OS MAX:Flashback
One year ago, Apple released a software update to combat Mac malware called Flashback.And the question has been: who wrote the Flashback OS X worm?Today, investigative security blogger extraordinaire...
View ArticleTelenor Spam Malware
Sample: {SYMBOL[8].zip (md5: bc450573851d538b64362bae613d48e4) 86589046.JPG.exe (md5: c2e02e48e8205b8448680ebf28dcd4fb)Static AnalysisNot so recently I got a rather fun email from a local mobile...
View ArticleBeyond the Zero Day: Reverse Engineering Malicious Class Files
In part 1 of this blog, “Beyond the Zero Day” we focused on detecting malicious JVM [Java Virtual Machine] activity and identifying the ‘blob’ that was downloaded. No subsequent network activity was...
View ArticleSQL Injection Vulnerability in Symphony
Advisory ID: HTB23148Product: SymphonyVendor: http://getsymphony.com/Vulnerable Version(s): 2.3.1 and probably priorTested Version: 2.3.1Vendor Notification: March 13, 2013 Vendor Patch: March 24, 2013...
View ArticleThreat Outbreak Alert: Fake Xerox Scan Attachment E-mail Messages
DescriptionCisco Security Intelligence Operations has detected significant activity related to spam e-mail messages that claim to contain a scanned document from a Xerox WorkCentre device. The text in...
View ArticleownCloud Security Advisories (2013-011, 2013-012)
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1To avoid confusion: The download links are pointing to 5.0.3 since it wasjust released one day after 5.0.1 (and 5.0.2) because of two nasty upgradebugs.This...
View ArticleReflected Cross-Site-Scripting (XSS) vulnerability in e107 CMS v1.0.2
TC-SA-2013-01: Reflected Cross-Site-Scripting (XSS) vulnerability in e107 CMS v1.0.2Published: 2013/04/03Version 1.0Affected Products: e107 version 1.0.2 (others not...
View ArticlePHP Code Injection in FUDforum
Advisory ID: HTB23146Product: FUDforumVendor: FUDforumVulnerable Version(s): 3.0.4 and probably priorTested Version: 3.0.4Vendor Notification: February 21, 2013 Vendor Patch: March 11, 2013 Public...
View ArticleNovell GroupWise Multiple Remote Code Execution Vulnerabilities
Advisory ID: HTB23131Product: Novell GroupWiseVendor: Novell Inc.Vulnerable Version(s): 12.0.0.8586 and probably priorTested Version: 12.0.0.8586 on Windows 7 SP1 and Internet Explorer 9.0Vendor...
View ArticleUS-CERT Current Activity - Mozilla Releases Multiple Updates
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1National Cyber Awareness SystemMozilla Releases Multiple UpdatesOriginal release date: April 03, 2013The Mozilla Foundation has released updates to address...
View ArticleMicrosoft Security Bulletin Revisions
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256********************************************************************Title: Microsoft Security Bulletin Minor RevisionsIssued: April 3,...
View Article[Drupal] SA-CONTRIB-2013-040 - Commerce Skrill (Formerly Moneybookers) -...
View online: http://drupal.org/node/1960338 * Advisory ID: DRUPAL-SA-CONTRIB-2013-040 * Project: Commerce Skrill (Formerly Moneybookers) [1] (third-party module) * Version: 7.x * Date: 2013-April-03 *...
View Article[Drupal] SA-CONTRIB-2013-041 - Chaos tool suite (ctools) - Access bypass
View online: http://drupal.org/node/1960406 * Advisory ID: DRUPAL-SA-CONTRIB-2013-041 * Project: Chaos tool suite (ctools) [1] (third-party module) * Version: 7.x * Date: 2013-April-03 * Security risk:...
View Article[SECURITY] [DSA 2654-1] libxslt security update
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1- -------------------------------------------------------------------------Debian Security Advisory DSA-2654-1...
View ArticleAdobe Flash Player (BSOD) DoS Vulnerability
I want to warn you about Denial of Service vulnerability (BSOD) in AdobeFlash Player. I've found this vulnerability on 27.01.2013.-------------------------Affected...
View ArticleMetasploit: Netgear DGN1000B setup.cgi Remote Command Execution
### This file is part of the Metasploit Framework and may be subject to# redistribution and commercial restrictions. Please see the Metasploit# web site for more information on licensing and terms of...
View ArticleBlink: A rendering engine for the Chromium project
WebKit is a lightweight yet powerful rendering engine that emerged out of KHTML in 2001. Its flexibility, performance and thoughtful design made it the obvious choice for Chromium's rendering engine...
View ArticleSmallFTPd 1.0.3 DoS
#NoTrayIcon#Region ;**** Directives created by AutoIt3Wrapper_GUI ****#AutoIt3Wrapper_Outfile=aas.exe#AutoIt3Wrapper_UseUpx=n#AutoIt3Wrapper_Change2CUI=y#EndRegion ;**** Directives created by...
View ArticleAdded support to crack Samsung Android Password / PIN to oclHashcat-plus
root@sf:~/oclHashcat# ./oclHashcat-plus64.bin -a 3 -n 80 -u 1024 -m 5800 d9eb7ebe302078be9b933ccf4130b902022cf4ae:0003826477152564 ?d?d?d?d?d?d?d?doclHashcat-plus v0.15 by atom starting...Hashes: 1...
View Article5 ways to implement HTTPS in an insufficient manner (and leak sensitive data)
HTTPS or SSL or TLS or whatever you want to call it can be a confusing beast. Some say it’s just about protecting your password and banking info whilst the packets are flying around the web but I’ve...
View Article