You could ch-root your apache process/webserver going forward. This would
effectively stop the malicious process when/if your machine is compromised
via web based vulnerabilities to spread to entire machine.. meaning your
area of investigation is more isolated.
I'd expect if its automatically
Yes, it is well known that certain individuals are using compromised *nix
servers particularly to run bitcoin miners into pools. Its only been
happening for.. a long time.
On Tue, Jul 19, 2011 at 8:20 PM, Zach C. fxc...@gmail.com wrote:
Hmm -- that's interesting. I wonder if it would be
Not convinced.
Tried to upload a few samples, only support EXE files no DLLs? yet
you take URLs? only to exes?
The file I upped was a PE file. Just with a renamed extension.
Also submitted a couple of known bad files and got a list of tcp ports
back how is this operating? _SHARED_
handy app for
sure
xd
On 15 May 2011 07:55, Chris M ch...@nullroute.net wrote:
Not convinced.
Tried to upload a few samples, only support EXE files no DLLs? yet
you take URLs? only to exes?
The file I upped was a PE file. Just with a renamed extension.
Also submitted a couple
But the encrypted everything right?
On Fri, May 6, 2011 at 5:33 PM, d3hydr8 D d3hy...@hotmail.com wrote:
**
(+) Authors : d3hydr8
(+) WebSite : darkode.com
(+) Date : 06.05.2011
(+) Hour : 08:21 AM
(+) Targets :
How does all of this stop someone feeding the obfuscated code into jsunpack
and reloading it into a bot application with an inbuilt browser object and
just following links etc?
On Wed, Apr 13, 2011 at 3:50 PM, Christian Sciberras uuf6...@gmail.comwrote:
Is it me or are spammers recruiting more
Maybe you can fix my login/password for insecurityresearch.com as per my
earlier mail.
Customer Service Marketing, right? :p
On Wed, Mar 30, 2011 at 3:44 PM, runlvl run...@gmail.com wrote:
The INSECT Pro version hosted on that site is really old, from what I
see is the version 1.1 and is not
to respond. You catch more flies with honey, etc..
Caspian
On 2011-02-19, at 1:02 PM, Chris M ch...@nullroute.net wrote:
Agreed - by not taking further steps following the complete negligence of
the institution to protect the security of their assets (and thereby placing
students staff
Some thoughts..
Whether they did or not is probably way past irrelevant now. I'd probably
wager the site owners were just pissed off with the massive
bandwidth-consumption from all the scandal. Its not beyond the stretch of
the imagination that private companies were hired to make these go away -
Got an Image of the drive?
http://accessdata.com/downloads/current_releases/imager/Imager_Lite_%202.9.0.zip
On Sat, Feb 19, 2011 at 3:49 PM, Charles Timko charles.ti...@hotmail.comwrote:
While I was at the SuperComputing Conference I went ahead and plugged in a
flashdrive that belonged to a
Agreed - by not taking further steps following the complete negligence of
the institution to protect the security of their assets (and thereby placing
students staff at risk) there must be some further incentive to bring this
to their attention. If anything they should have regular infrastructure
11 matches
Mail list logo
