Events Related:
- Black Hat USA 2009 Media Archives – blackhat.com
A compilation of the white papers, presentations and other media from this security conference. - Next Baysec: Aug 18 at Kate O’Briens – root.org
Another Bay Area event coming soon - DEFCON Related posts
- PaulDotCom Defcon Party Challenge: The Solution – pauldotcom.com
Now that DEFCON 17 is over, we promised the solution to our party pass challenge. - The 2009 Rollercon vs DefCon Fashion Showdown – derbyhelper.blogspot.com
Some friendly competition between Rollercon and DEFCON - Ninja Networks Party Badge – hackaday.com
-
HackTheBadge 1.0 – hackaday.com
A couple of badges
- Official DEFCON Forums – defcon.org
- IOA Freakshow 2009 – flickr.com
- Black Hat & DEFCON 17, August 2009 – flickr.com
- Offical DEFCON Pics – defcon.org
Some photosets from DEFCON - Defcon 17 Roundup – reusablesec.blogspot.com
A look back into the roller coaster ride that is Defcon - I Hack Charities Defcon17 Celebrity Signed Hacker Shirts Up on Ebay now! – exoticliability.com
Proceeds go to I Hack Charities! - MysteryChallenge – DefCon 17 – cutawaysecurity.com
A run through of the Mystery Challenge - Top 10 Things I Learn At Defcon 17 – pauldotcom.com
- Fear and loathing at the Riviera: A noobs guide to Defcon – irongeek.com
Recent event highlights and some need to know facts - Inside the World’s Most Hostile Network – wired.com
Wired gives a photographic look behind the scenes into DEFCON’s network infrastructure.
- PaulDotCom Defcon Party Challenge: The Solution – pauldotcom.com
- HAR2009: Talks of interest – enablesecurity.com
There’s the workshops (and beer) which appear to be worth visiting in between the talks. - War Games. Current and past hacking simulators and challanges – webantix.net
These War games/Hacking Simulators are a great training ground for “noob” hackers and security professionals to learn the art of hacking.
Resources:
- Browser Security Testing – nsslabs.com
A few reports on social engineering and phishing tests - In Focus: NovaInfosec Twits – novainfosecportal.com
You can go to the NovaInfosec Twits page on Twitter to see who’s who in the local security community.
Tools:
- Open Source Web Anti-Malware Tool Released – eweek.com
The software promises to monitor and identify online malware infection attempts before they can take root on protected URLs. - Plugin Spotlight: Import Nmap XML Results Into Nessus – tenablesecurity.com
Nmap continues to be a powerful tool for port scanning, operating system identification, service identification and now supports extended information with NSE scripts. - Oval Interpreter 5.5.25 – sourceforge.net/projects/ovaldi/
The OVAL Interpreter is a freely available reference implementation that demonstrates the evaluation of OVAL Definitions.
Techniques:
- Advanced Mac OS X Rootkits – trailofbits.com
My presentation covered a number of Mach-based rootkit tools and techniques including user-mode Mach-O bundle injection. - BlackHat Briefing – Weaponizing The Web – liquidmatrix.org
The emerging socialized web is creating a popular platform for multi-site aggregation which in the attacker’s eyes equals return on investment. - State of the Art Post Exploitation in Hardened PHP Environments – suspekt.org
It is demonstrated how two 0day exploits can be used to get arbitrary read and write access to the memory of PHP. - De-cloaking in IE7.0 Via Windows Variables – ha.ckers.org
Well, it turns out that in IE7.0 if you cut and paste things with a %…% in them it translates to a OS variable. - New Advisory: 0wning with Gimp – blogs.23.nu/RedTeam
The idea is to plant your exploit code (in this case, PHP code) in a file with a valid GIF header and the file extension .php. - B300 Comic – hackerschool.org
A wacky comic representation of an attack done during Defcon by a Korean hacking team - The changing battlefield in Memory – mandiant.com
During our talk and in several interviews, we stated that some aspects of computer security are a cat and mouse game. - itms Decloaking – ha.ckers.org
I found a way to bypass itms’s limitations on which domain it allows you to connect. - SMB Decloaking – ha.ckers.org
If you’ve got Wireshark running you can get the real username, IP address, and possibly other interesting tidbits. - Recover or reset QSECOFR passwords – ibm.com
Your QSECOFR service tools user ID can have a different password from your QSECOFR OS/400 user profile. - !jutsu searchVtptr – metasploit.com
I’ve added some helpful code to byakugan to let you search for the pointers to pointers to pointers to code that you need. - Database Hacking Video Demonstration: SQL Injection Attack via Direct Database Access – imperva.com
This video looks at a Direct Database Access SQL Injection attack. - XSS (Cross Site Scripting) Cheat Sheet – ha.ckers.org
This page is for people who already understand the basics of XSS attacks but want a deep understanding of the nuances regarding filter evasion.
