Code obfuscation is quite prevalent in Web shells these days. Obfuscated code is used to bypass virus checking and hide the real purpose of nefarious code. Obfuscated source code is often used to hide malicious backdoors. Today, we’re going to deobfuscate a tricky one. Below is a php frame from a full Web shell found in... read more >
Honored at Annual Security Bloggers Meetup at RSA
The Solutionary Minds blog team would like to thank all of you who voted for Solutionary Minds as the “Best Corporate Security Blog” in the Security Bloggers Network (SBN) Social Security Awards 2014. All of the Solutionary Minds bloggers are honored to be recognized by you, our readers, as well as our security industry peers.
It was quite a thrill to be at the Security Bloggers Meetup in San Francisco last week with many of the thought leaders in IT security and hear the name “Solutionary” read as the first award recipient. My initial excitement, however, was briefly dampened when the award presenter wondered in front of the crowd if I was really from Solutionary. As I reached to grab a business card from my pocket, Judge Wendy Nather came to my rescue and vouched for me as a legitimate representative from Solutionary. Thank you, Wendy!
What makes this award truly special to us is that it comes from our peers... read more >
The RSA Conference flew by this week! Thanks again to those of you who stopped by the booth and said hello to us and the rest of the NTT Group Security Companies. The sheer number of vendors on both show floors was pretty incredible and that actually led me to read a blog in CSO called “While you're at RSA the mice will play.” It serves as a great reminder that the adversary does not tap the brakes on an operation and wait for organizations to return to the office.
Speaking of blogs, at the end of January the Solutionary Minds Blog had the honor of being nominated by the Security Bloggers Network community for the Best Corporate Security Blog. Once the votes were counted and the judges poured over the information, it was announced that Solutionary had taken home the gold medal. The Solutionary Minds Blog unseated the Sophos Naked Security Blog (back-to-back winner in 2012 and... read more >
With our Internet-enabled cell phones, tablets and laptops, we are used to always being connected. Our coffee shops and bookstores now provide Wi-Fi connectivity, usually for free. But many corporations prefer to limit wireless access, requiring VPN encryption or prohibiting Wi-Fi entirely.
In such situations, it’s possible for tech-savvy users to set up their own Wi-Fi hotspots. They can then use their smartphone, tablet or other device without the “primitive” limitations imposed by corporate policy.
How do they do this? Unfortunately, it’s all too easy. Every home network typically includes a small device functioning as a router, network switch, and wireless gateway. Plug one of these into the corporation’s network, and presto! An unsecured wireless network appears. This wireless network offers access to the internet, and as a free bonus, corporate servers and other network resources. The 2013 Solutionary... read more >
Facebook continues to raise the collective eyebrow of onlookers. Headlines were on fire this week after they announced the $19 billion purchase of WhatsApp, a wildly popular messaging company with over 450 million monthly users. Despite the big news, the security-news pipeline was equally rich. Rachel King of The Wall Street Journal covered the extremely popular topic of the vulnerabilities in the healthcare system. In her article, King discusses security research which found electronic medical records (EMRs) and payment information from healthcare providers. Other documents found, per King’s write-up:
“…detail the type of equipment used in computer networks, the... read more >
9 Steps to Take After a Website Defacement
Here’s a fictitious, but fairly typical scenario for a website defacement. Joe W. Hacker uses an enumeration technique called banner grabbing to find what applications and operating systems your webserver was running. He discovers that a ten-year-old version of Internet Information Server (IIS) is being used. Joe connects to that Web server using a known exploit designed to take advantage of a vulnerability that allows remote users to alter and upload content. Now, all of a sudden, Joe is on your Web server with elevated privileges. Joe changes the content of the index.php file (the first page that loads) with “You have been P0wn3d” and places it in the www root folder. Your website no longer displays the intended content and Joe W. Hacker is showing off his unscrupulous talent.
The above scenario is very simple, yet extremely typical. What do... read more >
Visit Solutionary in Booth #1615 at RSA in San Francisco on February 24-27.
The annual RSA security conference gets underway in San Francisco next week. It’s always a long week for those of us on the vendor side of the security industry. We spend weeks getting ready for the show, then spend long days working in our booths, meeting with clients and partners and getting to and from numerous events. It really is an exhausting process. By weeks- end, I fully expect my voice to be hoarse, my feet to be achy and my back ready for a massage. After a full week of RSA, then a red-eye flight back home, I also expect to be completely worn out.
We hope that the attendees come away from the event armed with knowledge, ready to get back to work and apply what they’ve learned. It is, therefore, entirely appropriate that the theme of this year’s RSA conference is “Share. Learn. Secure.” That’s exactly what we hope to do while at RSA – share... read more >