Clik here to view.
Mpay24 prestashop payment module multiple vulnerabilities
Mpay24 PrestaShop Payment Module Multiple Vulnerabilities - · Affected Vendor: Mpay24 - · Affected Software: Mpay24 Payment Module - · Affected Version: 1.5 and earlier...
View ArticleClik here to view.
ntopng 1.2.0 XSS injection using monitored network traffic
On 25.08.2014 21:48, Steffen Bauch wrote:ntopng 1.2.0 XSS injection using monitored network trafficntopng is the next generation version of the original ntop, a networktraffic probe and monitor that...
View ArticleClik here to view.
Automated LinkedIn Social Engineering Attacks
Corporations perform penetration tests on their network, web applications, physical infrastructure in order to find and fix vulnerabilities. In the same, way for the last decade these institutions have...
View ArticleClik here to view.
Technical analysis of client identification mechanisms
In common use, the term “web tracking” refers to the process of calculating or assigning unique and reasonably stable identifiers to each browser that visits a website. In most cases, this is done for...
View ArticleClik here to view.
vBulletin 4.0.x - 4.1.2 (search.php, cat param) - SQL Injection Exploit
# vBulletin 4.0.x => 4.1.2 AUTOMATIC SQL Injection exploit# Author: D35m0nd142, <d35m0nd142@gmail.com># Google Dork: inurl:search.php?search_type=1# Date: 02/09/2014# Vendor Homepage:...
View ArticleClik here to view.
Analysis of Havex
Havex is a well-known RAT. Recently a new plugin appeared and it targets ICS/SCADA systems. We found many different samples. Let’s start by looking at onemore...
View ArticleClik here to view.
Slider Revolution Plugin Critical Vulnerability Being Exploited
Mika Epstein, Ipstenu, of Dreamhost, notified us today of a serious vulnerability in the WordPress Slider Revolution Premium plugin which was patched silently.It turns out that the vulnerability was...
View ArticleClik here to view.
Finding Android SSL Vulnerabilities with CERT Tapioca
Hey, it's Will. In my last blog post, I mentioned the release of CERT Tapioca, an MITM testing appliance. CERT Tapioca has a range of uses. In this post, I describe one specific use for it: automated...
View ArticleClik here to view.
Using BGP Data to Find Spammers
It’s long been assumed that Spammers use a technique called IP squatting to get around IP reputation lists and to make it harder to find the real source of the spammers. In this blog we’ll take a...
View ArticleClik here to view.
Update on DecryptCryptoLocker
A month ago Fox-IT and FireEye announced the DecryptCryptoLocker service, which provides free private keys to victims of the CryptoLocker Malware. We decided not only to share the information with...
View ArticleClik here to view.
Akamai Warns of IptabLes and IptabLex Infection on Linux, DDoS attacks
Akamai® Technologies, Inc. (NASDAQ: AKAM), the leading provider of cloud services for delivering, optimizing and securing online content and business applications, today released, through the company's...
View ArticleClik here to view.
Forced to Adapt: XSLCmd Backdoor Now on OS X
FireEye Labs recently discovered a previously unknown variant of the APT backdoor XSLCmd – OSX.XSLCmd – which is designed to compromise Apple OS X systems. This backdoor shares a significant portion of...
View ArticleClik here to view.
Backtrace POC - StackStrings
There are a number of tools that cover char strings in IDA. If you are not familiar with char strings it's a low hanging obfuscation technique to thwart analyst from viewing the strings inside of an...
View ArticleClik here to view.
A Funny Thing Happened on the Way to Coursera
I’m excited to be teaching Stanford Law’s first Coursera offering this fall, on government surveillance. In preparation, I’ve been extensively poking around the platform; while I found some snazzy...
View ArticleClik here to view.
Malware Using the Registry to Store a Zeus Configuration File
A few weeks ago I came across a sample that was reading from and writing a significant amount of data to the registry. Initially, it was thought that the file may be a binary, but after some analysis...
View ArticleClik here to view.
107,000 web sites no longer trusted by Mozilla
Mozilla's Firefox and Thunderbird recently removed 1024-bit certificate authority (CA) certificates from their trusted store. This change was announced to the various certificate authorities in May of...
View ArticleClik here to view.
Paper: IMSI-Catch Me If You Can: IMSI-Catcher-Catchers
IMSI Catchers are used in mobile networks to identify andeavesdrop on phones. When, the number of vendors increasedand prices dropped, the device became available tomuch larger audiences. Self-made...
View ArticleClik here to view.
Fresh phish served with a helping of AES
Obfuscated phishing sites are nothing new. Various techniques such as JavaScript encryption tools (which offer very primitive obfuscation), data URIs (where the page content is mostly Base64-encoded),...
View ArticleClik here to view.
Vawtrak Gains Momentum and Expands Targets
Vawtrak is the security industry's name for the latest version the 64-bit compatible Gozi Prinimalka Trojan, a family of malware first conceived in the mid-2000's. Recently, PhishLabs’ R.A.I.D...
View ArticleClik here to view.
Security issues in WordPress XML-RPC DDoS Explained
A number of months ago a DDoS attack against a website used a functionality in all WordPress sites since 2005 as an amplification vector. According to one report more than 162,000 WordPress Sites sent...
View Article