Friday, January 8, 2016
ZeroAccess 3 Analysis
›
After the takedown attempt in December 2013, the current status of ZeroAccess (alias Sirefef) has been much disputed. Initially the botmas...
Saturday, March 21, 2015
Complexity is the bugdoor's friend
›
Backdoors are a fashionable topic these days, ever since the BULLRUN program was uncovered by the Snowden leaks. Bruce Schneier and others...
Thursday, January 8, 2015
OpenSSL's squaring bug, and opportunistic formal verification
›
OpenSSL's latest round of security advisories is out today, and besides the usual memory safety issues—seemingly endemic in its DTLS i...
Thursday, October 2, 2014
World War Zero Access — When Zombie botnets come alive
›
To kick off cyber security awareness month and, of course, the Halloween month, today we discuss how to bring botnet zombies (or zombots, ...
Wednesday, July 2, 2014
H.323 Registration Weaknesses: Part 2
›
Last time , we have seen how Avaya's H.323 default gateway authentication method was vulnerable to an attacker that is able to passivel...
Tuesday, June 24, 2014
H.323 Registration Weaknesses: Part 1
›
Voice-over-IP VoIP is a rather obscure niche. There are essentially two main standards: SIP and H.323. While the former may be more well-kno...
›
Home
View web version