Clik here to view.
Meet CottonCastle EK
Thanks to an Independant researcher from Russia who shared some referer driving to an Exploit Kit on tcp 27005, I was able to meet again the "Unknow EK" that was first spotted by EKWatcher in September...
View ArticleClik here to view.
Cisco AsyncOS Cross-Site Scripting Vulnerability CVE-2014-3289
I. VULNERABILITY-------------------------Reflected XSS Attacks vulnerabilities in Cisco Ironport Email SecurityVirtual Appliance Version: 8.0.0-671II. BACKGROUND-------------------------Cisco Systems,...
View ArticleClik here to view.
Hat-tribution to PLA Unit 61486
Attribution is a key component of cyber-intelligence, by knowing the adversary you can effectively understand their intentions and objectives. Deep understanding of the adversary allows organizations...
View ArticleClik here to view.
Social Engineering Watch: UPATRE Malware Abuses Dropbox Links
Threats like UPATRE are continuously evolving as seen in the development of the techniques used so as to bypass security solutions. UPATRE malware are known downloaders of information stealers like...
View ArticleClik here to view.
ZeroCMS 1.0 SQL Injection Vulnerability
ZeroCMS 1.0 (article_id) SQL Injection VulnerabilityVendor: Another Awesome StuffProduct web page: http://www.aas9.in/zerocms/Affected version: 1.0Summary: ZeroCMS is a very simple Content...
View ArticleClik here to view.
Responder v2.0.9 Tool
Responder is an Active Directory/Windows environment takeover tool suitethat can stealthily take over any default active directory environment(including Windows 2012) in minutes or hours. Most of the...
View ArticleClik here to view.
Behind the Ramdo DGA (Domain Generation Algorithm)
Damballa Labs discovered a brand new DGA (domain generation algorithm) in December of 2013 that was dubbed Bv14. Damballa Threat Research began to analyze this new DGA and discovered it was something...
View ArticleClik here to view.
Extracting the payload from a CVE-2014-1761 RTF document
In March Microsoft published security advisory 2953095, detailing a remote code execution vulnerability in multiple versions of Microsoft Office (CVE-2014-1761). A Technet blog was released at the...
View ArticleClik here to view.
Hives & Trust issues
Some of you may have ever used RtlQueryRegistryValues, and probably wondered what Microsoft meant by saying:Starting with Windows 8, if an RtlQueryRegistryValues call accesses an untrusted hive, and...
View ArticleClik here to view.
CSRF in Featured Comments 1.2.1 allows an attacker to set and unset comment...
Details================Software: Featured CommentsVersion: 1.2.1Homepage: http://wordpress.org/plugins/feature-comments/Advisory ID: dxw-2014-1360CVE: Awaiting assignmentCVSS: 4.3 (Medium;...
View ArticleClik here to view.
CSRF in Member Approval 131109 permits unapproved registrations (WordPress...
Details================Software: Member ApprovalVersion: 131109Homepage: http://wordpress.org/plugins/member-approval/Advisory ID: dxw-1970-1172CVE: CVE-2014-3850CVSS: 5.8 (Medium;...
View ArticleClik here to view.
CSRF in JW Player for Flash & HTML5 Video 2.1.2 permits deletion of players...
Details================Software: JW Player for Flash & HTML5 VideoVersion: 2.1.2Homepage: http://wordpress.org/plugins/jw-player-plugin-for-wordpress/Advisory ID: dxw-1970-1201CVE: Awaiting...
View ArticleClik here to view.
Slides: Insecure coding in C (and C++)
Let's turn the table. Suppose your goal is to deliberately create buggy programs in C and C++ with serious security vulnerabilities that can be "easily" exploited. Then you need to know about things...
View ArticleClik here to view.
Clandestine Fox, Part Deux
We reported at the end of April and the beginning of May on an APT threat group leveraging a zero-day vulnerability in Internet Explorer via phishing email attacks. While Microsoft quickly released a...
View ArticleClik here to view.
Security updates available for Adobe Flash Player
Adobe has released security updates for Adobe Flash Player 13.0.0.214 and earlier versions for Windows and Macintosh and Adobe Flash Player 11.2.202.359 and earlier versions for Linux. These updates...
View ArticleClik here to view.
Hacking Airwaves with Fruit Part 1: WiFi Pineapple Mark IV Basics
If you’re doing any wireless penetration testing these days, odds are you have a WiFi Pineapple Mark IV from Hak5 in your toolkit. If you’re not a professional penetration tester or are just starting...
View ArticleClik here to view.
Tails 1.0.1 is out
Tails, The Amnesic Incognito Live System, version 1.0.1, is out.more here.....https://tails.boum.org/news/version_1.0.1/
View ArticleClik here to view.
Malicious MobileConfigs
How much can you trust your devices? In this blog post, we will cover a practical attack that utilizes the iPhone Configuration Utility, a malicious Mobile Device Management (MDM) server, and a little...
View ArticleClik here to view.
Microsoft Security Bulletin Summary for June 2014
********************************************************************Microsoft Security Bulletin Summary for June 2014Issued: June 10,...
View ArticleClik here to view.
Kali Linux Evil Wireless Access
A few days ago, we had the opportunity to deploy a rogue access point that would steal user credentials using a fake, captive web portal, and provide MITM’d Internet services via 3G. We needed...
View Article