Clik here to view.
Tyupkin: Manipulating ATM Machines with Malware
Earlier this year, at the request of a financial institution, Kaspersky Lab's Global Research and Analysis Team performed a forensics investigation into a cyber-criminal attack targeting multiple ATMs...
View ArticleClik here to view.
Paper: Secure Key Storage and SecureComputation in Android
The increasing usage of smartphones also gains the interest of criminals who shift theirfocus from attacking, for example, internet banking in a browser to attacking mobilebanking using an application...
View ArticleClik here to view.
My Adventure With Fireeye FLARE Challenge
These are my (rather long) solutions to Fireeye’s FLARE challenge. This is just not the solution but other ways that I tried. This was a great learning experience for me so I am writing this post to...
View ArticleClik here to view.
Reverse Engineering Star Wars: Yoda Stories
I don't know why, but I've always gotten a kick out of reverse engineering data files for computer games. Although decompiling a game's code is a challenging task, data files are often much easier to...
View ArticleClik here to view.
Veil-Ordnance – Fast Stager Shellcode Generation
Generating shellcode is a task that nearly all pen testers have to do at some point, unless they write their own shellcode. The typical way of generating shellcode consists of using msfvenom, or the...
View ArticleClik here to view.
Cuckoo Sandbox 1.1.1
This is an immediate release of Cuckoo Sandbox 1.1.1, an hotfix for a security vulnerability discovered by Robert Michel from G-Data. The vulnerability is an arbitrary file upload from the guest...
View ArticleClik here to view.
Massive Moniker.com Breach, Valuable Domains Stolen
Yesterday Acro.net and his other site DomainGang.com posted two important articles related to a breach at Moniker.com . I wanted to write yesterday but I was pretty busy with other stuff, plus behind...
View ArticleClik here to view.
Nessus Web UI 2.3.3: Stored XSS
Nessus Web UI 2.3.3: Stored XSS=========================================================CVE number: CVE-2014-7280Permalink: http://www.thesecurityfactory.be/permalink/nessus-stored-xss.htmlVendor...
View ArticleClik here to view.
CVE-2014-4502 (Updated) : Invalid Handling of Length Parameter in Stratum...
Vulnerability title: Invalid Handling of Length Parameter in Stratummining.notify Message Leads to Heap OverflowCVE: CVE-2014-4502Affected version: SGMiner before 4.2.2, CGMiner before 4.3.5,...
View ArticleClik here to view.
CVE-2014-6251 : Stack Overflow in CPUMiner When Submitting Upstream Work
Vulnerability title: Stack Overflow in CPUMiner When Submitting UpstreamWorkCVE: CVE-2014-6251Affected version: CPUMiner before 2.4.1Reported by: Mick Ayzenberg of Deja vu SecurityDetails:A malicious...
View ArticleClik here to view.
Huge Data Leak at Largest U.S. Bond Insurer
On Monday, KrebsOnSecurity notified the Municipal Bond Insurance Association — the nation’s largest bond insurer — that a misconfiguration in a company Web server had exposed countless customer account...
View ArticleClik here to view.
How to steal access to over 500,000 bank accounts: The insider view of a...
Proofpoint security researchers have published an analysis that exposes the inner workings of a cybercrime operation targeting online banking credentials for banks in the United States and Europe. This...
View ArticleClik here to view.
NCR ATM API Documentation Available on Baidu
A recent ATM breach in Malaysia has caused havoc for several local banks. According to reports, approximately 3 million Malaysian Ringgit (almost 1 million USD) was stolen from 18 ATMs. There is no...
View ArticleClik here to view.
Escaping DynamoRIO and Pin - or why it's a worse-than-you-think idea to run...
Before we begin, I want to clarify that both DynamoRIO and Pin are great tools that I use all the time. Dynamic Binary Modification is a very powerful technique in general. However, both...
View ArticleClik here to view.
OpenSSH
OpenSSH lets you grant SFTP access to users without allowing full commandexecution using "ForceCommand internal-sftp". However, if you misconfigurethe server and don't use ChrootDirectory, the user...
View ArticleClik here to view.
[CERT VU#121036 / Multiple CVEs] RCE, domain admin creds leakage and more in...
Hi,tl;dr - I am releasing two 0 day exploits for BMC Track-It!. One is aRCE and the other gets you the domain admin and SQL database creds.Other minor vulns are also disclosed. Details below.CERT...
View ArticleClik here to view.
Exploit for CVE-2014-5207
I've been sitting on this for too long. CVE-2014-5207 was aninteresting bug found by Kenton Varda and Eric Biederman. Here's asomewhat ugly PoC root exploit. You'll need the ability to use...
View ArticleClik here to view.
Analyzing the Network Security Services Library
Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. It implements cryptographic functions in the...
View ArticleClik here to view.
DrayTek VigorACS SI (
Vigor ACS-SI Edition is a Central Management System for DrayTekrouters and firewalls,providing System Integrators or system administration personnel areal-time integratedmonitoring, configuration and...
View ArticleClik here to view.
Adobe Spyware Reveals (Again) the Price of DRM: Your Privacy and Security
The publishing world may finally be facing its “rootkit scandal.” Two independent reports claim that Adobe’s e-book software, “Digital Editions,” logs every document readers add to their local...
View Article