When it comes to intrusion analysis and forensics - r00tgrok
Something about intrusion analysis and forensics, a beginning...
Aggregator
VENOM漏洞分析与利用
10 years 3 months ago
Terenceli
Slave Malware Analysis: Evolving From IBAN Swaps to Persistent Webinjects
10 years 3 months ago
Slave is financial malware written in Visual Basic. Since 2015 it has evolved from relatively simple IBAN swapping.
Slave Malware Analysis: Evolving From IBAN Swaps to Persistent Webinjects
10 years 3 months ago
Slave is financial malware written in Visual Basic. Since 2015 it has evolved from relatively simple IBAN swapping.
iOS 内核堆利用技术点之 mach_msg ool
10 years 4 months ago
说明
在内核堆利用中,mach_msg 主要用来填充内核堆、读内核堆。这个技术点无法单独使用,需要配合内核堆信息泄露、堆整理技术(比如:堆风水),即:首先要使堆可控。
关于 mach_msg ool
详细的信息大家可以参考《Mac OS X and iOS Internals: to Apple’s Core》的第十章、《Mac OS X Internals:A Systems
Proteas
An Overview of Exploit Packs (Update 25) May 2015
10 years 5 months ago
Mila
TICSA turns one
10 years 5 months ago
11 May 2015 marks one year since the network security provisions of the Telecommunications (Interception Capability and Security) Act 2013 came into effect.
Windows Kernel Exploitation Humla by Ashfaq Ansari
10 years 5 months ago
This write-up summarizes a workshop/humla conducted by Ashfaq Ansari on the basics of various kinds of attacks available for exploiting the Windows Kernel as of this date. It describes and demonstrates some of the very common techniques to illustrate the impacts of bypassing Kernel security and how the same could be achieved by exploiting specific flaws in kernel mode components. A knowledge of basic buffer overflow exploits through user mode applications is a plus when understanding kernel exploitation and memory issues.
VBKlip Banking Trojan Goes Man-in-the-Browser
10 years 5 months ago
VBKlip has evolved significantly from searching for IBAN data in copy-paste functionality to MITB techniques.
VBKlip Banking Trojan Goes Man-in-the-Browser
10 years 5 months ago
VBKlip has evolved significantly from searching for IBAN data in copy-paste functionality to MITB techniques.
Dyre In-Depth: Server-Side Webinjects, I2P Evasion, and Sophisticated Encryption
10 years 6 months ago
Dyre is one of the most sophisticated banking malware agents in the wild.
Dyre In-Depth: Server-Side Webinjects, I2P Evasion, and Sophisticated Encryption
10 years 6 months ago
Dyre is one of the most sophisticated banking malware agents in the wild.
Kiosk/POS Breakout Keys in Windows
10 years 6 months ago
<p>There is an old axiom that goes something like “If an enemy has physical access to your box, it is no longer your box”. With enough time, and baring well-implemented cryptography, someone will get to the data on the…</p>
TrustedSec
British Airways Frequent Flyers Report Stolen Air Miles
10 years 6 months ago
Frequent flyers, beware. Tens of thousands of accounts may have been compromised due to an automated attack against British Airways,...
The post British Airways Frequent Flyers Report Stolen Air Miles appeared first on McAfee Blog.
McAfee
Google Brings Safe Browsing to the Masses With Its Safe Browsing API
10 years 6 months ago
The best way to protect yourself from the malicious programs (often called malware) hidden across the Internet, is to have...
The post Google Brings Safe Browsing to the Masses With Its Safe Browsing API appeared first on McAfee Blog.
McAfee
‘Banking’ Malware Dridex Arrives via Phishing Email
10 years 6 months ago
Microsoft Office scripting malware has become more and more common and aggressive lately as malware authors constantly develop new techniques...
The post ‘Banking’ Malware Dridex Arrives via Phishing Email appeared first on McAfee Blog.
Jorge Arias
7 tasks that waste your IT team’s time
10 years 6 months ago
IT teams' time is always limited, and it doesn't help when other things get in the way. Here's seven things that waste your IT team's time.
在非越狱设备上使用 LLDB 调试第三方 App
10 years 6 months ago
详细说明了如何在非越狱设备上使用 LLDB 调试第三方 App。
Proteas
Will Windows 10 leave enterprises vulnerable to zero-days?
10 years 7 months ago
One thing Microsoft has been very public about is Windows 10's new strategy of releasing patches to update the operating system at different times for consumer and enterprise versions.
Hackers phish for data with fake Apple Watch giveaway
10 years 7 months ago
Apple fans keen to get their hands on the Apple Watch are advised to think before they click, after hackers exploited a wave of enthusiasm around the launch with a phishing scam linked to a fake giveaway.