Hooking can be used by legitimate software for reverse engineering, for example, to examine the user mode function calls that a malicious program is making.
In a previous blog post I gave a high level overview of DLL injection, what it is used for and how it might be achieved.
0 Comments Click here to read/write comments
Topics: Security Blog, Uncategorized
A High Level Overview
0 Comments Click here to read/write comments
Topics: Security Blog, Uncategorized
In this blog post, I will discuss how a cloud-based architecture makes wireless local area network (LAN) easier and more affordable compared with traditional wireless LAN architecture.
0 Comments Click here to read/write comments
Topics: Security Blog, Uncategorized
Obfuscation is a technique used to change software code in order to make it harder for a human to understand. There are several reasons one might obfuscate code:
0 Comments Click here to read/write comments
Topics: Security Blog, Uncategorized
During the recent BSIDES conference (2014), which was hosted in Las Vegas, Kyle Adams presented on "Evading code emulation: Writing ridiculously obvious malware that bypasses AV":
0 Comments Click here to read/write comments
Topics: Security Blog, Uncategorized
eBay is in the headlines once again this week as the online auction site has reportedly been compromised by a cross-site scripting (XSS) attack, in which users were redirected to a spoof site designed to steal their credentials. This latest attack follows an announcement from the company back in May urging its users to change their passwords after one of its databases containing encrypted passwords and other customer data had been compromised via a “small number of employee log-in credentials, allowing unauthorised access to eBay’s corporate network”.
0 Comments Click here to read/write comments
Topics: Security Blog, Uncategorized
Nettitude has added another string to its penetration testing bow today, following confirmation from CREST – the not-for-profit organisation that serves the needs of the technical information security marketplace – that our testing team has successfully achieved full CREST STAR (Simulated Target Attack & Response) status. STAR is arguably one of the most sophisticated approaches for delivering penetration testing. Through combining comprehensive threat data with a “Red Team” style of testing, STAR assessments are designed to deliver some of the strongest levels of assurance available to organisations across the globe.
0 Comments Click here to read/write comments
Topics: CREST, Nettitude, News, Penetration Testing, Uncategorized
Not your average test
0 Comments Click here to read/write comments
Topics: Security Blog, Uncategorized
Compromised credentials can render even the best security solutions obsolete, and can lead to often unnoticed security breaches.
0 Comments Click here to read/write comments
Topics: Security Blog, Uncategorized
