIPANTES: Antonio Ramos Varón, Jean Paul García Morán, Fernando Picouto Ramos

Hardware hacking

TITULO: Hardware hacking
SINOPSIS: Los asistentes explican algunas formas de hacer hacking mediante hardware autoconstruido como keyloggers, cpus, etc.
PARTICIPANTES: Antonio Ramos Varón, Yanko, Jacinto

Keylogger (II) y USB hacks

TITULO: Keylogger (II) y USB hacks
SINOPSIS: Jacinto continúa con su explicación sobre la construcción de un keylogger made in Hell e introducción a los pendrive ladrones de información o USB hacks.
PARTICIPANTES: Antonio Ramos Varón, Yago Hansen, Jacinto y Yanko Kolev

Phreaking

TITULO: Phreaking
SINOPSIS: Tratamos sobre las técnicas actuales que se utilizan para el cracking de telefonía tanto fija como móvil.
PARTICIPANTES: Antonio Ramos Varón, Yanko Kolev, Jacinto, Jesus FK

Inyección de Código SQL

TITULO: Inyección de Código SQL
SINOPSIS: Explicamos las posiblidades y el nivel de peligrosidad de los ataques de inyección de código SQL generando procedimientos almacenados muy peligrosos.
PARTICIPANTES: Antonio Ramos Varón, Maikel, Jacinto, Quark

MD5 y SHA1, Ataques de colisión

TITULO: MD5 y SHA1, Ataques de colisión
SINOPSIS: Explicamos de forma relativamente fácil de entender el mecanismo de reducción de mensajes, especialmente MD5 y SHA1 y su ataque de hacking mediante colisiones.
PARTICIPANTES: Antonio Ramos Varón, Yago Hansen, Jacinto

Botnets (I)

TITULO: Botnets (I)
SINOPSIS: Programa que explica el funcionamiento y la creación de botnets o redes de bots que controlan de forma maliciosa millones de ordenadores en Internet bajo el control de un administrador.
PARTICIPANTES: Antonio Ramos Varón, Yanko, Jacinto, Rubén y Carlos

Ataques XSS (I)

TITULO: Ataques XSS (I)
SINOPSIS: Explicación y desarrollo de los ataques Web de tipo XSS sobre los clientes web basándose en formularios no filtrados.
PARTICIPANTES: Antonio Ramos Varón, Yanko, Jacinto y Rubén

Inyección de código XSS (II) y Endpoint Security

TITULO: Inyección de código XSS (II) y Endpoint Security
SINOPSIS: Volvemos a tratar el tema de inyección de código mediante XSS (crosscripting) mediante Javascript en películas y otros programas Flash. Mediante Actionscript y otros lenguajes. Además damos una introducción sobre Endpoint Security.
PARTICIPANTES: Antonio Ramos Varón, Rubén, Jacinto

Endpoint Security

TITULO: Endpoint Security
SINOPSIS: Todo sobre seguridad en el puesto final o endpoint security para los ejecutivos que viajan con su portatil. Medios de protección para los dispositivos portatiles o fijos.
PARTICIPANTES: Antonio Ramos Varón, Yanko, Rubén

Inseguridad Inalámbrica (IV)

TITULO: Inseguridad Inalámbrica (IV)
SINOPSIS: Es nuestro cuarto programa sobre redes inalábricas como Wi-Fi y su seguridad y vulnerabilidad. Presentamos los tipos de hacking y los autores y funciones de cada uno.
PARTICIPANTES: Antonio Ramos Varón, Jean Paul García Morán, Yago Hansen, Rubén

Coldboot attack

TITULO: Coldboot attack
SINOPSIS: Ataque basado en la persistencia electríca de los estados de los chips de la memoria basados en cryogenia. Técnica antigua utilizado en la forénsica.
PARTICIPANTES: Antonio Ramos Varón, Santiago, Maikel, Rubén

