SEARCH RESULTS
 
Showing 1-10 of 44 records
 
Expand article

Binary Analysis Seminar At UC Berkeley

2008-02-01 14:50:21 by Chris Wysopal in Zero in a bit
 
...binary analysis: TRUST Seminar: BitBlaze: a Binary-centric Approach to Computer Security . This seminar is open to the public Binary analysis is imperative for protecting COTS (common off-the-shelf) programs and analyzing and defending against the myriad of malicious code, where source code is unavailable, and the binary may even be...
 
Tags: binary, binary analysis, binary-centric approach, seminar, security, real-world security, computer security, bitblaze project, dawn song
 
 
 
 
Expand article

Spreading Malware Around the Christmas Tree

The Article has images
2007-12-24 18:33:57 by HASH0x896b164 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...binary. The domain merrychristmasdude.com is logically in a fast-flux, here are some more details Administrative, Technical Contact Contact Name: John A Cortas Contact Organization: John A Cortas Contact Street1: Green st 322, fl.10 Contact City: Toronto Contact Postal Code: 12345 Contact Country: CA Contact Phone: +1 435 2312633 Contact...
 
Tags: contact, contact postal code, technical contact, server, contact organization, contact city, contact country, contact street1, contact phone
 
 
 
 
Expand article

BlackEnergy DDoS Bot Web Based C&Cs

The Article has images
2008-02-12 18:46:35 by HASH0x8b1c6c4 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...binary for the Windows platform that uses a simple grammar tocommunicate. Most of the botnets we have been tracking (over 30 at present) are locatedin Malaysian and Russian IP address space and have targeted Russian sites with theirDDoS attacks The following are currently live botnet C&Cs administration panels, and with BlackEnergy's only...
 
Tags: ddos, bot, blackenergy ddos bot, blackenergy, ddos extortion, ddos attacks, traditional irc bot, irc, botnet master
 
 
 
 
Expand article

Crimeware in the Middle - Zeus

The Article has images
2008-04-24 04:37:46 by HASH0x8ae4648 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...binary generator. Each use creates a new binary file, and these files are radically different from each other -- making them notoriously difficult for anti-virus or security software to detect. To date very few variants have had effective anti-virus signatures against them and each use of the kit usually makes existing signatures ineffective....
 
Tags: zeus, file, remote file, zeus trojan, binary file, file system32 drivers, kit, metaphisher kit, configuration file
 
 
 
 
Expand article

Auditing open source software

2007-10-08 16:13:00 by Panayiotis Mavrommatis in Google Online Security Blog
 
...binary data or protocols. We recommend being careful using any such code until it has been vetted for security (by extensive code auditing, fuzz testing, or preferably both). It is also important to watch for security updates for any decoding software you use, and keep patching up to date
 
Tags: image, malicious image file, libtiff image, values, jpeg image, tiff header values, source, evil tiff file, evil
 
 
 
 
Expand article

Exaggerating Timing Attack Results Via GET Flooding

2007-12-10 04:04:33 by RSnake in ha.ckers.org web application security lab
 
...binary thing - one at a time or flooding. But what if we only launched enough GET requests with the intention of impacting server load, not bandwidth latency. So picking the right URL would be critical here (DB impacts, most likely When you found the right URL, launching a GET request flood against the server could seriously delay certain...
 
Tags: server load, server, requests, practical applications, time, bandwidth latency, url, times versus, difference
 
 
 
 
Expand article

Have Your Malware In a Timely Fashion

The Article has images
2007-12-15 08:35:11 by HASH0x89f6724 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...binary at fernando123.ws/forum/load.php or fernando123.ws/forum/load.exe Detection rate : Result: 9/32 (28.13 File size: 43008 bytes MD5: 8ce2134060b284fa9826d8d7ca119f33 SHA1: 3074f95d6b54fa49079b20876efa0f4722e7fe7d As for the second campaign at 4583lwi4.tarog.us/in.cgi?19 , the malicious parties were quick enough to redirect the IFRAME...
 
Tags: malware, attack, malware attack, malware downloaders, media malware gang, loads, web site, site, php
 
 
 
 
Expand article

Fuzz Testing at Microsoft and the Triage Process

2007-09-20 18:52:00 by sdl in The Security Development Lifecycle
 
...binary analysis and attack surface analysis tools Previously, James Whittaker posted a blog entry on Testing in the SDL in which he mentioned that many folks equate fuzz testing with security testing. While fuzz testing doesn't come close to describing how security testing is done at Microsoft it does happen to be one of our most scalable...
 
Tags: chance exceptions, exceptions, exception handler, exception, divide-by-zero exception, exception code, triage process, process, first-chance exceptions
 
 
 
 
Expand article

Malware Serving Exploits Embedded Sites as Usual

The Article has images
2008-01-09 18:04:58 by HASH0x8957398 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...binary is using a default set of known executables of anti malware products, and is installing a default debugger injected upon execution of any of these, and is therefore successfully killing many of the applications Another exploit serving domain with a very diverse set of exploits used, but again serving the faddish RealPlayer plus MDAC...
 
Tags: htm, load uc147, uc147, loads 8v8, 8v8, load 8v8, iframes, recent realplayer exploit, secondary iframes