Monthly Archives: April 2011

Malscript on Compromised Site

From the looks of it, the catholic.org site appears to have been compromised in some way. There is obfuscated Javascript buried in the webpage that points to a malicious domain. Thank goodness that the malicious domain no longer resolves so … Continue reading

Posted in Malscript | Tagged , | 1 Comment

Impressive Javascript Encoder

There are many online Javascript encoder sites that enable you to obfuscate your Internet link or email address. Most of the Javascript encoders that I’ve seen don’t pose much of a challenge and are really easy to reverse. I recently … Continue reading

Posted in Tools | Tagged , , , | 3 Comments

UPS Scam Email Links to Black Hole

Here we see a fake UPS email suggesting that a package has arrived. Recipients of this scam email may be inclined to click on one or both of the links. The first link does take you to ups.com. The second … Continue reading

Posted in Exploit Packs, Malscript | Tagged , , | 4 Comments

Flash 0Day Found in Drive-By

The recently announced Adobe Flash 0day exploit (CVE-2011-0611) has been found in the wild as a drive-by download. The exploit targets Adobe Flash Player version 10.2.153.1 and works quite reliably. Here’s a portion of Javascript code for an exploit shared … Continue reading

Posted in 0-Day, Malscript | Tagged , , , , , | 4 Comments

Wild Wild West

since there seems to be a lot of interest in attack toolkits, i grabbed the logos from various kits in our zoo (and from the internet) and put this together.  corrections and additions can be sent to sectek at live … Continue reading

Posted in Exploit Packs | Tagged , | 1 Comment