Clik here to view.
Of Scannings and Statistics
We have been engaged in scanning of the internet for its better health for over a year (we started with a few, then grew to a dozen). The decreases in abusable systems has dropped significantly in...
View ArticleClik here to view.
Get Your Hands Off My Laptop: Physical Side-Channel Key-Extraction Attacks On...
We demonstrated physical side-channel attacks on a popular software implementation of RSA and ElGamal, running on laptop computers. Our attacks use novel side channels and are based on the observation...
View ArticleClik here to view.
HowTo: Debug Android APKs with Eclipse and DDMS
Simply out of necessity I've written this mini-tutorial how debug android APKs using Eclipse and DDMS. After hours of wild googling these are the steps to make your APK debuggable under Eclipse. I'll...
View ArticleClik here to view.
Ransomware Race (part 5): SynoLocker's unkept promises
We believe you should never pay a ransom to online criminals. The reason is quite simple. File-encrypting ransomware holds the victim's personal files "at ransom" until a payment is made. For the...
View ArticleClik here to view.
Ducky USB - Indicators of Compromise (IOCs)
A brief paper on the Ducky USB pentest device; indicators of compromise on a system and risk mitigation from this attack vector...
View ArticleClik here to view.
Attacking financial malware botnet panels - SpyEye
This is the second blog post in the "Attacking financial malware botnet panels" series. After playing with Zeus, my attention turned to another old (and dead) botnet, SpyEye. From an ITSEC perspective,...
View ArticleClik here to view.
NCCIC / US-CERT National Cyber Awareness System: TA14-212A: Backoff...
This is one of the more descriptive alerts from US-Cert I have seen in awhile. We have discussed Backoff Point-of-Sale Malware on several occasions but here it is again for those interested in seeing...
View ArticleClik here to view.
Paper: Peeking into Your App without Actually Seeing It: UI State Inference...
The security of smartphone GUI frameworks remains an important yet under-scrutinized topic. In this paper, we report that on the Android system (and likely other OSes), a weaker form of GUI...
View ArticleClik here to view.
Fuzzing browsers in 2014 (and may be for a few more years...)
Since the release of Nduja fuzzer I've received a lot of positive and encouraging feedbacks from the infosec community.Two years after, pushed by @antisnatchor, I decided to move forwards my fuzzing...
View ArticleClik here to view.
[ROOT] HubCap Chromecast Root Release!
We’re happy to announce that fail0verflow, GTVHacker, and Team-Eureka have jointly discovered and exploited a new vulnerability in the Chromecast which allows root access on the current software build...
View ArticleClik here to view.
Air Transfer Iphone 1.3.9 - Multiple Vulnerabilities
# Exploit Title: Air Transfer Iphone v1.3.9 -Remote crash, Broken Authentication file download and Memo Access.# Date: 08/23/2014# Author: Samandeep Singh (SaMaN - @samanL33T )# Vendor...
View ArticleClik here to view.
Videos for Day 1 & 2 of Malware Dynamic Analysis class posted
We’ve heard lots of requests for Veronica Kovah’s (Sr. Infosec Eng/Scientist at MITRE) Malware Dynamic Analysis class videos to be posted. They were delayed primarily due to Xeno being too busy to run...
View ArticleClik here to view.
PlayStation Network Suffers DDOS and Bomb Threat Against Sony President John...
Like other major networks around the world, the PlayStation Network and Sony Entertainment Network have been impacted by an attempt to overwhelm our network with artificially high traffic.Although this...
View ArticleClik here to view.
OS X kASLR defeat using sgdt
sgdt is an unprivileged instructions, a process at any privilege levelcan execute sgdt to get the address of that processor's Global Descriptor Tablepmap.h has the following commentmore...
View ArticleClik here to view.
Analysis of Tuscas
Tuscas is a threat that steals passwords and other sensitive information from the compromised computer. Tuscas seems to be written in FASM, a low-level assembler.The CLIENT.DLL library is injected in...
View ArticleClik here to view.
Remote Code Execution in PHP Explained - Part 1
This is a two part article about code execution in PHP. It’s a very detailed article and contains references from other sources as well. I will discuss about some of the mistakes done by PHP developers...
View ArticleClik here to view.
Protecting VMWare from CPUID hypervisor detection
One of the less-known anti-sandbox detection tricks relies on the instruction CPUID that is executed with EAX=1 as an input parameter. When executed the values returned by general purpose registers...
View ArticleClik here to view.
Another country-sponsored #malware: Vietnam APT Campaign
This is a team work analysis, we have at least 5 (five) members involved with this investigation.The case that is about to be explained here is an APT case. Until now, we were (actually) avoiding APT...
View ArticleClik here to view.
Barracuda Networks Web Security Flex v4.1 - Persistent Vulnerabilities...
Document Title:===============Barracuda Networks Web Security Flex v4.1 - Persistent Vulnerabilities (BNSEC-699)References...
View ArticleClik here to view.
Barracuda Networks Web Security Flex Appliance Application v4.x - Filter...
Document Title:===============Barracuda Networks Web Security Flex Appliance Application v4.x - Filter Bypass & Persistent Vulnerabilities (BNSEC 707)References...
View Article