Collaborate Disseminate
Have you ever been looking for a screwdriver, USB stick, or your keys, only to find them right where you left them in plain sight? We have. As many prolific …read more Continue reading Hiding Links in Plain Sight with Bookmark Knocking
You need to package up a bunch of files, send them somewhere, and do something with them at the destination. It isn’t an uncommon scenario. The obvious answer is to …read more Continue reading Linux Fu: Shell Script File Embedding
Today we’re going to take a quick look at encoding, as covered in Domain 3 of the CISSP common body of knowledge (CBK). There is often some confusion between encoding and encryption, so one of the purposes of this article is to look at how the CB… Continue reading Encoding – CISSP Domain 3
A new web skimming campaign, starting from the end of 2019, is impersonating Google web products in order to collect sensitive information from users on eCommerce websites. During the last few weeks, our research team has been investigating a new web-s… Continue reading The Gocgle Web Skimming Campaign
Authentication bypass bugs in WordPress plugins InfiniteWP Client and WP Time Capsule leave hundreds of thousands of sites open to attack. Continue reading Critical WordPress Bug Leaves 320,000 Sites Open to Attack
Encoded strings are widely used by malware, and it’s essential to be able to decode them. Read our practical guide on base64 encoding & decoding techniques.
The post A Guide to Encoding & Decoding in Base64 appeared first on Security Boulevard.
Continue reading A Guide to Encoding & Decoding in Base64
Web application threats come in different shapes and sizes. These threats mostly stem from web application vulnerabilities, published daily by the vendors themselves or by third-party researchers, followed by vigilant attackers exploiting them. To cove… Continue reading The Catch 22 of Base64: Attacker Dilemma from a Defender Point of View
Brazilian firms are the latest targets in a spam campaign delivering CHM help files hiding links to bank Trojans. Continue reading CHM Help Files Deliver Brazilian Banking Trojan
I published the following diary on isc.sans.org: “Base64 All The Things!“. Here is an interesting maldoc sample captured with my spam trap. The attached file is “PO# 36-14673.DOC” and has a score of 6 on VT. The file contains Open XML data that refers to an invoice.. [Read more]
[The post [SANS ISC] Base64 All The Things! has been first published on /dev/random]
It is Freaky Friday again today. The Locky gang must be having a long weekend off and left the apprentice in charge. They have made a bit of a mess up of encoding the files today and the so called 7z attachment is actually a base64 file that needs decoding … Continue reading → Continue reading Locky Freaky Friday Your Remittance Advice with base64 encoded attachments to emails instead of zip files