Botnets, el enemigo oculto

TITULO: Botnets, el enemigo oculto
SINOPSIS: Volvemos a tratar sobre botnets, pero específicamente mediatne P2P, para causar denegación de servicio contra un servidor víctima mediante redirección de tráfico.
PARTICIPANTES: Antonio Ramos Varón, Jean Paul García Morán, Maikel

Anónimos en la Red

TITULO: Anónimos en la Red
SINOPSIS: Todo sobre el anónimato o invisibilidad cuando estamos navegando por Internet. Nuestros datos personales y la trazabilidad.
PARTICIPANTES: Antonio Ramos Varón, Jean Paul García Morán, Yago Hansen, Rubén

Análisis forense y herramientas

TITULO: Análisis forense y herramientas
SINOPSIS: Explicación y debate sobre las técnicas utilizadas para el análisis científico forénsico de dispositivos digitales o de actos maliciosos.
PARTICIPANTES: Antonio Ramos Varón, Alberto, Maikel, Rubén

NAC Sistema de control de acceso a la red

TITULO: NAC Sistema de control de acceso a la red
SINOPSIS: Un programa en el que aclaramos todos los términos necesarios para la aplicación de las tecnologías NAC de control de acceso a la red.
PARTICIPANTES: Antonio Ramos Varón, Jean Paul García Morán, Maikel, Francisco (Netbi0s)

Cifrado mediante PGP

TITULO: NAC Sistema de control de acceso a la red
SINOPSIS: Un programa en el que se habla sobre el cifrado PGP de claves asimétricas muy utilizado en la transmisión de secretos.
PARTICIPANTES: Antonio Ramos Varón, Jean Paul García Morán, Maikel, Yago Hansen

Seguridad en cibercafés

TITULO: Seguridad en cibercafés
SINOPSIS: Un programa en el que se habla los problemas de la seguridad en cibercafés, locutorios, workcenters, etc.
PARTICIPANTES: Antonio Ramos Varón, Jean Paul García Morán, Maikel, Yago Hansen, Francisco (NetBi0s)

The post Mundo Hacker Radio Podcast appeared first on Yago Hansen CV.

Is it easier to attack a company via a remote connecting worker? Why?

Not quite. Currently, almost all companies of a certain size provide employees with work tools such as secure platform laptops, VPNs for remote connection to the intranet, remote access protection, remote access infrastructures, etc. All this means that a company that is already prepared to work remotely will not have any variation or loss of security in its remote access policies. At most, when many unintended workers work remotely, you may have some performance, connection speed, or bandwidth issues. The problem occurs when the company has not previously defined remote access policies, practices, and methodologies for teleworking and is currently facing a multitude of employees accessing its intranet from abroad. Haste and lack of preparation can and often create situations of insecurity and even chaos, leading to malfunctions, denials of service and even unforeseen security vulnerabilities, which will put you in a dangerous situation. Security policies and architectures must be prepared in advance and tested in advance, just as making decisions or legislating on impulse is never a good idea. Medium and small companies are much worse prepared for this change and put themselves in more vulnerable situations at the technical and organizational level, depending on insecure and heavy access programs, depending in many cases on personal computers in the teleworker’s home to connect to their remote jobs. This is indeed a security risk for them since the level of security will depend on the security configuration of the employees and not on the corporate security policies.

We usually associate teleworking with good access to the management platform and intranet, but what other aspects do we have to take care of?

Teleworking is associated with many technical and organizational aspects within the structure of a company. Creating good planning for this new capacity is necessary to implement good policies, compliance regulations, standards, management and operating regulations, privacy policies, human resources policies, support structures, etc. It is not something banal that can be organized in a couple of days and affects many organizational and technical aspects. It is very important to take all this into account when implementing efficient and safe remote work policies, which also continue to meet all regulatory and legal requirements. In addition there is the secure access infrastructure that allows sustaining all of the above in an efficient, redundant and reliable way. If all this has been taken into account, the truth is that teleworking today is a great solution to improve our quality of life and work, reconcile work and family and not agglomerate the population around large cities, in addition to lowering production costs for companies.

