Tuesday, May 20th, 2008
My favorite tech quote is from Giorgio Maone. It goes like this: If today’s malware mostly runs on Windows because it’s the commonest executable platform, tomorrow’s will likely run on the Web, for the very same reason. Because, like it or not, Web is already a huge executable platform, and ...
Posted in Coding, Internet, Privacy, Security | No Comments
Monday, May 19th, 2008
We have been noticing quite a few binaries lately that target Brazilian banks. While most tend to have the same behavior, we found a particular piece that actually encrypted most of its strings to slow down analysis. In this blog we analyze the decryption routine and write a decryption algorithm, ...
Posted in Internet, Security | No Comments
Friday, May 16th, 2008
A new attack on PayPal could have allowed users who thought they were on a trusted page to access a fraudulent page and possibly expose personal information. On Friday, Finnish researcher Harry Sintonen reported the vulnerability on an IRC chat room.
In an interview with Netcraft, Sintonen said the issue was ...
Posted in Internet, Privacy, Security | No Comments
Friday, May 16th, 2008
A recently disclosed vulnerability in widely used Linux distributions can be exploited by attackers to guess cryptographic keys, possibly leading to the forgery of digital signatures and theft of confidential information, a noted security researcher said Thursday.
HD Moore, best known as the exploit researcher who created the Metasploit penetration testing ...
Posted in Coding, Internet, Linux, Networking, PHP, Privacy, Software | No Comments
Thursday, May 15th, 2008
Eruces Data Security has secured a patent for its three-step encryption and key management scheme, which is designed to lock down data through its lifecycle.
The security firm’s so-called Tricryption technology first encrypts the data itself with symmetric keys, and then encrypts the keys and stores them in a central key ...
Posted in Internet, Privacy, Security | No Comments
