Showing 4 results for: December 2016 ×

Steganalysis, the Counterpart of Steganography

In my last blog post I discussed the art of embedding secret messages in any file so that only the sender and the receiver know about the presence of that message. This is called steganography. In this post I will...

Raiding the Piggy Bank: Webshell Secrets Revealed

Introduction A recent investigation into credit card fraud that was enabled by a webshell revealed several interesting methods used by the attacker. These methods are the subject of this blog, as well as providing some suggestions on what E-commerce companies...

Microsoft Patch Tuesday, December 2016

December's Patch Tuesday is here to greet you with the pleasant tidings of patches for all of your (currently known Microsoft) vulnerabilities. It's a big release just in time for the holidays with 12 bulletins covering 48 CVEs. Five of...

A Backdoor in Skype for Mac OS X

Trustwave recently reported a locally exploitable issue in the Skype Desktop API Mac OS-X which provides an API to local programs/plugins executing on the local machine. The API is formally known as the Desktop API (previously known as the Skype...