Clik here to view.
Organised Crime Groups Exploiting Hidden Internet Online Criminal Service...
The 2014 iOCTA (Internet Organised Crime Threat Assessment), published today by Europol's European Cybercrime Centre (EC3), describes an increased commercialisation of cybercrime.A service-based...
View ArticleClik here to view.
Reverse Engineering Wireless Pro Studio Lighting
At Zoetrope we always want to make sure our photos look as good as possible, this means ensuring the lighting is perfect for every shot. We currently use a number of Lencarta UltraPro 300 studio...
View ArticleClik here to view.
Signed CryptoWall delivered via widespread
This evening, Barracuda Labs’ URL analysis system detected drive-by downloads originating from five Alexa top-ranked websites: hindustantimes[.]com, bollywoodhungama[.]com, one[.]co[.]il,...
View ArticleClik here to view.
Introducing Universal SSL
The team at CloudFlare is excited to announce the release of Universal SSL™. Beginning today, we will support SSL connections to every CloudFlare customer, including the 2 million sites that have...
View ArticleClik here to view.
Paper: The SPEKE Protocol Revisited
In a forthcoming paper (to be presented at SSR’14), we (with Siamak Shahandashti) present some new attacks on SPEKE, an internationally standardized protocol. The idea originated from a causal chat...
View ArticleClik here to view.
Microsoft Exchange IIS HTTP Internal IP Address Disclosure
# Exploit Title: Microsoft Exchange IIS HTTP Internal IP Disclosure Vulnerability# Google Dork: NA# Date: 08/01/2014# Exploit Author: Nate Power# Vendor Homepage: microsoft.com# Software Link: NA#...
View ArticleClik here to view.
Generic Keylogger Detection with Joe Sandbox X
In our last blog post we have demonstrated some of the features of our new product Joe Sandbox X by analyzing the recent malware "xslcmd" (MD5: 60242ad3e1b6c4d417d4dfeb8fb464a1). It has been...
View ArticleClik here to view.
Disarming EMET v5.0
In our previous Disarming Emet 4.x blog post, we demonstrated how to disarm the ROP mitigations introduced in EMET 4.x by abusing a global variable in the .data section located at a static offset. A...
View ArticleClik here to view.
PE Trick #1: A Codeless PE Binary File That Runs
One of the annoying things of my Windows Internals/Security research is when every single component and mechanism I’ve looked at in the last six months has ultimately resulted in me finding very...
View ArticleClik here to view.
Private Photo Vault: Not So Private
One of the most popular App Store applications, Private Photo Vault (Ultimate Photo+Video Manager) claims over 3 million users, and that your photos are “100% private”. The application, however, stores...
View ArticleClik here to view.
Firewall Evasion with ICMP (PingTunnel)
Most networks today use a network based access control system to permit certain traffic and deny others. Since the inception of firewalls and web filters users (and malware) working behind them have...
View ArticleClik here to view.
Redpoint: Schneider/Modicon PLC Enumeration
Our Stephen Hilt released another Project Redpoint script as part of his DerbyCon presentation on Sunday. Modicon-info.nse will identify PLC’s and other Schneider Electric/Modicon devices on the...
View ArticleClik here to view.
AES-256 Is Not Enough: Breaking a Bootloader
I'd been pushing hard trying to get a demo of how you can break an AES-256 bootloader. This type of bootloader is often used in products for protecting firmware updates and a good demonstration of why...
View ArticleClik here to view.
Analysis of code4HK
ToolsBaksmali: An assembler/disassembler for the dex format used by dalvikDroidbox: A dynamic sandbox, to perform dynamic analysis of Android applicationsAndroid SDK: Android software development...
View ArticleClik here to view.
All In One Wordpress Firewall 3.8.3 - Persistent Vulnerability
Document Title:===============All In One Wordpress Firewall 3.8.3 - Persistent VulnerabilityReferences (Source):====================http://www.vulnerability-lab.com/get_content.php?id=1325Release...
View ArticleClik here to view.
PayPal Inc Bug Bounty #71 PPM - Persistent Filter Vulnerability
Document Title:===============PayPal Inc Bug Bounty #71 PPM - Persistent Filter VulnerabilityReferences (Source):====================http://www.vulnerability-lab.com/get_content.php?id=870PayPal...
View ArticleClik here to view.
PayPal Inc Bug Bounty #59 - Persistent Mail Encoding Vulnerability
Document Title:===============PayPal Inc Bug Bounty #59 - Persistent Mail Encoding VulnerabilityReferences (Source):====================http://www.vulnerability-lab.com/get_content.php?id=844PayPal...
View ArticleClik here to view.
Five Anti-Analysis Tricks That Sometimes Fool Analysts
No malware author wants an analyst snooping around their code, so they employ tricks to inhibit analysis.Along with visualization technology like VMware, debuggers are also targeted by malware. This is...
View ArticleClik here to view.
Adobe Flash 14.0.0.145 copyPixelsToByteArray() Heap Overflow
/*<html><head> <title>CVE-2014-0556</title> </head><body><object id="swf" width="100%" height="100%" data="NewProject.swf"...
View ArticleClik here to view.
A secure and private browser sandbox
A patchwork set of standards and rules is creating an unsafe web. Cross-site attacks are too common and privacy leaks have become the norm. There’s no reason it has to be like this. In this article I...
View Article