Eric Romang Blog[B!]新着記事・評価 - はてなブックマーク

『Eric Romang Blog | aka wow on ZATAZ.com』

MS13-051 / CVE-2013-1331 What We Know About Microsoft Office Zero Day | Eric Romang Blog
3 users
eromang.zataz.com
- テクノロジー
- 2013/06/13 19:09

DOL Watering Hole Campaign and Sexy Swedish Soccer Supporter | Eric Romang Blog
3 users
eromang.zataz.com

As I explained in my previous blog post, nine websites were involved in the DOL watering hole campaign. The first involved website was University Research Co. Cambodia (www[.]urccambodia[.]org) from 2013-03-15 to 2013-04-29. This website came out of the context of other websites used in this watering hole campaign. The Better Health Services (BHS) is a USAID-funded health systems strengthening pro
- 世の中
- 2013/05/13 09:16
Dark South Korea and Discovered PuTTY Tools Behaviours | Eric Romang Blog
4 users
eromang.zataz.com

By analyzing one of the Dark South Korea dropper, I discovered interesting behaviours associated with the PuTTY binaries installed in “%TMP%” Windows folder. These behaviours could be considered as expected, but they could be used more efficiently in the future. The two installed binaries are “alg.exe“ and “conime.exe“ used to upload “~pr1.tmp” bash file to *NIX targets discovered in configuration
- テクノロジー
- 2013/04/08 08:26
When a Signed Java JAR file is not Proof of Trust | Eric Romang Blog
4 users
eromang.zataz.com

Today, Malware Domain List, reported strange behaviours regarding a Java app executed with the latest version of Java 6. Java 0day ? http://t.co/0G7mOdY4l5 Machine is running latest 1.6 JRE. Source: http://t.co/DTGrrZl3wC — Malware Domain List (@_MDL_) March 4, 2013 As you can observe, VirusTotal didn’t find something wrong (0/46) regarding the Java app, but after few hours, some analysis and some
- 暮らし
- 2013/03/05 09:41
Exploitation Demo of Fake Mandiant APT1 Report PDF | Eric Romang Blog
4 users
eromang.zataz.com

As mentioned by Symantec & Seculert, a spear phishing campaign has involved a fake Mandiant APT1 PDF report, a report published by Mandiant earlier this week (APT1: Exposing One of China’s Cyber Espionage Units). This fake PDF was used in targeted attacks against Japanese entities and exploiting code for Adobe Acrobat and Reader Remote Code Execution Vulnerability (CVE-2013-0641). Despite the anal
- 学び
- 2013/02/22 20:50
Facebook, Apple & Twitter Watering Hole Attack Additional Informations | Eric Romang Blog
7 users
eromang.zataz.com
- テクノロジー
- 2013/02/20 19:39
- ネタ
Isn’t Linux/Chapro.A only Darkleech Apache Module ? | Eric Romang Blog
3 users
eromang.zataz.com
- テクノロジー
- 2012/12/20 18:55
Funny and Efficient Anti-Virus Bypass Packed Java Applets Exploits CVE-2012-4681 in the Wild | Eric Romang Blog
3 users
eromang.zataz.com
- 暮らし
- 2012/10/27 10:41
Microsoft Internet Explorer 0Day reported by ZDI to Microsoft ? | Eric Romang Blog
3 users
eromang.zataz.com
- テクノロジー
- 2012/09/22 09:46
https://eromang.zataz.com/2012/09/16/zero-day-season-is-really-not-over-yet/
3 users
eromang.zataz.com
- 暮らし
- 2012/09/17 04:43
Oracle Java 0day and the Myth of a Targeted Attack | Eric Romang Blog
4 users
eromang.zataz.com

FireEye (@fireeye) were the first to speak around the Oracle Java 0day in a nice blog post “Zero-Day Season is Not Over Yet“. As they mentioned in the blog post it was just a matter of time that a PoC will be released. The tweet was dated from 9:26 PM – 26 August, 2012. https://twitter.com/FireEye/status/239806161874993152 @jduck member of Metasploit team had sufficient information’s contained in
- テクノロジー
- 2012/08/28 15:50

キーボードショートカット一覧

j次のブックマーク

k前のブックマーク

lあとで読む

eコメント一覧を開く

oページを開く

設定を変更しましたx