- Second w3af training @ New York – bonsai-sec.com
The ninja training course is focused on manual and automated discovery and exploitation of web application vulnerabilities using w3af.
- AppSec DC and OWASP Global Summit 2009 – owasp.blogspot.com
- AppSec Brazil 2009 – Call for Participation – owasp.blogspot.com
Schedules for upcoming OWASP conferences plus a few reminders.
- SecTor 2009 Presentations – sector.ca
A list of the presentations and videos from the Canadian security event.
- Notes from Cornerstones of Trust Conference – chuvakin.blogspot.com
Some takeaways from the Bay Area conference.
- Watch the #brucon videos online in our vimeo channel – brucon.org
No download needed to view these video from this event held at the EU capital.
- Randy Smith of UPS Presents on Web App Security at SC World Congress Event – cenzic.com
A presentation from the recent security event
- Small Business Information Security: The Fundamentals – csrc.nist.gov
This is a simple, easy to understand, introduction to information security, focused on the small business.
- Oracle Hacker’s Handbook Book Review – carnal0wnage.attackresearch.com
A review on the handbook touted as required reading for hacking into Oracle databases.
- Six Steps Toward Better Database Security Compliance – darkreading.com
No matter what regulations say, securing the database is a critical part of any compliance effort.
- NatProbe – code.google.com/p/natprobe
This useful program tries to send an ICMP packet out the LAN to detect NAT hosts.
- Check for compromised mail-account – serversniff.de
An online tool for checking email credential security
- Mozilla Plugin Check – mozilla.com
A tool from the makers of Firefox to check if your browser plugins are up-to-date.
- VIPER Lab’s VAST Live Distro – VoIP Security Testing LiveCD – darknet.org.uk
VAST is a VIPER Lab live distribution that contains VIPER developed tools.
- Deep Packet Inspection Engine Goes Open Source – darknet.org.uk
Deep packet inspection is an extremely niche area and requires great expertise.
- Nikto 2.1.0 release – cirt.net
The update includes a new plugin engine, caching among others
- Cain & Abel v4.9.34 – oxid.it
Cain & Abel is a password recovery tool for Microsoft Operating Systems.
- USB Device Parsing Logparser Scripts – sans.org
Using Microsoft’s Log Parser, you can catalogue the USB devices present in a network.
- Oracle Openworld 2009 – SQL Injection Presentation – red-database-security.com
A presentation about SQL Injection and using Netsparker
- Blind SQL Injection in Oracle – slaviks-blog.com
This post describes SQL injection types, examples for web apps and blind SQL injection into Oracle databases.
- Spoofing users and programs and presenting at OWASP – petefinnigan.com
Using Java thin client, you can spoof client details in V$SESSION views.
- Cross Site Scripting Payloads – bonsai-sec.com
The vulnerability that we’re going to be exploiting is a persistent cross site scripting in Achievo.
- Update: PDFiD Version 0.0.9 to Detect Another Adobe 0Day – didierstevens.com
More details coming on a future post, but for now check out the newest version right now.
- Cyber Security Awareness Month – Day 13 Proxies (TCP 3128, 8080 & ……) – isc.sans.org
If not patching today, maybe make today your “check for open proxies in my network day”.
- HITB Malaysia 2009 and sandboxing – scarybeastsecurity.blogspot.com
The blogger presented on various intriguing aspects of sandboxing on Linux during the Hack In The Box conference.
- ePerolehan – SQL Injection – security.org.my
An injection vulnerability is found in the ePerolehan website.
- Waiting for patches to release to WSUS – terminal23.net
The reality of patching is that it is not quite as easy as we always make it sound.
- The Curse of the Flash Exploit – symantec.com
Malware authors often leave hidden messages in files for analysts to find or for other malware authors to see.
- Adoption of X-FRAME-OPTIONS Header – sans.org
One of the more viable solution to clickjacking is the X-FRAME-OPTIONS header that allows a site to control whether its content can be within a frame.
- GOP Posts Password, Admin Instructions on New Web Site – nydailynews.com
In their haste to get their new site up, the Republican Party has posted online instruction how operate that site.
- Exploiting suid binaries – hexesec.wordpress.com
A quick refresher on exploiting suid bits (and why they’re so darn evil).
- More on reDuh – carnal0wnage.attackresearch.com
reDuh is actually a tool that can be used to create a TCP circuit through validly formed HTTP requests.
- Analysis of 10k Hotmail Passwords Part 2 – reusablesec.blogspot.com
A few thoughts on this surprising exposure of passwords and user credentials.
