General security April 26, 2011 Ryan Dewhurst Insecure Defaults Lead to Mass Open Proxies in China Description: A bug in Chinese video streaming software leads to mass open proxies on the web. A security blogger has uncoverd a flaw in the Chinese PPLive...
Application security April 21, 2011 Russ McRee OWASP Top 10 Deeper Dive – A5: Cross-Site Request Forgery (CSRF) Description: Parsing the OWASP Top Ten with a closer look at Cross-Site Request Forgery (CSRF). No freely available or open source tools "automagically" discovers CSRF vulnerabilities; you have to step through the app as described above and test against locally installed vulnerable applications and devices unless you have explicit permission to test remote applications per an approved penetration testing engagement.
Reverse engineering April 19, 2011 ESET Team TDSS part 3: Bootkit on the Other Foot The final installment of the 3-part series covers the loading the bootkit previously discussed in part 2.
Reverse engineering April 19, 2011 ESET Team TDSS part 2: Ifs and Bots For this second part of the series, we look in more depth at the internals of the malware, starting with the user-mode implementation of the bootkit’s bot functionality.
Reverse engineering April 19, 2011 ESET Team TDSS part 1: The x64 Dollar Question In the two years since the Win32/Olmarik family of malware programs (also known as TDSS, TDL and Alureon) started to evolve, its authors have implemented a notably sophisticated mechanism for bypassing various protective measures and security mechanisms embedded into the operating system.
General security April 18, 2011 Infosec David Litchfield Reveals His Process for Security Research In our ongoing series of interviews, this week David Litchfield answered a few questions and pulled back the curtain a bit on the methods, tools and motivation...
Digital forensics April 14, 2011 Scott Behrens and Ben Hagen Web shell detection using NeoPI This article was part of a talk presented at BSidesChicago. Web servers have become one of the main targets of malicious activity and are often a weak point...
Hacking April 13, 2011 Infosec Info on the disclosure of the wicd 0day Rel1k (Dave Kennedy) asked for a more detailed explanation as to the wicd disclosure / backtrack “0day” fiasco and we're happy to explain. We slipped up...
Digital forensics April 12, 2011 Keatron Evans Computer Forensics: Alternate Data Streams Alternate Data Streams are a way to store data on a machine that is not readily accessible to users. Using ADS, files are not easily accessible by Windows operating...
Hacking April 11, 2011 Infosec Neil Daswani Reveals His Process for Security Research In our ongoing series of interviews, this week Neil Daswani answered a few questions and pulled back the curtain a bit on the methods, tools and motivation...