Web threats ..a new wave! – by Hemanshu

Today omnipresence of internet makes your browser the favorite attack vector for bad guys. Initially content filtering solutions (think websense) looked effective in curbing malicious website, but of recent there has been a new revival in the malicious websites and what is interesting is more and more legitimate websites are getting infected(msn canda , nitie ,Bank-of-India). Once a legitimate site starts distributing malware or is compromised there is little your web filtering solution or firewall could do about it. To add to injury attackers have now turned to obfuscate the attack payload to evade any security apparatus like IPS in place. Javascript looks like to be the tool of choice; its universally supported in all browsers (and in pdfs too..but that’s again a long story). Known attacks like Gumbler have started leveraging obfuscation an excellent description is here. These obfuscations make it very hard for signature based security engine to confidently detect and attack.

Read More

wh[0x01] WildHack Contest

Welcome to our 0x01st contest. Let your grey cells do the thinking/talking :-). Participate by submitting content on security and get a chance to win the ultra-cool, 100% Indian null hacker t-shirts.Winning (and other cool) submissions will also be published on null’s website. The best of the lot will also be considered for the upcoming security conference * nullcon.

Read More

First official null meet

It was really good to see that Pune has a lot of potential. A lot of security enthusiasts showed up at the first NULL meet. The best part was that our first meet happened at ClubHack – India’s premier hacking convention, so much for a kickstart :-).

Venue: ClubHack 2008, Room-B, 5th Floor, ICC Trade Towers, SB Road, Pune.

Date & Time: 7th Dec 2008 14:00 hrs

Read More