Actus Sécurité Confirmés-2011-s03

=> Web application vulnerabilities in context of browser extensions. 16/01/2011. «What are extensions in Google Chrome browser? Extensions are small software programs that can modify and enhance the functionality of the Chrome browser. Developers writes them using well-know web technologies such as HTML, JavaScript (including HTML5 features) and CSS. Using of such technologies of course makes developing ease. But what security risks they will bring to us? (…).»
Source : oxdef.info/papers/ext/chrome.html
Billets en relation :
17/01/2011. Source tweet sbz : www.twitter.com/sbrabez

=> Top Ten Web Hacking Techniques of 2010 (Official). 17/01/2011. «Every year the Web security community produces a stunning amount of new hacking techniques published in various white papers, blog posts, magazine articles, mailing list emails, etc. Within the thousands of pages are the latest ways to attack websites, Web browsers, Web proxies, and so on. Beyond individual vulnerability instances with CVE numbers or system compromises, we’re talking about actual new and creative methods of Web-based attack. Now it its fifth year the Top Ten Web Hacking Techniques list encourages information sharing, provides a centralized knowledge-base, and recognizes researchers who contribute excellent work (…).»
Source : jeremiahgrossman.blogspot.com/2011/01/top-ten-web-hacking-techniques-of-2010.html

=> An Intro to Creating Anti-Virus Signatures. 18/01/2011. «This is an introductory post on creating anti-virus signatures. This post will cover the three main types of signature detections. The three most common signatures are hashes, byte-signature and heuristics (…).»
Source : hooked-on-mnemonics.blogspot.com/2011/01/intro-to-creating-anti-virus-signatures.html
Billets en relation :
18/01/2011. Source : www.twitter.com/Xylit0l

=> Learning Malware Analysis. 18/01/2011. «If you happen to be studying at the Aalto University in Helsinki, there’s one lecture you don’t want to miss tomorrow: our Chief Research Officer Mikko Hyppönen will open the course on Malware Analysis and Antivirus Technologies (…).»
Source : www.f-secure.com/weblog/archives/00002084.html
Billets en relation :
18/01/2011. Course page : noppa.tkk.fi/noppa/kurssi/t-110.6220/uutiset

=> Bohu Takes Aim at the Cloud. 18/01/2011. «The Microsoft Malware Protection Center has been tracking a recent threat that attacks cloud-based antivirus technology provided by popular major antivirus software vendors in China. The malware is named Win32/Bohu (TrojanDropper:Win32/Bohu.A) (…).»
Source : blogs.technet.com/b/mmpc/archive/2011/01/19/bohu-takes-aim-at-the-cloud.aspx
Billets en relation :
31/12/2010. TrojanDropper:Win32/Bohu.A : www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=TrojanDropper%3AWin32%2FBohu.A
21/01/2011. Trojan bypasses cloud-based anti-virus : www.h-online.com/security/news/item/Trojan-bypasses-cloud-based-anti-virus-1173385.html

=> New Twitter worm redirects to Fake AV. 20/01/2011. «A new Twitter worm is spreading fast, using the “goo.gl” URL shortening service to distribute malicious links (…).»
Source : www.securelist.com/en/blog/11136/New_Twitter_worm_redirects_to_Fake_AV
Billets en relation :
20/01/2011. Fake anti-virus attack spreads on Twitter via goo.gl links : nakedsecurity.sophos.com/2011/01/20/fake-anti-virus-attack-twitter-via-goo-gl-links/
20/01/2011. Possible new Twitter worm : isc.sans.edu/diary.html?storyid=10297
20/01/2011. Twitter worm spreading virally : bartblaze.blogspot.com/2011/01/twitter-worm-spreading-virally.html

=> Using Information Leakage to Avoid ASLR+DEP. 20/01/2011. «Today, more and more exploit developers are using Return-Oriented-Programming (ROP) techniques to bypass the Data Execution Prevention (DEP) feature in recent versions of Windows. In order to successfully launch an attack using ROP, one must know the fixed base address of the targeted module (…).»
Source : blog.trendmicro.com/using-information-leakage-to-avoid-aslrdep/
Billets en relation :
20/01/2011. JIT Spraying: Exploits to beat DEP and ASLR : www.h-online.com/security/features/Return-of-the-sprayer-exploits-to-beat-DEP-and-ASLR-1171463.html

=> Hiding Malicious PDFs from AVs. 20/01/2011. «I recently discovered that one can hide a malicious PDF from a good portion of antivirus software by embedding it into a valid executable file. For this example, I used notepad.exe from Windows XP. As you can see, the PDF file before embedding is detected by quite a lot of the AV vendors (…).»
Source : blog.reverseco.de/post/2011/01/20/Hiding-Malicious-PDFs-from-AVs

=> PandaLabs Uncovers Alarming Statistics on Cyber-Crime Black Market. 21/01/2011. «In new investigative report, PandaLabs reveals extensive criminal network selling stolen bank credentials and cyber-crime-related products online (…).»
Source : press.pandasecurity.com/news/pandalabs-uncovers-alarming-statistics-on-cyber-crime-black-market/
Billets en relation :
21/01/2011. The Cyber Crime Black Market [PDF] : press.pandasecurity.com/wp-content/uploads/2011/01/The-Cyber-Crime-Black-Market.pdf

Billet précédent : «
Billet suivant : »