Clik here to view.
Overview of handheld malware for 2014
Russian anti-virus company Doctor Web presents its 2014 overview of malware for handheld devices. The last year proved to be rather turbulent and rich in terms of information security events. We...
View ArticleClik here to view.
Automating DFIR (Digital Forensic Incident Response) - How to series on...
This is part 5 of a planned 24 part series. If you haven't read the prior parts I would highly recommend you do to understand how we got to this point!Part 1 - Accessing an image and printing the...
View ArticleClik here to view.
TaiG Jailbreak Tool for iOS 8.2 beta 1 & 2 on Windows just released
The TaiG Jailbreak Tool for iOS 8.2 beta can be foundhere......http://taig.com/en/
View ArticleClik here to view.
Security Advisory – WP-Slimstat 3.9.5 and lower
WP-Slimstat’s users should update as soon as possible! During a routine audit for our WAF, we discovered a security bug that an attacker could, by breaking the plugin’s weak “secret” key, use to...
View ArticleClik here to view.
Gemalto presents the findings of its investigations into the alleged hacking...
Following the release of a report by a news website on February 19, 2015, Gemalto (Euronext NL0000400653 GTO), has conducted a thorough investigation, based in particular on two elements: the purported...
View ArticleClik here to view.
Clean.navy, DOD cleaning contractor’s website dirty, serves malware
On February 23 Cyphort Labs discovered that the website clean.navy is serving malware. Clean.navy is also used in a malvertising campaign via ad network adgoto.com. We have reported previously on a...
View ArticleClik here to view.
Copy.com Used to Distribute Crypto Ransomware
hanks to Marco for sending us a sample of yet another piece of crypto-ransom malware. The file was retrieved after visiting a compromised site (www.my- sda24.com) . Interestingly, the malware itself...
View ArticleClik here to view.
Bypassing Windows Lock Screen via Flash Screensaver
We have recently discovered an easy method to bypass the Windows Lock screen when a flash screensaver is running.The method allows an attacker to gain unauthorized access to a user’s Windows session if...
View ArticleClik here to view.
Windows/Phone 8.1 Debugging: Getting a Crash Dump File From a Device
Imagine you’re testing out a Windows/Phone app on a device where it’s crashing but you can’t easily debug it. Perhaps it’s not your device.Now, on the one hand, the Store can help with this ( as per...
View ArticleClik here to view.
In-Memory ShellCode Detection Using a Patterns-Based Methodology
During an analysis, it can be really useful to know some common instructions with which malware, and more specifically shellcodes, achieve their goals. As we can imagine, these sets of common...
View ArticleClik here to view.
JetLeak Vulnerability: Remote Leakage Of Shared Buffers In Jetty Web Server...
GDS discovered a critical information leakage vulnerability in the Jetty web server that allows an unauthenticated remote attacker to read arbitrary data from previous requests submitted to the server...
View ArticleClik here to view.
Scanning Internet-exposed Modbus devices for fun & fun
A scan I have run against the whole IPv4 address space, looking for Internet-exposed Modbus services.more...
View ArticleClik here to view.
x86obf source code
After releasing the x86obf tool for free I received quite a few requestsfor the source code. It was planned for the future, but I've decided torelease it sooner.The source code has been slightly...
View ArticleClik here to view.
[Onapsis Security Advisory 2015-001] Multiple Reflected Cross Site Scripting...
Onapsis Security AdvisoryONAPSIS-2015-001: Multiple Reflected Cross SiteScripting Vulnerabilities in SAP HANA Web-based Development Workbench1. Impact on Business=====================By exploiting this...
View ArticleClik here to view.
[Onapsis Security Advisory 2015-002] SAP Business Objects Unauthorized File...
Onapsis Security Advisory ONAPSIS-2015-002: SAP Business ObjectsUnauthorized File Repository Server Read via CORBA1. Impact on Business=====================By exploiting this vulnerability a remote...
View ArticleClik here to view.
FLASH, CVE-2015-0313 PoC
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows remote attackers to execute...
View ArticleClik here to view.
[Onapsis Security Advisory 2015-003] SAP Business Objects Unauthorized File...
Onapsis Security AdvisoryONAPSIS-2015-003: SAP Business ObjectsUnauthorized File Repository Server Write via CORBA1. Impact on Business=====================By exploiting this vulnerability a remote...
View ArticleClik here to view.
[Onapsis Security Advisory 2015-005] SAP Business Objects Unauthorized Audit...
Onapsis Security AdvisoryONAPSIS-2015-005: SAP Business ObjectsUnauthorized Audit Information Access via CORBA1. Impact on Business=====================By exploiting this vulnerability a remote...
View ArticleClik here to view.
[Onapsis Security Advisory 2015-004] SAP Business Objects Unauthorized Audit...
Onapsis Security Advisory ONAPSIS-2015-004: SAP Business ObjectsUnauthorized Audit Information Delete via CORBA1. Impact on Business=====================By exploiting this vulnerability a remote...
View ArticleClik here to view.
Revisiting Defcon CTF Shitsco Use-After-Free Vulnerability - Remote Code...
Defcon Quals 2014 Shitsco was an interesting challenge. There were two vulnerability in the binary - strcmp information leak and an use-after-free. Challenge could be solved either of these, but...
View Article