pdfattack
"Hi Leon! How's vacation?
I really appreciate you creating this video. Our new semester at the college starts tomorrow and I'm sure I'll be using your video again later, somewhere towards the Spring.
KP"
Dissecting The Hack
An Information Security Community
-
Ken Pryor
- 46, Male
- Robinson, IL
- United States
- Blog Posts (1)
- Discussions (1)
- Events
- Photos
- Photo Albums
- Videos
Gifts Received
Ken Pryor has not received any gifts yet
Ken Pryor's Page
Latest Activity
Ken Pryor commented on Leon van der Eijk's blog post Identifying unknown files by using fuzzy hashing"Dennis: Pretty cool how it all comes together."
Ken Pryor commented on Leon van der Eijk's blog post Identifying unknown files by using fuzzy hashing"Excellent write-up, my friend! This is a very useful and informative post."
Ken Pryor commented on Leon van der Eijk's blog post Closing the loop"Excellent article, Leon! I learned from it and it has inspired me to start creating my own ClamAV signatures. Keep up the great work, my friend!"
d3tm4r commented on Ken Pryor's blog post Interesting Registry Keys with FakeAV Infection"Very interesting stuff. Thanks for sharing. Regarding the Reg-Keys it's quite clear what the effect of some of them are CheckExeSignatures and RunInvalidSignatures are documented…"
Ken Pryor posted a blog postInteresting Registry Keys with FakeAV Infection
So there I was (don't you love it when a story starts like that?), arriving at work recently when I was asked to look at a co-workers laptop that was infected with a fake antivirus program. Another co-worker had already done what I would have done, in that he ran MalwareBytes (MBAM) on the machine. However, I was surprised that MBAM hadn't even detected the infection. Neither had the installed real antivirus, Microsoft Security Essentials. Upon starting the laptop and logging, I was greeted by…See More
Ken Pryor commented on Leon van der Eijk's blog post Some kippo results"This was great fun to watch and good info too. Thanks Leon! I may have to give Kippo a try since I'm not having much luck attracting what I want with dionaea."
Ken Pryor commented on Leon van der Eijk's video
Picking on a poor xp machine with metasploit
"Hi Leon,
Yes, I did migrate to the explorer pid. Not sure what went wrong. I'll try it all again when I get some time. Thanks!"
Ken Pryor commented on Leon van der Eijk's videoPicking on a poor xp machine with metasploit
"I just followed along with this using a BT4 virtual machine against a Windows XP SP2 vm. Things went well up until the keyscan_start portion and then little went right after that. I wasn't able to do what you did with the keyscan and also when…"
Ken Pryor replied to Jayson E. Street's discussion 1N R34L L1F3"Just got my copy Thursday and have been reading every chance I get. Great stuff! I look forward to future books.
KP"
Ken Pryor's Blog
Interesting Registry Keys with FakeAV Infection
So there I was (don't you love it when a story starts like that?), arriving at work recently when I was asked to look at a co-workers laptop that was infected with a fake antivirus program. Another co-worker had already done what I would have done, in that he ran MalwareBytes (MBAM) on the machine. However, I was surprised that MBAM hadn't even detected the infection. Neither had the installed real antivirus, Microsoft Security Essentials.…
Continue
Continue
Posted on February 17, 2011 at 7:41pm — 1 Comment
Comment Wall
- No comments yet!
Latest Activity
d3tm4r commented on Siem van Boxtel's blog post Use of SE in past criminal activities related to Dutch Banks"This is an interesting research that you are doing there. I guess it is safe to assume that SE historically is the most common attack vector for criminals and it still is today. But I don't know if or how many scientific studies exist to…"
© 2012 Created by Marcus J. Carey.
Powered by
