Security

Facebook Twitter
Research
ReAssure is written in Ruby and Python. Ruby is used for cgi scripts, and python for the management of the experimental switch and PCs. Scripts are organized hierarchically based on the SQL tables they affect; click on an item on the sidebar menu for details. The software is available for download according to the terms of the following license: The Purdue University CERIAS ReAssure Project Copyright (c) 2006-2009 Purdue University All rights reserved. ReAssure Project Home Page ReAssure Project Home Page
coms

Since October 2011 we watch this affiliate system. Money Racing AV, a private PPS (Pay-Per-Sale) affiliate who spread actively fake antispywares (rogue). We have already seen this gang active in August 2009: A recent tour of scareware XII.Advertising can be found on various russian underground communities: First contact with FTL (6 October 2011): [14:29:33] Load4sales: hello [14:30:02] mr: привет [14:30:03] Load4sales: i'm late but just see your post on antichat about Money racing av v2 [14:30:25] mr: sorry bro [14:30:26] mr: only for russians [14:30:31] Load4sales: ah :/ [14:30:37] Load4sales: okay, thanks anyway [14:30:46] mr: ok Malware Intelligence Blog Malware Intelligence Blog
Security Research by Alexander Sotirov Feb 9, 2011 This year Dino Dai Zovi and I are teaching our Assured Exploitation class again at the CanSecWest conference. This is a two day training on March 7-8, focusing on on the advanced exploitation techniques required for developing state of the art exploits for the latest Windows 7 systems. Security Research by Alexander Sotirov
Darknet - The Darkside | Ethical Hacking, Penetration Testing & Computer Security So this is not a particularly technical source article, but it looks fairly interesting and I haven’t heard of this Linux.Darlloz worm before, so it might be new to some of you too. Seems like it’s going after old php-cgi installs, which are very common on embedded systems (routers/pos systems/stbs etc). The vulnerability being used is actually pretty old and was patched back in May 2012. It’s not really likely to cause a serious risk to servers, which tend not to run php-cgi any more – and it would be more common for them to be updated. A new worm is targeting x86 computers running Linux and PHP, and variants may also pose a threat to devices such as home routers and set-top boxes based on other chip architectures.According to security researchers from Symantec, the malware spreads by exploiting a vulnerability in php-cgi, a component that allows PHP to run in the Common Gateway Interface (CGI) configuration.

Darknet - The Darkside | Ethical Hacking, Penetration Testing & Computer Security

Skeptikal.org
Engineering in Reverse Can you find me now? Unlocking the Verizon Wireless xv6800 (HTC Titan) GPSSkywing In August 2008 Verizon Wireless released a firmware upgrade for their xv6800 (rebranded HTC Titan) line of Windows Mobile smartphones that provided a number of new features previously unavailable on the device on the initial release firmware. In particular, support for accessing the device's built-in Qualcomm gpsOne assisted GPS chipset was introduced with this update. However, Verizon Wireless elected to attempt to lock down the GPS hardware on xv6800 such that only applications authorized by Verizon Wireless would be able to access the device's built-in GPS hardware and perform location-based functions (such as GPS-assisted navigation). Uninformed - vol 10 Uninformed - vol 10
Black Hat ® Technical Security Conference // Archives Black Hat ® Technical Security Conference // Archives This archive of computer security presentations is provided free of charge as a service to the world wide computer security community. Speaker presentations and materials are put on-line generally two weeks after the event. Audio and video are generally available 6-9 months after the conference. If a speaker is listed on the conference page, but their speech is not present here it generally means there is no available audio, video or materials. Archive pages are collected by event, then divided by year. Looking for media, speakers and briefing info?

HackerspaceWiki

HackerspaceWiki Hackerspaces are community-operated physical places, where people can meet and work on their projects. This website is for Anyone and Everyone who wants to share their hackerspace stories and questions with the global hackerspaces community. Regular Events Call-in - Call-ins provide an opportunity for existing hackerspaces to provide an update and highlight upcoming events, and new/planned hackerspaces can ask questions. First Sunday each month. Synchronous Hackathon - Hackerspaces worldwide use the internet to interact and hack for the weekend.
DEF CON® Hacking Conference - The Hacker Community's Foremost So

DEF CON® Hacking Conference - The Hacker Community's Foremost So

Book a room at the Rio for DEF CON 22! Posted 1.15.14 For those of you that want to get a jump on DEF CON 22, you can now book your room for DEF CON 22 at our discounted rate!