Slave Malware Analysis: Evolving From IBAN Swaps to Persistent Webinjects
Slave is financial malware written in Visual Basic. Since 2015 it has evolved from relatively simple IBAN swapping.
Aggregator
Links
10 years 7 months ago
These are some of my friends’ blogs. The order is random, and inactive links are removed from time to time.
约伊兹的萌狼乡手札 - The salty yet adorable “Moe Wolf.”
FiveYellowMice’s Blog - FiveYellowMice Dalao.
Ekkkkkkko - Egg Uncle, model enthusiast,mobile hacker.
Debugwar - Author of QDoctor, kernel expert, and full-stack hacker.
ADDX - +x, automotive hacker, a Honkai: Star Rail luck god — same as me.
Stone - Stone, drummer, anime fan, and hacker with the looks of a Japanese pop idol.
About me
10 years 7 months ago
INTJ & Chaotic Neutral
All our lives, we are pursued by the ghosts of what we could not have in our youth.
- Skill: Automotive, Penetration, Hardware, Reverse Engineering
- E-Mail: i#gorgias.me [GPG]
GPG Fingerprint
DFD7DE476562A6D0DCB40C016F9433372927B146一次校园Android平台应用的逆向分析
10 years 7 months ago
iOS 内核堆利用技术点之 mach_msg ool
10 years 7 months ago
说明
在内核堆利用中,mach_msg 主要用来填充内核堆、读内核堆。这个技术点无法单独使用,需要配合内核堆信息泄露、堆整理技术(比如:堆风水),即:首先要使堆可控。
关于 mach_msg ool
详细的信息大家可以参考《Mac OS X and iOS Internals: to Apple’s Core》的第十章、《Mac OS X Internals:A Systems
Proteas
An Overview of Exploit Packs (Update 25) May 2015
10 years 8 months ago
Mila
TICSA turns one
10 years 8 months ago
11 May 2015 marks one year since the network security provisions of the Telecommunications (Interception Capability and Security) Act 2013 came into effect.
Windows Kernel Exploitation Humla by Ashfaq Ansari
10 years 8 months ago
This write-up summarizes a workshop/humla conducted by Ashfaq Ansari on the basics of various kinds of attacks available for exploiting the Windows Kernel as of this date. It describes and demonstrates some of the very common techniques to illustrate the impacts of bypassing Kernel security and how the same could be achieved by exploiting specific flaws in kernel mode components. A knowledge of basic buffer overflow exploits through user mode applications is a plus when understanding kernel exploitation and memory issues.
对一些傻傻分不清楚的单位整理的笔记
10 years 8 months ago
VBKlip Banking Trojan Goes Man-in-the-Browser
10 years 8 months ago
VBKlip has evolved significantly from searching for IBAN data in copy-paste functionality to MITB techniques.
VBKlip Banking Trojan Goes Man-in-the-Browser
10 years 8 months ago
VBKlip has evolved significantly from searching for IBAN data in copy-paste functionality to MITB techniques.
Dyre In-Depth: Server-Side Webinjects, I2P Evasion, and Sophisticated Encryption
10 years 9 months ago
Dyre is one of the most sophisticated banking malware agents in the wild.
Dyre In-Depth: Server-Side Webinjects, I2P Evasion, and Sophisticated Encryption
10 years 9 months ago
Dyre is one of the most sophisticated banking malware agents in the wild.
Kiosk/POS Breakout Keys in Windows
10 years 9 months ago
<p>There is an old axiom that goes something like “If an enemy has physical access to your box, it is no longer your box”. With enough time, and baring well-implemented cryptography, someone will get to the data on the…</p>
TrustedSec
British Airways Frequent Flyers Report Stolen Air Miles
10 years 9 months ago
Frequent flyers, beware. Tens of thousands of accounts may have been compromised due to an automated attack against British Airways,...
The post British Airways Frequent Flyers Report Stolen Air Miles appeared first on McAfee Blog.
McAfee
Google Brings Safe Browsing to the Masses With Its Safe Browsing API
10 years 9 months ago
The best way to protect yourself from the malicious programs (often called malware) hidden across the Internet, is to have...
The post Google Brings Safe Browsing to the Masses With Its Safe Browsing API appeared first on McAfee Blog.
McAfee
‘Banking’ Malware Dridex Arrives via Phishing Email
10 years 9 months ago
Microsoft Office scripting malware has become more and more common and aggressive lately as malware authors constantly develop new techniques...
The post ‘Banking’ Malware Dridex Arrives via Phishing Email appeared first on McAfee Blog.
Jorge Arias
7 tasks that waste your IT team’s time
10 years 10 months ago
IT teams' time is always limited, and it doesn't help when other things get in the way. Here's seven things that waste your IT team's time.
在非越狱设备上使用 LLDB 调试第三方 App
10 years 10 months ago
详细说明了如何在非越狱设备上使用 LLDB 调试第三方 App。
Proteas
Will Windows 10 leave enterprises vulnerable to zero-days?
10 years 10 months ago
One thing Microsoft has been very public about is Windows 10's new strategy of releasing patches to update the operating system at different times for consumer and enterprise versions.