-
December 3, 2013
Zero-Day Drive-By Attacks: Accelerating & Expanding
Zero-Day Drive-By Attacks: Accelerating & Expanding: A successful drive-by shooting requires planning, timing, effective weapons and a quick exit (or so I’m told by friends who play Grand Theft Auto). In the cybersphere, zero-day drive-by attacks succeed based on the same criteria, but unfortunately the fast escape is rarely required. Exploit packs are the core […]
-
December 3, 2013
Experts Predict Mass Attacks On Online Banking Users
Experts Predict Mass Attacks On Online Banking Users: Kaspersky Lab has recorded several thousand attempts to infect computers used for online banking with a malicious program that its creators claim can attack “any bank in any country”. The Neverquest Trojan banker supports almost every trick used to bypass online banking security systems, including web injection, […]
-
December 2, 2013
For Nearly Two Decades the Nuclear Launch Code at all Minuteman Silos in the United States Was 00000000
For Nearly Two Decades the Nuclear Launch Code at all Minuteman Silos in the United States Was 00000000: Those in the U.S. that had been fitted with the devices, such as ones in the Minuteman Silos, were installed under the close scrutiny of Robert McNamara, JFK’s Secretary of Defence. However, The Strategic Air Command greatly resented McNamara’s […]
-
December 1, 2013
Official Vodafone Iceland Breach Contents Report & Breakdown
Official Vodafone Iceland Breach Contents Report & Breakdown: Earlier today the official Vodafone Iceland was breached, left defaced and a heap of data leaked from its servers. This report breaks down the contents of each of the files which contains over 70,000 user personal details as well as a heap fo administrator details and Icelandic […]
-
November 30, 2013
Ruby and omniauth
Ruby and omniauth: Sometime they are back. In a world where modern programming languages take care about memory it’s uncommon to talk about buffer overflows. As described in the original post, a special crafted string when converted to its floating point representation, it can cause an heap based buffer overflow. Buffer overflows can cause the […]
-
November 30, 2013
New Linux worm targets routers, cameras, “Internet of things” devices
New Linux worm targets routers, cameras, “Internet of things” devices: Researchers have discovered a Linux worm capable of infecting a wide range of home routers, set-top boxes, security cameras, and other consumer devices that are increasingly equipped with an Internet connection. Linux.Darlloz, as the worm has been dubbed, is now classified as a low-level threat, […]
-
November 30, 2013
Two Singaporeans nabbed for alleged Istana website hacking
Two Singaporeans nabbed for alleged Istana website hacking: Two Singaporean men, who allegedly hacked the Istana website on 8 November, were arrested on Thursday. Police said the suspects will be charged on Friday. The suspects are a 17-year-old ITE student and a 42-year-old IT consultant. Channel NewsAsia understands that the two got to know each […]
-
November 30, 2013
Volatility 2.3 and FireEye’s diskless, memory
Volatility 2.3 and FireEye’s diskless, memory: If you needed more any more evidence as to why your DFIR practice should evolve to a heavy focus on memory analysis, let me offer you some real impetus. FireEye’s Operation Ephemeral Hydra: IE Zero-Day Linked to DeputyDog Uses Diskless Method, posted 10 NOV 2013 is specific to an […]
-
November 30, 2013
NSA ‘planned to discredit radicals over web-porn use’
NSA ‘planned to discredit radicals over web-porn use’: The US authorities have studied online sexual activity and suggested exposing porn site visits as a way to discredit people who spread radical views, the Huffington Post news site has reported. It published a document, leaked by former National Security Agency contractor Edward Snowden, identifying two Muslims […]
-
November 30, 2013
The Evolution of Protected Processes Part 1: Pass
The Evolution of Protected Processes Part 1: Pass: The Evolution of Protected Processes Part 1: Pass-the-Hash Mitigations in Windows 8.1 It was more than six years ago that I first posted on the concept of protected processes, making my opinion of this poorly thought-out DRM scheme clear in the title alone: “Why Protected Processes Are A […]