malware 썸네일형 리스트형 Fast analysis of a Tax Scam It’s tax time and I’m starting to see a lot of Phish/SPAM about this subject. Below is popular one the last couple of days. =================TAХ RЕTURN FOR ТНE YEАR 2014RЕCАLCULАTION ОF YOUR ТАХ RЕFUNDHМRС 2013-2014LOСАL OFFIСE No. 2669ТАX СREDIТ ОFFICЕR: Jimmie BеntonTАХ REFUND ID NUМВER: 2440409REFUND AМOUNТ: 2709.81 USDDеar USER,The соntents оf this emаil and аnу attachmеnts arе соnfidentiаl .. 더보기 Vulnerability Research and Disclosure: Evolving To Meet Targeted Attacks Recently, both HP’s Zero Day Initiative (ZDI) and Google’s Project Zero published vulnerabilities in Microsoft products (specifically, Internet Explorer and Windows 8.1) because Redmond did not fix them within 90 days of the vulnerabilities being reported.This has resulted in an argument between security researchers and software vendors on how vulnerabilities should be disclosed. A case where a .. 더보기 Signed PoS Malware Used In Pre-Holiday Attacks, Linked to Targeted Attacks Last year, we detected some new PoS malware just before the holiday season. At that time, we omitted mentioning one fact – that the file was digitally signed with a valid certificate. Our research shows that these attacks targeting PoS malware are growing in sophistication, with code signing and improved encryption becoming more commonplace. We were also able to connect this PoS malware to the g.. 더보기 Banking Malware VAWTRAK Now Uses Malicious Macros, Abuses Windows PowerShell Last year we saw how the Windows PowerShell® command shell was involved in spreading ROVNIX via malicious macro downloaders. Though the attack seen in November did not directly abuse the PowerShell feature, we’re now seeing the banking malware VAWTRAK abuse this Windows feature, while also employing malicious macros in Microsoft Word.The banking malware VAWTRAK is involved with stealing online b.. 더보기 PowerShell: Better phishing for all! A year ago i was watching a presentation by Dave Kennedy (ReL1k) and Josh Kelly called:“PowerShell…omfg” the presentation shows multiple techniques that are very very useful during a pentest. After viewing the video I realized i could make a small addition to a phishing attack I use the pretext is simple: I e-mail a client an office document containing very important data they should NOT have re.. 더보기 The first .gov domains hardcoded into your browser as all-HTTPS by Eric MillEvery .gov website, no matter how small, should give its visitors a secure, private connection. Plain HTTP (http://) connections are neither secure nor private, and can be easily intercepted and impersonated. In today's web browsers, the best and easiest way to fix that is to use HTTPS (https://).Now, a number of government websites have taken a step further and are becoming the firs.. 더보기 CVE-2015-1593 - Linux ASLR integer overflow: Reducing stack entropy by four A bug in Linux ASLR implementation for versions prior to 3.19-rc3 has been found. The issue is that the stack for processes is not properly randomized on some 64 bit architectures due to an integer overflow.Affected systems have reduced the stack entropy of the processes by four. To check if your Linux is vulnerable simply execute the following:$ for i in `seq 1 10`; do cat /proc/self/maps | gre.. 더보기 CTB-Locker dropper 보호되어 있는 글입니다. 더보기 Reverse Engineering Resources DebuggingThese are very important guides for understanding the debugging process and how applications work.Mac OS X Debugging Magic Technical Note (TN2124) (link - PDF Mirror)iOS Debugging Magic Technical Note (TN2239) (link - PDF Mirror)Understanding and Analyzing iOS Application Crash Reports (TN2151) (link - PDF Mirror)Malloc Debug Environment Variables (link - PDF Mirror)Mach-O BinariesMac O.. 더보기 Exploring the Registry at the hex level If you want to open your hives and browse the structure you can of course use any hex editor. There are several hex editors out there that let you define templates to parse data. One of these hex editors is 010 Editor. 010 has a C/C++ like syntax for defining templates. I wrote a template for Registry hives that you can get on theTemplate Archive (at some point), but it will also always be avail.. 더보기 이전 1 ··· 29 30 31 32 33 34 35 ··· 57 다음