Clik here to view.
GOOGLE HAS MOST OF MY EMAIL BECAUSE IT HAS ALL OF YOURS
For almost 15 years, I have run my own email server which I use for all of my non-work correspondence. I do so to keep autonomy, control, and privacy over my email and so that no big company has copies...
View ArticleClik here to view.
Paper: Into the Light of Day: Uncovering Ongoing and Historical Point of Sale...
Point of Sale systems that process debit and credit cards are still being attacked with anincreasing variety of malware. Over the last several years PoS attack campaigns haveevolved from opportunistic...
View ArticleClik here to view.
netgrafio- provides more or less tools and libraries to visualize your data...
IntroductionI love computer science and new technologies to play with. Besides that I like to keep things simple and pay attention to aspects that really mather. But I also like sharing my world and...
View ArticleClik here to view.
Insecure default in Elasticsearch enables remote code execution
Elasticsearch has a flaw in its default configuration which makes it possible for any webpage to execute arbitrary code on visitors with Elasticsearch installed. If you’re running Elasticsearch in...
View ArticleClik here to view.
Global Security Chiefs Advocate for Accelerated Investment in Transformative...
New Report Identifies Three Key Focus Areas for Security Technology Investment that Both Help Aid Business Productivity and Reduce Riskmore...
View ArticleClik here to view.
Analysis of the Carbon Grabber
A few days ago we examined several Microsoft documents containing malicious macros. One of the payloads downloaded by the Macro Virus was the Carbon Grabber.The Carbon Form Grabber created by AlexHF...
View ArticleClik here to view.
Targeted Attack Against Taiwanese Agencies Used Recent Microsoft Word Zero-Day
Vulnerabilities, particularly zero-days, are often used by threat actors as the starting point for targeted attacks. This was certainly the case for a (then) zero-day vulnerability (CVE-2014-1761)...
View ArticleClik here to view.
[SECURITY] [DSA 2926-1] linux security update
- -------------------------------------------------------------------------Debian Security Advisory DSA-2926-1 security@debian.orghttp://www.debian.org/security/...
View ArticleClik here to view.
Linux kernel
I've written a "slightly-less-than-POC" privilege escalation exploit forthis vulnerability that works on newer 64-bit kernels here.....http://bugfuzz.com/stuff/cve-2014-0196-md.c...
View ArticleClik here to view.
Easy Chat Server 3.1 - Stack Buffer Overflow Vulnerability
## Note: Must install to 'C:\Program Files\EFS Software\Easy Chat Server'# Exploit Title: Easy Chat Server 3.1 stack buffer overflow# Date: 9 May 2014# Exploit Author: superkojiman -...
View ArticleClik here to view.
Cybercrime boss offers Ferrari for hacker who dreams up the biggest scam
The leader of a global cybercrime syndicate offered his associates a Ferrari for the hacker who came up with the best scam, according to a senior European security source.The gift — made on a...
View ArticleClik here to view.
Backdoor Xtrat Continues to Evade Detection
While reviewing recent reports scanned by ZULU, we came across a malicious report that drew our attention. It was notable as the final redirection downloaded ZIP content by accessing a PHP file on the...
View ArticleClik here to view.
DNS Flood of 1.5 Billion Requests a Minute, Fueled by DDoS Protection Services
everal days ago one of our clients became the target of a massive DNS DDoS attack, peaking at approximately 25Mpps (Million packets per second).The attack fit the description of other recently reported...
View ArticleClik here to view.
Tool Release: You'll Never (Ever) Take Me Alive!
A year ago, we released You'll Never Take Me Alive — a tool that helps protects Full Disk Encrypted Windows computers from DMA and cold boot attacks.YoNTMA runs as a background service and begins...
View ArticleClik here to view.
Linux reversing is fun! Toying with an ELF (D)DoS malware from China IP
Our friend was capturing this "attacker" in his trap (thank's wirehack7), and I found it interesting + attempted to make a video to analyze its binary and to write it down in this post.more...
View ArticleClik here to view.
LEVERAGING RAYTRACERS FOR FUN AND PROFIT
We’ve exposed a couple of methods to explore graphs in 3 dimensions in earlier blog posts. We were interested in realtime rendering in order to navigate inside our security data interactively. We’ve...
View ArticleClik here to view.
[CVE-2014-1603] XSS in GetSimple CMS 3.3.1 PoC
Found some persistent and reflected cross site scripting in the Adminconsole of GetSimple CMS 3.3.1 and below.Waited 6 months for a fix but the developer stopped answering myemails, so decided to...
View ArticleClik here to view.
CodeIgniter
Background info and boring history shit:https://scott.arciszewski.me/research/view/php-framework-timing-attacks-object-injectionVulnerability:1. Remote timing attack2. PHP Object Injection3. Possibly,...
View ArticleClik here to view.
RIG Exploit Pack
A new exploit pack has been marketed in the underground since last month and appears to be picking up some steam. The new pack is called RIG and touts the following exploits:Java – CVE-2012-0507,...
View ArticleClik here to view.
Security Implications of IsBad*Ptr Calls in Binaries
IsBad*Ptr [1] functions are to test whether the memory range specified in the argument list is accessible. Despite the fact they have been banned, they are still being referenced in many binaries...
View Article