Events Related:
- ShmooCon related posts
A few stories about the recently concluded security conference.- ShmooCon 2010 – Show Notes – chuvakin.blogspot.com
- FireTalks from Shmoocon 2010 – Videos – irongeek.com
- Shmoocon 2010 Security Conference – tenablesecurity.com
Resources:
- Social Engineering Framework – social-engineer.org
We will be developing this framework over time and there will be more to come. - DIY Hard Drive Diagnostics: Understanding a Broken Drive – myharddrivedied.com
This talk is the basic process to start doing diagnostics on your damaged hard drive. - Attack Simulation and Threat Modeling – professionalsecuritytesters.org
Attack Simulation and Threat Modeling is a book that explores advanced security data collection, classification, processing and mining.
Tools:
- GuestStealer v1.00 – fyrmassociates.com
GuestStealer allows for the stealing of VMware guests from vulnerable hosts based on the Directory Traversal Vulnerability. - Keimpx v0.2 – keimpx.googlecode.com
It can be used to quickly check for the usefulness of credentials across a network over SMB. - BeEF, Browser Rider, and XSSTunnel make friends… – securityaegis.com
A few browser attack tools band together to deliver a more exceptional product.
Techniques:
- Excel with cmd.dll & regedit.dll – didierstevens.com
Stevens modified source code from ReactOS to transform cmd.exe into cmd.dll and regedit into a dll. - Larry Suto Report Inaccurate, Says Vendors
A couple of vendors have stepped up and found irregularities in the recent published web scanner report- Latest Comparison Report from Larry Suto – acunetix.com
- On Web Application Scanner Comparisons… – hp.com
- Web Vulnerability Scanner Comparison – cenzic.com
- Where’s WhiteHat? Re: Scanner Comparisons – jeremiahgrossman.blogspot.com
- ShmooCon | Inside FarmVille’s Sinister Underbelly – csonline.com
A talk in the recent event about the dangers of online gaming and social networks - ShmooCon | Your iPhone’s Dirty Little Security Secret – csonline.com
A discussion on how to hack smartphones - A few posts on BlackBerry spyware
- Is Your BlackBerry App Spying on You? – veracode.com
A demo on how BlackBerry apps can access and leak sensitive info using only RIM-provided APIs and no exploits of any sort. - Tyler Shields on the BlackBerry Spyware and the Coming Wave of Smartphone Attacks – threatpost.com
Dennis Fisher talks with Tyler Shields of Veracode about his BlackBerry spyware application, txsBBSPY.
- Is Your BlackBerry App Spying on You? – veracode.com
- Automatically Routing Through New Subnets – metasploit.com
Among the coolest features in metasploit is the ability to pivot through a meterpreter session to the network on the other side. - Wireshark Plugin for Mariposa Botnet Command and Control – paloaltonetworks.com
Yamata Li has developed a Wireshark plugin that will allow you to view obfuscated pcaps of traffic from a Mariposa infected client. - Black Hat TPM Hack and BitLocker – windowsteamblog.com
We believe that using a TPM is still an effective means to help protect sensitive information. - The Bad Guys Hate Security Folks – m86security.com
A Pushdo bot we analysed earlier this week uses domain names which taunt FireEye and Brian Krebs. - Nsploit: Nmap grows some teeth – securityaegis.com
Ryan Linn has started a project to bridge Nmap Scans all the way to exploitation using Metasploit.
Vulnerabilities:
- Oracle Zero-Day revealed
It covers vulnerabilities that allow an attacker to escalate their privileges to sysdba and take complete control of the database.- Oracle Security Alert for CVE-2010-0073 – oracle.com
- Litchfield DBMS_JVM_EXP_PERMS 0-day on Oracle – appsecinc.com
- Claimed Zero Day exploit in Samba – samba.org
The issue is actually a default insecure configuration in Samba.Events Related: - Firefox extension installation process vulnerable to MITM attack – ivanristic.com
If a man in the middle is able to intercept the traffic of someone installing an extension, he will be able to get the user to install something else. - Windows SMB NTLM Authentication Weak Nonce Vulnerability released – hexale.blogspot.com
It’s basically a 14/17-year old vulnerability in the Windows implementation of the NLTM Authentication protocol. - WordPress >= 2.9 Failure to Restrict URL Access – ethicalhack3r.co.uk
Security by obscurity is not sufficient to protect sensitive functions and data in an application.