- Create Table to OSDBA – oracleforensics.com
A new paper has a demo on bypassing Oracle directory controls as well as protection against this.
- Abusing VLANs With BackTrack – synjunkie.blogspot.com
The aim is to demonstrate why simlpy placing hosts in a seperate VLAN might sometimes not be enough.
- Latest PDF Zero Day Leads to Exploit Egg Hunt – avertlabs.com
The currently unpatched exploit opens the door to code execution when a victim simply reads a malicious PDF document.
- Old WordPress Versions Under Attack – lorelle.wordpress.com
Reports are that this attack impacts ALL versions of WordPress up to 2.8.3 and 2.8.4, the most recent release.
- Windows plugin opens security hole in Firefox
An add-on that Microsoft silently slipped into Mozilla’s Firefox lleaves the browser open to attack, Microsoft acknowledged
- Sneaky Microsoft plug-in puts Firefox users at risk – computerworld.com
- .NET Framework Assistant Blocked to Disarm Security Vulnerability – mozilla.com
- Firefox’s Immune System – hackademix.com
Mozilla’s response to the recent security hole, by blocking plugins that might be vulnerable.
- How To Stop Automatic Plugin Installations In Firefox – ghacks.net
- How To Uninstall Windows Presentation Foundation Plugin In Firefox – ghacks.net
A DIY fix for prohibiting unauthorized plugin installs by third parties.
- Update: .NET Framework Assistant (ClickOnce support) unblocked – shaver.off.net
- Adobe patches Reader and Acrobat
Aside from fixes, the update includes a new deployment tool for future updates
- Microsoft security update
A slew of updates from Redmond to fix issues in Silverlight, IE, IIS and others.
- October 2009 Security Bulletin Release – technet.com
- MS09-050: Exploit timeline for the SMB2 RCE vulnerability – technet.com
- MS09-051: A note on the affected platforms – technet.com
- MS09-054: Extra info on the attack surface for the IE security bulletin – technet.com
- MS09-056: Addressing the X.509 CryptoAPI ASN.1 security vulnerabilities – technet.com
- MS09-061: More information about the .NET security bulletin – technet.com
- New attack surface reduction feature in GDI+ – technet.com
- Microsoft Ships Largest Batch of Security Patches – threatpost.com
- Patch Tuesday: MS plugs critical IE, Windows Media Player holes – zdnet.com
- Assessing the risk of the October security bulletins – technet.com
- Oracle to fix 38 database, product vulnerabilities – zdnet.com
Oracle announced plans to ship a Critical Patch Update with fixes for at least 38 security vulnerabilities in its products.
- Avoid Windows Malware: Bank on a Live CD – washingtonpost.com
Don’t use Microsoft Windows when accessing your bank account online.
- E-Banking on a Locked Down (Non-Microsoft) PC – washingtonpost.com
LiveCDs of Ubuntu help stop a majority of malware since they mainly target Windows machines.
- Snow Leopard guest account bug deletes user data – appleinsider.com
Reports of a potentially critical Snow Leopard bug that can erase a user’s account data have continued to surface since the operating system’s debut.
- Thawte discontinues Web of Trust for free SSL certificates – h-online.com
Thawte advises its WOT users to switch to VeriSign certificates as soon as possible to allow sufficient enrollment time.
- Big-Box Breach: The Inside Story of Wal-Mart’s Hacker Attack – wired.com
Internal documents reveal that the nation’s largest retailer was among the earliest targets of a wave of cyberattacks.
- Passenger Advocate Sues Delta for Allegedly Hacking Her E-Mail – wired.com
The founder of FlyerRights.org found that her AOL email was being redirected to an unknown site.
- Sweden’s Internet broken by DNS mistake – pingdom.com
A DNS error caused the .se domain to stop responding for roughly a couple of hours.
- Security Vendor Illegally Collects and Displays Attendee Information at Security Conference – andrewhay.ca
At a recent security conference, information on users of the site’s wired network was posted in a public ‘wall of shame’.
- Hacker High: 10 Stories of Teenage Hackers Getting into the System – itsecurity.com
A few real-life stories of teens getting trouble with the law through unsupervised hacking.
- Show Me the Malware! – googleonlinesecurity.blogspot.com
Webmaster Tools now provides webmasters with samples of the malicious code that Google’s automated scanners detected on their sites.
- Hacked Facebook applications reach out to exploit sites in Russia – avg.com
These seem to be actual Facebook applications that have been hacked, not just user accounts.
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers – cisco.com
The advisory outlines vulnerabilities in HTTP authentication among others.