Exploitation

Thu
27
Apr

The Evolution to Fileless Malware

Contributed by David Patten

Malware and viruses have been around since the early days of computers. The computer security industry has often played a game of cat and mouse with malware authors in which the malware authors create new and complex malware programs and the security industry develops better programs to protect and prevent malware. Recently malware has taken a new approach to attacking computers, fileless malware that does not rely on writing complex malware programs. This new fileless malware depends on commonly installed programs to cause damage and extract information. This paper provides a look at the evolution malware followed by an examination of the use of .NET Framework, PowerShell, offensive PowerShell tools, and PowerShell Forensic Tools.

This document is in PDF format. To view it click here.

Wed
26
Apr

Hacking Back – Offense/Defense in Enterprise IT Security

Contributed by Edgar Hurtado Jr

One of the many thoughts that travel through the minds of the computer user are these questions, Am I being hacked? Am I safe to open this email? Am I vulnerable to a malware? Unfortunately in today’s day and age we are very open to hackers invading our personal privacy and personal values without any high risks for them to be caught and persecuted. There are millions of individuals all over the world currently connected to the internet if either for personal or professional use. Many of those users are providing some scale of defense from outside attacks to the network connection they are on. But can we gather the attacker’s intrusion information and attack them back. May we be considered a hacker even though it is to locate and stop that hacker from any future attacks? That will be up to you and I will try to present the views of hacking back being a way to fight the increasing flood of hackers.

Thu
20
Apr

Keyloggers: A Threat to Your Data

Contributed by Ezequiel Guerra

As more and more people throughout the world utilize the Internet to access their personal data. The greater the chance their data can be stolen. Millions of people access a variety of online accounts and websites daily such as email, banking, shopping, stock market, billing, career and social media. In this paper, I will be discussing a major threat to your data and accounts, keyloggers.

This document is in PDF format. To view it click here.

Wed
19
Apr

The Connected Vehicle: Vulnerabilities, Future, and Security

Contributed by Cory Church

This paper will focus on the threats and vulnerabilities in the new field of connected cars. With most car manufacturers trying to push out connected cars as quickly as possible it is becoming apparent that they may not be putting as much time and money into the security of their vehicles. In the paper, several vulnerabilities that have been discovered and tested will be discussed and we will see how these we patched in the cars that were affected. We will also consider how companies can better secure their vehicles before putting them into mass production. Lastly, the paper will try to see if the benefits of having our cars connected to the internet out way the risks and what it means for the future of self-driving cars.

This document is in PDF format. To view it click here.

Mon
17
Apr

Malware Behavior & Implementation Strategies: Forms of Malware Attacks & Their Effects

Contributed by Andrew L. Ramirez

The fight against the latest malware on both client and server side attacks hasn’t ever been as crucial as it is today. Nowadays, the malware we encounter and are actively seeing in our networks and computers are becoming more and more sophisticated and are adapting to the counter measures that are being taken against them. Malware comes in many forms that all affect systems differently. In recent events, IBM Security recently warned banks and their commercial customers that hackers are using a variant of Dyre, christened “The Dyre Wolf.” To attack online banking systems (Kitten, 2015). This particular form of malware targets banking institutions but more specifically their back-end systems and online-banking platforms.

This document is in PDF format. To view it click here.

Pages

Subscribe to RSS - Exploitation