http://www.secuobs.com Observatoire de la securite Internet fr webmaster@secuobs.com 2010-10-02 10:28:46 - X Sploited Security : The Stuxnet worm is a huge ordeal right now in the info-sec realm Speculation is still very high from what I ve been reading From all aspects of technology, security specialists and software hardware engineers, even politicians and the media everyone is in a stir about it s origin and purpose Most of it is obvious but more http://www.secuobs.com/revue/news/253725.shtmlhttp://www.secuobs.com/revue/news/253725.shtml Secuobs.com : 2010-10-02 10:28:46 - X Sploited Security - As if they are trying to leave researchers a clue, usually just simply to convey a message and stir up a frenzy Reminds me of a time when I once ran a small business One day we found a worm had infected our network This was the Win32Blaster virus that was then taking advantage of http://www.secuobs.com/revue/news/253724.shtmlhttp://www.secuobs.com/revue/news/253724.shtml Secuobs.com : 2010-10-01 02:31:24 - X Sploited Security - Amazing what a little research and a few short segments of code can do to impact technology development and advancement The recently disclosed HDCP cipher code that was introduced to the public as a simple array of block cipher keys on pastebin has now become a fully working exploit PoC implementation that is capable of http://www.secuobs.com/revue/news/253331.shtmlhttp://www.secuobs.com/revue/news/253331.shtml Secuobs.com : 2010-10-01 00:54:06 - X Sploited Security - Short video demonstration by me on how to use the Sulley fuzzing framework Totally awesome What is fuzzing Get Sulley Here http://www.secuobs.com/revue/news/253310.shtmlhttp://www.secuobs.com/revue/news/253310.shtml Secuobs.com : 2010-10-01 00:54:06 - X Sploited Security - Deploying Metasploit as a payload Another short video demonstration of mine In this example I show you how easy it is to perform remote Metasploit functionality from a compromised machine What is Metasploit Get Metasploit here http://www.secuobs.com/revue/news/253309.shtmlhttp://www.secuobs.com/revue/news/253309.shtml Secuobs.com : 2010-09-30 23:26:18 - X Sploited Security - On Monday, The New York Times reported that President Obama will seek sweeping laws enabling law enforcement to more easily eavesdrop on the internet Technologies are changing, the administration argues, and modern digital systems aren t as easy to monitor as traditional telephones The government wants to force companies to redesign their communications http://www.secuobs.com/revue/news/253291.shtmlhttp://www.secuobs.com/revue/news/253291.shtml Secuobs.com : 2010-09-30 23:26:18 - X Sploited Security - Stuxnet, the sophisticated new piece of malware targeting Iranian nuclear facilities, might seem like more of a problem for intelligence services or computer science professors than for the average computer user But by unleashing the program into the wild, whichever country or organization that created Stuxnet could http://www.secuobs.com/revue/news/253290.shtmlhttp://www.secuobs.com/revue/news/253290.shtml Secuobs.com : 2010-09-30 23:26:18 - X Sploited Security - Intrepidus group have just released a new security tool called Mallory Description from author Mallory is a transparent TCP and UDP proxy It can be used to get at those hard to intercept network streams, assess those tricky mobile web applications, or maybe just pull a prank on your friend Get it here http://www.secuobs.com/revue/news/253289.shtmlhttp://www.secuobs.com/revue/news/253289.shtml Secuobs.com : 2010-05-13 23:58:58 - X Sploited Security - Researchers at Matousec said they have discovered a serious flaw in the traditional desktop-based anti-Virus protections offered by thirty-five vendors The flaw allows someone to completely bypass those protections and attack the targeted system The Tech Herald spoke to some of the vendors affected Their statements and thoughts are below When contacted, http://www.secuobs.com/revue/news/221968.shtmlhttp://www.secuobs.com/revue/news/221968.shtml Secuobs.com : 2010-05-11 11:20:11 - X Sploited Security - Tonight I was doing some