28 Ocak 2015 Çarşamba

Ghost Linux Vulnerability Tester

#include <netdb.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>

#define CANARY "in_the_coal_mine"

struct {
  char buffer[1024];
  char canary[sizeof(CANARY)];
} temp = { "buffer", CANARY };

19 Ocak 2015 Pazartesi

Skeleton Key Malware YARA Rule

rule skeleton_key_patcher
       $target_process = "lsass.exe" wide
       $dll1 = "cryptdll.dll"
       $dll2 = "samsrv.dll"

       $name = "HookDC.dll"

       $patched1 = "CDLocateCSystem"
       $patched2 = "SamIRetrievePrimaryCredentials"
       $patched3 = "SamIRetrieveMultiplePrimaryCredentials"

       all of them

14 Ocak 2015 Çarşamba

TRITON APX Advanced Protection

Advanced, adaptive cybersecurity that protects your critical data wherever it is and gives you actionable intelligence across the entire threat lifecycle.

Websense TRITON APX provides us with the actionable security risk intelligence we need to protect our organization from threats across the entire Kill Chain.