Showing 15 results for: December 2013 ×

The Case of an Obscure Injection

During a recent application penetration test, I came across what proved to be an interesting SQL Injection (SQLi) vulnerability. This case of SQLi was interesting for a couple reasons: The challenges that it presented during exploitation The Database Management System...

Sqlmap Tricks for Advanced SQL Injection

Sqlmap is an awesome tool that automates SQL Injection discovery and exploitation processes. I normally use it for exploitation only because I prefer manual detection in order to avoid stressing the web server or being blocked by IPS/WAF devices. Below...

Quick Joomla Refresher

I haven't come into contact with Joomla for a while, but I had the opportunity recently in a penetration test of a web site that was running the popular Content Management System (CMS). In this blog post I mention some...

Exploiting Password Recovery Functionalities

Password recovery functionalities can result in vulnerabilities in the same application they are intended to protect. Vulnerabilities such as username enumeration (showing different error messages when the user exists or not in the database), sensitive information disclosure (sending the password...

Announcing ModSecurity v2.7.6 Release (CI Platform Usage)

The ModSecurity Project team is pleased to announce public release version 2.7.6. Full Release Notes Here. Besides extensive bug fixes this release also includes modification on the build system that counts on QA mechanisms such as coding style checker and...

Microsoft Patch Tuesday, December 2013

'Tis the season for an increase in cyber-criminal activities. In the past couple months, cyber-criminals built up their arsenals by acquiring zero-day exploits including the zero-day remote code execution in the Microsoft Graphics component vulnerability (Microsoft Security Advisory 2896666) and...

The Curious Case of the Malicious IIS Module

Recently, we've seen a few instances of a malicious DLL that is installed as an IIS module making its rounds in forensic cases. This module is of particular concern as it is currently undetectable by almost all anti-virus products. The...

Microsoft Advance Notification for December 2013

On December 10th, Microsoft will begin deploying their security updates to consumers with affected versions of Windows, Internet Explorer, Office, Exchange and Visual Studio. As it currently stands, the December security update release will mitigate vulnerabilities for eleven bulletins, five...

FAQ: Pony Malware Payload Discovery

Our team's discovery of the spoils of yet another instance of Pony 1.9 has kept us busy the past couple of days. We've enjoyed explaining our discovery to journalists and trying our best to answer the questions that arise over...

Look What I Found: Moar Pony!

In our last episode of "Look What I Found" we talked about a fairly large instance of the Pony Botnet Controller. With the source code of Pony leaked and in the wild, we continue to see new instances and forks...