28 Dec 2014

LizardSquad Exposed: DDoS of PSN and XBox From Google Cloud Using Kaiten

This content was originally posted on Pastebin here http://pastebin.com/655ba54R, it has been reportedly deleted once or twice, so am reposting here just in case it is deleted. I am not the original author. (full plain text here  After joining lizardsquads IRC network (hosted by OVH) I noticed a flaw. Even though

28 Apr 2014

Exploit Tool Targeting Vulnerabilities in McAfee ePolicy Orchestrator Released

A new exploit tool has been released, specifically built to attack McAfee’s ePolicy Orchestrator (ePO). The exploit targets two vulnerabilities (CVE-2013-0140 and CVE-2013-0141) found in McAfee ePO versions 4.6.5 and earlier. The attacker must be on the local network in order to exploit these vulnerabilities. The exploit tool allows an

27 Apr 2014

Zero Day Exploit Targeting Internet Explorer (CVE-2014-1776) No Patch Available

A new zero day exploit targeting Internet Explorer is active and in the wild being used by attackers. The exploit targets a vulnerability in Internet Explorer and there is currently no available patch for the exploit. The vulnerability affects versions 6-11, however the active exploit is targeting 9-11. The group

14 Apr 2014

Heart Attack: Detecting Heartbleed Exploits in Real-Time

The OpenSSL Heartbleed vulnerability is proving to be one of the bigger vulnerabilities the security community has seen. As vendors and administrators scramble to patch their systems and users struggle to identify what sites are safe to use, hackers are taking full advantage of the vulnerability. Tripwire’s VERT team has

24 Mar 2014

When Security Tools Cry Wolf

With the recent Target and Nieman Marcus breaches, we have seen that the attacks did not go without detection by the retailers’ security tools. However, both cases reveal a larger problem: With the rising number and complexity of security tools at our fingertips, sometimes everything looks like an alert so