Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.

Kategorie

Analysis of nginx 1.3.9/1.4.0 stack buffer overflow and x64 exploitation (CVE-2013-2028)

VNSECURITY - 18 Srpen, 2014 - 12:00
A few days after the release of nginx advisory (CVE-2013-2028), we managed to successfully exploit the vulnerability with a full control over the program flow. However, in order to make it more reliable and useful in real world environment, we still explored several program paths and found some other ...
Kategorie: Hacking & Security

CMarkup Use After Free Vulnerability – CVE-2012-4782

VNSECURITY - 18 Srpen, 2014 - 12:00
Latest M$ tuesday patch kill one of my 0day in Microsoft Internet Explorer 9/10. So I decided release Proof Of Concept code and writeup some analyze about this bug. Hope it helpful. Here is the PoC: [sourcecode language="html"] ...
Kategorie: Hacking & Security

Snatching The H@t

VNSECURITY - 18 Srpen, 2014 - 12:00
Nhận lời mời từ IDG, VNSecurity đồng ý đứng ra phối hợp tổ chức cuộc thi "Snatching the h@t" như một sự kiện trong khuôn khổ hội thảo CSO Asean năm 2012 với mong muốn giới thiệu và phát triển CTF như một hình thức học tập và thể hiện ...
Kategorie: Hacking & Security

[writeup] Hacklu 2012 – Challenge #12 – Donn Beach – (500)

VNSECURITY - 18 Srpen, 2014 - 12:00
The famous zombie researcher “Donn Beach” almost created an immunization against the dipsomanie virus. This severe disease leads to the inability to defend against Zombies, later causes a complete loss of memory and finally turns you into one of them. Inexplicably Donn forgot where he put the license key for his centrifuge. Provide him ...
Kategorie: Hacking & Security

[writeup] Hacklu 2012 – Challenge #6 – BrainGathering – (500)

VNSECURITY - 18 Srpen, 2014 - 12:00
I did not solve this during CTF and my mistake is not using IDA to decompile since it has some obfuscate. After CTF end, i use gdb to dump running process to binary file and analyze it again, try to finish it. gdb --pid [PID] gdb>info proc process 4660 gdb>shell cat /proc/4660/maps 08048000-0804a000 rwxp 00000000 08:03 7213513 gdb>dump ...
Kategorie: Hacking & Security

[writeup] Hacklu 2012 – Challenge #19 – Zombie Reminder – (200)

VNSECURITY - 18 Srpen, 2014 - 12:00
19 - Zombie Reminder Zombies love brains. But zombies forget, so they have a tool where they can enter the location of brains they found. In a heroic mission someone managed to obtain both the source code and the information that a critical file can be found at '/var/www/flag'. Your mission ...
Kategorie: Hacking & Security

Chinese man indicted over theft of Boeing C-17 secrets

Computerworld.com [Hacking News] - 18 Srpen, 2014 - 11:19
A Chinese man has been indicted for allegedly directing two China-based hackers to infiltrate Boeing and other defense contractors to steal gigabytes of documents describing U.S. military aircraft.
Kategorie: Hacking & Security

Supervalu breach shows why move to smartcards is long overdue

Computerworld.com [Hacking News] - 16 Srpen, 2014 - 11:44
The data breach disclosed by Supervalu is another reminder about why the ongoing migration of the U.S. payment system to smartcard technology can't happen fast enough.
Kategorie: Hacking & Security

Grocery stores in multiple states hit by data breach

Computerworld.com [Hacking News] - 15 Srpen, 2014 - 17:29
A data breach at Supervalu Inc., one of the largest grocery wholesalers and retailers in the U.S., could affect thousands of people who shopped at the company's stores in June and July.
Kategorie: Hacking & Security

