Resources

• Mobile Threat Report, Q1 2012- f-secure.comIt’s time to publicly release our latest Mobile Threat Report, covering the 1st quarter of 2012. Our Q4 2011 report was quite popular and this new one for Q1 is even better. More content (and pages) for your reading pleasure.
• A closer look into the RSA SecureID software token- sensepost.comWidespread use of smart phones by employees to perform work related activities has introduced the idea of using these devices as an authentication token. As an example of such attempts, RSA SecureID software tokens are available for iPhone, Nokia and the Windows platforms.
• IPv6 Videos- isc.sans.eduWe are in the process of creating some videos to illustrate the impact IPv6 may have on your network. IPv6 may seem far away to you, and you may not have a plan to implement it. However, modern operating systems will frequently enable IPv6 tunneling protocols by default. As a result, you end up with covert channels bypassing your perimeter protection. These videos will focus on this issue.

Tools

• Introducing EMET v3- blogs.technet.comWe are pleased to announce the release of a new version of our Enhanced Mitigation Experience Toolkit (EMET) – EMET 3.0. EMET it is a free utility that helps prevent vulnerabilities in software from being successfully exploited for code execution.
• TrueCrack Beta Brute-Force Password for TrueCrypt Released- code.google.comTrueCrack is a brute-force password cracker for TrueCrypt volume files. It works on Linux and it is optimized with Nvidia Cuda technology.
• quarkspwdump – windows credentials extraction- code.google.comQuarks PwDump is a native Win32 tool to extract credentials from Windows operating systems.
• Frogger 1.2 – VLAN Hopping Script- commonexploits.comIt saves manually sniffing packets, going through and noting down the VLAN IDs etc. It is a fast way to discover live devices within each VLAN ID. Let’s say you have 100 VLAN IDs it will take you some time manually find devices or VLANs of interest.

Techniques

• Reversing 101 – Solving a protection scheme- corelan.beIn this post, we’ll look at an application reversing challenge from HTS (hackthissite.org) resembling a real-life protection scheme. You can find a copy of the challenge here: http://www.hackthissite.org/missions/application/app17win.zip Put simple, the program creates a key for your username, and compares it to the one you enter. This tutorial is not meant as a spoiler for HTS since for every username a dedicated password will be computed. This tutorial is purely written to allow you to understand how some (even real-life) protection schemes are implemented.
• Mallory MITM + FIX SSL Decryption- blog.opensecurityresearch.comIn this post I’ll cover how I approached testing this protocol and the tools I used to test it. I won’t be discussing the FIX protocol in much detail beyond what can be found on the FIX site or various FIX wikis on the net. This post will focus primarily on how to set up and configure Mallory to decrypt the SSL stream from a FIX-speaking thick client.
• CSS-Only Clickjacking- jsfiddle.netIf you click on any of the links below your click will be passed to a hidden Facebook Like button (Click) or a Twitter Follow button (Dont’ click) just below the links.
  The magic is done with a simple CSS rule set in the style of the overlaying element.
• From LOW to PWNED [9] Apple Filing Protocol (AFP)- carnal0wnage.attackresearch.comThe Apple Filing Protocol (AFP) is a network protocol that offers file services for Mac OS X and original Mac OS. In Mac OS X, AFP is one of several file services supported including Server Message Block (SMB), Network File System (NFS), File Transfer Protocol (FTP), and WebDAV.
• PHP 5.4 Win32 Code Execution- packetstormsecurity.orgPHP version 5.4.3 code execution exploit for Win32.

Vulnerabilities

• ElcomSoft Helps Investigate Crime Providing Yet Another Way to Break into iOS with iCloud Attack Advanced Password Cracking Insight- crackpassword.comElcomsoft Phone Password Breaker and Elcomsoft iOS Forensic Toolkit have been around for a while, acquiring user information from physical iPhone/iPad devices or recovering data from user-created offline backups.

Other News

• Popular Surveillance Cameras Open to Hackers, Researcher Says- wired.comThree of the most popular brands of closed-circuit surveillance cameras are sold with remote internet access enabled by default, and with weak password security — a classic recipe for security failure that could allow hackers to remotely tap into the video feeds, according to new research.
• Career Advice Tuesday – Why Info Sec Position Go Unfilled- infosecleaders.comBelow you will find the unedited version of my latest article for Tech Target/Search Security – Information Security Magazine. The article is designed to shed some light as to why companies have such a difficult time in filling information security roles.

Resources Research for SharePoint (MOSS) – owasp.org This page contains research notes on Microsoft’s SharePoint MOSS and WSS MS SQL – Useful Stored Procedures for SQL Injection and Ports Info – pentesticles.com The following post lists and describes various useful stored procedures and port information for MS SQL. Portable Executable 101 – a windows executable [...]

Resources Breaking in to Security – Survey Conclusions, Part 1 – digininja.org To collect the data I created an online survey and sent it out through as many sources as I could, to date I’ve got over 300 results and I’d like to say a huge thanks to everyone who completed it and helped with [...]

Event Related Our CanSecWest 2012 slides on passive DNS and Picviz – picviz.blogspot.fr Alexandre Dulaunoy from CIRCL.LU and Sebastien Tricaud from Picviz Labs have been talking at CanSecWest 2012 in Vancouver, Canada, on how to scrutinize a country using passive DNS and Picviz. SyScan 2012 Singapore slides – www.xchg.info Conference and slides of SyScan 2012 [...]

Here are information security events in North America this month:   SANS Security West : May 3 to 12 in San Diego, CA USA     GRC Summit Boston 2012 : May 8 to 10 in Boston, MA USA     TakeDownCon 2012 : May 8 to 9 in Dallas, Texas USA     Secure360 [...]

Event Related Hackito Ergo Sum 2012 TALKS // Hackito Ergo Sum 2012 – 2012.hackitoergosum.org In this presentation we will cover critical aspects of web applications, and how these techniques can be used on real life scenario on big (and highly “secured”) websites. These bugs and methods will be able to assist you in your next [...]

Event Related A cyber weapon – alexmgeorge.wordpress.com At RSA 2012 Dave Aitel made a presentation wherein he defined cyber weapons a bit outside of how people normally think. The tried and true metaphor (which I admit to using) is that exploits or frameworks are like guns, and if they’re like guns then it’s easy to [...]

Event Related AppSecDC AppSecDC Recap: Old Webshells, New Tricks – novainfosecportal.com Back in the day web shells were all the rage so I was curious what “new” was happening in this area. Ryan Kazanciyan started off with a summary of some of the more poplar web shells he’s seen in the past several years. AppSecDC [...]

Event Related Pwn2Own Lesson From Pwn2Own: Focus On Exploitability – darkreading.com The Pwn2Own contest earlier this month at the CanSecWest Conference showed off the speed with which knowledgeable security professionals can code exploits for known vulnerabilities. On the failings of Pwn2Own 2012 – scarybeastsecurity.blogspot.com This year’s Pwn2Own and Pwnium contests were interesting for many reasons. [...]

Here are information security events in North America this month:     Appsec DC 2012 : April 2 to 5 in Washington, DC USA   InfoSec World Conference & Expo 2012 : April 2 to 4 in Orlando, Florida USA   GovSec 2012 : April 2 to 4 in Washington, D.C. USA   NotaCon 2012 [...]