Clik here to view.
Sednit Espionage Group Attacking Air-Gapped Networks
The Sednit espionage group, also known as the Sofacy group, APT28 or “Fancy Bear”, has been targeting various institutions for many years. We recently discovered a component the group employed to reach...
View ArticleClik here to view.
Paper: A First Step Towards Automated Detection of Buffer Overrun...
We describe a new technique for finding potential buffer overrun vulnerabilities in security-critical C code. The key to success is to use static analysis: we formulate detection of buffer overruns as...
View ArticleClik here to view.
PoC - Detect a format string vulnerability without pattern matching
In this PoC, we can see that it's possible to detect some format string bugs withoutpattern matching (e.g: looking for %s or something like that). We only focus on theanalysis and look if the va_arg...
View ArticleClik here to view.
Trojan SMS Found on Google Play
I’m not quite sure how this one slipped under Google Play’s radar, but a SMS Trojan app with the package name com.FREE_APPS_435.android claims to be a download for wallpapers, videos, and music is...
View ArticleClik here to view.
Solution to some of "The Windows kernel" exercises from Practical Reverse...
Recently I spent some time improving my knowledge of the Windows kernel and I gave a go at some of the exercises from the "Practical Reverse Engineering" book. I wanted to share the solutions to the...
View ArticleClik here to view.
How I do my hunting – Part 1 IDS: the most valuable honeypot you can POSSIBLY...
Recently I’ve had a lot of new followers and have been making a lot of awesome friends in the infosec community. All of them ask me the same thing regarding my twitter feed and all the malware...
View ArticleClik here to view.
New DNS Amplification Attacks Use Text from White House Press Release
Cybercriminals have started a new trend for conducting distributed denial-of-service (DDoS) attacks and rely on a type of DNS (Domain Name System) amplification that leverages text records for making...
View ArticleClik here to view.
Potentially catastrophic bug bites all versions of Windows. Patch now
Bug allowing execution of malicious code resides in TLS stack.more here.........http://arstechnica.com/security/2014/11/potentially-catastrophic-bug-bites-all-versions-of-windows-patch-now/
View ArticleClik here to view.
Simple Rootkit
A simple attack via kernel module, with highly detailed comments.Here we'll compile a kernel module which intercepts every "read" system call, searches for a string and replaces it if it looks like the...
View ArticleClik here to view.
Bypassing Microsoft’s Patch for the Sandworm Zero Day: a Detailed Look at the...
On October 21, we warned the public that a new exploitation method could bypass Microsoft’s official patch (MS14-060, KB3000869) for the infamous Sandworm zero-day vulnerability. As Microsoft has...
View ArticleClik here to view.
Imaging drives protected with Apple FileVault2 encryption
Apple FileVault 2 facilitates full disk encryption and requires OS X Lion or later and OS X Recovery installed on the start up drive. It is easy to detect.more...
View ArticleClik here to view.
CREAM: the scary SSL attack you’ve probably never heard of
2014 was a year packed full of the discovery of new SSL† attacks.more here......http://tonyarcieri.com/cream-the-scary-ssl-attack-youve-probably-never-heard-of
View ArticleClik here to view.
Exchange-traded fund "HACK" seeks to tap into cyber security market
A new exchange-traded fund that invests in the cyber security industry could offer investors a silver lining to all of the data breaches that have hit U.S. companies over the past year.more...
View ArticleClik here to view.
Lantronix xPrintServer Code execution and CSRF vulnerability
Hi,The Lantronix xPrintServer is a small Linux powered print server for iOS. Main configuration happens through a web interface.The problem is that the configuration happens through some ‘RPC’...
View ArticleClik here to view.
Piwigo
=============================================MGC ALERT 2014-001- Original release date: January 12, 2014- Last revised: November 12, 2014- Discovered by: Manuel García Cárdenas- Severity: 7,1/10 (CVSS...
View ArticleClik here to view.
PayPal Inc Bug Bounty #88 - Filter Bypass & Arbitrary Code Execution...
Document Title:===============PayPal Inc Bug Bounty- Filter Bypass & Arbitrary Code Execution VulnerabilityReferences...
View ArticleClik here to view.
Missing SSL certificate validation in MercadoLibre app for Android...
Fundación Dr. Manuel Sadosky - Programa STIC Advisory www.fundacionsadosky.org.arMissing SSL certificate validation in MercadoLibre app for Android1. *Advisory Information*Title:...
View ArticleClik here to view.
Only Half of USB Devices Have an Unpatchable Flaw, But No One Knows Which Half
First, the good news: that unpatchable security flaw in USB devices first brought to light over the summer affects only about half of the things you plug into your USB port. The bad news is it’s nearly...
View ArticleClik here to view.
The pitfalls of using ssh-agent, or how to use an agent safely
In a previous article we talked about how to use ssh keys and an ssh agent.Unfortunately for you, we promised a follow up to talk about the security implications of using such an agent. So, here we...
View ArticleClik here to view.
Taming a Wild Nanomite-protected MIPS Binary With Symbolic Execution: No Such...
As last year, the French conference No Such Con returns for its second edition in Paris from the 19th of November until the 21th of November. And again, the brilliant Eloi Vanderbeken & his mates...
View Article