fuzzing and decided to whip up a basic perl script to fuzz an application I was testing If you re not familiar with fuzzing then I suggest you Google it or check Wikipedia because this is not a fuzzing tutorial Anyway, The idea is simple really Send unexpected data to certain http://www.secuobs.com/revue/news/220909.shtmlhttp://www.secuobs.com/revue/news/220909.shtml Secuobs.com : 2010-05-10 07:54:49 - X Sploited Security - Cheesy DoS I just found in Hyplay media player Maybe someone else can do more with it Exploit code http://www.secuobs.com/revue/news/220439.shtmlhttp://www.secuobs.com/revue/news/220439.shtml Secuobs.com : 2010-05-10 01:02:00 - X Sploited Security - Here s a further look at the post I made a while back regarding the story about how a team of security researchers managed to find a method to bypass API hooks installed by antivirus products, rendering them pretty much useless In the report, Matousec outlines a bait-and-switch style attack which works via the kernel http://www.secuobs.com/revue/news/220392.shtmlhttp://www.secuobs.com/revue/news/220392.shtml Secuobs.com : 2010-05-09 11:32:13 - X Sploited Security - Found this tool tonight when I got sick of switching back and forth between desktop computers The only other option is to use remote desktop but even that can be a hassle It s pretty easy to set up It runs on each computer s one being the master and the other being a slave It s pretty http://www.secuobs.com/revue/news/220312.shtmlhttp://www.secuobs.com/revue/news/220312.shtml Secuobs.com : 2010-05-08 11:38:11 - X Sploited Security - Coming soon http://www.secuobs.com/revue/news/220217.shtmlhttp://www.secuobs.com/revue/news/220217.shtml Secuobs.com : 2010-05-08 11:38:11 - X Sploited Security - I wrote this quite sometime ago towards the end of 2009 after my trip to Defcon This is my very first and only thus far poc in-the-wild exploit It s pretty simple really, nothing special Just a basic local SEH overwrite wmaconpltxt http://www.secuobs.com/revue/news/220216.shtmlhttp://www.secuobs.com/revue/news/220216.shtml Secuobs.com : 2010-05-08 10:26:38 - X Sploited Security - Safely Searching Process Virtual Address Space Overview The fact that people tend to ignore when thinking about searching for a needle in a haystack is the potential harm that can be brought about by groping around for a sharp, pointy object in a mass of uncertainty It is in this spirit that the author hopes to bring about a certain http://www.secuobs.com/revue/news/220203.shtmlhttp://www.secuobs.com/revue/news/220203.shtml Secuobs.com : 2010-05-08 08:53:37 - X Sploited Security - Nice list of papers focusing on the subject From what they are, what causes them to occur and how they can be exploited Via l0t3korg http://www.secuobs.com/revue/news/220201.shtmlhttp://www.secuobs.com/revue/news/220201.shtml Secuobs.com : 2010-05-08 00:36:17 - X Sploited Security - this is just a test http://www.secuobs.com/revue/news/220115.shtmlhttp://www.secuobs.com/revue/news/220115.shtml Secuobs.com : 2010-05-08 00:36:17 - X Sploited Security - Welcome to my new blog http://www.secuobs.com/revue/news/220114.shtmlhttp://www.secuobs.com/revue/news/220114.shtml Secuobs.com : 2010-05-08 00:36:17 - X Sploited Security - Hello everyone and welcome to my new blog It s been quite a while since I ve had free time to dedicate to my security research and development due to both personal and work related issues within my life I am proud to announce that I am back again coding and working on some of my projects http://www.secuobs.com/revue/news/220113.shtmlhttp://www.secuobs.com/revue/news/220113.shtml Secuobs.com : 2010-05-08 00:36:17 - X Sploited Security - Ok so you have a few thousand Idle PC s sitting there doing absolutely nothing The idea is pretty straight forward use these previously useless computers to carry out distributed application fuzzing by sending mass amounts of random data to a remote host service until it hopefully crashes and or uncovers any bugs Distributed Fuzzing Framework is the http://www.secuobs.com/revue/news/220112.shtmlhttp://www.secuobs.com/revue/news/220112.shtml