Tor – Xác định các exit relay độc hại

VNSECURITY - 14 Srpen, 2014 - 22:30
1. Mở đầu Bài viết này là phần mô tả sơ lược và bình luận bài báo "Spoiled Onions: Exposing Malicious Tor Exit Relays"[1]. Tor exit relay là nút cuối dùng trong hành trình vận chuyển của các gói tin trọng mạng Tor, gói tin từ đây sẽ đi đến địa chỉ ...
Kategorie: Hacking & Security

Ferguson's tiny IT operation in the maelstrom

Computerworld.com [Hacking News] - 14 Srpen, 2014 - 20:47
Ferguson, Mo., the city now in the midst of protests over a fatal police shooting, runs the type of IT department that gets almost no attention.
Kategorie: Hacking & Security

[writeup] Hacklu 2012 – Challenge #13 – The Sandbox Terminal

VNSECURITY - 14 Srpen, 2014 - 17:30
Solved by w00d @ clgt Thanks g4mm4 for giving many suggestions and draft the first version of the exploit 13 - The Sandboxed Terminal (400) Since the zombie apocalypse started people did not stop to ask themselves how the whole thing began. An abandoned military base may lead to answers but after infiltrating ...
Kategorie: Hacking & Security

Tennessee firm blames bank for $193K cybertheft

Computerworld.com [Hacking News] - 13 Srpen, 2014 - 20:16
A lawsuit filed in Tennessee earlier this month has resurfaced questions about a bank's responsibility in protecting customers against cyberheists.
Kategorie: Hacking & Security

The making of a cybercrime market

Computerworld.com [Hacking News] - 11 Srpen, 2014 - 21:23
I recently had the opportunity to speak with two representatives from the Netherlands-based security research firm Fox-IT--Maurits Lucas, InTELL Business Director, and Andy Chandler, VP of WW Sales & Marketing. Collectively, the two shared an in-depth story of cybergang warfare suitable for Hollywood.
Kategorie: Hacking & Security

Windows tech support scammers take root in the U.S.

Computerworld.com [Hacking News] - 11 Srpen, 2014 - 20:04
In a new trend, Windows tech support scams have gone home-grown, with twists that include bogus warnings from malicious websites urging users to call a toll-free number for "help."
Kategorie: Hacking & Security

Update: Payment cards with chips aren't perfect, so encrypt everything, experts say

Computerworld.com [Hacking News] - 10 Srpen, 2014 - 15:18
There's a push to adopt chip-equipped payment cards in the U.S. following high-profile breaches at large retailers and restaurant chains during the past 12 months, but experts warn that switching to this payment system will not make fraud disappear.
Kategorie: Hacking & Security

At Defcon, hacker coalition calls for safer computer systems in vehicles

Computerworld.com [Hacking News] - 10 Srpen, 2014 - 06:11
A collective of security researchers issued a letter Friday from the DefCon hacker conference in Las Vegas urging the automotive industry to adopt five principles for building safer computer systems in vehicles.
Kategorie: Hacking & Security

Payment cards with chips aren't perfect, so encrypt everything, experts say

Computerworld.com [Hacking News] - 9 Srpen, 2014 - 02:18
There's a push to adopt chip-equipped payment cards in the U.S. following high-profile breaches at large retailers and restaurant chains during the past 12 months, but experts warn that switching to this payment system will not make fraud disappear.
Kategorie: Hacking & Security

Emerging networking tech used by Apple, Cisco frustrates firewalls

Computerworld.com [Hacking News] - 8 Srpen, 2014 - 10:57
Today's security software is ineffective against an emerging networking technology already in use by Apple for its Siri voice-recognition software, according to research presented at the Black Hat hacking conference this week.
Kategorie: Hacking & Security

Some mobile POS devices still have critical flaws months after patch

Computerworld.com [Hacking News] - 8 Srpen, 2014 - 10:23
Security researchers demonstrated Thursday flaws that can allow hackers to take over mobile point-of-sale (mPOS) devices from different manufacturers by inserting rogue cards into them.
Kategorie: Hacking & Security
Syndikovat obsah