What would be the best solution? What must be provided to the worker?

The best solution is planning and organization as I already mentioned. If the worker is provided with the necessary access and control tools, safety and efficiency problems are avoided in most cases. A well-configured laptop, platform by the company and equipped with the necessary programs and utilities to do the job well, will only depend on a good VPN-type remote access and a good access speed both for the employee’s internet access and for the width of the company’s access band. This allows using the same platforms, tools, programs, devices as if we were inside the facilities. On the other hand, it allows us to hold conferences, person-to-person or group videoconferences with different employees and departments. In general, in corporations the work changes little when it is executed remotely than locally. In small and medium-sized companies it is usually different and it is not prepared for this type of structural changes, although they can be adapted normally if they do not depend on production environments, such as manufacturing, machines, warehouses, products, etc.

From the worker’s point of view, what measures do you have to take? Especially if you work with your own teams

The worker is not responsible in any case for providing the security or the necessary infrastructure for remote access, especially when this situation has not been contracted with the company. The latter must not provide the access platform, or even their own personal equipment for the development of their work, unless they were freelance or self-employed. A similar situation occurs when employees use their laptops within the intranet or even their own smartphones in many cases. Safety planning should always start with the company and never with the employee.

The post Cybersecurity in remote work appeared first on Yago Hansen CV.

How would you summarize the main keys of the technological solution that they propose.

One of the most important, most private and most protected types of personal data by fundamental rights, by international laws and by private organizations must always be that of a health nature. A pandemic, which is a threat that we have previously faced, although now in a fully digital era, is not sufficient reason to modify this fundamental right of each individual. Justifying the benefits of digitizing everything is not enough reason to renounce inalienable rights that protect us from digital totalitarianism.

Faced with this type of news, I face the two faces of technology, the one that affects me as an individual and the one that affects me as an expert hacker in cybersecurity.

The one that affects me as a person, obliges me to protect at all times the integrity of private data about any other common interest. The common interest should not be achieved by forcing the renunciation of the fundamental rights of each citizen.

As a hacker, I think that everything must be analyzed, all the information must be verified before deciding to use it as the basis of a project of this size. All sources must be questioned and any project must be thoroughly tested before being published.

Looking at the case as a project that aims to help society in the face of the dangers of COVID-19, I think that it would not benefit us so much to live wondering if any person to whom we have been exposed, is the neighbor of the next door, or the dealer of food delivery, or anyone who passes me in the supermarket … may be infected. It does not seem so useful to me, nor do I think it solves too many health problems, although it will, however, force us to grow in paranoia, hatred or suspicion of others. Has it been studied what this would bring to society at the health or psychological level? What if the app constantly detects a positive when I’m at home … maybe a neighbor?

What do you think Google and Apple can contribute if local initiatives such as Singapore or South Korea have not arrived, which have received so much praise?

First of all, as I indicated earlier, when a project of this size is carried out, we can build on the famous initiatives “that have been so successful” in totalitarian countries, as the basis of the virtues for this project. But that means that we now take for “verified and totally valid information” the censored information we receive from these countries regarding the benefits of their digital systems in controlling the epidemic.

And now it turns out that this is “verified information for us”, when we cannot even confirm in a certain way the number of affected, deceased or the real impact of the digital surveillance data of citizens in the fight against the pandemic within these countries. . Therefore, if the foundations that justify this project fail, the project itself is questionable, especially when it comes from digitally totalitarian countries.

Currently the developers, Apple and Google indicate that the user through an official APP of each government would enter the data of being positive in COVID voluntarily and personally. But the legal, privacy and regulatory framework are constantly changing and who guarantees that this does not change in a while and that the government itself enters this data through the health system from the COVID tests of its hospitals and health centers? Recall that this information about Apple and Google that we handle today was already prepared weeks / months ago by manufacturers and that by chance the Spanish regulatory framework changed days ago preparing for this technology.

Do you think that it is possible by pulling the bluetooth and not the GPS to offer an effective tracking of these contacts?

