Clik here to view.
Leaked sources of malware and exploit toolkits
Leaked source codes for researchers to perform tests here.....http://www.malwaretech.com/p/sources.html
View ArticleClik here to view.
Yet another ransomware variant
The blog post of today is a bit different than usual, as you can read the full post on the Panda Security blog.In this post I'm simply adding some additional information and repeating the most...
View ArticleClik here to view.
Notorious Hacking Groups
Knowing your "enemies" is always a good exercise before developing every protection. Different attackers have different techniques and belong to different groups. Each group owns strict beliefs and...
View ArticleClik here to view.
Practically Exploiting MS15-014/MS15-011 (Microsoft Group Policy Engine) & Demo
If you’re reading this then you’ve probably seen all the media coverage over the last couple of days surrounding MS15-011 and MS15-014. These bulletins resolve issues in Microsoft’s group policy engine...
View ArticleClik here to view.
KRBTGT Account Password Reset Scripts now available for customers
One way to help mitigate the risk of a bad actor using a compromised krbtgt key to forge user tickets is by periodically resetting the krbtgt account password. Resetting this password on a regular...
View ArticleClik here to view.
How a simple box might end our need for antivirus software forever
I still remember the day my dad installed the first antivirus program I’d ever seen on my old Pentium II. Adorned in its signature colors of black and gold, I quickly came to learn all the ins and outs...
View ArticleClik here to view.
HumHub .htaccess file upload vulnerability and remote code execution
[+] HumHub .htaccess file upload vulnerability and remote code execution[+] Discovered by: Jos Wetzels[+] Vendor: HumHub[+] Product: HumHub[+] Versions affected: 0.10.0 and earlier.[+] Advisory URL:...
View ArticleClik here to view.
Nullsecuritynet Tools- security and hacking tools, exploits, proof of...
This section offers a selection of Nulls fully featured security and hacking tools. They also provide some exploits, proof of concept code, shellcodes and snippets. That means some tools are not tested...
View ArticleClik here to view.
Bypass GPO (Group Policy Object) path restrictions for Runas.exe
ClosePreviousNextfunction Invoke-RunAs {<#.DESCRIPTIONRunas knockoff. Will bypass GPO path restrictions..PARAMETER UserNameProvide a user.PARAMETER PasswordProvide a password.PARAMETER DomainProvide...
View ArticleClik here to view.
Bank Hackers Steal Millions via Malware
In late 2013, an A.T.M. in Kiev started dispensing cash at seemingly random times of day. No one had put in a card or touched a button. Cameras showed that the piles of money had been swept up by...
View ArticleClik here to view.
7170 Bitcoins ($1,727,409.6509 USD) Were Stolen, Claims BTER.com Exchange
When you try to connect to BTER.COM you get the following message below
View ArticleClik here to view.
MandingoSandbox
Steps required to properly install and run in your system the "Mandingo's Sandbox" for analyzing malware samples here...........https://code.google.com/p/mandingo/wiki/MandingoSandbox
View ArticleClik here to view.
How is apicrypt working
Apicrypt is a cryptography solution that allows health professionals in France to exchange sensitive medical information by email. The official website of apicrypt claims that it uses a one-time pad...
View ArticleClik here to view.
SQL Permissions Tool
SqlPermissions is a tool used to calculate the precise minimal permissions necessary for an application using a database. It works in an online fashion by monitoring active connections, or offline by...
View ArticleClik here to view.
Pawn Storm Malware Fact Check Due to Inaccuricies
Fortinet recently published a blog entry analyzing the Pawn Storm malware for iOS. There were some significant inaccuracies, however, and since Fortinet seems to be censoring website comments, I...
View ArticleClik here to view.
PowerShell: Better phishing for all!
A year ago i was watching a presentation by Dave Kennedy (ReL1k) and Josh Kelly called: “PowerShell…omfg” the presentation shows multiple techniques that are very very useful during a pentest. After...
View ArticleClik here to view.
Technical Report on the activities of criminal groups engaged in targeted...
In the second half of 2014, we have repeatedly mentioned the targeted attacks on major financial institutions as a new level of fraud. Because now the money is not being kidnapped in "small legal...
View ArticleClik here to view.
Paper a Must Read: OPERATION ARID VIPER -reveals the campaign’s technical...
Trend Micro researchers discovered an ongoing malware campaign that targets Israeli victims and leverages network infrastructure in Germany. The campaign has strong attribution ties to Arab parties...
View ArticleClik here to view.
Downloaders and Decoys
Recently, we have been receiving samples that use “decoys” to imitate what is to be expected from running a normal file. In this blog post, we will analyze one such sample that Fortinet detects as...
View ArticleClik here to view.
Life in a post-database world: using crypto to avoid DB writes
Possibly one of the biggest hurdles that stands in the way of fostering innovation and discovering newer and better techniques of doing old things is the ease with which developers and designers today...
View Article