Zero-Day Drive-By Attacks: Accelerating & Expanding: A successful drive-by shooting requires planning, timing, effective weapons and a quick exit (or so I’m told by friends who play Grand Theft Auto). In the cybersphere, zero-day drive-by attacks succeed based on the same criteria, but unfortunately the fast escape is rarely required. Exploit packs are the core […]

Experts Predict Mass Attacks On Online Banking Users: Kaspersky Lab has recorded several thousand attempts to infect computers used for online banking with a malicious program that its creators claim can attack “any bank in any country”. The Neverquest Trojan banker supports almost every trick used to bypass online banking security systems, including web injection, […]

For Nearly Two Decades the Nuclear Launch Code at all Minuteman Silos in the United States Was 00000000: Those in the U.S. that had been fitted with the devices, such as ones in the Minuteman Silos, were installed under the close scrutiny of Robert McNamara, JFK’s Secretary of Defence. However, The Strategic Air Command greatly resented McNamara’s […]

Official Vodafone Iceland Breach Contents Report & Breakdown: Earlier today the official Vodafone Iceland was breached, left defaced and a heap of data leaked from its servers. This report breaks down the contents of each of the files which contains over 70,000 user personal details as well as a heap fo administrator details and Icelandic […]

Ruby and omniauth: Sometime they are back. In a world where modern programming languages take care about memory it’s uncommon to talk about buffer overflows. As described in the original post, a special crafted string when converted to its floating point representation, it can cause an heap based buffer overflow. Buffer overflows can cause the […]

New Linux worm targets routers, cameras, “Internet of things” devices: Researchers have discovered a Linux worm capable of infecting a wide range of home routers, set-top boxes, security cameras, and other consumer devices that are increasingly equipped with an Internet connection. Linux.Darlloz, as the worm has been dubbed, is now classified as a low-level threat, […]

Two Singaporeans nabbed for alleged Istana website hacking: Two Singaporean men, who allegedly hacked the Istana website on 8 November, were arrested on Thursday. Police said the suspects will be charged on Friday. The suspects are a 17-year-old ITE student and a 42-year-old IT consultant. Channel NewsAsia understands that the two got to know each […]

Volatility 2.3 and FireEye’s diskless, memory: If you needed more any more evidence as to why your DFIR practice should evolve to a heavy focus on memory analysis, let me offer you some real impetus. FireEye’s Operation Ephemeral Hydra: IE Zero-Day Linked to DeputyDog Uses Diskless Method, posted 10 NOV 2013 is specific to an […]

NSA ‘planned to discredit radicals over web-porn use’: The US authorities have studied online sexual activity and suggested exposing porn site visits as a way to discredit people who spread radical views, the Huffington Post news site has reported. It published a document, leaked by former National Security Agency contractor Edward Snowden, identifying two Muslims […]

The Evolution of Protected Processes Part 1: Pass: The Evolution of Protected Processes Part 1: Pass-the-Hash Mitigations in Windows 8.1 It was more than six years ago that I first posted on the concept of protected processes, making my opinion of this poorly thought-out DRM scheme clear in the title alone: “Why Protected Processes Are A […]