Clik here to view.
A Phone That Lies for You
Local police confiscate a suspected drug dealer's phoneāonly to find that he has called his mother and no one else. Meanwhile a journalist's phone is examined by airport security. But when officials...
View ArticleClik here to view.
Malicious Web-based Java applet generating tool spotted in the wild
Despite the prevalence of Web based client-side exploitation tools as the cybercrime ecosystemās primary infection vector, in a series of blog posts, weāve been emphasizing on the emergence of...
View ArticleClik here to view.
NetworkMiner 1.6 packet analyzer released
NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows that can detect the OS, hostname and open ports of network hosts through packet sniffing or by parsing a PCAP file. NetworkMiner can...
View ArticleClik here to view.
[Tool] XXE exploit automation - On The Outside, Reaching In 0.2
This has been my weekend project off and on since February. I would still consider it in a "preview" state, but I also think it's far enough along to be useful to at least a few people.The idea behind...
View ArticleClik here to view.
Securing Ubuntu-Desktop From the Bad-Guys, and the Good-Guys
Securing your Ubuntu Desktop OS from intrudersRecently I have become interested in securing my laptop from predators such as hackers, thieves, and law enforcement.To do this, I've explored various...
View ArticleClik here to view.
Onnto RAID Master rev358 for OS X - multiple remote vulnerabilities
I haven't managed to get any reply from Onnto after several weeks ofattempted contact.Onnto manufactures RAID peripherals and provides drivers and configurationutilities. As part of the install for...
View ArticleClik here to view.
T-Mobile webConnect Manager sysauth cookie leak in plain text via http...
########atk #1.txt###################################################################Ā Ā Ā Ā Ā Ā Ā Ā "...and it won't be the witches who'll be burning this time"...
View ArticleClik here to view.
Subrosa- Encrypted communication platform
It's free and open source, with no ads. Independently audited.click here ....Ā https://subrosa.io/
View ArticleClik here to view.
Metasploit: Adobe Reader for Android addJavascriptInterface Exploit
### This module requires Metasploit: http//metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##require 'msf/core'require 'msf/core/exploit/fileformat'require...
View ArticleClik here to view.
Metasploit: Easy File Management Web Server Stack Buffer Overflow
### This module requires Metasploit: http//metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##require 'msf/core'class Metasploit3 < Msf::Exploit::RemoteĀ Rank =...
View ArticleClik here to view.
A Not-So Civic Duty: Asprox Botnet Campaign Spreads Court Dates and Malware
FireEye Labs has been tracking a recent spike in malicious email detections that we attribute to a campaign that began in 2013. While malicious email campaigns are nothing new, this one is significant...
View ArticleClik here to view.
Long Live Macro Threats!
Whenever we refer to macro threats, we are reminded of those malicious macros in the old days which infect Microsoft Office documents. Contrary to popular belief, macro threats havenāt completely...
View ArticleClik here to view.
Android smartphone shipped with spyware
For the first time ever, the experts at the German security vendor have discovered a smartphone that comes with extensive spyware straight from the factory. The malware is disguised as the Google Play...
View ArticleClik here to view.
Creating An Antidote For Android Simplelocker Ransomware
In yesterday's blog post (How To Dissect Android Simplelocker Ransomware) we dissected the new Android Simplelocker ransomware.In this blog post we'll be creating an antidote for the ransomware to...
View ArticleClik here to view.
Metasploit: Java Debug Wire Protocol Remote Code Execution
### This module requires Metasploit: http//metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##require 'msf/core'class Metasploit3 < Msf::Exploit::RemoteĀ Rank =...
View ArticleClik here to view.
Rhainfosec XSS Challenge 2 - Writeup
Last week, we announced our second XSS challenge after the tremendous success of our first XSS challenge. The challenge was based upon a blacklist based protection and the goal was to execute...
View ArticleClik here to view.
[CVE-2014-3005]Zabbix 1.8.x-2.2.x Local File Inclusion via XXE Attack
Product name:ZabbixDescription:Zabbix is an enterprise-class open source distributed monitoring solution for networks and applications.Version affected:1.8.x-2.2.xType:XML External Entity...
View ArticleClik here to view.
neuterref- Google Chrome Extension to neuter referrer information that might...
This extension simply checks if the domain is currently gmail, if so it will attempt to kill any outbound links that are no to gmail using a "noreferrer" tag. A second mode of this is the "sensitive...
View ArticleClik here to view.
Bro network analysis framework 2.3 Release
We are happy to announce the release of Bro v2.3. more here.........http://blog.bro.org/2014/06/bro-23-release.html
View ArticleClik here to view.
Paper: DIVILAR: Diversifying Intermediate Language for Anti-Repackaging on...
App repackaging remains a serious threat to the emerging mobileapp ecosystem. Previous solutions have mostly focused on thepostmortem detection of repackaged apps by measuring similarityamong apps. In...
View Article