Clik here to view.
Pcredz Tool
Pcredz was designed to dump useful information on the fly, from a pcap fileor from a pcap directory.Unlike tools like, for example Breachprobe, Pcredz is highly effective andfast just to meet your...
View ArticleClik here to view.
Tinfoil Chat (TFC)
Tinfoil Chat (TFC) is a combination of open design hardware and free software that uses Pidgin IM client to carry messages between two parties. TFC functions as an additional no-compromise layer of...
View ArticleClik here to view.
Paper: From the Aether to the Ethernet – Attacking the Internet using...
In the attempt to bring modern broadband Internet features to traditional broadcast television, the Digital Video Broadcasting (DVB) consortium introduced a specification called Hybrid...
View ArticleClik here to view.
CySCA2014-in-a-Box
CySCA2014-in-a-Box is a Virtual Machine that contains most of the challenges faced by players during CySCA2014. It allows players to complete challenges in their own time, to learn and develop their...
View ArticleClik here to view.
Wordpress Theme Elegance - Post Local File Disclosure Vulnerability
[+] Post Local File Disclosure in wordpress theme Elegance[+] Date: 07/06/2014[+] CWE Number: CWE-98[+] Risk: High[+] Author: Felipe Andrian Peixoto[+] Dork:inurl:"/wp-content/themes/elegance/"[+]...
View ArticleClik here to view.
Wordpress Theme Infocus - Post Local File Disclosure Vulnerability
[+] Post Local File Disclosure in wordpress theme Infocus[+] Date: 07/06/2014[+] CWE Number: CWE-98[+] Risk: High[+] Author: Felipe Andrian Peixoto[+] Dork:inurl:"/wp-content/themes/infocus/"[+] Vendor...
View ArticleClik here to view.
DSEFix - Defeating x64 Driver Signature Enforcement
We are so happy that most of "rootkit" code inside Turla was inspired by our program and features (this level of awareness is never seen anywhere in ITW malware since Rustock), so we decided to create...
View ArticleClik here to view.
Slides: SCADA StrangeLove at PHDays IV
Slides and some details on Siemens WinCC OA, S7 1200 and S7 1500 PLC, ABB,SmartGrid and SCADA In da...
View ArticleClik here to view.
Self-extracting Archive or DarkComet?
A Remote Administration Tool (RAT) is a legitimate program designed to provide administrators complete access to remote clients.Due to their extensive capabilities such as keystroke logging, file...
View ArticleClik here to view.
CottonCastle EK: "I hate to break this to you, but this isn't gonna be an...
It's a rather interesting name for an exploit kit. Trying to find any references to 'Cotton Castle' you end up with links pointing at an amazing looking location in Turkey - Pamukkale. I can't be sure...
View ArticleClik here to view.
Backstage with the Gameover Botnet Hijackers
When you’re planning to rob the Russian cyber mob, you’d better make sure that you have the element of surprise, that you can make a clean getaway, and that you understand how your target is going to...
View ArticleClik here to view.
We've Set Up a One-Click Test For GameOver ZeuS
Today we've published a new, quick way to check if your computer is infected by GameOver ZeuS (GOZ). Last week the GOZ botnet was disrupted by international law enforcement together with industry...
View ArticleClik here to view.
Report: Net Losses: Estimating the Global Cost of Cybercrime- The likely...
Cybercrime is a growth industry. The returns are great, and the risksare low. We estimate that the likely annual cost to the global economyfrom cybercrime is more than $400 billion. A conservative...
View ArticleClik here to view.
Deterministic Signatures, Subliminal channels and Hardware wallets
A subliminal channel in a signature scheme allows a signing party to send a covert message to an authorized receiver of signed messages without anyone else noticing it. One property of ECDSA, DSA and...
View ArticleClik here to view.
Finding evil in Flash files
Adobe Flash is present on nearly every PC, thus, malware authors have been increasingly targeting it over the last years, following the principle of return on investment, i.e. they will focus on...
View ArticleClik here to view.
No TrueCrypt than maybe you should try VeraCrypt based on TrueCrypt
VeraCrypt is a free disk encryption software brought to you by IDRIX (http://www.idrix.fr) and that is based on TrueCrypt, freely available at http://www.truecrypt.org/.It adds enhanced security to the...
View ArticleClik here to view.
DDoS'er as Service - a camouflage of legit stresser/booter/etc
After visiting some hacked FTP sites as per reported in the previous posts, I figured out connection that some IRC scripts running leads to the group/individuals performing a DDoS'er attack services. I...
View ArticleClik here to view.
Game of Thrones cancelled? Beware bogus Java update
A message has been spread between Facebook users claiming that the hit TV series “Game of Thrones” has been cancelled.Knowing just how many people are avid watchers of the fantasy series, it’s hard to...
View ArticleClik here to view.
AES-256 EXPONENTIALLY EASIER TO BRUTE FORCE THAN EXPECTED
As we discussed last time, the old school of thought extrapolated computational power for a single computer system or single operational thread to compute the time required for a particular...
View ArticleClik here to view.
More on Turla Rootkit: A Look Under the Hood
In this analysis, we focus on a recently discovered cyber-espionage threat named Turla that is also called Uroburos or Snake. It has a tight connection with Agent.BTZ that infiltrated Pentagon in 2008....
View Article