Android Insecurities by Joey Peloquin The article will begin with a focus on what the author calls Offensive Mobile Forensics, an analysis technique that mimics the approach an attacker would take in the event they acquired a lost or stolen device. Readers will notice some stark differences between iOS and Android analysis. Next, the author [...]

Latest News From IT Security World By Armando Romeo, eLearnSecurity and ID Theft Protect Duqu: The Precursor Stuxnet Attack By Rebecca Wynn Duqu is essentially the precursor to a future Stuxnet-like attack. The threat was written by the same authors, or those that have access to the Stuxnet source code, and the recovered samples have [...]

DOWNLOAD FOR FREE! Inside this issue you will find articles on anti-spam, email filtering and archiving. You will also get familiar with Roaring Penguin’s producs, sources of company creation and its founder itself. CONTENTS: March of the Roaring Penguin By Sophia Li Founded about a dozen years ago as a consulting firm in Ottawa, Ontario, [...]

Malware Analisys for Windows Systems Administrators Using Sysinternal Tools By Dennis Distler Today administrators deal with malware infections almost daily. Often malware is customized for specific organizations, departments in an organization, and even individuals in the organization. This type of malware typically is not identified by anti-virus products, and it is up to the administrator [...]

Rootkits Hidden in Hardware of PC by Anibal Sacco Let’s think like an attacker for a second. There are multiple applications dedicated to find malicious code both in user and in kernel space. So new places have to be found to deploy your code while keeping it stealthy. TDSS aka TDL – Chronology by Eugene [...]

Latest News From IT Security World By Schuyler Dorsey, eLearnSecurity i ID Theft Protect As usual specialists from companies eLearn Security and ID Theft protect will share with us latest news from IT security world. Read it to up-date yourself. Secure Log Server With Rsyslog By Leonardo Neves Bernardo This article will discuss how to [...]

Cracking Java Applications Using AOP Exploits (part 2) By Daniel Drozdzewski AOP has been used in the domain of Software Security before. Its use was mainly for validation, auditing and authorization purposes, which in turn improve software security as a whole. Those crosscutting concerns are being woven into the existing software after the fully functional [...]

A study of a Botnet creation process and the impact of a DDoS attack against a web server by Stavros N. Shaeles and Ioannis D. Psaroudakis Over the following paragraphs we are going to describe in steps, the procedure of setting up a botnet in order to execute our DDoS attack. The purpose of building [...]

In Brief By Schuyler Dorsey, eLearnSecurity i ID Theft Protect As usual specialists from companies eLearn Security and ID Theft protect will share with us latest news from IT security world. Read it to up-date yourself. Hacking Tools on iOS By Alexandre Lacan One day I was asked if the iPhone is a good phone. [...]

CONTENT: Cracking Java Applications Using AOP exploits (part 1) By Daniel Drozdzewski Aspect Oriented Programming is a paradigm that aims to modularise software further by the separation of crosscutting concerns. Daniel will show us the basics of AOP and a simple, yet powerful idea behind the exploit. Smashing the Stack By Mariano Graxziano and Marco [...]

Mobile Malware Analysis by Cory Adams With the emergence of the Android OS into the mobile market, nation state hackers and criminals alike are actively conducting attacks against the OS and its users for information gathering and financial gain. A high reward tool in an attacker’s arsenal is malicious software or malware, which allows information [...]

In Brief By Armando Romeo, eLearnSecurity and ID Theft Protect The Bug Story By Ali Hadi Despite the fact that our Networks gardens are full of beautiful/gorgeous things, at same time they’re full of bugs. The problem is that the Internet serves as connection between these gardens, which makes it easy for bugs to travel [...]

The DDOS, a New „Old” Type of Attack! by Orlando Pivi In this article, Orlando presents the DDoS attack structure and the Botnet structure . He will explore DDoS attack, the Botnet prevention and the DoS defense systems. He discovers what the mainly motivations pushing hackers to commit criminals act with Botnets and DoS is. [...]

Basic Forensics Analysis by Marc-Andre Meloche Digital Forensics is mostly like the movies, the main aspect is to gather evidence or digital footprints which will help you understand any digital crimes that might have occurred inside your organization. This is used in most cases related to computer crimes. New crime vectors are now implicating the [...]

BitCoin A Secure Coin by David Montero „In this article we will know where bitcoins come from, their future, how to get them, what can we do with them, and most importantly, how to protect them.” BitCoin – how it works by Jeremy Lichtman „BitCoins are a fascinating experiment in economics – a field that [...]

Latest News From the IT Security World By Armando Romeo, eLearnSecurity and ID Theft Protect Security by Hiding! By Ali Hadi I was once talking to a friend of mine about client side attacks, and how they can lead to a full compromise of the companies private network. He told me that they were safe [...]

News Stories by Julian Evans and ID Theft Protect Identity Theft/Fraud – Self Protection Toolkit by Rebecca Wynn Your identity is a valuable commodity. You need it to function in everyday life. You need evidence of who you are to open bankaccounts, obtain credit cards, finance, loans and mortgages, to obtain goods or services, or [...]

Latest News From the IT Security World By Armando Romeo, eLearnSecurity and ID Theft Protect Mummies still walk among us! By Ali Al-Shemery Imagine all the great sources of information on the Internet today such as: news groups, blogs, websites and forums, and you still see networks, and websites being hacked and torn down using [...]

Ask the Social Engineer: Exploitation of the Human OS – The Human Buffer Overflow by Chris Hadnagy Total domination is the goal for a penetration tester in every pentest – To utterly hack the company and demonstrate their true exposure to malicious attacks. Obtaining code execution is the easiest and most direct way to reach [...]

Latest News From the IT Security World by Armando Romeo, eLearnSecurity ID Theft Protect A Hole in Your Access Control! by Ali Al-Shemery A couple of days ago I was called out to a do a security audit on a company’s internal network security and its access control. The audit was asked to be done [...]