 |
 |
The Chrome team is happy to announce our latest Stable release, 8.0.552.215. In addition to the over 800 bug fixes and stability improvements, Chrome 8 now contains a built in PDF viewer that is secured in Chrome’s sandbox.
Get it here:
http://www.google.com/chrome
Malware is all about money. Spyware stealthily captures keystrokes and sensitive data to compromise accounts. Phishing attacks lure users into unwittingly surrendering account credentials and other crucial information. Ransomware uses a much less subtle tactic of demanding the money directly in exchange for the safe return of your own data.
The ransomware attack uses a Trojan to encrypt your data, then notifies you that you must pay a ransom if you want the hostage data returned to you. A SecureList blog post explains, “this type of malware is very dangerous because the chances of getting your data back are very low. It is almost the same as permanent removal of the data from your hard drive.”
The latest ransomware attack seems to be a variant of the GpCode Trojan that has made seemingly annual reappearances to extort money for the past few years. A compromised system will show a Notepad pop-up, or change the desktop background to display a message that reads “Attention!!! All your personal files were encrypted with a strong algorithm RSA-1024 and you can’t get an access to them without making of what we need!” This grammatical nightmare is followed by more broken English instructions directing you to read a text file explaining that a ransom of $120 is required to get the decryption key.
Armitage is a graphical cyber attack management tool for Metasploit that visualizes your targets, recommends exploits, and exposes the advanced capabilities of the framework. Armitage aims to make Metasploit usable for security practitioners who understand hacking but don’t use Metasploit every day. If you want to learn Metasploit and grow into the advanced features, Armitage can help you.
Demo:
http://www.youtube.com/watch?v=EACo2q3kgHY&feature=youtu.be
Download:
http://www.fastandeasyhacking.com/
RainbowCrack is a general propose implementation of Philippe Oechslin’s faster time-memory trade-off technique. Function of this software is to crack hash.
The straightforward way to crack hash is brute force. In brute force approach, all candidate plaintexts and corresponding hashes are computed one by one. The computed hashes are compared with the target hash. If one of them matches, the plaintext is found. Otherwise the process continues until finish searching all candidate plaintexts.
In time-memory tradeoff approach, the task of hash computing is done in advance with the results stored in files called “rainbow table”. After that, hashes can be looked up from the rainbow tables whenever needed. The pre-computation process needs several times the effort of full key space brute force. But once the one time pre-computation is complete, the table lookup performance can be hundreds or thousands times faster than brute force.
This document explains the steps to make the RainbowCrack software working for first time user. Most contents in this document are implementation specific, while others are generic to time-memory tradeoff algorithm.
Source:
http://project-rainbowcrack.com
Another 0-day bug on the Windows platform is affecting win32k.sys (a critical component of the Windows kernel), and this time, the approach seems to pose a major challenge to the security world. This vulnerability is triggered by a buffer overflow in the kernel file, which allows code to bypass UAC on Windows Vista and Windows 7.
More to the point, this security flaw is affecting the RtlQueryRegistryValues API, which is used to query multiple registry values by a query table, with the EntryContext field as output buffer. In order to successfully exploit the flaw, it is mandatory that the attacker create a malformed Registry key, or to be able to manipulate a Registry key that is available with only user rights. Due to the nature of the flaw, we won’t detail more on the matter.
Suffice to say that a working proof of concept has been publicly available for a few hours on an extremely popular programming website. The demonstration included a step-by-step tutorial, as well as binary and source code needed to defeat the UAC.
Source:
http://www.malwarecity.com/blog/windows-kernel-bug-may-bypass-user-account-control-969.html
