TICSA turns one
11 May 2015 marks one year since the network security provisions of the Telecommunications (Interception Capability and Security) Act 2013 came into effect.
Aggregator
Windows Kernel Exploitation Humla by Ashfaq Ansari
9 years 11 months ago
This write-up summarizes a workshop/humla conducted by Ashfaq Ansari on the basics of various kinds of attacks available for exploiting the Windows Kernel as of this date. It describes and demonstrates some of the very common techniques to illustrate the impacts of bypassing Kernel security and how the same could be achieved by exploiting specific flaws in kernel mode components. A knowledge of basic buffer overflow exploits through user mode applications is a plus when understanding kernel exploitation and memory issues.
VBKlip Banking Trojan Goes Man-in-the-Browser
9 years 11 months ago
VBKlip has evolved significantly from searching for IBAN data in copy-paste functionality to MITB techniques.
Dyre In-Depth: Server-Side Webinjects, I2P Evasion, and Sophisticated Encryption
10 years ago
Dyre is one of the most sophisticated banking malware agents in the wild.
Kiosk/POS Breakout Keys in Windows
10 years ago
<p>There is an old axiom that goes something like “If an enemy has physical access to your box, it is no longer your box”. With enough time, and baring well-implemented cryptography, someone will get to the data on the…</p>
TrustedSec
British Airways Frequent Flyers Report Stolen Air Miles
10 years ago
Frequent flyers, beware. Tens of thousands of accounts may have been compromised due to an automated attack against British Airways,...
The post British Airways Frequent Flyers Report Stolen Air Miles appeared first on McAfee Blog.
McAfee
Google Brings Safe Browsing to the Masses With Its Safe Browsing API
10 years ago
The best way to protect yourself from the malicious programs (often called malware) hidden across the Internet, is to have...
The post Google Brings Safe Browsing to the Masses With Its Safe Browsing API appeared first on McAfee Blog.
McAfee
‘Banking’ Malware Dridex Arrives via Phishing Email
10 years ago
Microsoft Office scripting malware has become more and more common and aggressive lately as malware authors constantly develop new techniques...
The post ‘Banking’ Malware Dridex Arrives via Phishing Email appeared first on McAfee Blog.
Jorge Arias
7 tasks that waste your IT team’s time
10 years 1 month ago
IT teams' time is always limited, and it doesn't help when other things get in the way. Here's seven things that waste your IT team's time.
在非越狱设备上使用 LLDB 调试第三方 App
10 years 1 month ago
详细说明了如何在非越狱设备上使用 LLDB 调试第三方 App。
Proteas
Will Windows 10 leave enterprises vulnerable to zero-days?
10 years 1 month ago
One thing Microsoft has been very public about is Windows 10's new strategy of releasing patches to update the operating system at different times for consumer and enterprise versions.
Hackers phish for data with fake Apple Watch giveaway
10 years 1 month ago
Apple fans keen to get their hands on the Apple Watch are advised to think before they click, after hackers exploited a wave of enthusiasm around the launch with a phishing scam linked to a fake giveaway.
Office 365 Ascent Is Security Opportunity
10 years 1 month ago
Microsoft is on a roll with its cloud strategy. In the past two quarters, the software giant has posted triple-digit...
The post Office 365 Ascent Is Security Opportunity appeared first on McAfee Blog.
McAfee
Operating System Vulnerabilities, Exploits and Insecurity
10 years 1 month ago
iOS and OS X the most vulnerable operating systems? Don't confuse vulnerabilities with exploits, or patch frequency with insecurity.
CryptoFortress mimics TorrentLocker but is a different ransomware
10 years 1 month ago
ESET assess the differences between CryptoFortress and TorrentLocker: two very different strains of ransomware.
Ask and you shall receive
10 years 1 month ago
Mila
FBI investigating apparent ISIS attacks on Western websites
10 years 1 month ago
A number of seemingly unconnected Western websites were hacked over the weekend, with messages claiming Islamic State as the perpetrator.
DDoS attack on feminist blog backfires on International Women's Day
10 years 1 month ago
An attempt to silence feminism blog Femsplain backfires on DDoS attackers, as they only help to raise its profile.
Lysa Myers: "There are still only a handful of women in the security field"
10 years 1 month ago
There are many female researchers and computer experts who contribute to the field, helping everyone enjoy safer technology. We spoke to one of the most prominent: Lysa Myers, a member of our research team in the US.
Casper Malware: After Babar and Bunny, Another Espionage Cartoon
10 years 1 month ago
In this post, we lift the veil on Casper - another piece of software that we believe to have been created by the same organization that is behind Babar and Bunny.