antelox.blogspot.com
RCE Blog: October 2009
http://antelox.blogspot.com/2009_10_01_archive.html
Thursday, October 1, 2009. Win32Hlp for Windows 7 x86 and x64. How many people have noticed, Windows 7 can't read .hlp files natively! A couple of days ago I found WinHlp for Windows 7 x86 and x64, so I decided to share with you ;P. This is the link when u'll download it: WinHlp. See you in the next post. =). Subscribe to: Posts (Atom). Win32Hlp for Windows 7 x86 and x64. View my complete profile. Awesome Inc. template. Powered by Blogger.
antelox.blogspot.com
RCE Blog: August 2009
http://antelox.blogspot.com/2009_08_01_archive.html
Thursday, August 20, 2009. This morning while I was programming in Delphi. With my IDE Delphi 7, I noticed that the exe that has been compiled it has been detected by my AV as a Virus. My AV is Avast! And the exe compiled has been detected as Win32:Induc. Win32:Induc is a new emerging threat, exactly of 18/08/09. I have google and looked on my PC and I can say this:. The virus, first searchs in the registry path. HKLM Software Borland Delphi X.0. Key, that specifies the folder location of your Delphi IDE.
aslitsecurity.blogspot.com
ASL IT SECURITY: Sql Injection in Facebook applications!
http://aslitsecurity.blogspot.com/2011/03/sql-injection-in-facebook-applications.html
Wednesday, March 9, 2011. Sql Injection in Facebook applications! We found a vulnerability in 2 facebook applications. One is patched now so we are disclosing the vulnerability. There was a SQL Injection vulnerability in apps.facebook.com. Location: http:/ apps.facebook.com/. Impact: Database access/server control. It was possible to extract all data of all databases located on that servers. 7/3/2010 - Facebook vendors notified. 8/3/2010 - Response from verdor. 8/3/2010 - Vendor patched the vulnerability.
aslitsecurity.blogspot.com
ASL IT SECURITY: July 2011
http://aslitsecurity.blogspot.com/2011_07_01_archive.html
Tuesday, July 5, 2011. SAP Player 0.9 (.m3u) universal. This exploit uses direct return address. Not SEH version. Http:/ packetstormsecurity.org/files/view/102792/sapplayer-overflow.py.txt. Subscribe to: Posts (Atom). ASL SERVICES AND TRAININGS. Http:/ training.aslitsecurity.com. SAP Player 0.9 (.m3u) universal. TrustedSec Security Podcast Episode 52 – Paul Asadoorian from Security Weekly, Bad Air, Azure, Cisco, Clinton Foundation. I am lady" Linux.Lady trojan samples. Dr IDE's PoC of the Day Club.
contagiodump.blogspot.com
contagio: OnionDuke samples
http://contagiodump.blogspot.com/2014/11/onionduke-samples.html
Mobile and print friendly view. Saturday, November 15, 2014. Research: F-Secure: OnionDuke: APT Attacks Via the Tor Network. Download. Email me if you need the password. Https:/ www.virustotal.com/en/file/366affd094cc63e2c19c5d57a6866b487889dab5d1b07c084fff94262d8a390b/analysis/. 2014-11-15 18:37:30 UTC ( 8 hours, 44 minutes ago ). Trojan.Win32.Agent.adYf. Backdoor.Win32.MiniDuke.x. Https:/ www.virustotal.com/en/file/366affd094cc63e2c19c5d57a6866b487889dab5d1b07c084fff94262d8a390b/analysis/. Aka "take a ...
contagiodump.blogspot.com
contagio: AlienSpy Java RAT samples and traffic information
http://contagiodump.blogspot.com/2014/11/alienspy-java-rat-samples-and-traffic.html
Mobile and print friendly view. Monday, November 17, 2014. AlienSpy Java RAT samples and traffic information. AlienSpy Java based cross platform RAT is another reincarnation of ever popular Unrecom/Adwind and Frutas RATs that have been circulating through 2014. The samples, pcaps, and traffic protocol information are available below. File: DB46ADCFAE462E7C475C171FBE66DF82 paymentadvice.jar. File: 01234.exe (Pony loader dropped by FAB8DE636D6F1EC93EEECAADE8B9BC68 - Transfer.jar. The following RAT config s...
aslitsecurity.blogspot.com
ASL IT SECURITY: Yahoo Cross Site Scripting Vulnerability!
http://aslitsecurity.blogspot.com/2012/02/yahoo-cross-site-scripting.html
Sunday, February 12, 2012. Yahoo Cross Site Scripting Vulnerability! There is a Cross Site Scripting Vulnerability in yahoo.com subdomain. Its in upcoming.yahoo.com . This vulnerability allows the attacker to steal cookies and perform session hijacking attacks or use XSS worms. The vendor has been notified regarding the vulnerability details. July 6, 2012 at 10:47 PM. Subscribe to: Post Comments (Atom). ASL SERVICES AND TRAININGS. Http:/ training.aslitsecurity.com. I am lady" Linux.Lady trojan samples.
aslitsecurity.blogspot.com
ASL IT SECURITY: CVE-2014-6352 When defenses fall - eliminating the use of .inf files and bypassing Antiviruses!
http://aslitsecurity.blogspot.com/2014/11/cve-2014-6352-when-defenses-fall.html
Wednesday, November 5, 2014. CVE-2014-6352 When defenses fall - eliminating the use of .inf files and bypassing Antiviruses! Regarding CVE-2014-6352 and CVE-2014-4114 as we know .inf files were used in malware samples found in the wild to execute the executable payloads. One of the workaround from Microsoft was to Block the launching of executables via Setup information files (. Https:/ technet.microsoft.com/en-us/library/security/ms14-060.aspx. OleObject1.bin - which is embedded executable. TrustedSec S...
aslitsecurity.blogspot.com
ASL IT SECURITY: February 2012
http://aslitsecurity.blogspot.com/2012_02_01_archive.html
Sunday, February 12, 2012. Yahoo Cross Site Scripting Vulnerability! There is a Cross Site Scripting Vulnerability in yahoo.com subdomain. Its in upcoming.yahoo.com . This vulnerability allows the attacker to steal cookies and perform session hijacking attacks or use XSS worms. The vendor has been notified regarding the vulnerability details. Subscribe to: Posts (Atom). ASL SERVICES AND TRAININGS. Http:/ training.aslitsecurity.com. Yahoo Cross Site Scripting Vulnerability! Dr IDE's PoC of the Day Club.
SOCIAL ENGAGEMENT