Search found 1105 matches

by rkhunter
Fri Nov 28, 2014 12:02 pm
Forum: Malware
Topic: Point-of-Sale malwares / RAM scrapers
Replies: 244
Views: 861751

Re: Point-of-Sale malwares / RAM scrapers

Point-of-Sale Malware “d4re|dev1|” is Attacking Ticket Machines and Electronic Kiosks

https://www.intelcrawler.com/news-24
by rkhunter
Tue Nov 04, 2014 4:38 pm
Forum: Malware
Topic: Point-of-Sale malwares / RAM scrapers
Replies: 244
Views: 861751

Re: Point-of-Sale malwares / RAM scrapers

ROM – A New Version of the Backoff PoS Malware

http://blog.fortinet.com/post/rom-a-new ... os-malware
by rkhunter
Sun Oct 12, 2014 1:17 pm
Forum: Tools/Software
Topic: FinFisher - on wikileaks
Replies: 5
Views: 8147

Re: FinFisher - on wikileaks

FinFisher Malware Analysis Part 1 https://www.codeandsec.com/FinFisher-Malware-Dropper-Analysis Part 2 https://www.codeandsec.com/FinFisher-Malware-Analysis-Part-2 Part 3 https://www.codeandsec.com/FinFisher-Malware-Analysis-Part-3 Dropper in attach. MD5 : 074919f13d07cd6ce92bb0738971afc7 SHA1 : 9f9...
by rkhunter
Tue Oct 07, 2014 5:19 pm
Forum: Reverse Engineering and Debugging
Topic: Windows 10 binaries
Replies: 7
Views: 12879

Re: Windows 10 binaries

I've attached win32k.sys, win32kbase.sys, win32kfull.sys and symbols.
by rkhunter
Tue Oct 07, 2014 12:57 pm
Forum: Reverse Engineering and Debugging
Topic: Windows 10 binaries
Replies: 7
Views: 12879

Re: Windows 10 binaries

Btw, look to list of loaded drivers. Now we have 3 win32k drivers: win32k.sys , win32kbase.sys and win32kfull.sys . Also very interesting exports in ntoskrnl ( MmLoadSystemImage , PsLoadedModuleList ) & win32k (related to GUI SSDT on read access). New fields in kprocess & kthread related to security...
by rkhunter
Mon Oct 06, 2014 4:03 pm
Forum: Malware
Topic: iOS malware
Replies: 2
Views: 7474

iOS malware

Xsser aka Krysaser trojan (mRat) -- for jailbroken devices https://www.lacoon.com/lacoon-discovers-xsser-mrat-first-advanced-ios-trojan/ http://www.kernelmode.info/forum/viewtopic.php?f=21&t=3514&p=24027&hilit=ios#p24051 iOS/PSW.SSLCredsThief -- for jailbroken devices https://www.sektioneins.de/en/...
by rkhunter
Sun Oct 05, 2014 2:30 pm
Forum: Reverse Engineering and Debugging
Topic: Windows 10 binaries
Replies: 7
Views: 12879

Re: Windows 10 binaries

For above files symbols in attach.