Exploitation

Thu
20
Apr

Keyloggers: A Threat to Your Data

Contributed by Ezequiel Guerra

As more and more people throughout the world utilize the Internet to access their personal data. The greater the chance their data can be stolen. Millions of people access a variety of online accounts and websites daily such as email, banking, shopping, stock market, billing, career and social media. In this paper, I will be discussing a major threat to your data and accounts, keyloggers.

This document is in PDF format. To view it click here.

Wed
19
Apr

The Connected Vehicle: Vulnerabilities, Future, and Security

Contributed by Cory Church

This paper will focus on the threats and vulnerabilities in the new field of connected cars. With most car manufacturers trying to push out connected cars as quickly as possible it is becoming apparent that they may not be putting as much time and money into the security of their vehicles. In the paper, several vulnerabilities that have been discovered and tested will be discussed and we will see how these we patched in the cars that were affected. We will also consider how companies can better secure their vehicles before putting them into mass production. Lastly, the paper will try to see if the benefits of having our cars connected to the internet out way the risks and what it means for the future of self-driving cars.

This document is in PDF format. To view it click here.

Mon
17
Apr

Malware Behavior & Implementation Strategies: Forms of Malware Attacks & Their Effects

Contributed by Andrew L. Ramirez

The fight against the latest malware on both client and server side attacks hasn’t ever been as crucial as it is today. Nowadays, the malware we encounter and are actively seeing in our networks and computers are becoming more and more sophisticated and are adapting to the counter measures that are being taken against them. Malware comes in many forms that all affect systems differently. In recent events, IBM Security recently warned banks and their commercial customers that hackers are using a variant of Dyre, christened “The Dyre Wolf.” To attack online banking systems (Kitten, 2015). This particular form of malware targets banking institutions but more specifically their back-end systems and online-banking platforms.

This document is in PDF format. To view it click here.

Mon
10
Apr

RowHammer

Contributed by Roy schmiedeshoff

This rowhammer bug is a hardware fault found in many DRAM memory modules manufactured from 2010 onward. Basically, continued refreshing rows of memory cells can cause bits to flip in adjacent rows. With an x86 running Linux, if you can induce corruption into DRAM, then potentially you could also discover methods to take over the kernel. Looking at how memory is structured will give us an understanding of the rowhammer bug, how it’s creatively exploited, and what steps memory designers can take to mitigate or remove the potential threat.

This document is in PDF format. To view it click here.

Tue
28
Feb

XSS Attacks FAQ

Contributed by Aelphaeis Mangarae a.k.a. Chris Morganti

XSS attacks are becoming a big problem and are going to become an extremely big problem if people do not educate themselves about XSS attacks and vulnerabilities, XSS vulnerabilities have been found in all sorts of websites including fbi.gov, yahoo.com, ebay.com and many other popular and important websites, a lot of administrators fail to pay attention to XSS attacks because they either don't know much about them or they do not see them as a threat, an XSS vulnerability when exploited by a skilled attacker or even a novice can be a very powerful attack. This paper details XSS attacks and hopes to educate you on what they are, how attackers use them and of course how you can prevent them from happening.

This document is in PDF format. To view it click here.

Pages

Subscribe to RSS - Exploitation