Archive | Cryptography


11 December 2014 | 1,023 views

Sony Digital Certs Being Used To Sign Malware

So at the end of November, Sony got owned, owned REAL bad – we wrote about it here: Sony Pictures Hacked – Employee Details & Movies Leaked. It seems in as a part of the massive haul of documents, the digital certificates used to sign software were also stolen. Which is bad, as you can […]

Continue Reading


27 November 2014 | 2,367 views

Bitcoin Not That Anonymous Afterall

One of the big advantages touted by Bitcoin (and other cryptocurrencies) was always the anonymity of the transactions, yes you can track a wallet address and see the transaction history. But there’s no real way to link that wallet address to a real person (so we thought). I mean other than any leaky fiat exchange […]

Continue Reading


13 November 2014 | 2,654 views

Microsoft Schannel Vulnerabilty – Patch It NOW

So yah, it seems like every implementation of TLS is broken and some may say this Microsoft Schannel vulnerabilty is actually worse than Heartbleed. Why is it worse you ask? Because it allows remote code execution, which honestly – is about as bad as it gets. This is a critical update, a really, really critical […]

Continue Reading


16 October 2014 | 3,774 views

Everything You Need To Know About POODLE SSLv3 Vulnerability

So yah, it’s been quite a year – not long after Heartbleed and then Shellshock we now have POODLE SSLv3 vulnerability. Yes, that’s right – POODLE. It is actually an acronym this time though, yay (Padding Oracle On Downgraded Legacy). Is it a huge risk? Not really as it doesn’t allow any type of remote […]

Continue Reading


23 September 2014 | 1,541 views

CloudFlare Introduces SSL Without Private Key

Handing over your private key to a cloud provider so they can terminate your SSL connections and you can work at scale has always been a fairly contentious issue, a necessary evil you may say. As if your private key gets compromised, it’s a big deal and without it (previously) there’s no way a cloud […]

Continue Reading


16 September 2014 | 2,022 views

StegExpose – Steganalysis Tool For Detecting Steganography In Images

StegExpose is a steganalysis tool specialized in detecting steganography in lossless images such as PNG and BMP (LSB – least significant bit type). It has a command line interface and is designed to analyse images in bulk while providing reporting capabilities and customization which is comprehensible for non forensic experts. Steganography is the art or […]

Continue Reading


06 June 2014 | 1,144 views

Important OpenSSL Patch – 6 More Vulnerabilities

So after the Heartbleed vulnerability in OpenSSL that turned the World upside down, there has a been a lot of focus on the codebase and the manner in which it was written. They’ve raised a bunch of money, an audit is underway and there has even been a fairly serious branch named LibreSSL (who are […]

Continue Reading


09 April 2014 | 4,347 views

Heartbleed Bug SSL Vulnerability – Everything You Need To Know

Introduction So the Internet has been exploding this week due to the Heartbleed Bug in OpenSSL which effects a LOT of servers and websites and is being hailed by some as the worst vulnerability in the history of the Internet thus far. The main info on the bug can be found at http://heartbleed.com/. In basic […]

Continue Reading


05 February 2014 | 4,175 views

hash-identifier – Identify Types Of Hashes Used To Encrypt Passwords

Somewhat similar to HashTag – Password Hash Type Identification (Identify Hashes) – which we posted about a while back, here we have hash-identifier or Hash ID. Once again this is a Python script created to identify types of hashes used to encrypt data and especially passwords. It supports a whole bunch of hashes such as […]

Continue Reading


08 January 2014 | 1,223 views

Yahoo! Spread Bitcoin Mining Botnet Malware Via Ads

Bitcoin and other cryptocurrencies are pretty much headline news every day now, especially with the inflated values (Bitcoin over $1000 recently). We haven’t mentioned them for a long time though, back in 2012 we wrote about Hackers breaking into a Bitcoin Exchange Site called Bitcoinica. There have been plenty of Bitcoin related hacks since then, […]

Continue Reading