Unless you’ve been living under a rock or some other non-internet-connected object, you’ve probably been Rick Rolled at some point. I decided to take the concept a step further and whipped up a Python script that will let you Rick Roll the entire iPod of an unsuspecting victim when they leave it unattended.
Just arrived home from Washington, DC where I attended and presented at the Black Hat DC Briefings. I was fairly busy throughout the briefings and didn’t make it to as many presentations as I hoped, but I thought I’d detail a few of the more interesting ones.
Later this week, I’ll be presenting at the Black Hat DC Briefings on weaknesses in the security of live virtual machine migration as implemented by popular vendors such as VMware and Xen. I thought I’d provide a teaser in advance of my presentation detailing some of the topics that will be discussed.
CWSandbox is one of the most comprehensive and full featured platforms for automated malware analysis. In this post, we detail how a malware sample being analyzed by CWSandbox may detect and evade the monitoring functionality of CWSandbox in order to disguise its malicious activities.
A recent xkcd comic related to malware visualization is eerily similar to a system we’re currently running at the University of Michigan.
Facebook’s new-fangled applications functionality seemed like a ripe opportunity for nasty cross-site scripting bugs. As it turns out, multiple XSS vulnerabilities were present in the fb:swf tag of the Facebook Markup Language.
I recently attended the USENIX Security Symposium in Boston, MA. I also attended two of the co-located workshops: the Workshop on Hot Topics in Security (HotSec), at which I presented a research paper focusing on a new paradigm for antivirus deployment, and the Workshop on Offensive Technologies (WOOT).
Apparently WabiSabi is not the only one with a marketplace for 0-day auctions.
I just got back from Switzerland, and despite numerous flight delays, cancellations, and lost luggage (thanks NWA!), it was a great trip. I presented some of my research at the Fourth International Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), and got to spend some vacation time in Zurich, Lucerne, and Milan, Italy.
pynids is a python wrapper for libnids, a Network Intrusion Detection System (NIDS) library offering sniffing, IP defragmentation, TCP stream reassembly and port scan detection. This release is an update to Michael Pomraning’s 0.5 release to allow control of libnid’s checksumming options.
Unless stated otherwise, all material on this site is available under a Creative Commons Share-Alike license. Layout design compliments of Wouter Bolsterlee.