DirectShow 0day爆发警告
来源:80sex
DirectShow 0day是一个中率极高的0day漏洞,目前已经开始在网上爆发,其攻击形势不亚于去年的IE7 0day以及往年的ANI 0day。
攻击特性如下:
阅读全文 »
来源:80sex
DirectShow 0day是一个中率极高的0day漏洞,目前已经开始在网上爆发,其攻击形势不亚于去年的IE7 0day以及往年的ANI 0day。
攻击特性如下:
阅读全文 »
This page covers a new method that enables an attacker to change the .NET language, and to hide malicious code inside its core.
The whitepaper .NET Framework rootkits – backdoors inside your frameworkcovers various ways to develop rootkits for the .NET framework, so that every EXE/DLL that runs on a modified Framework will behave differently than what it’s supposed to do. Code reviews will not detect backdoors installed inside the Framework since the payload is not in the code itself, but rather it is inside the Framework implementation. Writing Framework rootkits will enable the attacker to install a reverse shell inside the framework, to steal valuable information, to fixate encryption keys, disable security checks and to perform other nasty things as described in this paper.
阅读全文 »