Events Related:
- Securosis’ Guide to the RSA Conference 2010 – mckeay.com
If you want to do some research on specific technologies at the RSA Conference 2010, this should help. - ShmooCon 2010 Firetalks – Update 5 (aka – the Wrap-Up) – novainfosecportal.com
Presentation compilations and more. - Assured Exploitation Training – trailofbits.com
This training class is focused on various topics in advanced exploitation of memory corruption vulnerabilities.
Resources:
- IT Audit: 6 VMWare Settings Every IT Auditor Should Know About – sans.org
Here we’ll take a look at settings that impact security, and how they should ideally be configured.
Tools:
- Side-Track: Security/Pen-testing Distribution Of Linux For The ZipIt Z2 – irongeek.com
The ZipIt Z2 is great platform for dropboxes since it runs Linux and is only $50. - Sahi v3.0 – sahi.co.in
Sahi injects javascript into web pages using a proxy and the javascript helps automate web applications. - Repscan v3.0 – sentrigo.com
This new version supports MS SQL Server and Oracle databases. - NoMore and 1=1 – eslimasec.com
This tool is used to minimize the time required to type malicious syntax and have a handy repository as well. - Katana v1.5 (Z@toichi) – hackfromacave.com
Katana includes distributions which focus on Pen-Testing, Auditing, Forensics, System Recovery, Network Analysis, Malware Removal and more. - John the Ripper v1.7.5 – openwall.com
Its primary purpose is to detect weak Unix passwords - Watcher version 1.3.0 released February 25, 2010 – websecuritytool.codeplex.com
Watcher provides pen-testers hot-spot detection for vulnerabilities, developers quick sanity checks, and auditors PCI compliance auditing.
Techniques:
- Really good whitepaper about “Hacking Oracle from the Web” – red-database-security.com
This is the most comprehensive published collection of different techniques for attacking Oracle from the web. - Ping Shellcode – didierstevens.com
I’ve added 2 new assembly source files for shellcode to execute a ping. - Running a command on every machine in your domain from the command line – pauldotcom.com
You can run any command you want on every machine in your domain. - Man in the Browser – fireeye.com
Man in the Browser a.k.a MITB is a new breed of attacks whose primary objective is to spy on browser sessions. - How Secure are Secure Interdomain Routing Protocols? – microsoft.com
In response to high-profile Internet outages, BGP security variants have been proposed to prevent the propagation of bogus routing information. - How to prevent a user granted the ALTER USER priviledge from changing SYS/SYSTEM password and how to bypass it. – red-database-security.com
Many Oracle users are not aware that the grant command can also be used to change passwords or even create users. - Securing Java in Oracle Update and escalating to SYSDBA – oracleforensics.com
Most organisations either take the risk of the change breaking functionality or decide to stay as they are. - VMWare Directory Traversal Metasploit Module – carnal0wnage.attackresearch.com
I pushed up my checker module to the metasploit trunk as an auxiliary scanner module. - Killing the Monkey in the Middle – pauldotcom.com
There are many ways for the attacker to insert themselves in the middle of a conversation. - Enumerate Oracle SIDs – slaviks-blog.com
As promised, here is a small Python script to allow you to enumerate and find Oracle SIDs.
Vulnerabilities:
- Multiple Adobe products vulnerable to XML External Entity Injection And XML Injection – cgisecurity.com
This advisory provides a good explanation and examples of these rarely discussed attack types.
Vendor/Software Patches:
- Adobe plugs critical hole in Download Manager – cnet.com
Download Manager is a tool that helps users efficiently download files from Web servers.
Other News:
- 75 percent of enterprises have been hit by multi-million dollar cyber attacks – daniweb.com
Every enterprise, yes 100 percent, experienced cyber losses in 2009. - An Interview With Howard Schmidt – threatpost.com
Dennis Fisher talks with Schmidt about his career and what the priorities should be for the cybersecurity czar. - Police called in over SMH leak – abc.net.au
An Australian transport minister says there were about 3,727 unauthorised hits on the website - ‘Sophisticated’ Hack Hit Intel in January – wired.com
Intel acknowledged that it was hacked in January in a sophisticated attack at the same time that Google, Adobe and others were targeted. - Credit card skimming attacks on pay-at-the-pump petrol stations – h-online.com
Skimming devices attached to petrol pump terminals use Bluetooth to transmit the data to criminals operating near by. - GoDaddy store your passwords in clear-text and may try to SSH to your VPS without permission – sucuri.net
Some scary stuff that might happen to you if you host your site with them, clearly violating on your privacy. - US unable to win a cyber war – net-security.org
If the US got involved in a cyber war at this moment, they would surely lose. - N.Y. Firm Faces Bankruptcy from $164,000 E-Banking Loss – krebsonsecurity.
A New York marketing firm that was preparing to be acquired is now facing bankruptcy from a computer virus. - Hotel room security defeated by a piece of wire – can be secured with a towel – gadling.com
A piece of bent wire can defeat these magnetic swipe rooms. - Are Hollywood Hackers Bogus or Bright? – pcworld.com
Gordon, a lecturer at the Dublin Institute of Technology, studied 50 movies, produced over five decades. - Navy Planning Prototype Cyber-Network Security System – darkreading.com
Seeking proposals for a system that ensures cyber operations aren’t shut down in the event of a cyber war. - Microsoft secretly beheads notorious botnet – pcpro.co.uk
Microsoft has won court approval to deactivate 277 domain names that are being used to control a vast network of infected PCs. - Cryptome Back Online After Brief DMCA Battle – darkreading.com
Website reportedly taken down for posting sensitive Microsoft document on criminal investigation compliance. - Wyndham Hotels Hacked Again – yahoo.com
This is the third data breach reported by Wyndham in the past year. - Another, Better TKIP Attack That’s Still Limited – wifinetnews.com
One of the two researchers who brought us the TKIP Michael packet integrity attack has a refined technique.
No comments yet.