Resources:
- Two Thumbs Up For These Security Podcasts – matthewneely.com
I am going to discuss the security podcasts I listen to, with a short description of each one. - “Useable” CVE Security Vulnerability Data – cvedetails.com
his is an effort to provide an easy to use web interface to CVE vulnerability information. - Gary McGraw on BSIMM2, Software Security and Cargo Cult Science – threatpost.com
Dennis Fisher talks with Gary McGraw of Cigital about the release of the BSIMM2 model. - BSIMM2 – cigital.com
We’re pleased today to announce the publication of BSIMM2. - Metasploit Class Videos – irongeek.com
The instructors were David “ReL1K” Kennedy, Martin “PureHate” Bos, Elliott “Nullthreat” Cutright, Pwrcycle and Adrian “Irongeek” Crenshaw. - Hakin9 Magazine is now FREE — Get your copy NOW! – hakin9.org
Download May issue of Hakin9 magazine today!
Tools
- iScanner v0.5 – iscanner.isecur1ty.org
iScanner is free open source tool lets you detect and remove malicious codes and web pages viruses from your Linux/Unix server easily and automatically. - WebTest 1.2.1 – pythonpaste.org/webtest/
WebTest helps you test your WSGI-based web applications. - Metasploit Express Beta – First Look – skullsecurity.org
This is just initial impressions of a beta product.
Techniques:
- Playing with the MS09-012 Windows Local Exploit – carnal0wnage.attackresearch.com
The gist is you an run the Churrasco binary and it will execute a command for you as SYSTEM from NETWORK SERVICE. - Using the Metasploit PHP Remote File Include Module – carnal0wnage.attackresearch.com
Metasploit has a nifty PHP Remote File Include module that allows you to get a command shell from a RFI. - Live Hacking CD vs. Backtrack 4 – mcgrewsecurity.com
Dr. Ali Jahangiri made claims that “Live Hacking CD is much easier than BackTrack and its tools are updated” - Dissecting the Mass DreamHost Sites Compromise – ddanchev.blogspot.com
What’s particularly interesting about the campaign, is not just the Hilary Kneber connection, but also, the fact that a key command and control domain part of the Koobface botnet, is residing within the same AS where the nameservers. ] - Targeted Attack Using Journalists as a Lure – f-secure.com
We found a new malicious XLS file which contains lots of names, details and contact information for journalists around the world. - They’ll Let Anyone Graduate: My Password Cracking Dissertation – reusablesec.blogspot.com
A lot of it is going to look fairly familiar if you’ve seen my talks or been reading this blog, which makes sense since my dissertation is a summary of what I’ve been up to for the last three years. - Network Discovery via DHCP using Python & Scapy – attackvector.org
It sends a DHCP Discover packet out to the network and sniffs, listening for a response. - Fuzzing 101 With Sulley – securepla.net
Sully is a great tool to find bugs and overflows in applications that could allow for remote exploitation.
Vendor/Software Patches:
- Microsoft’s May round of patches
Microsoft issued two critical bulletins on Tuesday fixing holes in its e-mail programs and the Visual Basic for Applications programming language implementation built into Office.- May 2010 Security Bulletin Release – technet.com
- MS10-030: Malicious Mail server vulnerability – technet.com
- MS10-031: VBE6 Single-Byte Stack Overwrite – technet.com
- Microsoft Patch Tuesday – May 2010 – symantec.com
- May 2010 Microsoft Patches – sans.org
- Microsoft releases critical fixes for Windows, Office holes – cnet.com
- XSS vulnerability fixed in Drupal module – Update – h-online.com
The development team behind the Drupal module Context have released version 6.x-2.0-rc4, which fixes a cross-site scripting (XSS) vulnerability when displaying block descriptions.
Other News:
- India’s EVMs are Vulnerable to Fraud – indiaevm.org
This site presents an independent scientific study about the security of the electronic voting machines (EVMs) used in India. - Yet more news on the WordPress attack
We have also received reports that this not only affected WordPress installations, but Joomla and other php-based platforms.- Breaking News: WordPress Hacked with holasionweb on Go Daddy! – wpsecuritylock.com
- Large-scale attack on WordPress – h-online.com
- Lots of sites reinfected – Now using holasionweb.com – sucuri.net
- Found code used to inject the malware at GoDaddy – sucuri.net
- Coder Journeys From Wall Street to Prison – wired.com
Stephen Watt, 26, wrote a custom packet-sniffing program dubbed “blabla” for Gonzalez, as a favor for his best friend. - Meganet’s Dominator I snoops on four GSM convos at once, fits in your overnight bag – engadget.com
The system consists of two nondescript white boxes, two directional antennas and a laptop to get a glimpse at all of the phones currently connected to your nearest cell site and record up to four active calls simultaneously. - Superexploit claims to pass through AVs, uses old bait-and-switch technique
Researchers say they’ve devised a way to bypass protections built in to dozens of the most popular desktop anti-virus products, including those offered by McAfee, Trend Micro, AVG, and BitDefender.- New attack bypasses virtually all AV protection – theregister.co.uk
- New attack bypasses EVERY Windows security product – zdnet.com
- New attack bypasses anti-virus software – h-online.com
- Plug-In Check Identifies Vulnerable or Out-of-Date Plug-Ins in All Browsers – lifehacker.com
The Plug-In Check tool gives users a quick, simple way to determine if they’re running vulnerable or out-of-date plug-ins. - FBI Promises Action Against Money Mules – krebsonsecurity.com
Patrick Carney, acting chief of the FBI’s cyber criminal section, said mules are an integral component of an international crime wave that is costing U.S. banks and companies hundreds of millions of dollars. - Update: Senate confirms Alexander as chief of U.S. Cyber Command – computerworld.com
In his new role, Alexander will be responsible for directing operations of the U.S. Department of Defense’s military information networks. - Another Security Hole Found On Yelp, Facebook Data Once Again Put At Risk – techcrunch.com
The exploit used a technique called Cross Site Scripting (XSS) to inject malicious code into Yelp, and took advantage of the controversial Instant Personalization feature to harvest the Facebook user data. - Facebook Privacy: A Bewildering Tangle of Options – nytimes.com
Facebook’s 2010 privacy policy is longer than other social networks, even exceeding the United States Constitution without its amendments. - Air Force may suffer collateral damage from PS3 firmware update – arstechnica.com
When Sony issued a recent PlayStation 3 update removing the device’s ability to install alternate operating systems like Linux, it did so to protect copyrighted content—but several research projects suffered collateral damage. - Car hackers can kill brakes, engine, and more – networkworld.com
University researchers have taken a close look at the computer systems used to run today’s cars and discovered new ways to hack into them, sometimes with frightening results. - Phishing servers being killed off faster than ever – arstechnica.com
Most phishing attacks appear to originate from Eastern Europe, with one organization responsible for about two thirds of all attacks.
