Data Handling on iOS Devices   With over half a million apps in the App Store, Apple’s trademark slogan “There’s an app for that” is bordering on reality. We use these apps for online banking, social networking and e-mail without really knowing if they’re communicating and storing our personal data securely. With Apple controlling over [...]

IN BRIEF By Armando Romeo, eLearnSecurity and ID Theft Protect As usual specialists from companies eLearn Security and ID Theft protect will share with us latest news from IT security world. Read it to up-date yourself. When I’m x64: Bootkit Threat Evolution in 2011 By Aleksandr Matrosov, Eugene Rodionov It’s traditional in security (almost considered [...]

  Starting to Write Your Own Linux Schellcode By Craig Wright We have seen more and more people become reliant on tools such as Metasploit in the last decade. This ability to use these tools has empowered many and has created a rise in the number of people who can research software vulnerabilities. It has [...]

From the Theory of Prime Numbers to Quantum Cryptography by Roberto Saia The typical ‘modus operandi’ of the computer science community is certainly more oriented to pragmatism than to fully understanding what underlies the techniques and tools used. This article will try to fill one of these gaps by showing the close connection between the [...]

The Mobile Wallet and E-Commerce Payment Systems: Ensuring Seamless Security and Mobility by Carla Hough Due to the increase use of smartphone and tablets by consumers, merchants and corporate clients, the banking industry, network companies and retailers are uniquely positioned to offer its customers an array of mobile payment options that will be easy to [...]

IN BRIEF By Schuyler Dorsey, eLearnSecurity i ID Theft Protect As usual specialists from companies eLearn Security and ID Theft protect will share with us latest news from IT security world. Read it to up-date yourself. Practical Client Side Attacks By Julio Gómez Ortega In a penetration test, it is common not to pay attention [...]

DPA Exploitation and GOTs with Python By Craig Wright If we can write into the GOT, we can effectively redirect the execution flow of a program and allowing ourselves to gain a root shell. This article is a follow-up and second part of a look at format strings in the C and C++ programming languages; [...]

Creating Rouge Access Point by Rishabh Mehta A big issue a few years back had to do with dial-related fraud in Russia. Basically, usernames and passwords to dial accounts were being bought and sold on the black market and the owners of the stolen credentials were being hit with enormous usage charges. In actuality, this [...]

Android Insecurities by Joey Peloquin The article will begin with a focus on what the author calls Offensive Mobile Forensics, an analysis technique that mimics the approach an attacker would take in the event they acquired a lost or stolen device. Readers will notice some stark differences between iOS and Android analysis. Next, the author [...]

Latest News From IT Security World By Armando Romeo, eLearnSecurity and ID Theft Protect Duqu: The Precursor Stuxnet Attack By Rebecca Wynn Duqu is essentially the precursor to a future Stuxnet-like attack. The threat was written by the same authors, or those that have access to the Stuxnet source code, and the recovered samples have [...]