Putting iframes to good use: warning website owners that their sites are hacked
A lot of forums are run by vBulletin, which like all pieces of software, has vulnerabilities. It seems there have been a lot of infected sites with similar iframe injections: The iframe points to a...
View ArticleSaving malicious payload using Fiddler
Fiddler is a great tool to capture web traffic and it comes with many command line options and custom scripting that make it easy to save and collect a payload. Case in point, you want to collect...
View ArticleJust what we needed: better encryption on exploit payload
A Java exploit that downloads a malicious EXEcutable is nothing new and that malware binary should be easily detected right? Wrong: 0 detection...
View ArticleThe bad guys like to tease security researchers
Yesterday I was monitoring a domain involved in malware distribution using the SPL Exploit kit. The exploit itself is not terribly sophisticated. Malicious Java files are all stored in an open...
View Article
More Pages to Explore .....