Resources

  • More on Purple Teaming – carnal0wnage.attackresearch.com
    Purple Teaming is “conducting focused Red Teams with clear training objectives for the Blue Team.”

Tools

  • VolUtility – github.com
    Web Interface for Volatility Memory Analysis framework

Techniques

  • Remote Code Execution in CCTV-DVR affecting over 70 different vendors – www.kerneronsec.com
    This post is going to be a follow up from a research which dates back to December 2014, called “The Backoff POS Trojan operation”. Back then, one of the key conclusions highlighted from the report is that fraudsters are adopting new tactics in order to attack retailers. This new attack vector is to compromise DVR boxes, which is the heart component of any CCTV system.

Vulnerabilities

  • New self-protecting USB trojan able to avoid detection – www.welivesecurity.com
    A unique data-stealing trojan has been spotted on USB devices in the wild – and it is different from typical data-stealing malware. Each instance of this trojan relies on the particular USB device on which it is installed and it leaves no evidence on the compromised system.

Other News