Vendor/Software Patches:
- Another Patch Tuesday from Microsoft
The company has a heap of updates with this week’s security bulletins.- February 2010 Security Bulletin Release – technet.com
- Details on the New TLS Advisory – technet.com
- Microsoft Security Bulletin MS10-003 – Important – microsoft.com
- Microsoft Security Bulletin MS10-004 – Important – microsoft.com
- Microsoft Security Bulletin MS10-005 – Moderate – microsoft.com
- Microsoft Security Bulletin MS10-006 – Critical – microsoft.com
- Microsoft Security Bulletin MS10-007 – Critical – microsoft.com
- Microsoft Security Bulletin MS10-008 – Critical – microsoft.com
- Microsoft Security Bulletin MS10-009 – Critical – microsoft.com
- Microsoft Security Bulletin MS10-010 – Important – microsoft.com
- Microsoft Security Bulletin MS10-011 – Important – microsoft.com
- Microsoft Security Bulletin MS10-012 – Important – microsoft.com
- Microsoft Security Bulletin MS10-013 – Critical – microsoft.com
- Microsoft Security Bulletin MS10-014 – Important – microsoft.com
- Microsoft Security Bulletin MS10-015 – Important – microsoft.com
- MS10-006 and MS10-012: SMB security bulletins – technet.com
- MS10-007: Additional information and recommendations for developers – technet.com
- Restart issues after installing MS10-015 – technet.com
- Assessing the risk of the February Security Bulletins – technet.com
- MS Patch Tuesday: 13 Bulletins, 26 Vulnerabilities – threatpost.com
- Critical Security Update for Adobe Flash Player – krebsonsecurity.com
Adobe Systems Inc. today released an updated version of its Flash Player software to fix two critical security holes in the ubiquitous Web browser plugin.
Other News:
- Chinese man gets 30 months for fake Cisco sales – networkworld.com
Yongcai Li, 33, will have to pay the networking company nearly $800,000 in restitution. - U.S. House passes cybersecurity research bill – cnet.com
It calls for beefing up training, research, and coordination so the government can be better prepared to deal with cyberattacks - Zero-day vulnerabilities on the market – net-security.org
Even government agencies from all over the world are engaged in buying these zero-days. - PS3 hypervisor exploit reproduced – root.org
It remains to be seen what security measures Sony has taken to address a hypervisor compromise. - Hacker training site backup lives after takedown by China – arstechnica.com
Black Hawk Safety Net, an online hacker training resource, was brought down recently by Chinese authorities. - UK Security Breach Investigations Report 2010 Published – techwhack.com
Anonymised data has been analysed from over 60 computer forensic investigations. - McAfee Labs Quarterly Threat Report Posted – avertlabs.com
It highlights many of the most significant spam-generating stories in 2009 as well as the rise of political hacktivism. - TPM crytography cracked – hackaday.com
Christopher Tarnovsky figured out how to defeat the hardware by spying on its communications. - Researchers Discover New ACH Banker Trojan – threatpost.com
The Bugat Trojan includes features commonly found in malware used to commit credential theft for financial fraud. - Chip and PIN is broken, say researchers – zdnet.com
Researchers at Cambridge Unviersity have found a flaw in the Europay, Mastercard and Visa protocols. - Simulated hacker attack to test US government response – computerworlduk.com
Cyber ShockWave involves former administration staff, national security officials. - Record 13-Year Sentence for Hacker Max Vision – wired.com
A skilled San Francisco computer intruder was sentenced Friday to 13 years in federal prison for stealing nearly two million credit card numbers. - Rootkit May Be Culprit in Recent Windows Crashes – krebsonsecurity.com
A sysad said he traced the problem on each machine back to “atapi.sys” — a Windows storage driver.
No comments yet.