January 15, 2017

Protecting from the CPanel Ransomware That Doesn't Exist Yet

Ransomware just ain’t what it used to be. From the now-relatively-Paleolithic Cryptolocker until today we’ve seen the criminals who run these operations evolve to meet the responses brought against them - from offering free decryption if you infect others, to exploiting insecure MongoDB instances they have shown they’re totally willing to find new avenues to get an edge in this lucrative business. One thing we haven’t seen a lot of though is ransomware targeting website hosting environments. Read more

January 7, 2017

Honeypotting for the Lazy: Weekend Fishing for Router Bots

Recently I decided that I wanted to do a bit more malware analysis. I have a reverse engineering background of sorts, so I wasn’t so concerned with the mechanics of analysing the malware as I was with the question of how do I actually find a sample to analyse that is interesting to me and answers some sort of actual question, rather than purely being a learning exercise? This happened to be a day or so after the Netgear vulnerability affecting their consumer routers was released to the public and gave me a question to answer - would the IoT botnet authors add support for this vulnerability to their bots? Read more

December 30, 2016

No, I didn't try to break Companies House

I have a tendency to take a joke too far. The most recent example of this would be yesterday in IRC, where I was discussing with a few friends what I should name my new company. Being a business to business consultancy, and mostly a one-man operation, the name isn’t that important, but I wanted something with a bit of personality. And I asked: <Mopman> Is there anything stopping me from registering ; DROP TABLE "Companies";-- Ltd as a company name? Read more

March 18, 2014

Three leaks users numbers via web service

OK, so you can file this one under “annoying, but not the end of the world”. Three, like most mobile providers, has a mobile application that comes installed on your phone if you buy one from them, or you can download separately if you wish. It mostly replicates a limited subset of the MyThree website, allowing you to view your recent invoices, whether you are eligible for an upgrade, etc. Read more

© Sam Pizzey 2018