We have already got the taste of reverse engineering with Reflector in the previous paper. It was basically a kick-start about this dissembling tool in terms of presenting its features and advantages. We have been performing the entire reverse engineering tactics over our custom made software called Champu. This […]
Android is a Linux kernel mobile platform that has been popular throughout its existence on a huge variety of devices, especially mobile smartphones. Most organizations, ranging from banking to telecom companies, have also come up with their apps for Android. Just like generic web applications, these mobile applications need […]
This editorial is committed to subverting the essential security restriction mechanisms of a native binary executable by employing the IDA Pro Dissembler. This paper is basically elaborating a very complex mechanism of reverse engineering among the previously demonstrated papers, yet because it is a very exhaustive and long process, […]
This article is the second part of a series on NSA BIOS Backdoor internals. This part focuses on BULLDOZER, a hardware implant acting as malware dropper and wireless communication “hub” for NSA covert operations. Despite that BULLDOZER is a hardware, I still use the word “malware” when referring to […]
Implanting malicious code in the form of spyware to an existing running process is one of the more sophisticated tasks. Before the advent of disassembler or patching tools, the malevolent code is usually invoked from the hard-core programming code, which is a very exhaustive process in itself, because we […]
The term “malvertising” is coined through the combination of two words – “malware” (i.e., “malicious software”) and “advertising.”
As an activity taking place online, malvertising is defined as the use of online ads to distribute malicious software. Although malvertising campaigns may not be as frequent as those that […]
An icon on the Windows desktop represents a directory in which deleted files are temporarily stored. This enables you to retrieve files that you may have accidentally deleted. From time to time, you’ll want to purge the recycle bin to free up space on your hard disk. You can […]
Automated tools are used to carry out many security attacks to online services. There are different protection mechanisms to narrow down such attacks and one such mechanism is the usage of CAPTCHA. CAPTCHA or Completely Automated Public Turing test to tell Computers and Humans Apart is a mechanism adopted […]
A sequence of data breaches suffered by principal US retailers Target and Neiman Marcus has put Americans on alert. A total of more than a hundred million people may have been a victim of a cyber attacks against POS systems in the stores of the two giants.
The attackers used […]
Network neutrality (also known as net neutrality or Internet neutrality) refers to a general principle that Internet service providers (ISPs) should not control how their customers lawfully use the Internet. For example, the ISPs should not restrict any Internet traffic or charge differently for different types of traffic.
In this series of articles, last time we talked about fuzzing and various SQL statement special characters which can be used in fuzzing a web application. In this article, I am going to focus on various prefixes and suffixes of fuzzing in order to fuzz the target web application.
Skype is an application that enables voice and video calls, instant messaging, file transfers, and screen sharing between users. Millions of people download and use Skype everyday for voice and video calling, messaging, sharing and low-cost local and international calls.
If you have a Microphone and Speakers, you can use […]
ALPR – Technical Specifications
The majority of ALPR devices are mounted on bridges, road signs, and poles near traffic lights or outside public buildings and even patrol vehicles. It seems that the last type of carrier, presumably for its mobility, arouses the most interest and concern among people. Mobile ALPR […]
This article elaborates the complete life cycle of making a custom interactive C# compiler, much like one of an existing CSC.exe. It is hard to imagine such a custom C# interactive compiler kind of mechanism, but this innovation could be constructed by employing C# APIs of the open source […]
Today’s world is an Internet world. These days, everyone wants to save their professional data and private content. With so much private information being shared over the Internet via social, email, the cloud etc, what can you possibly do to try to protect yourself? Many surveillance programs were going […]
There is a notable upsurge in the number of ransomware attacks in the past couple of months, and undoubtedly the emergence of the CryptoLocker ransomware is among the most significant contributory factors to this trend. Yet a calamity never comes alone, and presumably for every new threat there is […]
By now, the risks associated with phishing are well-known and well-documented. What is often misunderstood or overlooked is a hidden threat related to phishing.Brief BackgroundThere are various forms of phishing, but each form has a similar objective: to elicit information from an unsuspecting victim (refer to this article for […]
Countless organizations have fallen prey to cyber attacks – from high profile retailers to enterprises and government agencies. Some attacks have been high profile, like last year’s Adobe attack that compromised tens of millions of customer accounts, leading to other sites, including Facebook, to force users who may have […]
As of this writing in February 2014, Android has the greatest OS market share on both smartphones and tablets. If you don’t own an Android device, chances are that your friends, family or co-workers do.
The security implications of Android affect many millions of people worldwide who use their devices […]
Buffer overflows have been the most common form of security vulnerability in the last 10 years. Buffer overflow attacks make up a substantial portion of all security attacks simply because buffer overflow vulnerabilities are so common and so easy to exploit. Most of the exploits based on buffer overflows […]