Clik here to view.
KdExploitMe
A kernel driver to practice writing exploits against, as well as some example exploits using public techniques.more here........https://github.com/clymb3r/KdExploitMe
View ArticleClik here to view.
China ELF botnet malware infection & distribution scheme unleashed
There are so many ELF malware infection with the multiple type of backdoors and DDoS'ers originated from China.more...
View ArticleClik here to view.
Gov.uk quietly disrupts the problem of online identity login
The government’s own expert digital design team have spent three years building a new, safe system for verifying user’s identities - now in action on gov.ukmore...
View ArticleClik here to view.
Paper: Cross-Tenant Side-Channel Attacks in PaaS Clouds
We present a new attack framework for conducting cach-based side-channel attacks and demonstrate this frameworkin attacks between tenants on commercial Platform-as-a-Service (PaaS) clouds. Our...
View ArticleClik here to view.
What Do Attackers Do After Bypassing Defenses?
Vectra Networks, a leader in real-time detection of incoming cyber-attacks, recently discovered from results the first edition of The Post Breach Industry Report, an industry study using real-world...
View ArticleClik here to view.
Google Calender XSS
The journey of this report start with Google Bug Bounty on August 2014 and will be focus on Google Apps for domains which is admin.google.com.In admin console there's component called Google Apps which...
View ArticleClik here to view.
[ SUPER FUNDAY MINI SERIES : LINE FORENSIC ARTIFACTS - ANDROID EDITION ]
This is the 2nd article in the “Super Funday Mini Series” about recovering forensics artifacts from mobile applications for your digital forensics investigations.more...
View ArticleClik here to view.
The Dangers of Hosted Scripts – Hacked jQuery Timers
Google blacklisted a client’s website claiming that malicious content was being displayed from forogozoropoto.2waky.com.A scan didn’t reveal anything suspicious. The next step was to check all...
View ArticleClik here to view.
China suspected of breaching U.S. Postal Service computer networks
Chinese government hackers are suspected of breaching the computer networks of the United States Postal Service, compromising the data of more than 800,000 employees.more...
View ArticleClik here to view.
BrowserStack: “We did get hacked.”
BrowserStack, the cross-browser testing tool website, has not had a very good weekend. There was a compromise and a rather odd email was sent to customers.more...
View ArticleClik here to view.
Hacking SQL Server Stored Procedures – Part 1: (un)Trustworthy Databases
SQL Server allows DBAs to set databases as “trustworthy”. In a nutshell that means the trusted databases can access external resources like network shares, email functions, and objects in other...
View ArticleClik here to view.
Playing with MS14-060 and MS14-058 [CVE-2014-4113 CVE-2014-4114] : Attacks...
Recently two 0-day exploits were revealed. The first one was given the name Sandworm, however the name convention was mistakenly including the “worm” term as we will see. The second one CVE-2014-4113...
View ArticleClik here to view.
(I) Malware Management takes care of variants like Backoff.C!tr.spy
We all knew variants of BackOff would occur and infections spreading to other retailers and PoS machines.By practicing the process of Malware Management you can keep up with variants of malware as they...
View ArticleClik here to view.
ProcDOT, a new way of visual malware analysis
There are plenty of tools for behavioral malware analysis. The defacto standard ones, though, are Sysinternals’s Process Monitor (also known as Procmon) and PCAP generating network sniffers like...
View ArticleClik here to view.
Exploitation modelling matters more than we think
Our own Krzysztof Kotowicz put together a pretty neat site called the Bughunter University. The first part of the site deals with some of the most common non-qualifying issues that are reported to our...
View ArticleClik here to view.
Thoughts on Absolute Computrace
Not too long ago my friend and colleague from Sweden, Jimmy, contacted me in regards to a strange issue. In the firewall, he saw tons of outgoing connections to a certain servermore...
View ArticleClik here to view.
The Darkhotel APT A Story of Unusual Hospitality
The Darkhotel APT is a threat actor possessing a seemingly inconsistent and con-tradictory set of characteristics, some advanced and some fairly rudimentary. In-hospitably operating for almost a...
View ArticleClik here to view.
The Uroburos case: new sophisticated RAT identified Agent.BTZ’s successor,...
In February 2014, the experts of the G DATA SecurityLabs published an analysis of Uroburos, the rootkit with Russian roots. We explained that a link exists between Uroburos and the Agent.BTZ malware,...
View ArticleClik here to view.
Financial attacks analysis: Tyupkin sample technical analysis and restore the...
Some time ago, Kaspersky discovered and reported a new type of malicious program Tyupkin , the malicious program for the bank's ATM machine to attack the financial services controls MSXFS.dl by...
View ArticleClik here to view.
Abusing Samsung KNOX to remotely install a malicious application: story of a...
We explain a vulnerability found when the Samsung Galaxy S5 was released and patched recently by Samsung. It allows a remote attacker to install an arbitrary application by using an unsecure update...
View Article