Archives: May 2016

Using Python to Decrypt Dispind.A and Helminth HTTP Beacons

Posted on May 30th, 2016

Microsoft’s Windows Defender Advanced Threat Hunting Team and Palo Alto’s Unit 42 recently published some great technical writes up that detail targeted attacks, PLATINUM and OilRig, respectively. The reports are great because they provide some actionable intelligence for network defenders to detect malicious activity. The reports also go into great detail about how the attackers […]

ImageMagick Undocumented Feature – RCE (CVE-2016-3714)

Posted on May 9th, 2016

Overview: This past week a very interesting vulnerability (CVE-2016-3714) came out affecting ImageMagick – software used to convert, edit, and manipulate images. The main attack vectors for the vulnerability are going to be web applications that leverage the software for image modification. Now the software package adds some additional functionality for us attackers #RCE 🙂 […]