C# Executable Anti-Israel IsraBye Data Wiper Malware Demonstration Video

Reading/Watching time ~5min

The below video demonstrates a new data wiper malware called IsraBye. Is an anti-Israel, pro-Palestinian malware that targets Israeli victims to destroy all data on the end-user’s computer. After running it will then display a lock screen and play a song.


New Rapid Spreading IoT Botnet Dubbed IoT_Reaper Strikes with Millions of Zombie’s Devices

Reading time ~7min

Since mid-September, a new IoT botnet has grown to massive proportions. Codenamed IoT_reaper (Reaper for this article), researchers estimate its current size at nearly two million infected devices.

According to researchers, the botnet is mainly made up of IP-based security cameras, network video recorders (NVRs), and digital video recorders (DVRs).

Continue reading “New Rapid Spreading IoT Botnet Dubbed IoT_Reaper Strikes with Millions of Zombie’s Devices”

Abusing GDI Objects for ring0 Primitives Revolution

Reading time ~20min

Exploiting MS17-017 EoP Using Color Palettes

This post is an accompaniment to the Defcon 25 talk given by Saif. One of the core topics of the talk was the release of a new technique GDI object abuse technique, name Palette Objects. Saif presented a previously unreleased Windows 7 SP1 x86 exploit involving the abuse of a newly discovered GDI object abuse technique.

A complete white-paper on the topic was released and can be found here: Whitepaper

Both exploits discussed in the talk, were also released and the source code of these can be found here: https://github.com/sensepost/gdi-palettes-exp

Continue reading “Abusing GDI Objects for ring0 Primitives Revolution”