Clik here to view.
OfficeMalScanner helps identify the source of a compromise
While working a recent forensics case I had the opportunity to spread the proverbial wings a bit and utilize a few tools I had not prior.In the midst of building my forensic timeline I set out to...
View ArticleClik here to view.
How Reuters got compromised by the Syrian Electronic Army
Earlier today, Reuters was compromised by the Syrian Electronic Army. It isn’t the first time that occurs. Anyone who would visit try to visit a story about Syria, would be redirected to a page hosted...
View ArticleClik here to view.
Guide to building the Tastic RFID Thief
The Tastic RFID Thief has been around since late 2013, and since I've had a tremendous amount of requests asking how to build it, I thought that this blog post would be of justice to the tastic.About...
View ArticleClik here to view.
CVE-2013-2729 and Andromeda 2.9 - A Massive HSBC themed email campaign
This week we intercepted quite a few unsolicited emails appearing to be from HSBC. The emails arrive with the subject line "Unable to process your most recent Payment".The recipient is invited to view...
View ArticleClik here to view.
BF and XSS vulnerabilities in Zyxel P660RT2 EE
These are Brute Force and Cross-Site Scripting vulnerabilities in ZyxelP660RT2 EE ADSL Router.-------------------------Affected products:-------------------------Vulnerable is the next model: Zyxel...
View ArticleClik here to view.
Maltrieve
A tool to retrieve malware directly from the source for security researchers.more here.........https://github.com/technoskald/maltrieve
View ArticleClik here to view.
HTTP Cache Poisoning Explained
It's not safe to use HTTP reverse proxy or also known as balancer on cached web.As RFC 7234 section security describeread more.............http://blog.rop.io/http-cache-poisoning-explained.html
View ArticleClik here to view.
Paper: Hacking Blind
Abstract—We show that it is possible to write remote stackbuffer overflow exploits without possessing a copy of the targetbinary or source code, against services that restart after a crash.This makes it...
View ArticleClik here to view.
RISK ASSESSMENT / SECURITY & HACKTIVISM “Free” Wi-Fi from Xfinity and AT&T...
Ars tests how easy it is to spoof big broadband providers to grab data.If you've traveled and tried to get on the Internet, you've probably seen some pretty suspicious looking Wi-Fi networks with names...
View ArticleClik here to view.
For those unaware of this issue already US-CERT just issued this alert: Risks...
Multiple weaknesses exist in several server platforms employing IPMI. Exploitation of these vulnerabilities could allow an attacker to take control of the affected system or expose sensitive server...
View ArticleClik here to view.
SOLVING FUSION LEVEL 5
Recently I started playing with the virtual machines from exploit-exercises.com and decided to do some write-ups on some levels from the “Fusion” VM starting of with level 5 which is stack based...
View ArticleClik here to view.
An introduction to gikdbg.art (aka Android Ollydbg) attaching Towelroot
his post will provide the following:Introduction to gikdbg.artSetup of the environmentQuick introduction on attaching the TowelRoot exploit (libexploit.so)more...
View ArticleClik here to view.
Android KeyStore Stack Buffer Overflow: To Keep Things Simple, Buffers Are...
Nine months ago, my team came across a classic stack-based buffer overflow in the Android KeyStore service.+more here........... http://ibm.co/1pbk4yHandhere.... http://slidesha.re/1nxBnmY
View ArticleClik here to view.
SpamTitan contains a reflected cross-site scripting (XSS) vulnerability...
I. VULNERABILITY-------------------------Reflected XSS in SpamTitan 6.01II. BACKGROUND-------------------------SpamTitan offers the best protection for your email on the market. Weconsistently block...
View ArticleClik here to view.
Microsoft Security Newsletter - June 2014
Trustworthy Computing | June 2014Microsoft Security NewsletterWelcome to June’s Security Newsletter!Last month, we covered the top threats facing enterprise organizations and how to help...
View ArticleClik here to view.
Verifying ASLR, DEP, and SafeSEH with PowerShell
Today I am releasing a PowerShell script that easily displays whether DLLs and EXEs are compiled with ASLR (Address Space Layout Randomization), DEP (Data Execution Prevention), and SafeSEH (Structured...
View ArticleClik here to view.
iOS 7.1.1 Untethered Jailbreak release
http://www.reddit.com/r/jailbreak/co...team_has_been/http://pangu.io/Whatever version of iOS 7 you're currently on, I recommend you clean restore and update to 7.1.1 through iTunes (no OTA). Yes, even...
View ArticleClik here to view.
ZBOT-UPATRE Far From Game Over, Uses Random Headers
TROJ_UPATRE, the most common malware threat distributed via spam, is known for downloading encrypted Gameover ZeuS onto affected systems. This ZeuS variant, in turn, is known for its use of...
View ArticleClik here to view.
#10 Malware spread over Facebook - TrojanDownloader:Java/Carastavona.E
Earlier today, I stumbled upon a blogpost by Bitdefender which describes a malware sample that spreads across Facebook...
View ArticleClik here to view.
And Another Article on Domain Generation Algorithm (DGA)
We all know there have been (and still is) a lot of malware lurking around the Internet. It’s quite usual today that once the victims get infected, they call back to the command and control (C&C)...
View Article