Category Archives: Security Information

CERBER Ransomware Hidden C2 Servers Traffic and Malware Analysis

Cerber ransomware has been one of the most prolific crimeware botnets to have arisen, it is currently generating an estimated $2.5 million dollars a year and rising. Once infected, your content is encrypted and held for ransom as the name implies. You will see an image popup with instructions on how to reclaim your data… Read More »

Share Button

Writing Shellcode for Buffer Overflows – Avoiding Bad Characters

Depending on the application, vulnerability type, and protocols in use, there may be certain characters that are considered “bad” and should not be used in your buffer, return address, or shellcode. One example of a common bad character (especially in buffer overflows caused by unchecked string copy operations) is the null byte (0x00). This character is considered bad because… Read More »

Share Button

Fuzzing Programs to find Windows Buffer Overflows – Bypass ASLR & DEP – Controlling and Overwritting EIP

Modern Windows Buffer Overflows and Techniques Most Windows applications are complied using Data Execution Prevention (DEP) or Address Space Layout Randomization (ASLR) support, which makes the exploitation process a lot harder as we will have to bypass these internal security mechanisms. These memory protections were implemented in Microsoft Windows 7, (DEP) is a set of hardware, and software,… Read More »

Share Button

BLACKHAT BLACK HAT 2016 USA VEGAS BRIEFING – HORSE PILL: A NEW TYPE OF LINUX ROOTKIT

HORSE PILL: A NEW TYPE OF LINUX ROOTKIT Michael Leibowitz  |  Senior Trouble Maker, Intel Location:  South Seas CDF Date: Thursday, August 4 | 12:10pm-1:00pm Format: 50 Minute Briefing Tracks: Malware Platform Security: VM, OS, Host and Container   What if we took the underlying technical elements of Linux containers and used them for evil? The result a… Read More »

Share Button

BLACKHAT 2016 USA – NEXT-GENERATION OF EXPLOIT KIT DETECTION BY BUILDING SIMULATED OBFUSCATORS

NEXT-GENERATION OF EXPLOIT KIT DETECTION BY BUILDING SIMULATED OBFUSCATORS Tongbo Luo  |  Sr Staff Engineer, Palo Alto Networks Xing Jin  |  Staff Engineer, Palo Alto Networks Location:  Mandalay Bay BCD Date: Thursday, August 4 | 11:00am-11:25am Format: 25 Minute Briefing Tracks: Malware Network Defense   Recently, driving-by downloads attacks have almost reached epidemic levels, and exploit-kit is the propulsion to… Read More »

Share Button