Least Authority Performs Security Audit For Cryptocat
This is the second post in our series about security audits of Free and Open Source end-to-end encryption software.read more....https://leastauthority.com/blog/
View ArticleRansomware
Who creates them? What is their goal? How successful are they, and what is their recipe for success?read more.....http://bartblaze.blogspot.com/2014/04/ransomware-q.html?m=1
View ArticleUsing the Immunity Debugger API to Automate Analysis
While analyzing malware samples I came across many simple but annoying problems that should be solved through automation. This post will cover how to automate a solution to a common problem that comes...
View ArticleKeyword Search in PCAP files
A new function in the free version of CapLoader 1.2 is the "Find Keyword" feature. This keyword search functionality makes it possible to seek large capture files for a string or byte pattern super...
View ArticleSearch and Neutralize. How to Determine Subscriber’s Location
Mobile networks can be attacked though multiple vectors. In this article, we will consider an attack that allows detecting a cell where a subscriber is located. You see, I do not use more common...
View ArticleCure53 pen-tested OpenPGP.js.
Here's what we found......https://cure53.de/pentest-report_openpgpjs.pdf
View ArticleSlides: when AES(☢) = ☠ - a crypto-binary magic trick
Thought some of you may find these slides of interest....http://www.slideshare.net/ange4771/when-aes-a-cryptobinary-magic-trick
View ArticleHacking ZAP #3 - Passive scan rules
Welcome to a series of blog posts aimed at helping you “hack the ZAP source code”.The previous post in this series is: Hacking ZAP #2 - Getting StartedOne of the easiest ways to enhance ZAP is to write...
View ArticleDLL Side-Loading: Another Blind-Spot for Anti-Virus
Last month, I presented a talk at the RSA USA Conference on an increasingly popular threat vector called “Dynamic-Link Library Side-Loading” (DLL Side-Loading). As with many vulnerabilities, this...
View ArticleReversing the Dropcam Part 2: Rooting your Dropcam
In the last Dropcam post, I wrote about reversing the USB setup procedure that the Dropcam uses to initially connect to your WiFi network. After exploring the USB tunneling protocol, the next step was...
View ArticleAPT Detection Indicators – Part 3
When securing a network most organizations are more concerned with controlling inbound traffic than outbound traffic. However, outbound traffic is a significant risk that is used by malware and...
View ArticleMy new Ollydbg plugin: Sequential Dumper
It’s really annoying when you have to deal with the initialization part of a malware, most of the time a malicious executable follows the same alloc/decrypt/jump_to_decrypted_code scheme. So, I decided...
View ArticleGarfield Garfield True, or the story behind Syrian Malware, .NET Trojans and...
It's been a while since the last massive Internet outage took down Syria’s backbone network (AS29386). More recently, however, Syria suffered yet another large-scale Internet black out that lasted for...
View ArticleReport: Federal Agencies Need to Enhance Responses to Data Breaches
TestimonyBefore the Committee on HomelandSecurity and Governmental Affairs,U.S. Senateclick here........http://gao.gov/assets/670/662227.pdf
View ArticleRTF Attack Takes Advantage of Multiple Exploits
In this post, we want to share our analysis of another RTF exploit. This attack is particularly interesting because the single RTF sample tries to exploit two previous vulnerabilities. This...
View Articleclusterd- application server attack toolkit
clusterd is an open source application server attack toolkit. Born out of frustration with current fingerprinting and exploitation methods, clusterd automates the fingerprinting, reconnaissance, and...
View ArticlePaper: Kernel-based monitoring on Windows (32/64 bit)
Since malware works fast and quiet there is a demand to analyze, track and block suchscrap at some central point. There is nothing as central as the kernel of an operating system. This white paper...
View ArticlePaper: A Survey of Intrusion Detection in Wireless Network Applications
Information systems are becoming more integrated into our lives. As this integration deepens, the importance of securing these systems increases. Because of lower installation and maintenance costs,...
View ArticleOne of World’s Largest Websites Hacked: Turns Visitors into “DDoS Zombies”
Yesterday we mitigated a unique application layer DDoS attack against one of our clients. The attack was carried out using traffic hijacking techniques, which flooded our client with over 20 million...
View ArticleWhy you need a ‘www.’
In the early days of the internet, we named our world wide webservers ‘www’ to distinguish them from, say, our ftp and gopher servers. Since then, the web has become the main way most people interact...
View Article