28 Ocak 2015 Çarşamba

Ghost Linux Vulnerability Tester

#include <netdb.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>

#define CANARY "in_the_coal_mine"

struct {
  char buffer[1024];
  char canary[sizeof(CANARY)];
} temp = { "buffer", CANARY };

19 Ocak 2015 Pazartesi

Skeleton Key Malware YARA Rule


rule skeleton_key_patcher
{
strings:
       $target_process = "lsass.exe" wide
       $dll1 = "cryptdll.dll"
       $dll2 = "samsrv.dll"

       $name = "HookDC.dll"

       $patched1 = "CDLocateCSystem"
       $patched2 = "SamIRetrievePrimaryCredentials"
       $patched3 = "SamIRetrieveMultiplePrimaryCredentials"

condition:
       all of them
}

14 Ocak 2015 Çarşamba

TRITON APX Advanced Protection

TRITON APX
 
Advanced, adaptive cybersecurity that protects your critical data wherever it is and gives you actionable intelligence across the entire threat lifecycle.




Websense TRITON APX provides us with the actionable security risk intelligence we need to protect our organization from threats across the entire Kill Chain.