Tags » Exploit

Scanbox Javascript code - Exploit packs

This is the JavaScript code we usually see in exploit packs:

function setCookie(id,value,bool)
{
d=new Date();
if(bool==1)
{
d.setTime(d.getTime()+365*10*24*60*60*1000);
}
else
{
d.setTime(d.getTime()-365*10*24*60*60*1000);
}
document.cookie = id+”=”+value+”;path=/;expires=”+d.toGMTString(); 8,258 more words

Exploit Kit

Software enumeration using Internet Explorer

We do regularly see software enumeration using Internet Explorer in web infections. It tries to find some specific files(at fixed locations) related to AV and other analysis tools and avoids further execution of the exploit. 2,198 more words

IE

Who Are You?

I got to the guy fixing watches. My watch needed a new battery…..and, probably new straps too. I told the guy what I wanted. He told me the price. 430 more words

Word For Now!

Escalating Local Privileges Using Mobile Partner

Mobile Partner is a very popular software that ships with Huawei internet dongles. Recently I noticed the fact that the “Mobile Partner” directory and all subdirectories, files by default has full permissions granted the Users group. 1,352 more words

Patrick Leigh Fermor: Crossing Europe and kidnapping a German general

Source: BBC, by Andy Walker, October 2014

A new account of the kidnap of a German general in WW2 from occupied Crete sheds light on one of the 20th Century’s most interesting men. 656 more words

Politics

The Reigning Security Exploits of 2014

Until recently, I wasn’t aware that I’m one of the few who consistently maintains an updated computer. I thought it was a no-brainer. You’re notified by Windows Update or the App Store and after clicking some variation of ‘Update,’ TA-DA!  899 more words

Featured

How to Neuter POODLE (New SSL Vulnerability)

Surprise, surprise… Researcher’s have found yet another OpenSSL vulnerability. They’ve named this one POODLE. Silly name, I know, but at least it stands for something—Padding Oracle On Downgraded Legacy Encryption. 1,548 more words

Security Updates