Article: Bypassing Browser Security Policies for Fun and Profit (Full Presentation Video) - published over 8 years ago.
Content: Blackhat has just recently released the full video for my talk on the subject of "Browser Security", If you wish to read the Whitepaper/Slides and SOP Test Suite, you can refer to my previous post on "Bypassing Browser Security Policies For Fun And Profit" Abstract Mobile browsers in comparison to desktop browsers are relatively new and have not gone...
Copy Link: http://www.rafayhackingarticles.net/2016/04/bypassing-browser-security-policies-for-Fun-And-Profit-Full-Video.html   
Published: 2016 04 21 18:02:00
Received: 2024 02 17 13:21:45
Feed: Ethical Hacking - Rafayhackingarticles
Source: Ethical Hacking - Rafayhackingarticles
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Free Score Certificate

Article: Oracle Critical Patch Update Advisory - April 2016 - published over 8 years ago.
Content:
Copy Link: http://www-content.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html    
Published: 2016 04 19 19:30:54
Received: 2021 06 06 09:03:27
Feed: Oracle Security Alerts
Source: Oracle Security Alerts
Category: Alerts
Topic: Vulnerabilities

Article: MMD-0053-2016 - A bit about ELF/STD IRC Bot: x00's CBack aka xxx.pokemon(.)inc - published over 8 years ago.
Content:
Copy Link: https://blog.malwaremustdie.org/2016/04/mmd-0053-2016-bit-about-elfstd-irc-bot.html   
Published: 2016 04 15 16:50:00
Received: 2021 06 06 09:04:55
Feed: Malware Must Die!
Source: Malware Must Die!
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Score Summary

Article: How Much Do Hackers Know About You? - published almost 9 years ago.
Content: The threat of black hat hackers has never been greater than now, considering the increasing organization of their efforts to make a dollar off of your digital assets and information. The common portrayal of the hacker is someone who knows enough about programming and the internet that they can seemingly access any information or know anything about anyon...
Copy Link: http://www.rafayhackingarticles.net/2016/04/how-much-do-hackers-know-about-you.html   
Published: 2016 04 13 14:07:00
Received: 2024 02 17 13:21:45
Feed: Ethical Hacking - Rafayhackingarticles
Source: Ethical Hacking - Rafayhackingarticles
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Your Score Explained

Article: SNMPPLUX - published almost 9 years ago.
Content: Pentura continually develop new tools and scripts to improve the effectiveness of the team. One such tool called SNMPPLUX is an offshoot of a larger development project (ORR). SNMPPLUX is a USM compliant SNMPv1, SNMPv2c and SNMPv3 authentication scanner powered by pysnmp, re, sys, getopt, array, time and multiprocessing python modules. As well as providin...
Copy Link: https://penturalabs.wordpress.com/2016/04/01/snmpplux/   
Published: 2016 04 01 08:21:28
Received: 2024 12 27 10:57:55
Feed: Pentura Labs's Blog
Source: Pentura Labs's Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Gold Score Certificate

Article: Bypassing Browser Security Policies For Fun And Profit (Blackhat Asia 2016) - published almost 9 years ago.
Content: Few hours back, i delivered a talk at Blackhat Asia 2016  on "Bypassing Browser Security Policies For Fun And Profit", the talk covered wide variety of topics starting from SOP bypasses, CSP bypass so on and so forth. Due to limited time i was only able to cover few topics, however, you can find rest of the topics in the WhitePaper below. The follow...
Copy Link: http://www.rafayhackingarticles.net/2016/03/bypassing-browser-security-policies-for-fun-and-profit.html   
Published: 2016 03 31 11:49:00
Received: 2024 02 17 13:21:46
Feed: Ethical Hacking - Rafayhackingarticles
Source: Ethical Hacking - Rafayhackingarticles
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Score Analysis

