Android Threats in 2012

Android Threats in 2012 by Eugene Kaspersky
Android Threats in 2012

  • 98.96% of all mobile threats
  • More than 3000 new malicious programs every month
Advertisements

Dave Rel1k Kennedy on CNN!

Dave Rel1k Kennedy is invited in CNN to talk about Chinese hacking attempts against USA under cover of Chinese military.

Now how come one side is always mean and dirty while the other side stays all the time clean and neat eludes me! I thought in a war all sides are equally horrid. Maybe it’s just me.

Comments are yours.

H3ll0 w0rld!

Greetings Earthlings!

I am tired of waiting the import from Posterous to finish. I have contacted support numerous times with no answer. I guess I have to upgrade to Pro to get one. In any case I have decided to start posting new interesting stuff again.

If you have no idea what this blog is for check the About page.

Welcome!

4li3n’s after midnight useless news and links – 2011.08.12 (*DC/BH/BSidesLV extra* edition)

********************************************************
* DefCon 19 / Black Hat USA 2011 / BSidesLV 2011 extra *
********************************************************
[SLIDES] Covert Post-Exploitation Forensics With Metasploit (BH) -> http://goo.gl/b6LWo
[SLIDES] Network Nightmare – PXE talk at Defcon (DC) -> http://goo.gl/AtvFf
[VIDEO] Various Interviews form Blackhat USA 2011 (BH) -> http://goo.gl/aL2WU
[SLIDES] iOS 4 Security Evaluation (BH) -> http://goo.gl/M2xmU
[POST] BSIDESLV – DEFCON 2011 Summary (BSidesLV/DC) -> http://goo.gl/2tWsU
[NEWS] 4G and CDMA networks reportedly hacked at DEFCON (DC) -> http://goo.gl/lY97y , http://goo.gl/NE3SG
[POST] BH 2011: Bit-squatting – DNS hijacking without exploitation (BH) -> http://goo.gl/fcwNF
[AUDIO] Black Hat 2011: GrayWolf Attacks .NET Apps (BH) -> http://goo.gl/4FYCm
[POST] A look into Black Hat’s wireless network (BH) -> http://goo.gl/lcw12
[POST] Auto-BAHN: Using Smart phones to create emergency, ad hoc networks (DC) -> http://goo.gl/kehdQ
[VIDEO] Black Hat USA 2011: Interview with Dan Kaminsky (BH) -> http://goo.gl/Zf6GU
[SLIDES] Attacking Client Side JIT Compilers (BH) -> http://goo.gl/SPjDl
[POST] Observations From Black Hat (BH) -> http://goo.gl/QhiB8
[VIDEO] Black Hat 2011 USA: Phillipe Courtot (BH) -> http://goo.gl/hjK6K
[SLIDES] Advanced Data Exfiltration (BSidesLV) -> http://goo.gl/sySyi
[POST] Black Hat 2011: The Rise Of The Machines (BH) -> http://goo.gl/5kn5c
********************************************************
[FUN] How can I open .exe file on Linux? -> http://goo.gl/Y07FJ
[POST] Test Your Security Equipment’s Ability to Block JavaScript Obfuscations -> http://goo.gl/kdKL3
[VULN] Vulnerabilities in DNS Server Could Allow Remote Code Execution -> http://goo.gl/MLt6d , http://goo.gl/RujEV
[INFO] Cheat Sheets and others -> http://goo.gl/rHRbo
[TOOL] Dropbox Reader: command-line tools for parsing dropbox configuration and cache files -> http://goo.gl/facHq
[POST] Windows Hooks of Death: Kernel Attacks through User-Mode Callbacks -> http://goo.gl/l7mWq
[NEWS] Researchers Hack Mobile Data Communications -> http://goo.gl/S4Wjb , http://goo.gl/MEQg9
[POST] Performing DoS Attacks With JavaScript Malware -> http://goo.gl/B6t9t
[HOW-TO] Remove yourself from ALL background check websites -> http://goo.gl/PZ5Qbg
[BLOG] Pop Pop Ret: Windows Kernel Exploitation -> http://goo.gl/cSGmX
[UPDATE] Hashkill 0.2.4 -> http://goo.gl/SJTQC
[SCRIPT] http-waf-detect: WAF/IDS/IPS detection -> http://goo.gl/h6Han
[VIDEO] De-ICE.net v1.2b (1.20b) {Level 1 – Disk 3 – Version B} -> http://goo.gl/FC6Dn
[WIKI] Live streams from CCC -> http://goo.gl/upRx9
[NEWS] More BlackBerry image problems: RIM warns of BES security vulnerabilities -> http://goo.gl/YQ1tt
[POST] You expect me to remember that? (Part 1) -> http://goo.gl/FpXrI
[POST] See strings in Binaries using Notepad++ -> http://goo.gl/bNli8

