-
Archives
- March 2026
- February 2026
- January 2026
- January 2025
- August 2024
- January 2024
- December 2023
- September 2023
- July 2023
- March 2023
- August 2022
- January 2022
- October 2021
- October 2020
- May 2020
- March 2020
- November 2018
- September 2017
- October 2016
- December 2015
- September 2015
- January 2015
- November 2014
- July 2014
- April 2014
- March 2014
- December 2013
- November 2013
- October 2013
- September 2013
- July 2013
- June 2013
- May 2013
- April 2013
- March 2013
- November 2012
- October 2012
- July 2012
- June 2012
- April 2012
- February 2012
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- July 2011
- June 2011
- May 2011
- April 2011
- March 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
- September 2010
- August 2010
- July 2010
- June 2010
- May 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
-
Meta
Tag Archives: Application Security
AI Agent Skill Poisoning: The Supply Chain Attack You Haven’t Heard Of
Read Time: 15 minutes TL;DR Security professionals are well acquainted with npm supply chain attacks, PyPI package poisoning, and the infamous xz backdoor. But a new attack vector is emerging that flies under the radar—one that is arguably more dangerous … Continue reading
Posted in AI, Pentest, Privacy, Security, Technology
Tagged agent-security, AI, ai-security, Application Security, openclaw, pentesting, Skill, supply-chain
Leave a comment
The Shadow Twin Threats: When AI and Vibe Coding Go Rogue in Your Network
Read Time: 15 minutes TL;DR Your IT department doesn’t know it yet, but someone in marketing just spun up an Ollama server to run a local LLM. Finance is building a custom payroll app with Cursor. And that NVIDIA DGX … Continue reading
Posted in AI, Pentest, Privacy
Tagged AI, Application Security, Software Security, Vibe Coding
Leave a comment
KringleCon / Holiday Hack 2021 Writeup
Another SANS Holiday Hack Challenge & Kringle (2021) CTF done. Please find my writeup for this awesome & fun CTF. I will continue to work on the few missing challenges so expect updates ASAP. PDF MD5: 51bc75a10e1de548de2adef974a36201 Report Download Enjoy … Continue reading
Posted in Security, Technology
Tagged Application Security, CTF, hacker, Penetration Testing, Software Security
Leave a comment
Equation APT analysis using Security Data Science platform: BinSecSweeper
As many readers already know, at VULNEX we have been working on our BinSecSweeper project whose development began in 2013 thanks to an award by US DARPA within its pilot program Cyber Fast Track (CFT) and we were the only … Continue reading
Posted in Privacy, Security, Technology
Tagged Application Security, APT, BigData, BinSecSweeper, CyberSecurity, Data Science, Software Security, VULNEX
Leave a comment
Cyber Intelligence Universe
In recent years all “cyber” is fashionable, and intelligence applied to the cyber world could not be less! The concept of intelligence has an offensive meaning due to the use by intelligence and military agencies, but now too many security … Continue reading
Heartbleed: pain, blood and code
All alarms went off last week when a serious security flaw called Heartbleed in the OpenSSL cryptographic library was published. This library is used by a large part of the servers on the Internet as well as much security software. … Continue reading
Posted in Pentest, Security, Technology
Tagged Application Security, attack vector, Information Security, Software Security
Leave a comment
Spaniards in the Black Hat ASIA
I’m back from Black Hat ASIA 2014 in Singapore, where I had the pleasure of giving a talk on the security of cross-platform mobile technologies for developing mobile apps. The last Black Hat ASIA was in 2008 and the last … Continue reading
Posted in Conference, Pentest, Technology
Tagged Application Security, Apps, Conference, Penetration Testing, Reverse Engineering, Smartphone, VULNEX
Leave a comment
VULNEX Award and RSA USA speaker experience!
February has been both very interesting and busy! On February 17th I had the pleasure of collecting the first award of VULNEX by Spanish security magazine Red Seguridad for IT Innovation for our collaboration with DARPA (Defense Advanced Research Projects … Continue reading
Posted in Conference, Privacy, Security, Technology
Tagged Application Security, BinSecSweeper, Conference, SDL, Software Security, VULNEX
Leave a comment
Enterprise Computer Security must CHANGE
Last week I had the pleasure of giving a talk entitled “Cyber Security: time for change” on my vision of corporate cyber security posture during an event organized by Page Personnel Spain (thanks for having me!), and I already advance … Continue reading
AppSecUSA & BinSecSweeper Talk
Last week the OWASP AppSecUSA 2013 conference was held in the legendary New York City , where I had the pleasure of giving a talk on security software development title “Verify Your Software for Security Bugs” and present my new … Continue reading
Posted in Conference, Pentest, Security, Technology
Tagged Application Security, Apps, Information Security, Penetration Testing, Python, SDL, Software Security, VULNEX
Leave a comment
