It’s long time I don’t write on my own blog (more then two months) and if you look at the history bar on your right you will probably figure out I am slowing down my blog posts a bit if compared to the past years. This happens due the amount of work my security team […]Read more "Hacking through images"
Today I’d like to share another “funny BUG” (yep, believe me this is quite funny) through this summer time quick’n dirty post. The involved hunter is Nuzhny (no contacts provided to me, more infos here) who disclosed a Stack Overflow in Windows Calculator last week. You would think: “A BOF in Windows Calc.exe ? You’re […]Read more "BUG in WinCalc.exe"
Today another “Hack Note” on my blog to point you out to a great analysis of ZeuS evolutions. I definitely suggest the reading titled “ZeuS-P2P” by Cert Polska because, in my personal opinion, it describes one of the most important evolutions of a “bot kit” happened so far: the distribution of the Command aNd Control […]Read more "ZeuS Evolution: it’s time for P2P and RSA."
Dear folks, as you probably have noticed my blog-post frequence went down a little bit during the past 4 to 6 months, since I am super busy… I am still alive though :). Today I want to share an interesting IDA Pro plugin that I ‘ve been testing for awhile called idapathfinder. Once you installed […]Read more "Finding path to known functions through IDA-Pro"
During the past few days I had the opportunity to talk about security for entire days with amazing and passionate guys. I had a great feeling about the group in which I was, and a great feeling about every single person belonging to that group. During our discussions some folks asked to me very complex […]Read more "Vulnerability Classification"