Vulnerabilities:
- Vulnerability affects all major browsers – h-online.com
A specially prepared proxy can inject HTML and script code into the context of a secure page. - Wordpress password reset bug
A PHP flaw enables an exploit to continually reset Wordpress admin passwords- WordPress Bugs… A Disturbing Vulnerability – preachsecurity.blogspot.com
- WordPress <= 2.8.3 Remote admin reset password – milw0rm.com
- WordPress vulnerability allows remote admin password reset – Update – h-online.com
- WordPress bug resets admin password – theregister.co.uk
- Linux vulnerability affects all versions of 2.4 and 2.6
The vulnerability enables users with limited rights to get root rights on the system.- Critical vulnerability in the Linux kernel affects all versions since 2001 – h-online.com
- Another Linux Kernel Flaw Emerges – threatpost.com
Vendor/Software Patches:
- Another big Patch Tuesday for Microsoft
This is a fairly heavy month—the vendor is releasing nine bulletins covering a total of 19 vulnerabilities.- August 2009 Bulletin Release – technet.com
- Microsoft Security Bulletin Summary for August 2009 – microsoft.com
- Microsoft Security Bulletin MS09-036 – Important – microsoft.com
- Microsoft Security Bulletin MS09-037 – Critical – microsoft.com
- Microsoft Security Bulletin MS09-038 – Critical – microsoft.com
- Microsoft Security Bulletin MS09-039 – Critical – microsoft.com
- Microsoft Security Bulletin MS09-040 – Important – microsoft.com
- Microsoft Security Bulletin MS09-041 – Important – microsoft.com
- Microsoft Security Bulletin MS09-042 – Important – microsoft.com
- Microsoft Security Bulletin MS09-043 – Critical – microsoft.com
- Microsoft Security Bulletin MS09-044 – Critical – microsoft.com
- Microsoft Patch Tuesday – August 2009 – symantec.com
- 19 security vulnerabilities fixed in Windows components and applications – h-online.com
Other News:
- Voting Machine Attacks Proven To Be Practical – slashdot.org
Moreover, they came up with some cool tricks to do this on a machine protected against traditional code injection attacks. - Judge Rules DVD-Copying Software Is Illegal – wired.com
A federal judge ruled here late Tuesday that it was unlawful to traffic in goods to copy DVDs. - Robert Scoble fails to update WordPress, gets hacked – sophos.com
Prominent blogger Robert Scoble has come a cropper after hackers were able to break into his site and post links to pornographic websites. - Social Security to Pay $500 Million To 80,000 Victims of Database Error – washingtonpost.com
The Social Security Administration has agreed to pay more than $500 million in back benefits. - Judge: Microsoft Banned from Selling Word in the US – mashable.com
Toronto-based i4i Inc won an injunction against Microsoft regarding the company’s XML patents. - Diebold Quietly Patches Security Flaw in Vote Counting Software – wired.com
The flaw in the tabulation software was discovered by Wired.com earlier this year, and involved the program’s auditing logs. - McAfee Leaks 1,400 Security Pro Details – djtechnocrat.blogspot.com
Security software maker McAfee has accidentally e-mailed the full contact details of 1,400 IT security professionals to an unknown number of recipients. - Hacking at Random: CCC demonstrates TEMPEST measurement of voting machines – h-online.com
Andreas Bogk of the Chaos Computer Club has demonstrated a way of measuring electromagnetic radiation from a Nedap voting machine. - OpenBSC powered GSM network live at HAR2009 – gnumonks.org
Under license of the Dutch regulatory authority, we operate two BTS with two TRX each, forming the network 204-42. - Pirate Bay and BREIN Clash at Hacker Conference – torrentfreak.com
Tim Kuik, head of Dutch anti-piracy outfit BREIN, had a brief encounter with Pirate Bay founder Gottfrid Svartholm (Anakata) on Friday. - Cracking GSM phone crypto via distributed computing – cnet.com
Security researcher Karsten Nohl is launching an open-source, distributed computing project designed to crack the encryption used on GSM phones. - Huge GSM flaw allows hackers to listen in on voice calls – neowin.net
The GSM flaw is massive and would affect not only businesses but individuals. - Twitter used to command and control botnet
Using what’s known as a base64 decoder, the dispatches pointed to links where infected computers could receive malware updates.- Twitter transformed into botnet command channel – theregister.co.uk
- Old News: Twitter can be used for Botnet Command & Control – spylogic.net
- Hackers Use Twitter to Control Botnet – wired.com
- Lenovo issues battery “service and warranty extension” for six ThinkPad models – engadget.com
The recalled models are the R60, R61, T60, T61, X60, and the X61.
No comments yet.