Events Related:
- S4 registration open / full agenda available – digitalbond.com
The 2010 SCADA Security Scientific Symposium has opened it registration and its schedule is now available. - RSA Europe 2009 – Day 1 Recap – infosecramblings.com
- Interesting Information Security Bits RSA Catch-up Part 1 – infosecramblings.com
- RSA Europe 2009 Security Bloggers Meetup Recap – infosecramblings.com
- RSA Europe 2009 – Day 3 Recap – infosecramblings.com
A few of summaries on the happenings at this security event.
Resources:
- PenTester Scripting – pentesterscripting.com
A site for hosting useful scripts for penetration testing - Social Engineering Framework – social-engineer.org
A comprehensive site detailing all things related to social engineering from attacks to defense tactics. - Classification: Exploit Status Overhaul – osvdb.org
OSVDB overhauled the exploit classification system for better categorization. - Metasploit Reference Support Added & More – osvdb.org
OSVDB now supports a ‘Metasploit ID’ that uses the corresponding OSVDB ID to link and auto-search their database.
Tools:
- Reverse Hash Calculator – isc.sans.org
This uses a database of a couple million pre-compiled hash values. - Free Tools – windowsir.blogspot.com
A very long list of tools that might be interesting to pentesters everywhere - Vicnum v1.3 – owasp.org
Helpful to IT auditors honing web security skills and setting up ‘capture the flag’ . - CeWL – Custom Word List Generator v2.2 – digininja.org
CeWL spiders a given url to a specified depth and returns a list of words which can be used for password crackers.
Techniques:
- Bob’s Double Penetration Adventure – Part 1 – synjunkie.blogspot.com
Pardoning the adult-oriented title, this is basically a story of a simple man’s quest at hacking. - PhoneSnoop – Turn a BlackBerry into a portable bug – chirashi.zensay.com
A hacker releases a tool to tap into phone calls undetected. - ‘Evil Maid’ USB stick attack keylogs TrueCrypt passphrases – zdnet.com
A ‘plug-and-exploit’ technique that can help attacker decrypt a hard drive’s content - Using USBs for incident response – darkreading.com
A brief look at how USB devices can be used for good and evil - Paul Wright released whitepaper about “Create Table to OSDBA” (preprocessor exploit) – red-database-security.com
This whitepaper shows how to escalate privileges by running OS commands using create table together with utl_file. - Analysis of 10k Hotmail passwords Part 3 – brute force – reusablesec.blogspot.com
In this third installment, brute force is tested on this password subset. - List of addresses for the Pass-the-Hash toolkit -a switch – hexale.blogspot.com
A list of addresses for different versions of lsasrv.dll - How delegation privileges are represented in Active Directory – msinfluentials.com
Delegation rights are represented in the userAccountControl flag on the account object in AD, whether a user or a computer account. - Cyber Security Awareness Month – Day 21 – Port 135 – isc.sans.org
When a host wants to connect to a RPC service on a remote machine,it firsts checks with the destination machine on port 135, to know which port is being used by the service it wants to connect into. - Cyber Security Awareness Month – Day 23 port 179 TCP – Border Gateway Protocol – isc.sans.org
There are two major concerns about the security of BGP – router table corruption and blindly resetting BGP sessions. - Cyber Security Awareness Month – Day 24 – The Small Services – isc.sans.org
Some discussion on ports below 20, also called ’small services’ - Hacker Halted 2009 – neohapsis.com
A couple of hackers discussed a distributed password cracker they designed and implemented that utilizes redirected browsers to build a swarm of worker nodes. - How to decrypt Coldfusion v6 datasource passwords – hexale.blogspot.com
A blogger writes a quick perl script to decrypt DataSource passwords using TwoFish encryption. - Metasploit JSP Shells – carnal0wnage.attackresearch.com
Stephen Fewer has pushed up a jsp reverse and jsp bind shell. - Just another day at the office – root.org
A common day at Root Labs - Shellcode Tutorial 9: Generating Shellcode using Metasploit – projectshellcode.com
This tutorial is an introduction into using the Metasploit Framework to generate shellcode. - Using Nessus to audit Microsoft Patches – tenablesecurity.com
Nessus has several features, including credentialed scanning and plugins, that list missing patches and can assist in the patch verification process.
Vulnerabilities:
- Gaping security hole in Time Warner cable routers – zdnet.com
A security hole in cable modems from Time Warner/Road Runner customers could potentially lead to private network access.
Vendor/Software Patches:
- Wordpress 2.8.5: Hardening Release – wordpress.org
A number of security hardening changes were identified that were worth back-porting to the 2.8 branch - VMware patches vulnerabilities in its products – h-online.com
The security announcement lists a total of 48 CVE entries which can be exploited to carry out denial-of-service (DoS) attacks or to compromise systems if left unpatched.
Other News:
- President Obama on Cyber Security Awareness – washingtonpost.com
A short video from the US President discussing this important issue. - WASC 2008 Statistics – webappsec.org
A pool of website vulnerability data to get a better grasp on the web app vulnerability landscape. - E-banking on a locked down PC, Part II – washingtonpost.com
A reaction to reader comments on switching to another OS other than Windows for banking online - Metasploit goes commercial, sells to Rapid7
HD Moore joins Rapid7, presaging a commercial version of the popular pentesting tool.- Metasploit Rising – metasploit.com
- Metasploit Announcement – rapid7.com
- Joining the Team – metasploit.com
- Metasploit + Rapid7 shakes up pen-test landscape – zdnet.com
- Opinions of a contributor to Metasploit about the sale to Rapid7 – darkoperator.com
- Apathy Creeps In as Cybersecurity Czar Search Drags On – threatpost.com?
With five months gone since Obama’s announcement, all the optimism has been replaced by a lot of shrugging. - DHS responds to us – praetorianprefect.com
The address featured the ability to ask questions of the Secretary; we sent one in and Secretary Napolitano answered it. - Scan of Internet Uncovers Thousands of Vulnerable Embedded Devices – wired.com
Researchers scanning the internet have found nearly 21,000 routers, webcams and VoIP products open to remote attack. - Report: Cyberterror Not a Credible Threat – threatpost.com
A new report by a Washington policy think tank dismisses the idea that terrorist groups are currently launching cyber attacks. - Whitehouse.gov switches to Drupal
The open source CMS platform is now the backbone of the White House’s public website.- WhiteHouse.gov Goes Drupal [Updated] – techpresident.com
- Whitehouse Drupal and The Open Source Security Model – ha.ckers.org
Some commentary on the recent switch
No comments yet.