logo

engineering

| Posted by Avatar Staff 286 days ago
Via: http://uninformed.org | Tags: introduction to reverse engineering win applications comments Discuss  
During the course of this paper the reader will be (re)introduced to many concepts and tools essential to understanding and controlling native Win32 applications through the eyes of ... read more »
addto Add this link to... report Bury 
Category: blogs | Posted by Avatar Staff 261 days ago
Via: http://www.symantec.com | Tags: monaronadona pure social engineering scam comments Discuss  
We have analysed samples of malware that is calling itself 'MonaRonaDona', and is creating a buzz on Internet forums. In a nutshell, it seems the sole purpose of the malware is to prompt the user to enter the term "MonaRonaDona" into a search engine. This is an attempt to lead them to an application that can remove the unwelcome threat - a fix that has obviously been conveniently provided by the very people who created the virus in the first place. When the Trojan executes, it creates the file SRVSPOOL. read more »
addto Add this link to... report Bury 
Category: news | Posted by Avatar Staff 225 days ago
Via: http://lists.jammed.com | Tags: isn interview ross anderson security engineering comments Discuss  
http://securitywannabe.com/blog/2008/04/07/interview-with-ross-anderson-security-engineering-20/By Craig BaldingApril 7th, 20087 years ago, a Cambridge Professor called Ross Anderson published a book called .Security Engineering..Up until that time, it wasn.t often you would hear anyone talk about .Security Engineering. - let alone find an entire book written on the subject.As soon as the book came out, it made a real and lasting impression on the security community.Richard Bejtlich summed it up with his r read more »
addto Add this link to... report Bury 
Category: blogs | Posted by Avatar Staff 148 days ago
Via: http://securitylabs.websense.com | Tags: reverse engineering embedded opentype decompression comments Discuss  
As security researchers, we regularly analyze many different types of files. It's important that we take the time to teach ourselves about unusual file formats, so that we can be prepared when a malicious attack occurs with an uncommon file type. One unusual file type that we recently studied is the EOT file format. A quick definition from Wikipedia explains: "Embedded OpenType (EOT) fonts are a compact form of OpenType fonts designed by Microsoft for use as embedded fonts on Web pages. These files usually read more »
addto Add this link to... report Bury 
Category: news | Posted by Avatar Staff 42 days ago
Via: http://lists.jammed.com | Tags: isn financial crisis leaves bank branches open social engineering targeted attacks comments Discuss  
From: InfoSec News <alerts_at_private>Date: Thu, 9 Oct 2008 03:01:29 -0500 (CDT)http://www.darkreading.com/document.asp?doc_id=165537By Kelly Jackson HigginsSenior EditorDark Reading OCTOBER 8, 2008Heightened concern over the growing financial crisis is making banks more vulnerable to targeted social engineering and spear-phishing attacks, researchers said this week.Penetration testers who work with bank clients say the fragile state of the banking community is making it easier for them to dupe under read more »
addto Add this link to... report Bury 
Category: blogs | Posted by Avatar Staff 39 days ago
Via: http://securitylabs.websense.com | Tags: reverse engineering ollysockettrace comments Discuss  
Today I would like to share with you a really great plugin for OllyDbg (a 32-bit assembler-level, analyzing debugger for Windows). The plugin is OllySocketTrace from Harmony Security. Its job is to trace the socket operations performed by a process. It records all buffers sent and received. It also records all parameters and return values, and the trace is highlighted with a unique color for each socket being traced. read more »
addto Add this link to... report Bury 


Copyright 2005-2008 Best of Security