Clik here to view.
Cyber Intelligence abusing Internet Explorer to perform Targeted Attacks
A "mandatory" step to achieve a complete and successful targeted attack is the so called: "Cyber Intelligence Phase". By definition every targeted attack owns at least one specific characteristic which...
View ArticleClik here to view.
Koler – The ‘Police’ ransomware for Android [PDF]
At the beginning of May 2014, we detected a new mobile ransomware namedAndroidOS.Koler.a. As the name suggests, this affects mobile devices running Google’sAndroid operating system.Once the malicious...
View ArticleClik here to view.
Wardriving with Kismet and WAPMap
I have written this Python script to parse .netxml files output by Kismet and then return a CSV file that can be uploaded to Google Mapping Engine. This will simplify war driving campaigns by allowing...
View ArticleClik here to view.
Cisco Cloud Services Router 1000V and the Virtual Matryoshka
Recently we started playing around with Cisco’s virtual router, the CSR 1000V, while doing some protocol analysis. We found Cisco offering an BIN file for download (alternatively there is an ISO file...
View ArticleClik here to view.
Bypass iOS Version Check and Certification validation
Certain iOS applications check for the iOS version number of the device. Recently, during testing of a particular application, I encountered an iOS application that was checking for iOS version 7.1. If...
View ArticleClik here to view.
Infinity Exploit Kit Remote Code Execution
Infinity is a web exploit kit that operates by delivering a malicious payload to the victim's computer. Remote attackers can infect users with Infinity exploit kit by enticing them to visit a malicious...
View ArticleClik here to view.
Session Hijacking in Instagram Mobile App via MITM Attack [ 0-DAY ]
In this post, I am going to share a new critical issue that I have identified on Instagram Mobile App. During my tests on their android app, I have set-up a lab to pentest the app. Then I started using...
View ArticleClik here to view.
Hackers Plundered Israeli Defense Firms that Built ‘Iron Dome’ Missile...
Three Israeli defense contractors responsible for building the “Iron Dome” missile shield currently protecting Israel from a barrage of rocket attacks were compromised by hackers and robbed of huge...
View ArticleClik here to view.
Far East Targeted by Drive by Download Attack
On the 21st of July, 2014, Cisco TRAC became aware that the website dwnews.com was serving malicious Adobe Flash content. This site is a Chinese language news website covering events in East Asia from...
View ArticleClik here to view.
Oxwall 1.7.0 - Remote Code Execution Exploit
#!/usr/bin/env python### Oxwall 1.7.0 Remote Code Execution Exploit### Vendor: Oxwall Software Foundation# Product web page: http://www.oxwall.org# Affected version: 1.7.0 (build 7907 and 7906)##...
View ArticleClik here to view.
Oxwall 1.7.0 - Multiple CSRF And HTML Injection Vulnerabilities
<!--Oxwall 1.7.0 Multiple CSRF And HTML Injection VulnerabilitiesVendor: Oxwall Software FoundationProduct web page: http://www.oxwall.orgAffected version: 1.7.0 (build 7907 and 7906)Summary: Oxwall...
View ArticleClik here to view.
Forensics for Pen Testers – Part 2
Converting dd image to vmdk for analysismore here............http://securenetworkmanagement.com/forensics-for-pen-testers-part-2/
View ArticleClik here to view.
Changes in the Asprox Botnet
Asprox, a.k.a. Zortob, is an old botnet that was uncovered in 2007. It is known to spread by arriving as an attachment in spam emails that purport to be from well-known companies. The attachment itself...
View ArticleClik here to view.
Efficacy of MemoryProtection against use-after-free vulnerabilities
As of the July 2014 patch of Internet Explorer, Microsoft has taken a major step in the evolution of exploit mitigations built into its browser. The new mitigation technology is called MemoryProtection...
View ArticleClik here to view.
seL4 is now open source
The world's first operating-system kernel with an end-to-end proof of implementation correctness and security enforcement is now open sourcemore here......................http://sel4.systems/
View ArticleClik here to view.
Threat Recon API Version 1.0
Threat Recon™ is a new threat-intelligence API developed by Wapack Labs and powered by GO. The Threat Recon™ API lets you search both open-sourced and proprietary intelligence to provide a more...
View ArticleClik here to view.
WiFi HD v7.3.0 iOS - Multiple Web Vulnerabilities
Document Title:===============WiFi HD v7.3.0 iOS - Multiple Web VulnerabilitiesReferences (Source):====================http://www.vulnerability-lab.com/get_content.php?id=1283Release...
View ArticleClik here to view.
How to take over the computer of any Java (or Clojure or Scala) developer
The other day I started hacking on a Clojure project of mine, when I saw my firewall display this:I’m downloading clojure.jar from http//repo.maven.apache.org over port 80! This means that I’m going to...
View ArticleClik here to view.
Paper: When Governments Hack Opponents: A Look at Actors and Technology
Repressive nation-states have long monitored telecommunica-tions to keep tabs on political dissent. The Internet and onlinesocial networks, however, pose novel technical challenges tothis practice,...
View ArticleClik here to view.
Hack in Paris 2014 talks uploaded on the Sysdreamlab Youtube channel
This include presentations titled "Breaking through the bottleneck : mobile malware is outbreak spreading like wildfire", "ARM AARCH64 writing exploits for the new arm architecture", "Splinter the rat...
View Article