Abstract: This paper will discuss the anomaly behavior of Google search engine that affects the working of automated scanning tools. This anomaly can be considered as a security mechanism implemented by Google to prevent number of search queries to be executed by a single host within a specific time limit. Due to this factor the scanning functionality of number of tools is disrupted.
Abstract: CartellaUnicaTasse.exe is an e-mail spreaded Malware that acts as a Downloader Agent for other Malicious Executable Applications. Thanks to CUT.exe a series of executables are downloaded and runned into the victim user. In this paper we will analyze with a classical RCE Approach the entire structure of CartellaUnicaTasse from the pure Infection to the Network Point of View.
Abstract: In this paper (Trojan-PSW.Win32.OnLineGames.eos) we analyze Win32.OnLineGames, which is a PSW Trojan that works as a Password Stealer, specifically written to steal online gaming passwords.
Abstract: In this paper (Trojan-PSW.Win32.OnLineGames.eos) we analyze install.exe that presents the typical structure of an Medium Evoluted Malware, with basical Obfuscated-Dummy Code, some layer of Encryption decoded at Runtime and Custom Hash Functions used as Integrity Check. We can also see an intersting technique that retrieves API's Addresses OnDemand through a series of hardcoded values that corresponds to some API, the correspondent API Address is computated at runtime and chosen in function of the Hardcoded Value.
Abstract: This paper introduces quite a new approach to modern threat management in the context of advanced vulnerability research. The author makes an attempt to point out security threats and highlight possible exploitation opportunities as well as into describes the proposed mitigation and prevention system which would allow deployment of security QoS. Security trends, new weaknesses and vulnerabilities are all analyzed in the context of global threat management system make the work pinpoint the real-world problem and suggest the solution.
Abstract: In this paper (Worm.Win32.Zhelatin.pk Reverse Engineering) we will analyze with a classical Approach the entire structure of Worm.Win32.Zhelatin.pk from the pure Infection starting with happy-2008.exe, which is a classical E-Card Malware spreaded through fake mails.
Abstract: In this paper (Trojan-Downloader.Win32.Small or Win32/PolyCrypt Analysis) we will analyze PolyCrypt that is spread through infected websites by using exploits or every other form of abusive Download mechanism. PolyCrypt is weakly Packer Protected, so with VMUnpack we can suddenly obtain the full working unpacked copy.
Abstract: In this paper (Reverse Engineering of Strong Crypto Signatures Schemes) we will have the usual classical style of a CryptoReversing Approach, what we going talk about are the ECC also known as Elliptic Curve Cryptography; after a theorial study we will fly to the most common Secured Software Applications with a touch of Hardware Security.ware.
Abstract: The following paper will uncover some intersting Undocumented functions relative to Windows Debugging Support. NT is capable of generating and collecting text Debug Messages with an high grade of customization. Usermode and kernelmode drivers use different routines to send output to the debugger.