Cyber Tzar Risk Impact Distribution

Article: Surge in Spam Campaign Delivering Locky Ransomware Downloaders - published almost 9 years ago.
Content: FireEye Labs is detecting a significant spike in Locky ransomware downloaders due to a pair of concurrent email spam campaigns impacting users in over 50 countries. Some of the top affected countries are depicted in Figure 1. Figure 1. Affected countries As seen in Figure 2, the steep spike starts on March 21, 2016, where Locky is running cam...
Copy Link: https://www.fireeye.com/blog/threat-research/2016/03/surge_in_spam_campai.html   
Published: 2016 03 25 12:00:00
Received: 2022 05 23 16:06:45
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Article: Oracle Security Alert for CVE-2016-0636 - 23 Mar 2016 - published almost 9 years ago.
Content:
Copy Link: http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html    
Published: 2016 03 23 19:30:54
Received: 2021 06 06 09:03:27
Feed: Oracle Security Alerts
Source: Oracle Security Alerts
Category: Alerts
Topic: Vulnerabilities

Cyber Tzar Risk Impact Assesment

Article: Citrix XenApp and XenDesktop Hardening Guidance - published almost 9 years ago.
Content: A Joint Whitepaper from Mandiant and Citrix Throughout the course of Mandiant’s Red Team and Incident Response engagements, we frequently identify a wide array of misconfigured technology solutions, including Citrix XenApp and XenDesktop. We often see attackers leveraging stolen credentials from third parties, accessing Citrix solutions, breaking...
Copy Link: http://www.fireeye.com/blog/threat-research/2016/03/citrix_xenapp_andxe.html   
Published: 2016 03 15 12:00:00
Received: 2021 06 06 09:05:12
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Article: A Growing Number of Android Malware Families Believed to Have a Common Origin: A Study Based on Binary Code - published almost 9 years ago.
Content: Introduction On Feb. 19, IBM XForce researchers released an intelligence report [1] stating that the source code for GM Bot was leaked to a crimeware forum in December 2015. GM Bot is a sophisticated Android malware family that emerged in the Russian-speaking cybercrime underground in late 2014. IBM also claimed that several Android malware f...
Copy Link: https://www.fireeye.com/blog/threat-research/2016/03/android-malware-families.html   
Published: 2016 03 11 15:04:00
Received: 2022 05 23 16:06:46
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Your Score Explained

Article: Whatsapp Spam Leads To Stock Trader Scams. - published almost 9 years ago.
Content: Today started with just the run of the mill spam campaigns caught by my honeypots (dick pills, dating and malware) but today I received something I haven't seen for a few weeks. Stock Traders masked as "Rich Mom's" scam system but then things got interesting. The scam originally appears as a work from home scam at the site Whois 14,profit,com. upon visiti...
Copy Link: http://trojan7malware.blogspot.com/2016/03/whatsapp-spam-leads-to-stock-trader.html   
Published: 2016 03 07 22:11:00
Received: 2024 03 20 04:23:49
Feed: Trojan7Malware
Source: Trojan7Malware
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Risk Groups Explained

Article: Ransomware.OSX.KeRanger samples - published almost 9 years ago.
Content: Research: New OS X Ransomware KeRanger Infected Transmission BitTorrent Client Installer by Claud Xiao Sample credit: Claud Xiao File information d1ac55a4e610380f0ab239fcc1c5f5a42722e8ee1554cba8074bbae4a5f6dbe1  1d6297e2427f1d00a5b355d6d50809cb  Transmission-2.90.dmg e3ad733cea9eba29e86610050c1a15592e6c77820927b9edeb77310975393574  56b1d956112b0b7...
Copy Link: https://contagiodump.blogspot.com/2016/03/ransomwareosxkeranger-samples.html   
Published: 2016 03 06 23:39:00
Received: 2024 03 13 18:00:19
Feed: contagio
Source: contagio
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Change Over Time (Extended)

Article: KLEE LLVM Execution Engine - published almost 9 years ago.
Content: [link] [comments]
Copy Link: https://www.reddit.com/r/vrd/comments/47g35g/klee_llvm_execution_engine/   
Published: 2016 02 25 00:16:31
Received: 2021 06 06 11:29:11
Feed: Vulnerability Research and Development
Source: Vulnerability Research and Development
Category: Alerts
Topic: Vulnerabilities

Article: Files download information - published almost 9 years ago.
Content: After 7 years of Contagio existence, Google Safe Browsing services notified Mediafire (hoster of Contagio and Contagiominidump files) that "harmful" content is hosted on my Mediafire account. It is harmful only if you harm your own pc and but not suitable for distribution or infecting unsuspecting users but I have not been able to resolve this with ...
Copy Link: https://contagiodump.blogspot.com/2016/02/files-download-information.html   
Published: 2016 02 23 20:48:00
Received: 2024 03 13 18:00:19
Feed: contagio
Source: contagio
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Change Over Time (Extended)

