Stealing Credit Cards – A WordPress and vBulletin Hack
What better way to celebrate Thanksgiving than to share an interesting case that involves two of the most popular CMS applications out there – vBulletin and WordPress. Here is a real case that we just worked on this week, involving an attacker dead set on stealing credit card information. Enjoy! The Environment The client runs […] more…The Story of Clip:rect – A Black Hat SEO Trick
We regularly write about Black Hat SEO hacks here. Such hacks help hackers monetize their access to compromised sites by incorporating them into massive schemes that try to manipulate search engine results for queries that potential clients may be interested in. Think of gray areas like: payday loans, pharmaceuticals, counterfeit drugs and luxury goods. As […] more…Five Years Old And Still On The Run: DOWNAD
Five years ago, Conficker/DOWNAD was first seen and quickly became notorious due to how quickly it spread and how much damage it caused. Remarkably, after all that time, it’s still alive. It can still pose a serious problem, as it can propagate to other systems on the same network as an infected machine – a factor that […] more…Case Study: Analyzing a WordPress Attack – Dissecting the webr00t cgi shell – Part I
November 1st started like any other day on the web. Billions of requests were being shot virtually between servers in safe and not so safe attempts to access information. After months of waiting, finally one of those not so safe request hit one of our honeypots. We won’t get into the location of the site […] more…Anatomy of a file format problem – yet another code verification bypass in Android
Four months ago, the Android platform was stirred, if not shaken, by a pair of code verification holes. Turns out there was a third one, now fixed in Android 4.4, better known as Kit Kat. Paul Ducklin looks at what we can learn from it… more…Anatomy of a file format problem – yet another code verification bypass in Android
Four months ago, the Android platform was stirred, if not shaken, by a pair of code verification holes. Turns out there was a third one, now fixed in Android 4.4, better known as Kit Kat. Paul Ducklin looks at what we can learn from it… more…Defending Against CryptoLocker
Over the past few weeks, we’ve been seeing an increase in the number of spreading CryptoLocker malware. This new kind of ransomware has been hitting more users over the past few weeks, as seen in the 30-day feedback provided by the Smart Protection Network: Figure 1. Cryptolocker infection for the past 30 days CryptoLocker infections […] more…AIS Security:Your Questions Answered
After a week since our presentation at HiTB Kuala Lumpur 2013, our findings regarding Automatic Identification System (AIS) security have been picked up by notable media outlets, including ABC News, Softpedia, VesselFinder, Heise, Spiegel, and NetSecurity. It also raised some questions about AIS and, to a certain extent, our research. In this blog post, we […] more…Download the Windows 8.1 ISO using a Windows 8 key and some simple trickery
It’s great that Microsoft has made Windows 8.1 entirely free to owners of Windows 8, but unfortunately you’re limited to installing the update through the Windows Store — unless you’re an MSDN subscriber there’s no ISO you can grab to install the operating system how and when you like. But as enterprising Reddit user redditorfor0seconds […] more…Sucuri Affiliate Updates
We have been running a quite successful (but stealthy) affiliate program for a few years, paying our partners very well. Our goal has always been to allow our clients that already love what we do, to make some money when they also send their friends or customers to us. However, as our affiliates know, the […] more…Hearing on FISA Oversight of NSA
The United States government may have “shutdown” on October 1st… but that didn’t stop the U.S. Senate Judiciary Committee from holding a hearing on FISA Oversight of the NSA on October 2nd. There’s been plenty of press coverage. But for such important matters — it’s worth watching the source material (if you can stomach “sausage […] more…Targeted exploit
In September Microsoft published information about a new Internet Explorer vulnerability – CVE-2013-3893. The vulnerability affects IE versions 6 through 11 for platforms from Windows XP through Windows 8.1. Later in September, the company released a patch closing the vulnerability. Cybercriminals are happy to exploit such vulnerabilities because they are easy to monetize – the […] more…ARP Spoofing And Lateral Movement
In targeted attacks, during the lateral movement stage attacks try to gain access to other computers on the same local area network (LAN). One useful tool to achieve this is ARP spoofing, which can be used to carry out a variety of attacks to steal information as well as plant backdoors on other machines. We […] more…Raspberry Jam served to 35 young hackers at PyCon UK
After three days of talks, networking and learning from the brightest minds in Python programming, PyCon UK culminated with an Raspberry Jam – the coming together of programmers, teachers and 35 children to play, hack and program with the Raspberry Pi and Python. Education was a very prominent theme at this year’s conference and the […] more…New IE Zero Day is Actively Exploited In Targeted Attacks
Right after a week from September Patch Tuesday, Microsoft had to rush a “Fix It” workaround tool to address a new zero-day Internet Explorer vulnerability (CVE-2013-3893), which is reportedly being actively exploited in certain targeted attacks. As Microsoft advised, the said exploit is targeting a Use After Free Vulnerability in IE’s HTML rendering engine (mshtml.dll). […] more…Kylie Minogue: Australia’s Most Dangerous Celebrity
Noooooooo!! How could Kylie Minogue be considered dangerous? Perhaps I missed that episode of Neighbours? And I am sure there are no ‘danger’ themes in her music. Well, definitely not in Locomotion or I Should Be So Lucky!! But yes, it is true. Aussie pop legend Kylie Minogue is Australia’s 2013 Most Dangerous Celebrity, according […] more…More information
- Download Mannu Auto Mass WHM exploiter [PHP]
- Microsoft Windows Remote Procedure Call CVE-2014-0316 ASLR Security Bypass Vulnerability
- Another two universities suffer data breaches, but notification still too slow
- 32m Twitter passwords may have been hacked and put up for sale on the Dark Web
- USA blamed for spy malware planted on French president’s network
- Hackers Target Swedish Power Grid Operator
- PoC Exploit Published for Critical Jenkins Vulnerability
- CISPA appears doomed in Senate
- Blockchain integration turns ERP into a collaboration platform
- Enterprise Blind Spots and Obsolete Tools – Security Teams Must Evolve