January 7th, 2008
[quote]
TV presenter Jeremy Clarkson has lost money after publishing his bank details in his newspaper column.
The Top Gear host revealed his account numbers after rubbishing the furore over the loss of 25 million people’s personal details on two computer discs.
He wanted to prove the story was a fuss about nothing.
But Clarkson admitted he was “wrong” after he discovered a reader had used the details to create a £500 direct debit to the charity Diabetes UK.
[/quote]
You can view the whole article here.
Posted in Privacy, General InfoSec | No Comments »
January 2nd, 2008
The last weeks of the last year were very busy which was seen in lack of posts. I decided to take a little look back at last year to see what all happened. Read the rest of this entry »
Posted in General InfoSec | Comments Off
November 22nd, 2007
After a few news sites picked up the entries on the suspicious TOR nodes I’ve had a few queries on the issue. Read the rest of this entry »
Posted in General InfoSec | No Comments »
November 20th, 2007
I decided to do some more digging on the TOR network to see whether there really are exit-nodes doing MITM attacks. As a target site, I picked up my home computer that had an SSL enabled server. Read the rest of this entry »
Posted in General InfoSec | 8 Comments »
November 19th, 2007
As most, if not everyone, know TOR is a network of proxies designed to give some privacy and anonymity to it’s users. Lately TOR has been in the news for quite a bit since a swedish hacker managed to sniff a huge load of user accounts and passwords belonging to foreign embassies. Read the rest of this entry »
Posted in General InfoSec | 2 Comments »
November 16th, 2007
Pdump is now available for download.
Pdump is a process memory dumper that dumps the whole process memory.
Each allocated memory page is dumped into it’s own file, and you can load them easily into IDA Pro or similar tool later on for analysis.
The tool can be downloaded from here:
Pdump.exe
Posted in Tools | No Comments »
October 16th, 2007
Let’s take a look at yet another bot originating from the Mother Russia. It’s called Illusion, and it has a nice and clear GUI tool for configuration that even an idiot (you could argue that only idiots use malware anyway) can use. Read the rest of this entry »
Posted in Malware FreakShow | No Comments »
October 8th, 2007
KMFCopy is a small utility that copies files in kernel-mode. As such, it need administrative privileges.
Read the rest of this entry »
Posted in Tools | No Comments »
October 6th, 2007
BlackEnergy is yet another malware coming from Russia. The package is a “for dummies” version, exhibiting a nice GUI you can use to modify the bot. The only purpose for BlackEnergy is to DDOS. It does not spread on it’s own, it just sits and polls a HTTP C&C (Command and Control) to see whether it has been given any targets.
Read the rest of this entry »
Posted in Malware FreakShow | No Comments »
September 30th, 2007
This is a runtime unpacker for PolyCryptPE. Being a runtime unpacker, you have every chance of toasting your buttocks since I cannot promise the executable won’t escape. I have tried to add a few safeguards to it, but you still need to be careful. Also, it’s not a perfect unpacker since the imports will be broken in the dumped image. Read the rest of this entry »
Posted in Tools, Packer-Magic | No Comments »