Cyber Tzar Change Over Time (Extended)

Article: Maimed Ramnit Still Lurking in the Shadow - published almost 9 years ago.
Content: Newspapers have the ability to do more than simply keep us current with worldly affairs; we can use them to squash bugs! Yet, as we move from waiting on the newspaper delivery boy to reading breaking news on ePapers, we lose the subtle art of bug squashing. Instead, we end up exposing ourselves to dangerous digital bugs that can affect our virtual ...
Copy Link: https://www.fireeye.com/blog/threat-research/2016/02/maimed_ramnit_still.html   
Published: 2016 02 18 17:00:00
Received: 2022 05 23 16:06:45
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Article: Exploiting the parsing of Internet Key Exchange payloads in Cisco's ASA software - published almost 9 years ago.
Content: submitted by /u/turnersr [link] [comments]
Copy Link: https://www.reddit.com/r/vrd/comments/45eq3o/exploiting_the_parsing_of_internet_key_exchange/   
Published: 2016 02 12 13:32:25
Received: 2021 06 06 11:29:11
Feed: Vulnerability Research and Development
Source: Vulnerability Research and Development
Category: Alerts
Topic: Vulnerabilities

Cyber Tzar Change Over Time (Extended)

Article: 3137909 - Vulnerabilities in ASP.NET Templates Could Allow Tampering - Version: 1.1 - published almost 9 years ago.
Content: Revision Note: V1.1 (February 10, 2016): Advisory updated to include download information for Microsoft ASP.NET Web Frameworks, and Tools and Microsoft ASP.NET and Web Tools. This is an informational change only.Summary: Microsoft is releasing this security advisory to provide information about a vulnerability in the public versions of Visual Studio 2013, Vi...
Copy Link: https://technet.microsoft.com/en-us/library/security/3137909   
Published: 2016 02 10 18:00:00
Received: 2022 04 14 18:03:36
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Article: 7 Qualities of Highly Effective Hackers - published almost 9 years ago.
Content: When asked to write on this topic, I admit that it made me fringe just a bit. Because I don't consider myself to be a highly effective hacker. I find myself as a noob everywhere that I'm trying to learn new things, or I am frustrated with the most ridiculous "hacker" material on the web, written by school-taught programmers that follow step by step...
Copy Link: http://www.rafayhackingarticles.net/2013/12/7-qualities-of-highly-effective-hackers.html   
Published: 2016 02 09 21:03:00
Received: 2024 02 17 13:21:46
Feed: Ethical Hacking - Rafayhackingarticles
Source: Ethical Hacking - Rafayhackingarticles
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Change Over Time (Extended)

Article: 2871997 - Update to Improve Credentials Protection and Management - Version: 5.0 - published almost 9 years ago.
Content: Revision Note: V5.0 (February 9, 2016): Rereleased advisory to announce the release of update 3126593 to enable the Restricted Admin mode for Credential Security Support Provider (CredSSP) by default. See Updates Related to this Advisory for details.Summary: Microsoft is announcing the availability of updates for supported editions of Windows 7, Windows Serv...
Copy Link: https://technet.microsoft.com/en-us/library/security/2871997   
Published: 2016 02 09 18:00:00
Received: 2022 04 14 18:03:36
Feed: Latest Security Advisories
Source: Latest Security Advisories
Category: Alerts
Topic: Vulnerabilities

Cyber Tzar Change Over Time (Extended)

Article: FLARE Script Series: flare-dbg Plug-ins - published almost 9 years ago.
Content: Introduction This post continues the FireEye Labs Advanced Reverse Engineering (FLARE) script series. In this post, we continue to discuss the flare-dbg project. If you haven’t read my first post on using flare-dbg to automate string decoding, be sure to check it out! We created the flare-dbg Python project to support the creation of plug-ins ...
Copy Link: https://www.fireeye.com/blog/threat-research/2016/02/flare_script_series.html   
Published: 2016 02 09 12:00:00
Received: 2022 05 23 16:06:47
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Article: MMD-0052-2016 - Overview of "SkidDDoS" ELF++ IRC Botnet - published almost 9 years ago.
Content:
Copy Link: https://blog.malwaremustdie.org/2016/02/mmd-0052-2016-skidddos-elf-distribution.html   
Published: 2016 02 07 10:08:00
Received: 2021 06 06 09:04:55
Feed: Malware Must Die!
Source: Malware Must Die!
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Re-Score Report

