Yesterday was the last day of the quarter. Naturally, it makes for a good day to reflect on the past three months. I mentioned in my last post that something new was on the horizon, and I’m now excited to share it. ORD -> SFO On March 1, 2019, I had my first one way flight booked from Chicago to San Francisco. I never actually thought I’d move further away from my friends and family....
It’s been about five years since my last update on this blog. I’ve been wanting to write for a while again, but life always seems to happen. Then time escapes. A lot has changed over the past five years (personally and professionally), and I’m really excited to finally post something here for someone to read (even if it’s just me). tl;dr - I’m back and look forward to writing again...
First, Happy Thanksgiving to anyone that celebrates this holiday. In reality, I hope that we’re all thankful every day. Yes, I know- I’m working on a blog post on turkey day. It’s alright because I already helped cook a few items for the dinner table later this evening, and I have some free time, so why not? I’ll keep this one short. If you follow Microsoft Patch Tuesday’s like I do, then you probably know that Microsoft provided a patch for Microsoft Security Bulletin MS14-064, which was rated as critical....
Last month, I attended SecTor 2014 in Toronto, a beautiful city in Ontario, Canada. Actually, that was the first time I had ever attended the conference and visited the country. I had a great time, and I met a few people that really made the rest of my time out there worthwhile. It has been a while since I last posted anything and thought I’d share some of the content that was presented during a basic malware analysis training session that I took at SecTor....
Earlier this year, I was invited to join a group of smart students from DePaul University to conduct some research on the risks associated with buying and selling used electronic equipment. Our research team received over fifty different second-hand devices that were purchased and provided by McAfee, part of Intel Security. For a short video and key findings, please visit the original blog post that was published by McAfee earlier last month....
A couple of days ago, researchers at Barracuda Networks reported that Hasbro.com was serving malware to its visitors. For additional information, I recommend that you read the Threatpost blog, which covers the story in greater detail. The purpose for this blog post is to provide my analysis of the network traffic file(s) that were provided by Barracuda Networks, which you can obtain here. Obviously, this is nothing new. Exploit kits, specifically this one, are nothing new....
Recently, I started reading Decompiling Android by Godfrey Nolan, primarily out of interest and curiosity. Obviously, I have an interest in malware and all-things threatsy, maliciously and shady (I made those words up, just now). Anyway, I figured I’d give this Android malware sample and whirl, and see what that side of the world looks like. This post will be my first analysis on this subject, so it most certainly may not be complete - but I’ll try my best....
This is probably not amazing news to many of you, since you probably see a lot of automated scanning and exploitation attempts on your network perimeter. Although a bit of old news by now, I thought I’d share anyway. About a week or two prior to ISC Diary posting about this active threat, I had seen activity related to this Trojan on one of the systems that I have. The following is one of the many similar entries in my access....
Earlier this year, I discovered multiple cross-site scripting (XSS) vulnerabilities in The Bug Genie, an open source issue tracking and project management application. The Vulnerabilities For reference, the vulnerabilities were assigned CVE-2013-1760. Proper and timely disclosure practices were coordinated through the Trustwave SpiderLabs’ security advisory team. The Bug Genie version 3.2.4 and earlier, suffer from multiple persistent, and reflected XSS vulnerabilities in different areas of the application. I will not dive into details for each finding, as they are mentioned in the references below....