illmob

Like clockwork , the new 0day has been added to metasploit. eromang was quick to record a demo of the exploit in action http://eromang.zataz.com

Spotted in the wild, reports are still coming in.
malware.dontneedcoffee.com
The files
blog.spiderlabs.com
decrypted java source

mimikatz now supports saved domain credentials dumping (task scheduler included) also visit site in chrome unless you manually want to translate it. blog.gentilkiwi.com

Kernel rootkit, that lives inside the Windows registry value data and uses a buffer overflow of win32k.sys for persistance. Check it out ::HERE::

While the concept on DMA through firewire isn’t new (around 2006-ish with
Winlockpwn – no longer developed.) A new project has picked up where winlockpwn left off. The newer version called Inception is able to unlock winxp,vista,7,8,osx,ubuntu,mint. It works over FireWire, Thunderbolt, ExpressCard and PCMCIA . If the machine doesnt have it you can slap one in and the driver should automatically install even though its locked. Great for bypassing machines that have encryption like bitlocker, trucrypt, etc… that are left locked. Newer version of OSX have patched this though as of Oct. 2011. I tested on Backtrack5 r3 against winxp,win7 x32, and OSX 10.7.3 and it worked like a charm.
Check it out ::HERE::

Mark Gamache posted on his blog on how he was able to break the NTLM handshake using cloudcracker.com. Check it out ::HERE::