Clik here to view.
Debugging – Low Level Software Analysis
Anybody there? Yeah I know, it’s been a while… Unfortunately in my current position I haven’t had one single opportunity to debug applications, which is why I’ve not been writing new blog articles. I...
View ArticleClik here to view.
X.Org Security Advisory: Multiple issues in libXfont
Description:============Ilja van Sprundel, a security researcher with IOActive, has discoveredseveral issues in the way the libXfont library handles the responses it receives from xfs servers, and has...
View ArticleClik here to view.
Cat Scratch Fever: CrowdStrike Tracks Newly Reported Iranian Actor as FLYING...
Today, our friends at FireEye released a report on an Iran-based adversary they are calling Saffron Rose. CrowdStrike Intelligence has also been tracking and reporting internally on this threat group...
View ArticleClik here to view.
Multiple stored XSS in FOG imaging deployment system CVE-2014-3111
Vulnerability title: Multiple Stored Cross-Site scriptingCVE: CVE-2014-3111Vendor: FOG ProjectProduct: FOG Imaging systemAffected version: 0.27 – 0.32(latest)Fixed version: N/AReported by: Dolev...
View ArticleClik here to view.
Cobbler Arbitrary File Read CVE-2014-3225
Vulnerability title: Arbitrary file read CVE: CVE-2014-3225 Vendor: Cobbler Product: Cobbler Affected version: <=2.6.0 Fixed version: N/A Reported by: Dolev...
View ArticleClik here to view.
A lazy ripoff package of PreferenceOrganizer 2 that contains the Unflod malware
First off, DO NOT INSTALL THIS. IT CONTAINS UNFLODmore here..........http://www.reddit.com/r/jailbreak/comments/25ht5h/release_setting_folders_new_tweak_for_making/chhj3rs
View ArticleClik here to view.
Honeypots
Last update: 2014-05-12 22:01:01 UTCThese pages are free and automatically created. You can find statistics, data and others stuff about malware/spyware. In particular lets you know the correspondence...
View ArticleClik here to view.
[CVE-2014-3718] ALEPH500 (Integrated library management system) XSS...
a ALEPH500 (Integrated library management system) Cross Site Scripting;CVE-ID is CVE-2014-3718.Aleph 500, fully meet the industry standard, is an art class perfect librarysolution, the Ex Libris to...
View ArticleClik here to view.
Paper: Coping with 0-Day Attacks through Unsupervised Network Intrusion...
Abstract—Traditional Network Intrusion Detection Systems(NIDSs) rely on either specialized signatures of previously seenattacks, or on expensive and difficult to produce labeled trafficdatasets for...
View ArticleClik here to view.
Exploitation of Windows DEP to Implement Stealth Breakpoints
Note: The method described in this post only applies to 32-bit targets.BackgroundThe ability to live debug is a key to reverse engineering a binary sample. However, most malware implement measures to...
View ArticleClik here to view.
Paper: EVALUATING THE EFFECTIVENESS OF CURRENT ANTI-ROP DEFENSES
ABSTRACTOver the last few years, many defenses against the offensive technique of return-oriented programming (ROP) have been developed. Prominently among them are kBouncer,...
View ArticleClik here to view.
The “Cobra Effect” that is disabling paste on password fields
Back in the day when the British had a penchant for conquering the world, they ran into a little problem on the subcontinent; cobras. Turns out there were a hell of a lot of the buggers wandering...
View ArticleClik here to view.
The mechanism behind Internet Explorer CVE-2014-1776 exploits
Recently Microsoft patched an Internet Explorer use-after-free bug (CVE-2014-1776) that was being exploited in the wild. Since then I’ve seen several reports of new variants based on the original...
View ArticleClik here to view.
SHA-256 certificates are coming
It's a neat result in cryptography that you can build a secure hash function given a secure signature scheme, and you can build a secure signature scheme given a secure hash function. However, far from...
View ArticleClik here to view.
How the Elderwood Platform is Fueling 2014’s Zero-Day Attacks
Back in 2012, Symantec researched the Elderwood platform, which was used in spear-phishing and watering-hole attacks against a wide variety of industries. The Elderwood platform essentially consists of...
View ArticleClik here to view.
Obtaining Passwords from Cisco Wireless LAN Controllers
During security analysis, experts often deal with default accounts. Particularly, it is very usual for large companies having several hundred systems. That’s why one of the main requirements is to use...
View ArticleClik here to view.
Watch a Layer 7 DDOS Attack – WordPress Security
A few weeks back we reported on very large Layer 7 DDOS attacks within the WordPress ecosystem. Today we decided to provide you a little illustration of what that looks likemore...
View ArticleClik here to view.
Meterpreter Kiwi Extension: Golden Ticket HOWTO
Mimikatz is a rapidly evolving post-exploitation toolkit by Benjamin Delpy. I call it a post-exploitation toolkit because it has a lot of features, far beyond the ability to dump plain-text...
View ArticleClik here to view.
What Did Microsoft Just Break with KB2871997 and KB2928120
Microsoft recently released two patches that will likely impact your future pentests. The first was KB2871997. Some have dubbed this the "Pass the Hash Fix" but it is hardly that. The second patch...
View ArticleClik here to view.
Dumping NTDS.dit Domain Hashes Using Samba
So there was this blog post that talking about a number of ways to dump windows credentials by @lanjelot [definitly someone to follow] – here:...
View Article