[GLLUG] Info on how attacks work
Stanley Mortel
mortel at cyber-nos.com
Fri Mar 1 15:30:00 EST 2013
Just F.Y.I. from SANS
USEFUL EXPLANATIONS OF HOW NEW ATTACKS WORK
Injecting a DLL in a Modern UI Metro Application
http://blog.nektra.com/main/2013/02/25/injecting-a-dll-in-modernui-metro-app-win8/
REMnux: A Linux distribution for reverse-engineering malware:
http://zeltser.com/remnux/
CVE-2013-0634 being exploited in the wild:
http://malwaremustdie.blogspot.jp/2013/02/cve-2013-0634-this-ladyboyle-is-not.html#gongda
Deobfuscating Java 7u11 exploit from Cool Exploit Kit:
http://security-obscurity.blogspot.it/2013/02/deobfuscating-java-7u11-exploit-from.html
Stuxnet "Beta's" devious alternate attack on Iran nuke program:
http://arstechnica.com/security/2013/02/new-version-of-stuxnet-sheds-light-on-iran-targeting-cyberweapon/
Japanese government builds APT database to study targeted attack info:
http://www.theregister.co.uk/2013/02/26/japan_apt_database_us/
Bit9 security incident update:
https://blog.bit9.com/2013/02/25/bit9-security-incident-update/
cPanel support compromised:
http://forum.whmcs.com/showthread.php?68611-cPanel-support-compromised&p=296646
ShadowServer notes on The Comment Group:
http://blog.shadowserver.org/2013/02/22/comment-group-cyber-espionage-additional-information-clarification/
Symantec: Comment Crew indicators of Compromise:
http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/comment_crew_indicators_of_compromise.pdf
How I hacked Facebook OAuth to get full permission on any Facebook
account (without app "Allow" interaction):
http://www.nirgoldshlager.com/2013/02/how-i-hacked-facebook-oauth-to-get-full.html
Dissecting NBC's exploits and malware serving web site compromise:
http://ddanchev.blogspot.com/2013/02/dissecting-nbcs-exploits-and-malware.html
More information about the linux-user
mailing list