Clik here to view.
Microsoft Security Update for Disabling RC4 in .NET TLS
Microsoft is announcing the availability of an update for Microsoft .NET Framework that disables RC4 in Transport Layer Security (TLS) through the modification of the system registry. Use of RC4 in TLS...
View ArticleClik here to view.
Hackers chop at Ancestry.com’s family tree with gnarly DDOS attack- this is...
Ancestory.com was breached by a mysterious and massive DDOS attack that completely shut down the popular website for nearly 24 hours.The attack flooded Ancestry‘s servers with bogus traffic that...
View ArticleClik here to view.
At least 32,000 servers broadcast admin passwords in the clear, advisory warns
An alarming number of servers containing motherboards manufactured by Supermicro continue to expose administrator passwords despite the release of an update that patches the critical vulnerability, an...
View ArticleClik here to view.
Modern Honey Network
Multi-snort and honeypot sensor management, uses a network of VMs, small footprint SNORT installations, stealthy dionaeas, and a centralized server for management.more...
View ArticleClik here to view.
LOVE is not A8 D4 58 C4: A Study in XOR
Many thanks to Mr.Sketchymoose for giving me this blog post idea. Its a pretty basic concept but people generally use tools to figure it out. However, I thought it would be better to show how these...
View ArticleClik here to view.
Case Study: Complexities of “simple” malware
You know when you pull a string on a sweater and it just keeps going and going? You wonder when or if it will ever stop? From time to time, that’s how malware can feel. Even if you’re not a website...
View ArticleClik here to view.
Darkness Still Lurks
Darkness, a.k.a. Optima, is a bot that majors in performing distributed denial-of-service (DDoS) attacks. This botnet is an old one that has been in the Russian cybercrime underground market for a long...
View ArticleClik here to view.
Paper: Path Conditions and Principal Matching: A New Approach to Access Control
Traditional authorization policies are user-centric, in the sense that authorization is defined, ultimately, in terms of user identities. We believe that this user-centric approach is inappropriate for...
View ArticleClik here to view.
Metasploit: AlienVault OSSIM av-centerd Command Injection
### This module requires Metasploit: http//metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##require 'msf/core'require 'rexml/document'class Metasploit3 <...
View ArticleClik here to view.
Dyreza - The Banking Trojan is Back
Researchers recently discovered a new banking Trojan that, like the recently fallen ZeuS botnet, is also capable of bypassing SSL. Some speculation even suggests that this baddy is filling the empty...
View ArticleClik here to view.
APT Kill chain - Part 4 : Initial compromise
This blog post is part of a series on APT killchain. In the previous step, we've seen how the attacker used reconnaissance techniques to collect data on its target. Now we will focus on the initial...
View ArticleClik here to view.
CVE-2014-4014: Linux Kernel Local Privilege Escalation "exploitation"
The CLONE_NEWUSER namespace was introduced in Linux 2.6.23 and completed in Linux 3.8 (and starting from 3.8, unprivileged processes can create user namespaces). It is used to isolate the user and...
View ArticleClik here to view.
Isolated Heap & Friends - Object Allocation Hardening in Web Browsers
In a recent Microsoft Patch Tuesday, Internet Explorer recently introduced a new heap protection aimed at making the exploitation of use-after-free vulnerabilities more difficult. This blog post...
View ArticleClik here to view.
#9 Blitzanalysis: Embassy of Greece Beijing - Compromise
t's friday afternoon, I had a bit of free time and stumbled across this tweet by PhysicalDrive0 (thx!) two hours ago and thought to give it a try to finally add a new article to this Blog (first of...
View ArticleClik here to view.
What You Must Know About OS Fingerprinting
For those of us in the information technology field, there are two reasons why we should understand operating system fingerprinting.The first reason is to better design and implement security controls...
View ArticleClik here to view.
American Express customers receiving new breach notifications
Customers of American Express are starting to get a new round of breach notification letters. This time, the letters (mostly identical in wording) are due to two separate incidents, but the full impact...
View ArticleClik here to view.
XSS on Epson site
Epson site-*******************************************************************************************************************Advisory: pos.epson.com – Cross-Site Script Vulnerability (XSS) Advisory...
View ArticleClik here to view.
XSS on Panasonic site
*******************************************************************************************************************Advisory: security.panasonic.com – Cross-Site Script Vulnerability...
View ArticleClik here to view.
PlayDrone- A Google Play Crawler
Although millions of users download and use third-partyAndroid applications from the Google Play store, littlein formation is known on an aggregated level about theseapplications. We have built...
View ArticleClik here to view.
libFNR - A reference implementation library for FNR encryption scheme
FNR represents "Flexible Naor and Reingold"FNR is a small domain block cipher to encrypt small domainobjects ( < 128 bits ) like IPv4, MAC, Credit Card numbers etc.more...
View Article