Clik here to view.
Analysis of Chinese MITM on Google
The Chinese are running a MITM attack on SSL encrypted traffic between Chinese universities and Google. We've performed technical analysis of the attack, on request from GreatFire.org, and can confirm...
View ArticleClik here to view.
CVE-2014-0496 Adobe Pdf Exploit ToolButton
"Just a quick Ctrl C and Ctrl V" says physicaldrive0 here......http://pastebin.com/AuA2zt0q
View ArticleClik here to view.
VBKlip 2.0: no clipboard, but Matrix-like effects
In the last few weeks we received information about a new kind of malware, similar to the VBKlip malware family. However, while reading these incident reports we got a bit of a science-fiction feeling....
View ArticleClik here to view.
Security and the Rise of Snakeoil
There are more and more people who are starting to realise what sort of trap they ended up in by using the internet. While they desperately want to do something about it, they might not have the...
View ArticleClik here to view.
Windows Internals - A look into SwapContext routine
Hi, Here I am really taking advantage of my summer vacations and back again with a second part of the Windows thread scheduling articles. In the previous blog post I discussed the internals of quantum...
View ArticleClik here to view.
Bank security – Barclays to offer vein-scanner to big accounts
Barclays Bank is to allow remote log-ons using a hi-tech vein-scanning biometric bank security system for large corporate accounts, according to Engineering and Technology magazine. The bank security...
View ArticleClik here to view.
Gaps in corporate network security: ad networks
‘Malvertising‘ is a relatively new term for a technique used to distribute malware via advertising networks, which have long since become a popular medium among cybercriminals. In the past four years,...
View ArticleClik here to view.
Analysing Android files
In this post I'll simply be listing several tools to analyse (malicious) Android files. All tools or scanners listed are free to use.more...
View ArticleClik here to view.
Modern anti-spam and E2E crypto
- how does antispam currently work at large email providers - how would widespread E2E crypto affect this - what are the options for moving things to the client (and pros, cons) - is this...
View ArticleClik here to view.
Nuclear Exploit Kit and Flash CVE-2014-0515
For this blog, we'd like to walk you through a recent attack involving Nuclear Exploit Kit (EK) that we analyzed. It was found leveraging CVE-2014-0515, a buffer overflow in Adobe Flash Player...
View ArticleClik here to view.
Wordpress Plugins Premium Gallery Manager Unauthenticated Configuration...
#Exploit Title : Wordpress Plugins Premium Gallery Manager Unauthenticated Configuration Access Vulnerability#Author : Hannaichi [@dntkun]#Date : February 5th, 2014#Type : php, html, htm, asp,...
View ArticleClik here to view.
MyBB User Social Networks Plugin 1.2 - Stored XSS
# Exploit Title: User Social Networks MyBB Plugin 1.2 - Cross Site Scripting# Google Dork: N/A# Date: 05.09.2014# Exploit Author: Fikri Fadzil - fikri.fadzil@impact-alliance.org# Vendor Homepage - N/A#...
View ArticleClik here to view.
Stupid Spammer Tricks – Reversing Characters
Spammers engaged in phishing attacks constantly try to get their emails past spam filters. They try many different tactics, and these can include taking advantage of HTML coding characteristics. These...
View ArticleClik here to view.
Reverse engineering a counterfeit 7805 voltage regulator
Under a microscope, a silicon chip is a mysterious world with puzzling shapes and meandering lines zigzagging around, as in the magnified image of a 7805 voltage regulator below. But if you study the...
View ArticleClik here to view.
Threat: Cryptographic Locker- Ransomware on a Budget
Cryptographic Locker is a new variant of ransomware that aims to provide ransomware services to those on a budget. Delivered primarily as a secondary dropper, Cryptographic Locker does what every other...
View ArticleClik here to view.
Joomla Spider Calendar
#!/usr/bin/env python### Exploit Title : Joomla Spider Calendar <= 3.2.6 SQL Injection## Exploit Author : Claudio Viviani## Vendor Homepage : http://web-dorado.com/## Software Link :...
View ArticleClik here to view.
Reversing a 16-bit NE File Part 1: Clumsy and Unprepared
A friend and I were reminiscing about the hacking we were doing around 15 years ago. It got me thinking about an old AOL cracking program called Sabotage. So I found a copy on an old AOL hacking...
View ArticleClik here to view.
Bypassing a python sandbox by abusing code objects
Awhile ago, I stumbled upon a service that let you write python-bots to interact with a number of external services. The basic idea was that you only had to worry about your logic, and they would...
View ArticleClik here to view.
Windows Exploit Development – Part 7: Unicode Buffer Overflows
In this seventh installment of the Windows Exploit Development Series, I’ll introduce Unicode Buffer Overflows. We’ll start with a brief introduction to Unicode (what it is and why/how it’s used in...
View ArticleClik here to view.
Rootkit Debugging (runtime2 postmortem) - SwishDbgExt, SysecLabs script, etc.
Today we're going to be doing some rootkit debugging, specifically regarding runtime2, with a bit of a twist! I have a ton of rootkit debugging posts coming in the next few weeks, as I've decided to...
View Article