Clik here to view.
Exploiting the DRAM rowhammer bug to gain kernel privileges, mitigations &...
“Rowhammer” is a problem with some recent DRAM devices in which repeatedly accessing a row of memory can cause bit flips in adjacent rows. We tested a selection of laptops and found that a subset of...
View ArticleClik here to view.
PowerShell-AD-Recon by PyroTek3
Found a couple of fun PowerShell enumeration scriptsmore here.........http://carnal0wnage.attackresearch.com/2015/03/powershell-ad-recon-by-pyrotek3.html
View ArticleClik here to view.
Kali Linux on a Raspberry Pi (A/B+/2) with LUKS Disk
With the advent of smaller, faster ARM hardware such as the new Raspberry Pi 2 (which now has a Kali image built for it), we’ve been seeing more and more use of these small devices as “throw-away...
View ArticleClik here to view.
Paper: Glider: A GPU Library Driver for Improved System Security
Legacy device drivers implement both device resource managementand isolation. This results in a large code base witha wide high-level interface making the driver vulnerable tosecurity attacks. This is...
View ArticleClik here to view.
How to keep your connected home safe: 7 steps you can take to boost home...
The Internet of Things is based on sensors and controls in all sorts of devices. When those types of devices are used to create a smart home, they can give residents unprecedented control and insight....
View ArticleClik here to view.
Instant v2.0 CMS SQL Injection Vulnerability
==========================================================================================Instant v2.0 SQL Injection...
View ArticleClik here to view.
ELF Gafgyt Trojan server source code leak
Gafgyt server source code leaked reference link here......http://pastebin.com/vdWW47ukand sample...
View ArticleClik here to view.
Bootkit Disk Forensics - Part 3
XP is a little more complicated than newer systems due to the use of a single driver for both port and miniport; however, getting the original pointers is fairly straight forward depending on how you...
View ArticleClik here to view.
Security Advisory: MainWP-Child WordPress Plugin
During a routine audit of our Website Firewall (WAF), we found a critical vulnerability affecting the popular MainWP Child WordPress plugin. According to worpdress.org, it is installed on more than...
View ArticleClik here to view.
Multiple Vulnerabilities in MailEnable
\ \ \_ ___ \\_ ___ \ / _____/______ ____ __ ________ / | \/ \ \// \ \/ / \ __\_ __ \/ _ \| | \____ \ / | \ \___\ \____ \ \_\ \ | \( <_> ) | / |_> > \____|__ /\______ /\______ / \______ /__|...
View ArticleClik here to view.
THE CIA CAMPAIGN TO STEAL APPLE’S SECRETS
RESEARCHERS WORKING with the Central Intelligence Agency have conducted a multi-year, sustained effort to break the security of Apple’s iPhones and iPads, according to top-secret documents obtained by...
View ArticleClik here to view.
A Triple-A Approach to Telephone Security
With technology, we are constantly looking to improve security. We moved from HTTP to HTTPS to help secure online transactions and mitigate man-in-the-middle attacks. With DNS, we have started to...
View ArticleClik here to view.
Malware Database
Warning: The site contains live malware. Use at your own risk here.........http://oc.gtisc.gatech.edu:8080/and also another malware analysis engine and repository here....https://avcaesar.malware.lu/
View ArticleClik here to view.
peCloak.py – An Experiment in AV Evasion
I just wrapped up the Offensive Security Cracking The Perimeter (CTP) course and one of the topics was AV evasion. Although I write a lot of custom scripts and tools, when it comes to AV evasion, I...
View ArticleClik here to view.
Revisiting Xen’s x86 Emulation: Xen XSA 123
In my last blog post, I gave an overview about recent vulnerabilities discovered in the x86 emulation layer of Xen. While both of the discussed vulnerabilities only allow for guest privilege...
View ArticleClik here to view.
Noriben Beta for Version 1.6 - Portable, Simple, Malware Analysis Sandbox
Noriben is a Python-based script that works in conjunction with Sysinternals Procmon to automatically collect, analyze, and report on runtime indicators of malware. In a nutshell, it allows you to run...
View ArticleClik here to view.
MySQL 5.7.6 is out with security and safety
Today Oracle released MySQL 5.7.6 milestone 16. With this, MySQL 5.7 has been in development for over 2 years.Compared to MySQL 5.6, the changes are quite extensive. The main effort of the team has...
View ArticleClik here to view.
Wikimedia v. NSA: Wikimedia Foundation files suit against NSA to challenge...
Today, the Wikimedia Foundation is filing suit against the National Security Agency (NSA) and the Department of Justice (DOJ) of the United States [1]. The lawsuit challenges the NSA’s mass...
View ArticleClik here to view.
Hack a Car Part 1 and 2
A complete guide to hacking your vehicle bus on the cheap & easy hardware interfacepart 1 here....https://0xicf.wordpress.com/2015/03/04/hack-a-car-part-one/part 2...
View ArticleClik here to view.
HBO NOW DNSSEC Misconfiguration Makes Site Unavailable From Comcast Networks...
Wow! Talking about insanely bad timing… yesterday at Apple’s big event, HBO announced “HBO NOW”, a new streaming service available for only $15/month that will give you access to all HBO’s content....
View Article