Yara Rule for CVE-2010-1885

Posted: June 11th, 2010 | Author: | Filed under: IT Related | Tags: , , , | 3 Comments » 
rule HelpSupportCenter
{
   meta:  
      ref = "CVE-2010-1885"
      hide = true
      impact = 5 
   strings:
      $cve20101885 = /hcp:\/\/.*?(%u?[A-F]{1,4}.*?){90}/
   condition:
       all of them
}

257 Israel Websites Defaced

Posted: June 2nd, 2010 | Author: | Filed under: IT Related | Tags: , , , , | 8 Comments »

Total notifications: 257 of which 81 single ip and 176 mass defacements

Most of them critic the attack of Israel on the Gaza aid ship

Details: Zone-h

*UPDATE*

2nd June: Total notifications: 664 of which 94 single ip and 570 mass defacements

Yara Rule for Safari window.parent.close()

Posted: May 8th, 2010 | Author: | Filed under: IT Related | Tags: , , , , , | 1 Comment » 
rule SafariWindowParentClose
{
   meta:
      ref = "Safari window.parent.close()"
      impact = 7
   strings:
      $SafariWindowParentClose_1 = /.*?.prompt\(alert\)/
      $SafariWindowParentClose_2 = /.*?.prompt\(.*?\)/
      $SafariWindowParentClose_3 = /.*?.close\(\)/
   condition:
      all of them
}

Safari 0day

Posted: May 8th, 2010 | Author: | Filed under: IT Related | Tags: , , , | 1 Comment »

I love the smell of Safari 0day in the morning 🙂

DontPhishMe

Posted: April 21st, 2010 | Author: | Filed under: IT Related | Tags: , , , , , | 1 Comment »

DontPhishMe is an anti-phishing addon for Mozilla Firefox that utilizes pattern matching technique to provide the Malaysian Internet user with information and notification to protect them against online banking phishing website that is specifically targeting financial institutions in Malaysia.

[More info HERE]

« Older Entries
Newer Entries »