This is certainly an interesting acquisition and not one I would have expected, I’m not even exactly sure what Twitter is planning and why they would want a company focused on mobile encryption (and specifically on the Android platform). I can’t see any real corporate use for Twitter, so they won’t be pushing the security […]
Archive | Countermeasures
This is a pretty interesting progression in the encryption field, I’m pretty sure most of us here will use some kind of key based e-mail encryption (PGP/GPG etc) and various different software based implementations. Or perhaps some of you already use something totally web-based like Hushmail, the story is that researchers in Germany have managed […]
I’m sure you’ve been taught, as have I – that security through or by obscurity is bad (changing port numbers, removing service banners and so on). I’ve personally always used it, as an additional line of defence on my systems. As a hacker I know, the more information a system gives me straight off the […]
Google and their Chrome browser have really been stepping things up lately when it comes to security and browsing, we reported not along ago on Google Chrome To Protect Users Against Malicious Executables. Also since we reported on the Chrome bug bounty program back in February 2010 – Google Willing To Pay Bounty For Chrome […]
It’s been a while since we’ve mentioned Agnitio, it was earlier this year in March: Agnitio v1.2 – Manual Security Code Review Tool. The author notified me of a new version that was recently released with quite a few additions. For those not familiar with it, Agnitio is a tool to help developers and security […]
WebsiteDefender is an online service that monitors your website for hacker activity, audits the security of your web site and gives you easy to understand solutions to keep your website safe. With WebsiteDefender you can: Detect Malware present on your website Audit your web site for security issues Avoid getting blacklisted by Google Keep your […]
Introduction iViZ is the industry’s first company to position themselves as an on-demand penetration testing service for web applications. This is very different from the normal low cost vulnerability assessment services like Qualys, Hackersafe, Hackerguardian etc. Unlike conventional solutions, iViZ delivers consultant-grade quality with an on-demand experience. iViZ provides a hybrid solution that integrates automation […]
This is quite an interesting story as it’s very closely related to the story we published earlier this week – Malicious PDF Files To Exploit iPhone & iPad Zero Day In The Wild. Hot on the tail of that news is the first-ever malware scanning app for iOS devices (iPhone/iPad etc) from a French security […]
Routines for hunting down kernel symbols from from kallsyms, System.map, vmlinux, vmlinuz, and remote symbol servers. Examples:
$ ./ksymhunter prepare_kernel_cred
[+] trying to resolve prepare_kernel_cred...
[+] resolved prepare_kernel_cred using /boot/System.map-2.6.38-gentoo
[+] resolved prepare_kernel_cred to 0xffffffff81061060
$ ./ksymhunter commit_creds
[+] trying to resolve commit_creds...
[+] resolved commit_creds using /boot/System.map-2.6.38-gentoo
[+] resolved commit_creds to 0xffffffff81060dc0
You can download ksymhunter v1.0 here: ksymhunter.tar.gz Or read more here.
The enhanced Mitigation Experience Toolkit (EMET) is designed to help prevent hackers from gaining access to your system. Software vulnerabilities and exploits have become an everyday part of life. Virtually every product has to deal with them and consequently, users are faced with a stream of security updates. For users who get attacked before the […]