ANALYZE AND DETECT POLYMORPHIC SPYWARE! HAKIN9 01/2013

Dear Readers,
This month we would like to present you the newest issue of Hakin9 Magazine with the cover subject connected with spyware. What are peculiarities of polymorphic spyware? How to use sandboxing in spyware analysis? How to create a Yara rule to detect an active infection on a computer system? Read in Hakin9 01/2013!
This month you can read about:

COVER SUBJECT
Analysis and Detection of Polymorphic Spyware
by Alexander Adamov and Alexander Saprykin
Polymorphic spyware is becoming more common nowadays as a method to defeat antivirus scanners. In this article, we will consider how polymorphic mutation helps prevent malware from being detected by examining the recently discovered NrgBot/DorkBot polymorphic worm. We will then consider how to find and neutralize active infections where AV scanners have been unable to detect recently generated polymorphic spyware.

SOCIAL NETWORK
How to Build a Framework for Organization-Oriented Social Networking – The PriSM Approach
by Stefano Braghin, Jackson Tan, Anwitaman Datta
The popularity of Online Social Networks (OSN) and social media highlights their potential to become the primary platform for communication in the workplace and to carry out business as well. While they have already been successfully embraced for many public relations and promotion related activities, existing platforms like Facebook or Google+ do not (in their current form) fit the bill of a platform that can be leveraged for managing a business’ communication, processes or workflows.

WIRELESS, NOT SECURELESS!
Cracking WEP Key Using Gerix
by Badrish Dubey
If you are using wireless routers or WLAN (Wireless Local area Network) in your home or in your organization, configuring your device to work on WEP (Wired Equivalent Privacy) security and thinking that your router or WLAN is secured from hacking attacks or unauthorized access then you must read this article before your neighbor hacks your routers or WLAN. In the rest of the article we will see how the WEP encryption and decryption works, how to crack them and how to secure them.

Cracking WPA/WPA2 Key Using Revear
by Badrish Dubey
By the year 2001 hacking attacks on WEP (Wired Equivalent Privacy) grew up with the information shared on the Internet and by then it had become necessary for IEEE (Institute of Electrical and Electronic Engineers) to come up with better security mechanisms. In the year 2003 IEEE and Wi-Fi alliance came up with Wi-Fi Protected Access (WPA) which was also known as bullet proof security for Wi-Fi devised. But, as the technology developed, different types of attacks took place for cracking WPA/WPA2. In this article we will see the most recent type of attack for cracking WPA/WPA2 using the tool REAVAR.

MOBILE SECURITY
Mobile Applications: Are you Prepared to Carry the Risk? 
by Mark Painter
There is no question that mobile computing is growing at an exponential rate. This rapid transformation has caused security concerns to be outpaced by the ease of use, flexibility, and productivity of mobile devices. When vulnerabilities are exploited, the security of mission-critical data becomes a serious threat.

TOOL TIME
Tamper Data
by Mervyn Heng
HTTP Proxies are a necessary tool in the arsenal of a penetration tester. Common HTTP Proxies harnessed for testing web applications for vulnerabilities include Paros, Burp and Webscarab. My personal favourite is Paros, which is written in Java and thus, platform independent. However, I recently discovered a comparable tool called Tamper Data.

PRESS RELEASE
Atola Insight 3.0: A Powerful Forensic Tool of the Future, Right Now!
by Dmitry Postrigan 
Atola Technology is the only company in the market that specializes in developing high-level professional forensic devices for multifunctional use. With Atola Insight you get high-end advanced functions to meet all requirements and needs.