Recent Curesec Publications
2013 Nov 27
This vulnerability enables any rogue app at any time to remove all existing device locks activated by a user. Furthermore we have created an app to demonstrate the issue. You can choose two options, remove all locks right away or remove them at a defined time.
2013 Nov 15
On Windows systems with PHP versions installed that allow null bytes in the URL it is possible to turn a local file inclusion vulnerability to a full remote code execution vulnerability.
2013 Oct 02
Curesec has turned two years old! As a birthday present we have moved into our new office! 165sqm space for the security enthusiasts!
2013 Sep 16
In this report we would like to point out how the rootkit infects a system, how it operates and what kind of anti-reversing and anti-debugging techniques are in place.
2013 Sep 10
We are back with a great blogpost. This time about data exfiltration using ping, packed together as a simple backdoor-like code. The technique may work in generell for linux and windows as well, however the main target and interest was Android.
2013 Aug 06
welt.de and morgenpost.de published an article about vulnerabilities in industrial facilities in august 2013. The article is in german only.
2013 Aug 03
In july 2013 we published a way to abuse the popular chat software Whatsapp to get payment information from google wallet and Paypal.
2013 Jul 24
This vulnerability can be used to get payment credentials for Google Wallet and Paypal by abusing the popular application Whatsapp.
2013 Jul 09
Today, we will show a bug concerning OpenSSH. OpenSSH is the most used remote control software nowadays on *nix like operating systems. Legacy claims it replaced unencrypted daemons like rcp, rsh and telnet. Find a version at: https://www.openssh.com.
2013 Jul 01
In Part 1 of the analysis we have seen a first description of the dropper and how to extract the executeable placed in the file. To move forward with work we dumped the memory with the decrypted virus body and continued the analysis.