4li3n’s after midnight useless news and links – 2011.08.09 (*DC/BH/BSidesLV special* edition)

**********************************************************
[+] DefCon 19 / Black Hat USA 2011 / BSidesLV 2011 special
**********************************************************
[CODE] Moshi Moshi: VoIP Bot written in Python (DC/BSides) -> http://goo.gl/wC0yK
[SLIDES] “Sounds like Botnet” talk (DC/BSides) -> http://goo.gl/Pgfkl
[PRESENTATION] Checkmate with Denial of Service (BH) -> http://goo.gl/51b5Y
[NEWS] 10 year old girl hacker CyFi reveal her first zero-day in Game (DC) -> http://goo.gl/4svMd
[NEWS] DefCon Kids (DC) -> http://goo.gl/w9Sla , http://goo.gl/wrTVg
[NEWS] Photos show the cultural difference between Black Hat and Defcon hacker events (BH/DC) (thanx citr0) -> http://goo.gl/GHh7x
[NEWS] Vegas gone wild (BSides/DC) -> http://goo.gl/rCfRL
[PRESENTATION] All DefCon 19 presentations (DC) -> http://goo.gl/EPJoZ
[VIDEO] Kinectasploit!!! (DC) -> http://goo.gl/ZLyvF
[SLIDES] WTF Happened to the Constitution? The Right to Privacy in the Digital Age (DC) -> http://goo.gl/AOGcF
[NEWS] Oracle, other companies “punkd” in hacking contest (DC) -> http://goo.gl/jzjcp
[POST] Post-Exploitation Techniques (BH) -> http://goo.gl/oI8VE
[NEWS] Database Forensics Still In Dark Ages (BH) -> http://goo.gl/N8azr
[NEWS] DEF CON: The event that scares hackers (DC) -> http://goo.gl/Jyv0A
[SLIDES] Cipherspaces/Darknets: An Overview Of Attack Strategies (DC) -> http://goo.gl/jwiXU
[NEWS] Android Network Toolkit for Penetration Testing and Hacking (DC) (thanx to my S.O.) -> http://goo.gl/BKGbS
**********************************************************
[POST] Extracting Non-Standard SquashFS Images -> http://goo.gl/NLtXv
[CODE] PHP stateless cookies (thanx m3g9tr0n) -> http://goo.gl/ZhVzn
[POST] Evocam Remote Buffer Overflow on OSX -> http://goo.gl/m6ZwT
[POST] How to find 0-day in browsers -> http://goo.gl/FRM1g
[EXPLOIT] HP JetDirect PJL Query Execution & Universal Path Traversal -> http://goo.gl/yfPYj , http://goo.gl/Fe7RU
[POST] Controlling a Cisco IOS device from an IRC channel -> http://goo.gl/D4VfE
[INFO] 80 of the Best Linux Security Applications -> http://goo.gl/HIenL
[INFO] INFOSEC Without Borders -> http://goo.gl/X82gP
[CODE] VNC client using HTML5 (Web Sockets, Canvas) with encryption (wss://) support (thanx m3g9tr0n) -> http://goo.gl/3Ee76
[POST] Laundruino Alerts You Over LAN When Your Laundry’s Done! -> http://goo.gl/aQRH0
[ONLINE] PDFXRay: Online suspicious PDF scanner -> http://goo.gl/h9efC
[POST] Security in HTML 5 and HTTP -> http://goo.gl/g3g5h
[INFO] Lion Recovery Disk Assistant -> http://goo.gl/TFOUB
[POST] Four browser nets and one phish -> http://goo.gl/z3kxT
[POST] Using Nessus and Metasploit Together -> http://goo.gl/JkHLK
[POST] Facebook password reset coming to phone near you -> http://goo.gl/DejpP
[POST] John The Ripper Hash Formats -> http://goo.gl/WjURs
[POST] XyliBox: Mass upload on VirusTotal without API -> http://goo.gl/HqwFI
[TOOL] httpry 0.1.6: packet sniffer for displaying and logging HTTP traffic -> http://goo.gl/nCY0G
[INFO] CSS Hacks -> http://goo.gl/nsmek
[NEWS] TeaMp0isoN : NASA forum is Vulnerable SQL injection, Admin Hacked! -> http://goo.gl/4dT4v
[NEWS] BlackBerry blog site hacked by TriCk – TeaMp0isoN against London riots -> http://goo.gl/S7z86

4li3n’s after midnight useless news and links – 2011.08.06 (*Extraterrestrial* edition)

A big thanx to Yiannis Cybertronic for suggesting this edition’s name!