Article: MMD-0051-2016 - Debunking a tiny ELF remote backdoor (shellcode shellshock part 2) - published almost 9 years ago.
Content:
Copy Link: https://blog.malwaremustdie.org/2016/02/mmd-0051-2016-debungking-tiny-elf.html   
Published: 2016 02 03 09:33:00
Received: 2021 06 06 09:04:55
Feed: Malware Must Die!
Source: Malware Must Die!
Category: Cyber Security
Topic: Cyber Security

Article: EncFSGui – GUI Wrapper around encfs for OSX - published almost 9 years ago.
Content:
Copy Link: https://www.corelan.be/index.php/2016/01/31/encfsgui-gui-wrapper-around-encfs-for-osx/?utm_source=rss&utm_medium=rss&utm_campaign=encfsgui-gui-wrapper-around-encfs-for-osx   
Published: 2016 01 31 21:08:51
Received: 2023 01 18 09:44:47
Feed: Corelan Team
Source: Corelan Team
Category: News
Topic: Hacking

Cyber Tzar Top Ten Vulnerabilities Explained

Article: Hot or Not? The Benefits and Risks of iOS Remote Hot Patching - published almost 9 years ago.
Content: Introduction Apple has made a significant effort to build and maintain a healthy and clean app ecosystem. The essential contributing component to this status quo is the App Store, which is protected by a thorough vetting process that scrutinizes all submitted applications. While the process is intended to protect iOS users and ensure apps meet Ap...
Copy Link: https://www.fireeye.com/blog/threat-research/2016/01/hot_or_not_the_bene.html   
Published: 2016 01 27 13:00:00
Received: 2022 05 23 16:06:47
Feed: FireEye Blog
Source: FireEye Blog
Category: Cyber Security
Topic: Cyber Security

Article: [a little old, but a very interesting writeup] Android privilege escalation to mediaserver from zero permissions (CVE-2014-7920 + CVE-2014-7921) - published almost 9 years ago.
Content: submitted by /u/0x3d5157636b525761 [link] [comments]...
Copy Link: https://www.reddit.com/r/vrd/comments/42k7vf/a_little_old_but_a_very_interesting_writeup/   
Published: 2016 01 25 07:16:11
Received: 2021 06 06 11:29:11
Feed: Vulnerability Research and Development
Source: Vulnerability Research and Development
Category: Alerts
Topic: Vulnerabilities

Cyber Tzar Top Ten Vulnerabilities Explained

Article: Oracle Critical Patch Update Advisory - January 2016 - published almost 9 years ago.
Content:
Copy Link: http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html    
Published: 2016 01 19 19:30:54
Received: 2021 06 06 09:03:27
Feed: Oracle Security Alerts
Source: Oracle Security Alerts
Category: Alerts
Topic: Vulnerabilities

Article: From Crash To Exploit: CVE-2015-6086 – Out of Bound Read/ASLR Bypass - published almost 9 years ago.
Content: submitted by /u/hacksysteam [link] [comments]
Copy Link: https://www.reddit.com/r/vrd/comments/41mr2q/from_crash_to_exploit_cve20156086_out_of_bound/   
Published: 2016 01 19 03:42:14
Received: 2021 06 06 11:29:11
Feed: Vulnerability Research and Development
Source: Vulnerability Research and Development
Category: Alerts
Topic: Vulnerabilities

Article: Facebook Account Hacked! What To Do Now? - published almost 9 years ago.
Content: Every single day i get emails in my inbox and on my facebook page from users querying about how to recover hacked facebook account and a common problem i see in all of them is that they are proactive. Everyone searches for Facebook account recovery softwares, Facebook hacking softwares and recovery mechanisms after their facebook or any other email accou...
Copy Link: http://www.rafayhackingarticles.net/2016/01/facebook-account-hacked-what-to-do-know.html   
Published: 2016 01 17 16:51:00
Received: 2024 02 17 13:21:46
Feed: Ethical Hacking - Rafayhackingarticles
Source: Ethical Hacking - Rafayhackingarticles
Category: Cyber Security
Topic: Cyber Security

Cyber Tzar Top Ten Vulnerabilities Explained