Friday, January 23, 2015

Google reveals 3 Apple OS X Zero-day Vulnerabilities

Project Zero has yet again revealed three more zero-day vulnerabilities this time on OS X. The team has published three zero-day exploits for Apple’s OS X, with sufficient information for an experienced hacker to exploit the bugs in an attack. The details about the zero-days were released after alerting Apple to them. All three require physical access and cannot be exploited remotely.

Google reveals 3 Apple OS X Zero-day Vulnerabilities

Google's Project Zero is an initiative that identifies security holes in different software and calls on companies to publicly disclose and patch bugs within 90 days of discovering them. The company’s tight 90-days disclosure policy encourages all software vendors to patch their products before they could get exploited.

Friday, January 16, 2015

Malwarebytes Anti-Exploit!

"Popular software programs contain millions of line of code. Bad guys exploit flaws (vulnerabilities) in the code to deliver malware. Except when they can't. Malwarebytes Anti-Exploit wraps four layers of security around popular browsers, preventing exploits from compromising vulnerable code. Not an antivirus, but compatible with most antivirus, Malwarebytes Anti-Exploit is a small, specialized shield designed to protect you against one of the most dangerous forms of malware attacks. And it's free."

Better and faster compared to running the browser in a sandbox. 
Unfortunately only available on Windows. hosts a collection of lists that provide information on the components of legitimate and potentially unwanted programs. They are maintained by superb members of the Internet community, for the benefit of the community at large.

 + Check out this kool script (in python) that parses to the site.

Friday, January 09, 2015

ISTR Annual Report

2014 Internet Security Threat Report, Volume 19

The Internet Security Threat Report provides an overview and analysis of the year in global threat activity. The report is based on data from the Symantec Global Intelligence Network, which Symantec's analysts use to identify, analyze, and provide commentary on emerging trends in the dynamic threat landscape.

Overview and Analysis
98 pages, 11.5 MB (PDF)

Additional Stats and Information
116 pages, 3 MB (PDF)

Thursday, January 08, 2015

Android - NoRoot Firewall

While there are many firewalls including ones packaged in Antivirus apps they all require your Android devices to be rooted As the leading mobile OS Android should have an inbuilt firewall until then we hav NoRoot Firewall the app ingeniously uses the Android inbuilt VPN feature to provide filter access to apps onboard your device and due to this the app doesn't need your devices to be rooted as name suggests.

Saturday, April 17, 2010



A simple javascript to point the blog to its feed when opened via iPhone and rest is taken care by apple. ( check out the source for the code.

Anyone noticing a conundrum in this post.. lol.

Friday, April 09, 2010

Panda Cloud Antivirus !!!

Interesting! Confusing! and Free!   
thinking.. Jedi vs Seth ~ Cloud vs BotNET, lol…

Panda Could Antivirus, an  interesting, a bit confusing free antivirus solution,  Would have been nice if i dint have to UNINSTALL EXISTING ANTIVIRUS TO INSTALL PANDA CLOUD!!! I hate it when AV’s do that!!! so try only if you have time and patience to… Uninstall – Reboot – Install – Possibly a reboot - Reinstall - Definitely a reboot – Done… or are you ? Any major OS updates resets the AV into reinstalling it, this may drive you crazy or you may just wanna try it on a VPC would be great if your VPC is slow. I would consider this an experimental build or a beta at best! and hence wouldn’t want this alone on my pc. but true to its word it does have a very low memory footprint 2MB!!! wow!!! and panda is a good AV, but Cloud obviously needs to be connected to work better and this is bad!!! Remember worms do block websites so that they cannot be cleaned!!! Not too bad it only asked to be connected sometimes in random, Panda: “aah... well i dont let you get infected in the first place and if u do i have a command line scanner too but no no other antivirus allowed !!!“ bad panda! lol…

First Impressions: the look is pretty dumb there is nothing, absolutely nothing to configure! You wouldn’t even know if it can scan archives, it doesn’t; if its workin and it does work!! Other than assuming the user to be dumb, well what else to assume with a dumb looking UI, no documentation to make sense how it works rather than what it is!  Searching forums help here! Think its an ok solution but a lot of scope for improvement and a has a great potential to be, Need to Evolve More lol.. May be this is how we can get rid of all the junk (bots, worms, trojans, viruses; well they are toxic waste of the cyberspace). Think of the collective finds!!! Well atleast panda’s gonna have a huge collection of sure shot signatures as a rain/result from this cloud! Anyways Avira’s back (installed it after installation of panda lol…) and both are running pretty good, not much load at all! Avira and Panda keeping watch together, Panda holding an Umbrella lol…

Well a Cloud Antivirus is probably good for systems on enterprise networks (always on, always connected and clean network) And for PC ? may be..
I do like the panda icon on my taskbar ;)      

Thought: Was it a Cloud or a botNET that SKYNET spreads into… let me know when t1000 arrives!!!