Technically it is. Bluetooth also offers close location technologies that can be related to the GPS of the smart device. We must not forget that it is already geolocated constantly on smartphones by Google and Apple, something that already allows them to constantly obtain the location of any individual. This initiative cannot be valued as something unique and independent. The information obtained can always be added to other sources, such as the real-time geolocation of the devices. If I already have a record of a user’s location, day after day, hour after hour, minute and minute, second after second … I can contrast, compare this information with any other, such as bluetooth to add data that will allow it soon discourage her. Example: I have a list of anonymous mobile identifiers that have passed by me today. Tomorrow I do the same tour again, I bump into the same or similar people and also collect information from anonymous identifiers. On the third day, I do the same, but he informs me that I have stumbled upon a COVID positive. Logically I can mentally identify who it could be. On a digital level, for large companies such as these, it is even easier to de-anonymize the information, since they have enough information to compare this local database with other more powerful ones, such as geolocation of devices by common places, etc.

With the information they have published, can it be assumed that the data is really private and not?

It is difficult to affirm that something determined is private today. Technology indicates that the information stays for fourteen days on each person’s device, until a positive is entered in the application.

This technology is not a simple application but a major modification to the Bluetooth stack of Google’s Android and Apple’s iOS-based operating systems. It is implemented through updates on the phones and not a simple APP that we install, which gives the device full control over what is done, what is collected, what is stored or what is sent. It is a radical change in technology and as such is dangerous.

I have always defended the idea that what today is private, protected or encrypted data does not mean that tomorrow it cannot be converted, through technology or cybercrime, into public and accessible data. A database encrypted with a encryption type of ten years ago can easily be broken today to decrypt and extract your information. Therefore, when handling such private or confidential data, we cannot think from a short-term point of view.

What if another application (such as a gaming APP) accesses the information saved by this protocol and sends it to your cloud, in addition to using your own geolocation of the game to add more data? There would be a risk of data leakage that would have nothing to do with Google or Apple, but that occurs on their devices.

¿Cuáles son las principales dudas que te genera?

Moxie Marlinspike, uno de los principales criptógrafos prácticos actuales y desarrolador del sistema de cifrado de Whatsapp afirma que hay graves dudas de seguridad en este planteamiento. Se podría, desde atacar al sistema generando falsa información, denegar el servicio impidiendo que funcione correctamente, o generar falsos positivos impidiendo que los datos sean fiables y útiles .

Personalmente dudo de las bondades de este sistema, además de la seguridad del mismo en su aplicación real. Además este tipo de tecnologías son muy “fáciles” de implementar pero resultan, por experiencia, difíciles de desimplementar. Si de verdad es una solución provisional para este caso de alarma, se debería dejar claro que se desimplentará definitivamente tras la alarma.

The post Privacy and COVID-19 appeared first on Yago Hansen CV.

The post Hackers, coleagues & friends appeared first on Yago Hansen CV.

The post Hack In The Box 2019 appeared first on Yago Hansen CV.

https://www.elmundo.es/espana/2015/04/29/553fe48b268e3e6e308b4573.html

The post El Mundo News appeared first on Yago Hansen CV.

The post Forbes 2016 appeared first on Yago Hansen CV.

The post Hacker Girls Colombia 2018 appeared first on Yago Hansen CV.

The post Python Scapy Dot11: Python Programming for Wi-Fi pentesters appeared first on Yago Hansen CV.

The post AAA / RADIUS / 802.1X appeared first on Yago Hansen CV.

Antonio Salas, los hombres que susurran a las máquinas, hackers espias e intrusos en tu ordenador

Hola, Sexo. Anatomia de las citas online. Lucia Martin

The post Appearances in books appeared first on Yago Hansen CV.

The post TeleMadrid appeared first on Yago Hansen CV.

https://elpais.com/tecnologia/2019/05/28/actualidad/1559031474_402185.html

The post El Pais Newspaper appeared first on Yago Hansen CV.