- Social Engineering Framework – social-engineer.org
We will be developing this framework over time and there will be more to come.
- DIY Hard Drive Diagnostics: Understanding a Broken Drive – myharddrivedied.com
This talk is the basic process to start doing diagnostics on your damaged hard drive.
- Attack Simulation and Threat Modeling – professionalsecuritytesters.org
Attack Simulation and Threat Modeling is a book that explores advanced security data collection, classification, processing and mining.
- GuestStealer v1.00 – fyrmassociates.com
GuestStealer allows for the stealing of VMware guests from vulnerable hosts based on the Directory Traversal Vulnerability.
- Keimpx v0.2 – keimpx.googlecode.com
It can be used to quickly check for the usefulness of credentials across a network over SMB.
- BeEF, Browser Rider, and XSSTunnel make friends… – securityaegis.com
A few browser attack tools band together to deliver a more exceptional product.
- Excel with cmd.dll & regedit.dll – didierstevens.com
Stevens modified source code from ReactOS to transform cmd.exe into cmd.dll and regedit into a dll.
- Larry Suto Report Inaccurate, Says Vendors
A couple of vendors have stepped up and found irregularities in the recent published web scanner report
- ShmooCon | Inside FarmVille’s Sinister Underbelly – csonline.com
A talk in the recent event about the dangers of online gaming and social networks
- ShmooCon | Your iPhone’s Dirty Little Security Secret – csonline.com
A discussion on how to hack smartphones
- A few posts on BlackBerry spyware
- Is Your BlackBerry App Spying on You? – veracode.com
A demo on how BlackBerry apps can access and leak sensitive info using only RIM-provided APIs and no exploits of any sort.
- Tyler Shields on the BlackBerry Spyware and the Coming Wave of Smartphone Attacks – threatpost.com
Dennis Fisher talks with Tyler Shields of Veracode about his BlackBerry spyware application, txsBBSPY.
- Is Your BlackBerry App Spying on You? – veracode.com
- Automatically Routing Through New Subnets – metasploit.com
Among the coolest features in metasploit is the ability to pivot through a meterpreter session to the network on the other side.
- Wireshark Plugin for Mariposa Botnet Command and Control – paloaltonetworks.com
Yamata Li has developed a Wireshark plugin that will allow you to view obfuscated pcaps of traffic from a Mariposa infected client.
- Black Hat TPM Hack and BitLocker – windowsteamblog.com
We believe that using a TPM is still an effective means to help protect sensitive information.
- The Bad Guys Hate Security Folks – m86security.com
A Pushdo bot we analysed earlier this week uses domain names which taunt FireEye and Brian Krebs.
- Nsploit: Nmap grows some teeth – securityaegis.com
Ryan Linn has started a project to bridge Nmap Scans all the way to exploitation using Metasploit.
- Oracle Zero-Day revealed
It covers vulnerabilities that allow an attacker to escalate their privileges to sysdba and take complete control of the database.
- Claimed Zero Day exploit in Samba – samba.org
The issue is actually a default insecure configuration in Samba.Events Related:
- Firefox extension installation process vulnerable to MITM attack – ivanristic.com
If a man in the middle is able to intercept the traffic of someone installing an extension, he will be able to get the user to install something else.
- Windows SMB NTLM Authentication Weak Nonce Vulnerability released – hexale.blogspot.com
It’s basically a 14/17-year old vulnerability in the Windows implementation of the NLTM Authentication protocol.
- WordPress >= 2.9 Failure to Restrict URL Access – ethicalhack3r.co.uk
Security by obscurity is not sufficient to protect sensitive functions and data in an application.
- Another Patch Tuesday from Microsoft
The company has a heap of updates with this week’s security bulletins.
- February 2010 Security Bulletin Release – technet.com
- Details on the New TLS Advisory – technet.com
- Microsoft Security Bulletin MS10-003 – Important – microsoft.com
- Microsoft Security Bulletin MS10-004 – Important – microsoft.com
- Microsoft Security Bulletin MS10-005 – Moderate – microsoft.com
- Microsoft Security Bulletin MS10-006 – Critical – microsoft.com
- Microsoft Security Bulletin MS10-007 – Critical – microsoft.com
- Microsoft Security Bulletin MS10-008 – Critical – microsoft.com
- Microsoft Security Bulletin MS10-009 – Critical – microsoft.com
- Microsoft Security Bulletin MS10-010 – Important – microsoft.com
- Microsoft Security Bulletin MS10-011 – Important – microsoft.com
- Microsoft Security Bulletin MS10-012 – Important – microsoft.com
- Microsoft Security Bulletin MS10-013 – Critical – microsoft.com
- Microsoft Security Bulletin MS10-014 – Important – microsoft.com
- Microsoft Security Bulletin MS10-015 – Important – microsoft.com
- MS10-006 and MS10-012: SMB security bulletins – technet.com
- MS10-007: Additional information and recommendations for developers – technet.com
- Restart issues after installing MS10-015 – technet.com
- Assessing the risk of the February Security Bulletins – technet.com
- MS Patch Tuesday: 13 Bulletins, 26 Vulnerabilities – threatpost.com
- Critical Security Update for Adobe Flash Player – krebsonsecurity.com
Adobe Systems Inc. today released an updated version of its Flash Player software to fix two critical security holes in the ubiquitous Web browser plugin.
- Chinese man gets 30 months for fake Cisco sales – networkworld.com
Yongcai Li, 33, will have to pay the networking company nearly $800,000 in restitution.
- U.S. House passes cybersecurity research bill – cnet.com
It calls for beefing up training, research, and coordination so the government can be better prepared to deal with cyberattacks
- Zero-day vulnerabilities on the market – net-security.org
Even government agencies from all over the world are engaged in buying these zero-days.
- PS3 hypervisor exploit reproduced – root.org
It remains to be seen what security measures Sony has taken to address a hypervisor compromise.
- Hacker training site backup lives after takedown by China – arstechnica.com
Black Hawk Safety Net, an online hacker training resource, was brought down recently by Chinese authorities.
- UK Security Breach Investigations Report 2010 Published – techwhack.com
Anonymised data has been analysed from over 60 computer forensic investigations.
- McAfee Labs Quarterly Threat Report Posted – avertlabs.com
It highlights many of the most significant spam-generating stories in 2009 as well as the rise of political hacktivism.
- TPM crytography cracked – hackaday.com
Christopher Tarnovsky figured out how to defeat the hardware by spying on its communications.
- Researchers Discover New ACH Banker Trojan – threatpost.com
The Bugat Trojan includes features commonly found in malware used to commit credential theft for financial fraud.
- Chip and PIN is broken, say researchers – zdnet.com
Researchers at Cambridge Unviersity have found a flaw in the Europay, Mastercard and Visa protocols.
- Simulated hacker attack to test US government response – computerworlduk.com
Cyber ShockWave involves former administration staff, national security officials.
- Record 13-Year Sentence for Hacker Max Vision – wired.com
A skilled San Francisco computer intruder was sentenced Friday to 13 years in federal prison for stealing nearly two million credit card numbers.
- Rootkit May Be Culprit in Recent Windows Crashes – krebsonsecurity.com
A sysad said he traced the problem on each machine back to “atapi.sys” — a Windows storage driver.