How can we isolate suspicious processes in Windows and not destroy the OS? How can we create a reliable and Windows-compatible sandbox without hardware virtualization and kernel function hooking, but with the use of documented default OS…
CONTINUE READING 🡒 
Jailbreaking for dummies. What to do after a device has…
So you've decided to jailbreak your device, downloaded a proper utility from the website paungu or taig, connected your smartphone to your computer, and launched the application. After several reboots, a message was displayed on the screen…
CONTINUE READING 🡒 
Using Android to keep tabs on your girlfriend. With her…
Today we're going to try out a little spy experiment and gather data on the movements of someone important to us, say a girlfriend, child or grandparent. With their written consent to collect and process their information,…
CONTINUE READING 🡒 
How to Handle Malware: Complete Guide. Give it to your…
Numerous times you used to help your friends and people when their PCs fell to onslaught of malware. So did we. But we got pretty sick and tired of all that and pulled out a trump card…
CONTINUE READING 🡒 
Turning a Regular USB Flash Drive into a USB Rubber…
A long time ago, we reviewed some devices which should be in any hacker's toolbox. One of these devices was a USB Rubber Ducky — a device which resembles a regular USB flash drive. When connected to…
CONTINUE READING 🡒 
The Children of CryptoLocker, Part 2. TeslaCrypt, TorLocker, TorrentLocker
The first examples of malware that encrypts files and then demands money for decryption appeared a long time ago. Just remember Trojan.Xorist with its primitive encryption algorithm based on XOR, or Trojan.ArchiveLock written in PureBasic, which used…
CONTINUE READING 🡒 The Children of CryptoLocker, Part 1. Critroni, CryptoWall, DirCrypt
The first examples of malware that encrypts files and then demands money for decryption appeared a long time ago. Just remember Trojan.Xorist with its primitive encryption algorithm based on XOR, or Trojan.ArchiveLock written in PureBasic, which used…
CONTINUE READING 🡒 
Crypto-Ransomware: Russian Style. Large-scale Research on Russian Ransomware
Nowadays the Russian segment of the Web is not dominated by CryptoWall or CTB-Locker, Russia has seen the formation of an "ecosystem" consisting of other types of ransom trojans, which generally don't enter the global arena. Today,…
CONTINUE READING 🡒 
Injection gloves-off: bypassing antivirus software with Shellter
The great problem for many pentests lies in the fact that any "charged" executable file created with Metasploit or other pentest frameworks can be tracked by any antivirus vendor. That is why a pentester has to find…
CONTINUE READING 🡒 
Hidden threats of the IPv6
Why should we worry about IPv6 at all? After all, even though the last blocks of IPv4 addresses have been distributed to the regional registries, the Internet works without any changes. The thing is that IPv6 first…
CONTINUE READING 🡒 
How to keep an eye on someone through an Android…
Everyone cares about their significant others' security. We all know that feeling when your calls are not answered and your Whatsapp messages not marked as read. In a moment like that you would do a lot to…
CONTINUE READING 🡒 
What data Windows 10 sends to Microsoft and how to…
Since its rise Windows was a natural habitat for all kinds of malware. Now the OS itself seems to have become one big trojan. Right after being installed it starts acting weird. The data flows in rivers…
CONTINUE READING 🡒 
Сode injections for Windows applications
Code Injection is a process of injection code (often malicious) into third party application’s memory. A lot of software is using this technique: from malware to game bots. To show this approach, let’s try to execute third…
CONTINUE READING 🡒 
How to use WSUS to get control over Windows
This was one of the most interesting attacks showed on Black Hat Las Vegas 2015. Let’s imagine the situation: there’s a large park of Windows computers in a large organization, and they all need to be updated.…
CONTINUE READING 🡒 
Status 7 error: what’s the problem with Android OTA updates…
Not infrequently users accustomed to rooting firmware, installing all sorts of system software, changing kernels and otherwise compromising firmware, find it for themselves that it is impossible install an OTA-update. It just won't get in place, rejecting…
CONTINUE READING 🡒 
Learning heterogeneous parallelism in C++ with AMP
When it became physically impossible to further increase the number of transistors in a single microprocessor core, the manufacturers started to put several cores on a chip. This was accompanied by the emergence of such frameworks, that…
CONTINUE READING 🡒 
Tempesta FW, a handfull firewall against DDoS attacks
DDoS attacks have become a real scourge of the modern Internet. They are countered by both organizational methods (we wrote about them in our magazine more than once) and technical means. The latter are usually either ineffective…
CONTINUE READING 🡒 
Malware for OS X: Full Chronicle
The number of malware targeting OS X has been growing along with popularity of this operating system. Few expected it (good protection and the need of root privileges created a sense of security), but now you can…
CONTINUE READING 🡒 
0-day attacks using “keep-alive” connections
Most of today's servers support "keep-alive" connections. If the pages have a lot of media content, such connection will help to substantially speed up its download. But we will try to use "keep-alive" for far less obvious…
CONTINUE READING 🡒 
This is GameDev, baby! Interview with developers of World of…
How to serve a hundred million users without going nuts? What technologies to use? In what language, after all, to write the authorization for your future high load to make sure that everything is "like for the…
CONTINUE READING 🡒