Thursday, May 10, 2007

Defeating Virtual Keyboards

To deal with the threat of keyloggers -- or to win time during te process of implementing two factor authentication and one-time-passwords-i...

International Cryptography Regulations Map

Regulations on importing, exporting and using encryption greatly vary across the world. Bert-Jaap Koops came up with some informative maps h...

Disintermediating the Major Defense Contractors

Innovative and cost-effective altogether? Think SpaceShipOne , a commercial space ship that didn't come from a major defense contractor,...
Tuesday, May 08, 2007

DDoS on Demand VS DDoS Extortion

There were recent speculations on the decline of DDoS attacks , in respect to the lack of companies actually paying to extortion attacks and...
Friday, May 04, 2007

A Chronology of a Bomb Plot

A very detailed overview of a bomb plot , especially the lines related to anything digital such as : - " An e-mail sent from Mr. Khawa...

Winamp PoC Backdoor and a Zero Day

Listen to your infection? Not necessarily as this backdoor binds cmd.exe on port 24501, but needs to be socially engineered in the form of ...
Wednesday, May 02, 2007

Anti-Censorship Lifestyle

Following a previous post on security lifestyle(s) , and in between the ongoing efforts to censor a 16 digit number I feel it's about t...

The Brandjacking Index

Picture a situation where a customer gets tricked into authenticating at the wrong site of company XXX. Would they do business with company ...
Monday, April 30, 2007

Cryptome Under Fire

John Young at Cryptome.org is reporting that its hosting provider decided to terminate their relationship on the basis of violating their ...

Video Demonstration of Vbootkit

Orignally introduced at this year's Blackhat con in Amsterdam, the Vbootkit is a kit showcasing the execution of unsigned code on Window...

Malicious Keywords Advertising

Blackhat SEO's been actively abused by spammers, phishers and malware authors, each of them contributing to the efficiency of the underg...
Thursday, April 26, 2007

Conventional Weaponry VS Cyber Terrorism

Insightful comment on how assymetric warfare and abusing the most versatile communication medium is something conventional weaponry cannot ...

Malware Infected Removable Media

In a previous post I discussed various thought to be outdated physical security threats such as leaving behind CDs and DVDs malware ready a...

Outsourcing The Spying on Your Wife

Targeted attacks and zero day malware have always been rubbing shoulders, and it's not just a fad despite that everyone's rememberin...
Wednesday, April 25, 2007

Shots from the Malicious Wild West - Sample Seven

The Webmoner is a malware family that's been targeting the WebMoney service for the last couple of years , a service which is mostly u...
Monday, April 23, 2007

OSINT Through Botnets

Open source intelligence gathering techniques from a government sponsored cyber espionage perspective have been an active doctrine for year...
Friday, April 20, 2007

Google in the Future

Great fake as a matter of fact. Don't blame the crawler while crawling the public Web, but the retention of clickstreams for indefinite ...

Shots from the Malicious Wild West - Sample Six

Continuing the "Malicious Wild West" series, the Blacksun RAT integration on the web is so modules-friendly it makes you wonder wh...

Shots from the Malicious Wild West - Sample Five

Open source malware with a MSQL based web command and control? It's not just Sdbot and Agobot being the most popular malware groups tha...

A Compilation of Web Backdoors

The other day I came across to a nice compilation of web backdoors only, and decided to verify how well are various AVs performing when det...