You could ch-root your apache process/webserver going forward. This would
effectively stop the malicious process when/if your machine is compromised
via web based vulnerabilities to spread to entire machine.. meaning your
area of investigation is more isolated.
I'd expect if its automatically spre
Yes, it is well known that certain individuals are using compromised *nix
servers particularly to run bitcoin miners into pools. Its only been
happening for.. a long time.
On Tue, Jul 19, 2011 at 8:20 PM, Zach C. wrote:
> Hmm -- that's interesting. I wonder if it would be possible/feasible to
>
ecause would be a very handy app for
> sure
> xd
>
>
>
> On 15 May 2011 07:55, Chris M wrote:
>
>> Not convinced.
>>
>> Tried to upload a few samples, "only support EXE files" no DLLs? yet
>> you take URLs? only to exes?
>>
>>
Not convinced.
Tried to upload a few samples, "only support EXE files" no DLLs? yet
you take URLs? only to exes?
The file I upped was a PE file. Just with a renamed extension.
Also submitted a couple of "known bad" files and got a list of tcp ports
back how is this operating? _SHARED_ s
But the encrypted everything right?
On Fri, May 6, 2011 at 5:33 PM, d3hydr8 D wrote:
> **
> (+) Authors : d3hydr8
> (+) WebSite : darkode.com
> (+) Date : 06.05.2011
> (+) Hour : 08:21 AM
> (+) Targets : CCAvenue.com (Payment
How does all of this stop someone feeding the obfuscated code into jsunpack
and reloading it into a bot application with an inbuilt browser object and
just following links etc?
On Wed, Apr 13, 2011 at 3:50 PM, Christian Sciberras wrote:
> Is it me or are spammers recruiting more script kiddies as
Maybe you can fix my login/password for insecurityresearch.com as per my
earlier mail.
Customer Service > Marketing, right? :p
On Wed, Mar 30, 2011 at 3:44 PM, runlvl wrote:
> The INSECT Pro version hosted on that site is really old, from what I
> see is the version 1.1 and is not an official v
call
> the head of IT or the president, rector, or someone equally high up, and
> give them enough time to respond. You catch more flies with honey, etc..
>
>
> Caspian
>
>
> On 2011-02-19, at 1:02 PM, Chris M wrote:
>
> Agreed - by not taking further steps follo
Agreed - by not taking further steps following the complete negligence of
the institution to protect the security of their assets (and thereby placing
students & staff at risk) there must be some further incentive to bring this
to their attention. If anything they should have regular infrastructure
Got an Image of the drive?
http://accessdata.com/downloads/current_releases/imager/Imager_Lite_%202.9.0.zip
On Sat, Feb 19, 2011 at 3:49 PM, Charles Timko wrote:
> While I was at the SuperComputing Conference I went ahead and plugged in a
> flashdrive that belonged to a friend of mine. After Wi
Some thoughts..
Whether they did or not is probably way past irrelevant now. I'd probably
wager the site owners were just pissed off with the massive
bandwidth-consumption from all the scandal. Its not beyond the stretch of
the imagination that private companies were hired to "make these go away"
11 matches
Mail list logo