Overview We have analyzed the Disco Savings malware in order to identify it's internals and posted a whitepaper, so you should check it for all the details regarding the analysis process. We have posted a number of malicious JavaScript files used by Disco Savings adware in our malware-samples Github ...

Introduction In this article we'll present the CVE-2014-4690 vulnerability existing in pfSense version <= 2.1.3. In later versions of pfSense, the vulnerabilities have been successfully remediated and are no longer present. You should also read the previous articles about PfSense vulnerabilities at the following locations: PfSense Vulnerabilities Part ...

Introduction In this article we'll present the CVE-2014-4689 vulnerability existing in pfSense version <= 2.1.3. In later versions of pfSense, the vulnerabilities have been successfully remediated and are no longer present. You should also read the previous articles about PfSense vulnerabilities at the following locations: PfSense Vulnerabilities Part ...

Introduction In this article we'll present the CVE-2014-4688 vulnerability existing in pfSense version <= 2.1.3. In later versions of pfSense, the vulnerabilities have been successfully remediated and are no longer present. You should also read the previous articles about PfSense vulnerabilities at the following locations: PfSense Vulnerabilities Part ...

Introduction For those of you who don't know, PfSense is an open-source network firewall distribution based on FreeBSD operating system used by many companies worldwide to protect their infrastructure. Up until now, it has been more than a year since we've reported a number of security vulnerabilities existing ...

PANDA is a platform for architecture-neutral dynamic analysis [1] built on top of QEMU system emulator, which makes it feasible to access all code executing in the quest and all data being manipulated in the guest virtual machine. PANDA supports the same architectures as Qemu, so every instruction set can ...

A few days ago we made the decision to change the default insecure HTTP protocol being used in our company website: Protean Security with a secure HTTPS protocol. The process was very easy at the beginning and there was little needed to be configured. Basically we had to register our ...

Introduction In this article we'll explore the Cuckoo Sandbox, an automated malware analysis framework. When installing Cuckoo for the first time, we can quickly determine that it's not all that easy to install Cuckoo [1]. Therefore, to ease the pain we've described the process of how to ...

Running VirtualBox or Vmware on Hardened Kernel In this article we'll take a look at how to run VirtualBox/Vmware on a hardened kernel, which provides various security features increasing the security of the entire system. The default installation of Linux kernel is not as secure as it can ...

In the beginning of time, there were hardware terminal emulatorsalso called ttys, which are programs emulating a video terminal. In modern computers, we're mostly used to graphical user interfaces (GUIs), whereas a terminal emulator like xterm is used to access the command line interfaces (CLIs) or text user interfaces ...