Conficker C Analysis

March 20, 2009

Here a nice analysis of Conficker C

http://mtc.sri.com/Conficker/

http://mtc.sri.com/Conficker/addendumC/


Backdoor.Win32.UltimateDefender Reverse Engineering

December 8, 2008

Hi,

I’ve released Backdoor.Win32.UltimateDefender.gtz Reverse Engineering on my Website:

http://evilcry.netsons.org/tuts/Mw/Backdoor-UltimateDefender.pdf

Regards,

Giuseppe ‘Evilcry’ Bonfa’


An (In)security Overview on Analysis of Client-Server Software Applications

October 11, 2008

Hi,

I’ve released a little paper with title An (In)security Overview on Analysis of Client-Server Software Applications that I think is self explainatory.

Here a little abstract:

The principal objective of this paper is to give a good detailed
panoramic view of the Security aspects involved in Client-Server based
Applications. The panoramics will be seen from the point of view of a
Reverse Engineer that should be aware of the Security Problems that are
directly releated to the Client-Server Software Structure.

Here you can download the paper: http://evilcry.netsons.org/tuts/CSAnalysis.pdf

Regards,

Giuseppe ‘Evilcry’ Bonfa’


RBN (Russian Bank Network) Analysis

December 7, 2007

Hi,

There are some places in the world where life is dangerous. Internet has some dark zones too and RBN is one of them. RBN stands for Russian Business Network and it’s a nebulous organisation which aims to fulfil cyber crime.

This study aims to provide some enlightenment on RBN activities and tries to detail how they work. Indeed RBN has many constituents and it’s hard to have an exact idea on the goal of some of them and the way they’re linked with other constituents.
There are some countermeasures available but they don’t make sense for home users or even companies. Only ISPs, IXPs and internet regulators can help mitigating risks originating from RBN and other malicious groups.

http://research-labs.net/news/13-Russian+Business+Network+study.html

http://www.bizeul.org/files/RBN_study.pdf

See you to the next post.. 🙂