Mar 032015
 

INTRODUCTION Point-of-sale (POS) is the place where a retail transaction is completed. It is the point at which a customer makes a payment to the merchant in exchange for goods or services. Majority of retail POS systems also include a debit/credit card reader. POINT-OF-SALE INTRUSIONS What is it? When attackers compromise the computers and servers that run POS applications, with the intention of capturing payment data. Hospitality and retail companies are the top targets — Read More…

Mar 022015
 

Introduction Cuckoo Sandbox is an Open Source Automated Malware Analysis system that has been gaining more and more attention in recent years. The fact that Cuckoo is fully open source makes it a very interesting system for those that want to modify its internals, experiment with automated malware analysis, and setup scalable and cheap malware analysis clusters. [1] Malware is the raw-material associated with many cybercrime-related activities. Cuckoo is a lightweight solution that performs automated Read More…

Feb 162015
 

Overview ASUS Router RT-N10 Plus is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the result_of_get_changed_status.asp script. A remote authenticated attacker could exploit this vulnerability using the flag parameter in a specially-crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials. Technical details Multiple Read More…

Nov 182014
 

The Meaning XE which stands for XML Entity is a standard for representing sets of data. Meanwhile, Entities are more like shortcuts to standard text or special characters e.g. wherever you see “X” replace it with “Y”. An entity can be declared either internal or external. An internal entity is defined in-line like a macro. Syntax example will look like this (<!ENTITY entity-name “entity-value”>). An external entity points to data in an external file like Read More…

Oct 282014
 

In a previous article, we have described the Shellshock vulnerability and in this article we show how to exploit this vulnerability using the BeEF Framework. However, here’s a quick and dirty way to check if you’re vulnerable or not: Type this command:env x='() { :;}; echo vulnerable’ bash -c “echo this is a test” Note: If you see “vulnerable this is test” it means you haven’t patched it. If you see “this is a test”, Read More…

Oct 202014
 

What is POODLE? POODLE stands for Padding Oracle On Downgraded Legacy Encryption Vulnerability CVE: CVE-2014-3566 What is the attack? The attack occurs when an attacker is able to downgrade the client to use SSLv3. By simulating a failure during the negotiation process, an attacker can force a browser and a server to renegotiate using an older protocol, right back down to SSLv3. Attacker aims to capture the session cookie within a HTTPS tunnel through MITM. Read More…

Oct 062014
 

Introduction In the last post we saw how the recent bash vulnerability can be remotely exploited in a variety of ways. How do we defend against this? Below we discuss steps that will help your organization identify vulnerable components and initiate mitigation activities. Steps to identify, test and mitigate vulnerable systems   Make an inventory of all UNIX-like systems When we say UNIX-like, we mean systems like FreeBSD, OpenBSD, Solaris, HP-UX, AIX, Linux and Mac Read More…