Category Archives: Vulnerabilities & Exploits

Similarities and Differences in the terms Phishing, Malvertising, Spam and Malware E-mails

What is Phishing? What are malvertising, spam e-mail and malware e-mail campaigns?  These terms have started to become intertwined and used interchangeably which generally means that there is a lack of understanding in the IT community which is typical. Over time laziness and improper training has a way of bending security definitions into bundles. A great example… Read More »

Share Button

ALERT! Very Active PHISHING CAMPAIGN still alive targetting Dropbox Users

I received the link via e-mail but also found it online through some redirects and a dropbox typeo domain name. The images and page look spot on ….but if you look at the URI like you should you’ll notice right away we got some problems here! http://glabalinvestment.tk/cost/DROP1/casts/   The campaign is stealing your Gmail, Yahoo,… Read More »

Share Button

Converted PCAP sample of a Microsoft Windows Reverse Shell

Converted PCAP sample of a Microsoft Windows Reverse Shell, the shell is spawned on port 4444, the hacked PC initiates the connection to 192.168.1.109 which has a Netcat listener waiting on port 4444 to spawn a command line shell on connect. You can see once the shell is spawned a user is created and added… Read More »

Share Button

CISCO Dropped the ball as Default SSH Key Found in Many Cisco Security Appliances

Well, Cisco certainly dropped the ball on this one, several Cisco security appliances contain a default SSH Key that is authorized allowing an attacker to connect to an appliance and execute arbitrary commands. Cisco reports that the Web Security Virtual Appliances, Email Security Virtual Appliances, and Content Security Management Virtual Appliances are affected by the… Read More »

Share Button

Anatomy of Exploit Kits – Preliminary Analysis of Exploit Kits as Software Artefacts – By Vadim Kotov and Fabio Massacci

Anatomy of Exploit Kits Preliminary Analysis of Exploit Kits as Software Artefacts Vadim Kotov and Fabio Massacci DISI – University of Trento, Italy surname@disi.unitn.it Abstract. In this paper we report a preliminary analysis of the source code of over 30 different exploit kits which are the main tool behind driveby-download attacks. The analysis shows that… Read More »

Share Button