[NEWS] Pwnie Awards 2011 -> http://goo.gl/wEYN5 , http://goo.gl/1APYx
[POST] Integrating Nessus with BackTrack 5’s Tools -> http://goo.gl/7qOv3
[BULLETIN] Infected Cisco Information Packet and Warranty CDs -> http://goo.gl/MRThT
[POST] Zbot illustrated -> http://goo.gl/3rZlP
[POST] Arduino Hacking for the Big Boys (Part 1) -> http://goo.gl/XLs6z
[NEWS] U.S. Federal Agencies Look to Hire Hackers at Defcon -> http://goo.gl/PNAlK
[INFO] Local Session Hijacking (thanx m3g9tr0n #1) -> http://goo.gl/GpdEl
[PAPER] Cross-Site Scripting Papers (kinda old) -> http://goo.gl/BJrYZ
[POST] The Art of ARP Spoofing/Flooding/Poisoning (thanx m3g9tr0n #2) -> http://goo.gl/DYQul
[PAPER] Don’t Drop the SOAP: Real World Web Service Testing (Black Hat USA 2011) -> http://goo.gl/amFmu
[PAPER] Userland Hooking in Windows -> http://goo.gl/skgbu
[PRESENTATION] Kaminsky: Black Ops of TCP/IP (Black Hat USA 2011) -> http://goo.gl/l2KpF
[POST] Web framework HTML escaping to mitigate XSS -> http://goo.gl/yhfPD
[POST] HTTP Pipelining Today (thanx m3g9tr0n #3) -> http://goo.gl/vorch
[HOW-TO] How to Make a Wi-Fi Booster Using Only a Beer Can -> http://goo.gl/BN03s
[POST] Lion DiskMaker Creates Mac OS X Lion Install DVDs and Thumb Drives Automatically -> http://goo.gl/N19Nc
[EXPLOIT] Firefox 3.6.16 OBJECT mChannel Remote Code Execution (DEP bypass) -> http://goo.gl/q323O
[EXPLOIT] CiscoKits 1.0 TFTP Server DoS and Directory Traversal (thanx m3g9tr0n #4) -> http://goo.gl/OHcOM . http://goo.gl/Z5Ojj
[FUN] Don’t miss that! -> http://goo.gl/wjyoJ
[NEWS] Researcher releases tool for replacing certificate authorities (Black Hat USA 2011) -> http://goo.gl/ZUp17

4li3n’s after midnight useless news and links – 2011.08.03 (*choices-4-life* edition)

A big thanx to my S.O. for suggesting this edition’s name!
 
[INFO] Programming Languages Infographic -> http://goo.gl/4CDXV
[POST] Ten SQL Injection Scanners -> http://goo.gl/fQVvc
[POST] Protecting your OSX with IPFW and LittleSnitch -> http://goo.gl/q6lF8
[NEWS] Gawker hacked again -> http://goo.gl/onDLR
[VIDEO] XSS Attack – Busting Browsers to Root! -> http://goo.gl/dmiaa
[TOOL] HexorBase v.1.0 – The Database Hacker Tool -> http://goo.gl/FodvR
[SHELL] Mini PHP Shell 27.9-2 -> http://goo.gl/IuqDm
[SCRIPT] jabberbot: framework to create Jabber/XMPP bots and services -> http://goo.gl/bGBGT
[UPDATE] Watcher v.1.5.3 Released -> http://goo.gl/d0O9O
[METASPLOIT] Metasploit 4.0 is here! Download -> http://goo.gl/4RJI2 and update -> http://goo.gl/WrBqA
[POST] Obtaining Information about the Operating System -> http://goo.gl/N2BMi
[CHEAT SHEET] Informix SQL Injection Cheat Sheet -> http://goo.gl/GhEb4
[HOW-TO] 50 UNIX / Linux Sysadmin Tutorials (thanx m3g9tr0n) -> http://goo.gl/irLSm
[POST] Commercial Web Application Scanner Benchmark -> http://goo.gl/nP1KA
[POST] Zero Day Vulnerability in many WordPress Themes -> http://goo.gl/N90lN
[UPDATE] Google Chrome 13.0.782.107 Released -> http://goo.gl/jbSzf
[EXPLOIT] Red Hat system-config-firewall Local Privilege Escalation Vulnerability -> http://goo.gl/fw2gC
[TOOL] Hexinject: A Hexadecimal Packet Injector/Sniffer -> http://goo.gl/eczac
[SCRIPT] XSSHelper ported in Java -> http://goo.gl/7mVMS
[DISCLOSURE] Useless OpenSSH resources exhausion bug via GSSAPI -> http://goo.gl/5JqVl