Last week’s feature explaining why passwords are under assault like never before touched a nerve with many Ars readers, and with good reason. After all, passwords are the keys that secure web-based bank accounts, sensitive e-mail services, and virtually every other facet of our online life. Lose … http://arstechnica.com/security/2012/08/wireless-password-easily-cracked/
A few hours ago, FireEye published some information related to a new Java 0day exploited in the wild. The malicious JAR file was served from ok.aa24.net / meeting / index.html The html loads the Java applet passing some parameters that are used later to build the URL to download the payload. … http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/
A Korean news site was recently observed distributing malware. I thought it would be an opportune time to test out my program that attempts to locate malicious scripts on a website. Here’s an excerpt from the results: Looking at the screenshot above from the bottom up, we see some suspicious co… http://www.kahusecurity.com/2012/new-chinese-exploit-pack/ Dispositivo Móvel –…
Researchers have discovered additional capabilities within the Crisis financial malware, namely that it also spread via virtual machines. Crisis, also known as Morcut, is a malicious rootkit which infects both Windows and Mac OS X machines using a fake Adobe Flash Player installer, Takashi Kats… http://securitywatch.pcmag.com/none/301770-crisis-trojan-first-malware-to-target-virtual-machine
WikiDrivers – Wiki-style resource and guide for device drivers http://www.stumbleupon.com/to/s/1CPuyP
A Poor Man’s DNS Anomaly Detection Script http://isc.sans.edu/diary.html?storyid=13918
Santoku Beta – The New Mobile Forensics, Malware Analysis and App Security Testing Distro http://www.toolswatch.org/2012/08/exclusive-santoku-the-new-mobile-forensics-malware-analysis-and-app-security-testing/
IP-Adress.com Proxy List | Whois Proxy List | IP-Adress.com http://www.stumbleupon.com/to/s/2G2GGi
Ultrasurf – Free Proxy-Based Internet Privacy and Security Tools http://www.stumbleupon.com/to/s/1aEBbS
An online password cracking service for penetration testers and network auditors who need to check the security of WPA protected wireless networks, crack password hashes, or break document encryption. Whether it’s a WPA2 network, NTLM hashes, Unix hashes, or an encrypted PDF file, one thing’s f… http://www.toolswatch.org/2012/08/cracking-passwords-hashes-goes-in-the-cloud-with-cloudcracker