Avast razjašnjava detalje oko CCleaner incidenta

Avast je ranije danas objavio post-mortem incidenta CCleaner malvera, u nadi da će pojasniti neke od detalja oko događaja koji su mnogi korisnici našli zabrinjavajućim. Ispod je pojednostavljen vremenski okvir događaja, baziran na Avastovoj nedavnoj izjavi. July 3 – Evidence suggests hackers breached Piriform’s IT systems. July 18 – Avast decides to buy Piriform, the company behind […]

Command and Control – Website Keyword

There are various command and control options which some of them are utilizing protocols like ICMP and DNS and some others legitimate websites such as DropBox and Gmail. During DerbyCon 3.0 Matt Graeber and Chris Campbell introduced a technique which uses a website keyword in order to trigger the launch of shellcode in a system. Matt Nelson produced a PowerShell script which […]

BlueBorne Vulnerabilities Impact Over 5 Billion Bluetooth-Enabled Devices

Security researchers have discovered eight vulnerabilities — codenamed collectively as BlueBorne — in the Bluetooth implementations used by over 5.3 billion devices. Researchers say the vulnerabilities are undetectable and unstoppable by traditional security solutions. No user interaction is needed for an attacker to use the BleuBorne flaws, nor does the attacker need to pair with […]

Several Cable Modem Models Affected by SNMP God Mode Flaw

A severe security flaw in the implementation of the SNMP protocol allows an attacker to take over at least 58 cable modem models, according to a team of researchers. The vulnerability, tracked as CVE 2017-5135 but nicknamed StringBleed, affects the Simple Network Management Protocol (SNMP), a popular protocol invented in the 80s and used for […]

DIY Tesla Powerwall

Tesla is a company that is known for open sourcing their patents.  It is because of this that people around the world have begun to adopt the advanced technology and replicate it. Youtube user, JehuGarcia put together a video on how to construct your own Powerwall, the home battery that Tesla developed to run your place […]

DLL Hijacking Attacks

This article is all about different DLL hijacking attacks techniques used by malware to achieve persistence. We will be discussing DLL search order hijacking, DLL Side loading, and Phantom DLL Hijacking techniques. Also, we will see how can we detect it and prevent the DLL hijacking attack. What is DLL hijacking? DLL provide common code […]

How to break a chatbot

    On Reddit, Llaver showed how to reveal the inner workings of a Skype messaging bot. He/She explained that it was a mistake: “I was going to send some quick and dirty code to a friend but I mistakenly sent it to a Skype messaging bot. Hillarity ensues.”       via boingboing.net

Hash Functions

A while ago I needed fast hash function for ~32 byte keys. We already had MurmurHash used in a bunch of places, so I started with that. But then I tried xxHash and that was a bit faster! So I dropped xxHash into the codebase, landed the thing to mainline and promptly left for vacation, […]

Binary SMS

Despite being older than many of its users, Short Messaging Service (SMS) remains a very popular communications medium and is increasingly found on remote sensors, critical infrastructure and vehicles due to an abundance of cellular coverage. To phone users, SMS means a basic 160 character text message. To carriers and developers it offers a much […]

RASPBERRY PI-POWERED AI BEATS HUMAN PILOT IN DOGFIGHT

When the Raspberry Pi computer was first launched in 2012 to promote the teaching of computer science, its creators probably didn’t imagine the $35 device would one day take on a professional fighter pilot in a dogfight—and win. But that is exactly what a doctoral graduate at the University of Cincinnati set out to do […]