How to Prevent the next Heartbleed
The Heartbleed vulnerability in OpenSSL is a serious security vulnerability formally identified as CVE-2014-0160 [Heartbleed.com]. OpenSSL is a widely-used toolkit that implements the Secure Sockets...
View ArticleHow to organize initial risk assessment according to ISO 27001 and ISO 22301
Usually, the biggest headache companies have when starting to implementing ISO 22301, and especially ISO 27001, is the risk assessment. And, interestingly enough, such a headache happens only when...
View ArticleDoing threat analysis big data while preserving user privacy.
Anti-Virus industry has changed a lot during that past 4-7 years, we like other companies, used to be very file signature and file scanning oriented back in 2008 or so. And as that obviously did not...
View ArticleAnalysis of the Predator Pain Keylogger
The Predator Pain Keylogger incorporates Browser, Messenger, FTP and File stealers and is able of Clipboard and Screenhot logging, Bitcoin Wallet theft.Predator Pain targets Steam, MineCraft and World...
View ArticlePaper: DroidBarrier: Know What is Executing on Your Android
Many Android vulnerabilities share a root cause of maliciousunauthorized applications executing without user's consent.In this paper, we propose the use of a technique called processauthentication for...
View ArticleMessing with MSN Internet Games (1/2)
This post will entail the fun endeavors of reverse engineering the default MSN Internet Games that come with most “Professional” and higher versions of Windows (although discontinued from Windows 8...
View ArticleAdSense Blackmail – Hacking Websites for Profit
We deal with different types of malware injections and compromises everyday and the most common question our clients ask us is, “Why me? Why my small little site?”There are so many answers to this...
View ArticleCovert Lateral Movement with High-Latency C&C
High latency communication allows you to conduct operations on your target’s network, without detection, for a long time. An example of high-latency communication is a bot that phones home to an...
View ArticleA case of a curious LibTIFF 4.0.3 + zlib 1.2.8 memory disclosure
As part of my daily routine, I tend to fuzz different popular open-source projects (such as FFmpeg, Libav or FreeType2) under numerous memory safety instrumentation tools developed at Google, such as...
View ArticleHacking US (and UK, Australia, France, etc.) Traffic Control Systems
Probably many of you have watched scenes from "Live Free or Die Hard" (Die Hard 4) where "terrorist hackers" manipulate traffic signals by just hitting Enter or typing a few keys. I wanted to do that!...
View ArticleLSE-2014-04-10 - Sitepark IES - Unauthenticated Access
=== LSE Leading Security Experts GmbH - Security Advisory 2014-04-10 ===Sitepark Information Enterprise Server (IES) - Unauthenticated...
View ArticleSyhunt Advisory: CGILua session.lua Predictable Session ID Vulnerability
Syhunt Advisory: CGILua session.lua Predictable Session ID VulnerabilityAdvisory-ID: 201404301Discovery Date: 03.27.2014Release Date: 04.30.2014Affected Applications: CGILua 5.0.x, CGILua 5.1.x.,...
View ArticleMicrosoft IE zero day and recent exploitation trends (CVE-2014-1776)
Microsoft released an advisory last weekend on a new IE (Internet Explorer) zero-day in the wild, CVE-2014-1776. It is believed that the attack was used in a form of a spear-phishing. The vulnerable...
View ArticleMultiple security issues have been found in Iceweasel, Debian's version of...
- -------------------------------------------------------------------------Debian Security Advisory DSA-2918-1 security@debian.orghttp://www.debian.org/security/ Moritz MuehlenhoffApril 30, 2014...
View ArticleBeginners error: iTunes for Windows runs rogue program C:\Program.exe when...
The current version of iTunes for Windows (and of course older versionstoo) associates the following vulnerable command lines with some of thesupported file types/extensions:daap=C:\Program Files...
View ArticleTCP reassembly vulnerability in Freebsd
=============================================================================FreeBSD-SA-14:08.tcp Security Advisory The FreeBSD ProjectTopic: TCP reassembly vulnerabilityCategory: coreModule:...
View ArticleSpiderFoot v2.1.4 open source footprinting tool Released
SpiderFoot is an open source footprinting tool running on Windows and Linux. It is written in Python gathering information on intended targets web servers, netblocks, e-mail addresses etc.more info...
View ArticleLavarel-Security XSS Filter Bypass Vulnerability
Description:Lavarel-Security cross site scripting filter suffers from a bypass vulnerability.*#Product: Lavarel-Security XSS Filter Bypass**#Vulnerability: Mutation Based XSS Bypass **#Impact:...
View ArticleYou Don't Want XTS (the de-facto standard disk encryption mode)
This piece is written for software designers, not end-users. If you’re an end-user looking for crypto advice: use Truecrypt, use Filevault, use dm-crypt. Also, use PGP, and Tarsnap. Read on only if...
View ArticleCorrupting the ARM Exception Vector Table
A few months ago, I was writing a Linux kernel exploitation challenge on ARM in an attempt to learn about kernel exploitation and I thought I’d explore things a little. I chose the ARM architecture...
View Article