SEARCH RESULTS
 
Showing 1-10 of 43 records
 
Expand article

What Does SHA1 is Broken Mean?

2007-12-12 07:35:00 by Eric Marvets in The Security Samurai
 
...SHA1 is broken. Recently I did some security videos for Microsoft, and decided that SHA1 was the best hash function for the example (modifying an existing application to store hashed passwords The videos I did were part of the How Do I series, and not exactly the place to explain why it was appropriate to use SHA1. But for those of you...
 
Tags: sha1, choose sha1, sha1 protects, hash data, data, sha1 drops, hash function, hash, function
 
 
 
 
Expand article

The FirePack Exploitation Kit - Part Two

The Article has images
2008-04-27 04:27:00 by HASH0x8ae4cf0 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...SHA1..: cc0eceb9e8cc3475752c959be70204b6f4d82168 99FFC5BA4.php Scanners result : 6/32 (18.75 Trojan.DL.Script.JS.Agent.low; Exploit-OperaTN File size: 1815 bytes MD5...: 166fa42343dd59d941e24177a0da9102 SHA1..: e85701841a40c0017c06e2feb023272bff1b06f1 CCF45A00D.php Scanners result : 15/32 (46.88 HTML/MS06006.BB!exploit;...
 
Tags: nuclear malware kit, malware kit, kit, metaphisher malware kit, icepack malware kit, original firepack kit, malware exploitation kit, php, scanners result
 
 
 
 
Expand article

Malware Attack Exploiting Flash Zero Day Vulnerability

The Article has images
2008-05-27 17:33:43 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...SHA1..: 687066c90bb44fee574f2763041ee80dfee4d5bf A sample flash file with the exploit Scanners result : 2/32 (6.25 eSafe - SWF.Exploit Symantec - Downloader.Swif.C File size: 846 bytes MD5...: 1222bf4627894cb88142236481680d03 SHA1..: bbf59d9e6610e6f982a7ce7fc9e9878ffd3bfe70 The malware served Scanners result : 18/32 (56.25...
 
Tags: flash, malware, macromedia flash content, flash content, sample flash file, adobe flash player, adobe, participation domains, domains
 
 
 
 
Expand article

Blackhat SEO Redirects to Malware and Rogue Software

The Article has images
2008-06-05 07:59:47 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...SHA1..: 5cf1602db8c4fdd3c5ac5101e5a6c5daa77f5ff1 Scanners Result: 6/32 (18.75 Trojan-Downloader.Win32.FraudLoad.axa; Trojan.Dldr.FraudLoad.axa File size: 60416 bytes MD5...: 14938bfe35128687e05f7f8ccbd29c7d SHA1..: cf651e959fff945c9659321e79ba2788062b721d Scanners Result: 14/32 (43.75%) Trojan-Downloader.Win32.Zlob.lps;...
 
Tags: sites, profile sites, multimedia sites, codec sites, zlob variants, zlob, zlob malware variants, rogue codec sites, domains
 
 
 
 
Expand article

Malware Serving Exploits Embedded Sites as Usual

The Article has images
2008-01-09 18:04:58 by HASH0x8957398 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...SHA1 : b81abcf63a2c4bcf43526f28aec20fca2f58d67c 8v8.biz/1.htm - MDAC also loads 8v8.biz/06014.html in between 8v8.biz/r.htm - real player unobfuscated, wheere all of these attempt to load 8v8.biz/v.exe - Worm.Win32.AutoRun.bkx; Win32/Cekar!generic Result: 27/31 (87.10 File size : 19501 bytes MD5 : 7b101f7baeae0ebab9ecc06fdb9542dc SHA1 :...
 
Tags: htm, load uc147, uc147, loads 8v8, 8v8, load 8v8, iframes, recent realplayer exploit, secondary iframes
 
 
 
 
Expand article

Massive IFRAME SEO Poisoning Attack Continuing

The Article has images
2008-03-27 21:12:29 by HASH0x8b4fa7c in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...SHA1 : 91f8a0e2531ea63ce22d0c7f90e7366a78ebeb8a Moreover gift-vip.net/images/index1.php (195.225.178.19) is still loading from the previous campaign, this time pointing to webmovies-b.com/movie/black/0/21/411/0/ (58.65.234.25), and of course, e.pepato.org/e/ads.php?b=3029 (58.65.238.59 Scanners Result: 2/32 (6.25 JS.Feebs.rv;...
 
Tags: massive, single massive seo, profile sites, profile sites iframe, attack, seo, malware, malware attack, massive blackhat seo
 
 
 
 
Expand article

Have Your Malware In a Timely Fashion

The Article has images
2007-12-15 08:35:11 by HASH0x89f6724 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...SHA1: 3074f95d6b54fa49079b20876efa0f4722e7fe7d As for the second campaign at 4583lwi4.tarog.us/in.cgi?19 , the malicious parties were quick enough to redirect the IFRAME to Google.com, in exactly the same fashion the RBN did in the Bank of India incident definitely monitoring the exposure activities in real-time. However, accessing through a...
 
Tags: malware, attack, malware attack, malware downloaders, media malware gang, loads, web site, site, php
 
 
 
 
Expand article

Malware Serving Online Casinos

The Article has images
2007-11-29 16:37:13 by HASH0x8968208 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...SHA1 : 3478fe6a600251b2ee147dbd50eaf4f204a884cb Last week's obfuscation at this online casino was pointing to traffmaster.biz/ra/in.cgi?5 which is now down The second casino is fabispalmscasino.com (82.165.121.138) with current obfuscation attempting to connect to the now down stat1count.net/strong , a host residing on a netblock I covered...
 
Tags: obfuscation, current obfuscation, obfuscation loads, play poker, poker, internal url statistics-gdf, statistics-gdf, average javascript obfuscation, php
 
 
 
 
Expand article

Massive RealPlayer Exploit Embedded Attack

The Article has images
2008-01-07 18:58:52 by HASH0x89c7e1c in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...SHA1: 0282e945ded85007b5f99ddee896ed5e31775715 Detection rate for the obfuscated exploit Result: 11/32 (34.38%) - JS/Agent.AMJ!exploit; Trojan-Downloader.JS.Agent.amj File size: 2880 bytes MD5: d363ffca061ebf564340c4ac899e3573 SHA1: 1226d3d9fcc5052a623b481b48443aeb246ab5db A lot of university, and international government sites continue...
 
Tags: exploit, realplayer exploit, uc8010 domain, domain, uc8010, exact exploit, attack uc8010, malware, malware exploitation kits