The heart-bleed bug.

remember the times the server uses the heartbeat protocol to check if its up or not; happens a lot in the nodes of banking centres in my previous working environment. Never knew this was the precursor to the heart bleed bug. Just a little tweak to the payload and crafting of the packet, in the heartbeat code, can actually leak random information.

Understanding the heartbeat request and response is the key to the heart bleed bug. Doing memory checks fixes this.

Crimeboss Exploit Kit continued

It is interesting to notice that a malware artist devices ways to trap the victim into a un-retractable abyss of a virus attack.

The artist devices a way to get the victim into a lockdown where the victim(a non-savvy one) needs to click a download to get to where she wants; and then un-mounts a series of codes and programs to gain access into the victims machine.

This form of attack is indeed really crafty and makes full use of social engineering, a sound knowledge of web programming and a good knowledge on web architectures

Crimeboss Exploit Kit Introduction

Using malware analysis, to analyse a potential Crimeboss Exploit Kit that exploited a victim on an anonymous case. Given so, I have only been given a pcap file and bunch of artefacts and knowledge base to work with. And 5 days to come up with a sound analysis.

I will post up my results and analysis on my next update. Till then; happy Malware hunting!

Graduate Diploma coming to an end, and the real work starts

It has been an awesome year, 2014; i get to study a new course, and in the coolest little capital in the world, Wellington New Zealand.

The security industry is on a steady rise here as companies look to secure their information assets and more and more people and start up companies are looking for programmers who can develop mobile applications and perform secure code testing.

There is a huge future for programmers, as it is probably the peak cycle for development; i would suggest future techies intending to step into New Zealand to consider codes in relation to Android and Website development.

The future is great here, if ones mind set is willing to challenge new boundaries.

Revisiting targets

Yes! Remember once i said i had lofty goals to achieve for the year 2014. I plan to revisit that and figure out what can be achieved and what not.

Firstly the GD, hell yeah, the GD is a crucial segment in my learning curve; what is a network without its security inputs. So thats on track; what got me really interested is the forensics side of it. Currently i am divulging into the creaks of Forensics.

Second the CCNP, that is a disappointment; not because of my capability to learn but the fact that Cisco has decided to change its syllabus to v5 to correspond with the CCIE change they did earlier this year. Given this notion; I have decided to go for the ultimate test of Cisco networking; the CCIE. Yes back to that, thanks to Narbik, INE and CBT Nuggets, that idea is very much alive.

SANS, no money for that. period. But given the opportunity, 504 and 572 is an awesome course!

Finally, the elusive job in the security industry; don’t we all dream for the stars. Still working on that big break!