Events Related:
- Front Range OWASP Conference 2010 – owasp.org
The official wiki/site of the FROC 2010
Resources:
- The History of Hacking – onlinemba.com
Hacking has been around as long as computers as a way to reconfigure or reprogram a system to give access to someone who otherwise shouldn’t have access.
Tools:
- Released Buster Sandbox Analyzer 1.23 – offensivecomputing.net
Version 1.23 introduces the automatic malware analysis mode. - OllyDbg 2.0 – ollydbg.de
This time, I have missed a crash in the popup menu of the breakpoint window.
Techniques:
- Infected Javascript file – zscaler.com
We recently found the following malicious code appended to a static Javascript file on an Indian Telecom website. - web application firewall bypass with a XSS attack – acunetix.com
In the following demo video, Sandro Gauci of EnableSecurity shows how an attacker can switch off dotDefender in order to bypass any “protection” offered by the WAF. - WMIC for incident response – sans.org
I mentioned at the end of that post that I’ve been using WMIC in place of psexec and that I’d have more on that later. - Top 10 Things you may not know about tcpdump – sans.edu
What are the things you may not know about tcpdump? Here are some of the favorite items I ran into and please fill free to submit more. - AV Bypass Made Stupid – room362.com
I started with fgdump, a well known hashdumping/pwdump tool. It’s detected by 80% of all AVs and by all the top 10. - pigtoddler.py – Culling Files By Riding Spiders – l1pht.com
I wanted a troubled little script that didn’t require much care and had a little more “dice roll” type attitude. - pro tip: get lucky by scanning for 192.168.20.1 – clearnetsec.com
ut as I just witnessed at a client, none of their historical vulnerability scan results discovered the cards because this client doesn’t use that IP block, yet several Dell servers had default DRAC cards waiting for some love.
Vulnerabilities:
- About the Adobe Zero-Day
A critical vulnerability exists in Adobe Flash Player 10.0.45.2 and earlier versions and the authplay.dll component that ships with Adobe Reader and Acrobat 9.x for Windows, Macintosh and UNIX operating systems.
Vendor/Software Patches:
- Microsoft Security Bulletin Advance Notification for June 2010 – microsoft.com
Microsoft will release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services, and the Download Center.
Other News:
- House OKs Cybersecurity Reforms - darkreading.com
Bill calls for creation of a permanent National Office for Cyberspace and Office of the Federal Chief Technology Officer within the White House. - WikiLeaks Was Launched With Documents Intercepted From Tor - wired.com
WikiLeaks bootstrapped itself with a cache of documents obtained through an internet eavesdropping operation by one of its activists, according to a new profile of the organization’s founder. - Massive iPhone Security Issue Could Endanger Enterprise Adoption – readwriteweb.com
This flaw was discovered by Bernd Marienfeld, an information security professional and blogger, last week. - Viral clickjacking ‘Like’ worm hits Facebook users – sophos.com
Hundreds of thousands of Facebook users have fallen for a social-engineering trick which allowed a clickjacking worm to spread quickly over Facebook this holiday weekend. - Tabnapping: New Phishing Attack – absolute.com
The content of the original tab is changed to a fake site, most often a login screen to a common site like Facebook or Gmail. - Microsoft security IS “good enough” and that’s the problem – jeremiahgrossman.blogspot.com
No shortage of vulnerabilities resulting in widespread and devastating compromises with patches unpredictable and long in coming. - PHP Remains Strong Despite Security Flaws – developer.com
But even after so many identified security issues in MOPS, PHP experts argue that the language is not necessarily insecure. - ATM Skimmers: Separating Cruft from Craft – krebsonsecurity.com
The truth is that most of these skimmers openly advertised are little more than scams designed to separate clueless crooks from their ill-gotten gains. - NHTSA’s Complaint Database Leaks Private Information Like A Sieve – thetruthaboutcars.com
Our Canadian pal carquestions took a look through NHTSA’s public complaint database, and found four examples of personal information that NHTSA should have redacted but didn’t.
