877.791.9571 |

Monthly Archives: November 2010

Security Incident Response Testing To Meet Audit Requirements

Description: Practical guidance and tools to ensure maximum readiness for incident response teams including drill tactics. PCI-DSS audits often require IR testing validation; drill quarterly and be ready next audit cycle.

Introduction

Incident response teams in enterprise environments beholden to regulatory requirements can conduct drills that will help satisfy auditors and […]

Advanced Tutorial: Man in the Middle Attack Using SSL Strip – Our Definitive Guide

We got a lot of great feedback from our first Man in the Middle Video so we decided to double-down and give you guys some really juicy MitM demos and analysis. Our Ethical Hacking students have been really excited about this one during classes, so I wanted to share […]

By |November 19th, 2010|Hacking|27 Comments

ZeroAccess Malware Part 4: Tracing the Crimeware Origins by Reversing Injected Code

Part 1: Introduction and De-Obfuscating and Reversing the User-Mode Agent Dropper
Part 2: Reverse Engineering the Kernel-Mode Device Driver Stealth Rootkit
Part 3: Reverse Engineering the Kernel-Mode Device Driver Process Injection Rootkit
Part 4:Tracing the Crimeware Origins by Reversing the Injected Code

In this final […]

ZeroAccess Malware Part 3: The Device Driver Process Injection Rootkit

Part 1: Introduction and De-Obfuscating and Reversing the User-Mode Agent Dropper
Part 2: Reverse Engineering the Kernel-Mode Device Driver Stealth Rootkit
Part 3: Reverse Engineering the Kernel-Mode Device Driver Process Injection Rootkit
Part 4:Tracing the Crimeware Origins by Reversing the Injected Code

Let’s now take a look at the […]

ZeroAccess Malware Part 2: The Kernel-Mode Device Driver Stealth Rootkit

Part 1: Introduction and De-Obfuscating and Reversing the User-Mode Agent Dropper
Part 2: Reverse Engineering the Kernel-Mode Device Driver Stealth Rootkit
Part 3: Reverse Engineering the Kernel-Mode Device Driver Process Injection Rootkit
Part 4:Tracing the Crimeware Origins by Reversing the Injected Code

In Part 2 of the ZeroAccess Malware Reverse Engineering series of […]

Step-by-Step Reverse Engineering Malware: ZeroAccess / Max++ / Smiscer Crimeware Rootkit

(quick plug – to all current & future reverse engineers – check out our Reverse Engineering Training Course. We’d love to publish your work next!)

Part 1: Introduction and De-Obfuscating and Reversing the User-Mode Agent Dropper
Part 2: Reverse Engineering the Kernel-Mode Device Driver Stealth Rootkit
Part 3: Reverse Engineering the Kernel-Mode Device […]

iPhone App Exposes Pontentially Anyone’s Social Security Number.

There has been web sites around for a while that allows one to listen in on certain police, fire department, and other public service radio bands. Now this has been ported into an Iphone app. Basically, you install the app, then instantly you’re able to tune into […]