Anonymous develops secure data over ham radio scheme
Anonymous – or, at least, entities claiming Anonymous affiliation – has put together a secure communications project using the open source ham-radio Fidigi modem controller.You're not going to get fast...
View ArticleWindows Registry Forensics
IntroductionAs everyone knows, the Windows Operating System launched by Microsoft is the most widely used OS in the world. As per the statistics, more than eighty percent of people use a Windows...
View ArticleNETGEAR DGN2200 1.0.0.29_1.7.29_HotS - Stored XSS Vulnerability
Authored by Dolev Farhi @f1nhack# Vendor homepage: http://netgear.com# Affected Firmware version: 1.0.0.29_1.7.29_HotS# Affected Hardware: NETGEAR DGN2200 Wireless ADSL RouterSummary=======NETGEAR...
View ArticleDumping Sensitive Data from Custom Active Directory Properties
One of the first things I like to do when I land on a domain-joined machine is enumerate the domain. Sometimes I do this even before attempting to privilege escalate. Sometimes a few LDAP queries is...
View ArticleBusybox Honeypot Fingerprinting and a new DVR scanner
My little "lab of vulnerable devices" is still getting regular visits from script kiddies world wide. By now, I replaced some of the simulated honeypots with actual devices, giving me a bit a more...
View ArticleAndroid Application Secure Design/Secure Coding Guidebook
This guidebook is a collection of tips concerning the know-how of secure designs and secure codingfor Android application developers. Our intent is to have as many Android application developers...
View ArticleSlides: The case of the missing file extensions
Some Windows file extensions are always hidden. The presentation describes how to find them, the potential for abuse by malware and what can be done to mitigate the risks.more...
View ArticleDNS Modification with DNSInject for Nessus Plugin 35372
Part of our normal pen test process, when performing an external assessment, is running a Nessus scan against the in-scope IP range(s) provided by our customer. We usually have this running in the...
View ArticleF5 BIG-IQ v4.1.0.2013.0 authenticated arbitrary user password change
F5 BIG-IQ is vulnerable to an input validation attack that allows an authenticated user to increase their privileges to that of another user. This allows an authenticated user with 0 roles to take on...
View ArticlePaper: Analyzing Forged SSL Certificates in the Wild
Abstract—The SSL man-in-the-middle attack uses forged SSLcertificates to intercept encrypted connections between clientsand servers. However, due to a lack of reliable indicators, it isstill unclear how...
View ArticleSay Hello to MalControl: Malware Control Monitor
Gathering open data from malware analysis websites is the main target of Malware Control Monitor project. Visualize such a data by synthesize statistics highlighting where threats happen and what their...
View ArticleAnatomy of an exploit: CVE 2014-1776
When the Internet Explorer 0-day CVE 2014-1776 was announced, we turned to our intelligence feeds for more information. In the course of taking it apart we found a few things that were quite...
View ArticleCritical: OAuth 2.0 and OpenID have serious Covert Redirect vulnerability...
It could lead to Open Redirect Attacks to both clients and providers of OAuth 2.0 or OpenID. For OAuth 2.0, these attacks might jeopardize “the token” of the site users, which could be used to access...
View ArticleMetasploit: Apache Struts ClassLoader Manipulation Remote Code Execution
### This module requires Metasploit: http//metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##require 'msf/core'class Metasploit3 < Msf::Exploit::Remote Rank =...
View ArticleFake keys for Tails developers' email address
Hi,u. (Cc'd) has notified me of two fake keys with Tails developers'email addresses: EB24 9600 79A3 E2B9 3BFE 48B5 05F8 BB78 B38F 4311 C3BA A4BF E369 B2B8 6018 B515 0E08 AC78 06C0 69C8 These are *not*...
View ArticleRuby OpenSSL private key spoofing ~ CVE-2014-2734 with PoC Considered Invalid
After analyzing the PoC script we (maintainers of the Ruby OpenSSLextension) consider CVE-2014-2734 to be invalid. Others have independentlyarrived at the same conclusion: [1][2] You may find a summary...
View ArticleContinued analysis of the LightsOut Exploit Kit
At the end of March, we disclosed the coverage of an Exploit Kit we called “Hello”: http://vrt-blog.snort.org/2014/03/hello-new-exploit-kit.html, or “LightsOut”, we thought we’d do a follow up post to...
View ArticleZamfoo Multiple Arbitrary Command Executions
# Title: Zamfoo Multiple Arbitrary Command Executions# Author: Al-Shabaab# Vendor Homepage: http://www.zamfoo.com/# Version: 12.6# IntroThe ZamFoo software suite is a series of WHM plugin modules...
View ArticleCrime24 Stealer Panel
Description:An attacker can execute an XSS and inject sql commands in the search form.Usage info:You must be logged in the admin...
View ArticlemiSecureMessages 4.0.1 - Session Management & Authentication Bypass...
Authored by Jared BirdAffected Product==================================miSecureMessages from Amtelco - Tested on version: Client=4.0.1Server=6.2.4552.30017iOS:...
View Article