A while ago Turkish security group Otku Sen created the hidden tear ransomware and published the source code online. Idea behind it was to “teach” security researchers how ransomware works. Right from the beginning the reaction of various security professionals was negative. And we were right, it didn’t take long before the first ransomware variants arrived based on the hidden tear source code. Read Full Article
On the trail of Stagefright 2
In early October, it was announced that a critical vulnerability had been found in the libutils library. Although exploits for newly discovered vulnerabilities take a while to appear ‘in the wild’, we believe we should be prepared to detect them even if there have been no reports, as yet, of any such exploits being found. Because of this, we decided to do the research and generate a PoC file on our own. Read Full Article
Blockchain technology abuse: time to think about fixes
Kaspersky Lab and INTERPOL presented research on how blockchain-based cryptocurrencies could be abused through the pollution of public decentralized databases with arbitrary data. Read Full Article
Area41, formerly known as …
Gruezi from Zurich, Switzerland, where the Area41 conference is currently being held. Area41 doesn’t ring a bell? Well, this event went under a renaming process and was formerly known as Hashdays, that took place in Lucerne. However, the steering team behind… Read Full Article
ASP.NET Holiday Patches
It’s the end of 2011 as we know it, and Microsoft feels fine finishing out the year with a handful of out-of-band holiday patches. This round is important not because the vulnerabilities directly impact massive numbers of customers and their online behavior on Windows laptops, tablets, and workstations, but because ASP.NET maintains vulnerable code allowing for easy DoS of hosting websites, authentication bypass techniques, and stealth redirections to other websites (most dangerously those sites host phish and hosting client side exploits). All of this could curdle your eggnog in the coldest of weather. Read Full Article
The SSL Sky is Falling?
With headlines like “New cyber threat compromises financial information – Experts say new threat could affect millions of sites”, you would think that the trust model of the internet is finally crumbled.
From an hour long wait to view the demo, the Ekoparty demo for the SSL hack was staged. And it was interesting that the attack succeeded in cracking the SSL confidentiality model.
Read Full ArticleBlackhat USA 2011 Talks
Blackhat USA 2011 wraps up and the Defcon conference starts today. There is a little something for everyone in security here. Aside from the contests, networking, meeting folks in the industry and putting faces to names, I thought that the briefings had two fantastic talks. Read Full Article
Hack in The Box Security Conference 2011 Amsterdam / NL
Since yesterday I’ve been attending the annual Hack-in-the-Box Quad-Track Security Conference in Amsterdam/NL. There’s a very nice and open atmosphere here at the conference, besides the beautiful city of Amsterdam. First, Joe Sullivan (CSO at facebook), held a very interesting… Read Full Article
Infiltrate 2011 and Offensive Security
Security researchers from around the world are digesting the weekend’s fare at Infiltrate2011, organized by security outfit Immunity. “No policy or high-level presentations, just hardcore thought-provoking technical meat” was promised, and presenters served it up sizzling. Read Full Article
Different x86 Bytecode Interpretations
Providing randomly generated input to different open source disassembler libraries generates surprisingly differing output and the CPU interprets it differently yet again. Read Full Article