Posted on Tuesday, 26th January 2010 by Michael
Using your web server logs to find compromised web servers Some people use Google and Google hacking Database to find their targets and others use their own servers to find potential compromised boxes. In this quick little update I am going to give you a basic idea on how to use your web server’s access [...]
Posted in Papers | Comments (2)
Posted on Monday, 25th January 2010 by Michael
Poison Ivy Revisited Over a year ago I wrote a post on the Poison Ivy Trojan (Tool) by the team over at http://poisonivy-rat.com. The original post can be found here http://digitaloffensive.genxweb.net/2009/09/fun-with-poison-ivy/. I wanted to take a few minutes to add another function I discovered at the last CCDC that made this tool that much better. [...]
Posted in Papers | Comments (1)
Posted on Saturday, 26th September 2009 by Michael
A little command line FU for you. Small but effective Free IPS and Firewall. First off here are a few caveats that I need to mention before I get bombarded by people complaining that it does not always work. This requires a state full connection IE. icmp will not get detected. The connection may get [...]
Posted in Papers | Comments (1)
Posted on Wednesday, 23rd September 2009 by Michael
BlackBerry Firewall guide A few months ago I wrote for Informit.com and had my buddy Seth Fogie publish my article that I wrote on the BlackBerry Firewall. You can find the article here: http://www.informit.com/guides/content.aspx?g=security&seqNum=348
Posted in Papers | Comments (0)
Posted on Wednesday, 23rd September 2009 by Michael
Authentication Proxies: Secure or Not? A while back I wrote on cached credentials and proxy authentication in regards to spyware. Well I rewrote the paper and cleaned it up a bit. I then had informit.com publish it for me. to see it check out the url below. This one includes the .net code to make [...]
Posted in Papers | Comments (0)
Posted on Wednesday, 23rd September 2009 by Michael
Fun with Poison Ivy Poison Ivy is a remote access Trojan (Tool) that can be found at the following URL: http://poisonivy-rat.com and a support forum can be found here http://ratforge.net/forums/ . Please note that these are Trojans and www.digitaloffensive.com nor any of its staff are responsible for any use or misuse that you do with [...]
Posted in Papers | Comments (0)
Posted on Wednesday, 23rd September 2009 by Michael
CACHED CREDENTIALS, PROXY AUTHENTICATION and SPYWARE OH MY! Recently a client of mine and I had a long winded debate about the dangers of not protecting machines from spyware and other malware. The client swore up and down that since they had an authenticating proxy that required the windows cached credentials to access the internet [...]
Posted in Papers | Comments (0)
Posted on Wednesday, 23rd September 2009 by Michael
The IRS has partnered up with China to help you get a tax bonus! As some of you know my day job has me providing security guidance to a large user base that vary in their technical skills. Every day we get several requests that come in asking us weather something is a scam or [...]
Posted in Papers | Comments (0)
Posted on Wednesday, 23rd September 2009 by Michael
More IRS Shenanigans Today our director of Internal Audit dropped on my desk a printed email that looked exactly the same as the scam email I wrote about a few weeks ago in the post called “The IRS has partnered up with China to help you get a tax bonus!”. I figured since I had [...]
Posted in Papers | Comments (0)
Posted on Wednesday, 23rd September 2009 by Michael
I am not your Pal. How to detect PayPal-based phishing scams. The term phishing originated by taking the term fishing, meaning to bait and catch, and using a language of the computer underground where they commonly replace the letter F with PH. Digital criminals use cunning techniques to trick their victims into taking the bait [...]
Posted in Papers | Comments (0)