In its latest quarterly Critical Patch Update, Oracle has acknowledged and repaired two security bugs identified by Sjoerd Resink, Senior IT Security Expert at Fox-IT. The bugs were discovered during one of Fox-IT's penetration testing assignments in version 10.1.4.3 of Oracle Application Server's Single Sign-On component. The first security issue, numbered CVE-2012-3175 by the Common … Continue reading Fox-IT discovers security bugs in Oracle Software →

Nederlandse overheid komt met cyberwetgeving Terughacken als wapen tegen cybercrime kan niet zonder wettelijke basis. Het werkt wel, mits met de juiste voorwaarden omkleed en alleen als uiterst middel gebruikt, om burgers tegen cybercriminelen te beschermen. Nu is hét moment voor de politiek om problemen en oplossingen in cyberspace in kaart te brengen en zich … Continue reading Mogen we terugslaan? →

Recently the Internet has been abuzz with news of an unpatched (0-day) exploit for the latest version of Java. The vulnerability is critical because it can exploit a fully patched version of Windows, Linux or Mac OS X. Also, it can do all this without users knowledge or consent. All that is needed is have … Continue reading Observations on the recent Java 0-day exploits in the wild →

Most Zeus trojan infections use HTTP for communication. There are however versions of Zeus that use P2P technology, but they are the exception. Once a computer is infected, Zeus must connect to the command and control (CnC) server for settings and instructions. The usual way of doing this is to use a HTTP POST. When … Continue reading How to find malicious communication leaving your network →

A little over 2 weeks ago Microsoft announced operation B71. It was being brought as the biggest blow to ZeuS botnets in history, and was picked up in the media globally. A released movie showed Microsoft personnel executing a preliminary injunction in a civil case and seizing a server in Scranton, PA. In their words: … Continue reading Critical analysis of Microsoft Operation B71 →