Events Related:
- Who’s on…uh, at…FIRST? – windowsir.blogspot.com
My employer is not a member of FIRST, but we were a sponsor, and we hosted the “Geek Bar”. - La “Nuit Du Hack” in Paris – rootshell.be
The event was split in two parts: a set of talks about security topics and, starting from midnight, a CTF contest. - NovaInfosec Twits – novainfosecportal.com
The Twitter account for the NovaInfosec Twits list is novainfosec. - Hacking at Mach Speed! – trailofbits.com
The first ever NYC SummerCon last weekend was a blast and everyone seemed to have a great time. - Call for Papers: EC2ND’10 – honeyblog.org
EC2ND 2010 specifically encourages submissions presenting work at an early stage with the intention to act as a discussion forum for innovative security research. - Comments on Sharkfest Presentation Materials – taosecurity.blogspot.com
This is the third year that CACE Technologies has organized this conference.
Resources:
- Conference on Cyber Conflict – Slides.. – thinkst.com
The CCDCOE (Cooperative Cyber DefenceCentre of Excellence) held its Conference on Cyber Conflict in Tallinn, Estonia. - The talks I’m looking forward to attending in Las Vegas – securityninja.co.uk
We are getting closer to the annual geek pilgrimage to Las Vegas for the BlackHat, DEF CON and SecurityBSides conferences. - SQL Injection Anywhere White Paper – docs.google.com
An advanced SQL Injection exploitation technique, that allows the complete disclosure of information from (almost) any SQL Injection exposure. - Public SSL Server Database / SSL Server Test – ssllabs.com
Public SSL Server Database is an online service that enables you to look up the configuration of any public SSL web server. - Live CD for Remote Incident Handling – sans.edu
Bert Hayes is a security professional at the University of Texas.
Tools:
- UATester Alpha – c22.cc
This tool is designed to automatically check a given URL using a list of standard and non-standard User Agent strings provided by the user (1 per line). - JBroFuzz – owasp.org
Its purpose is to provide a single, portable application that offers stable web protocol fuzzing capabilities. - w3af 1.0-rc3 Available For Download – darknet.org.uk
The project’s goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend. - andiparos – code.google.com/p/andiparos/
Andiparos is a fork of the famous Paros Proxy.
Techniques:
- TEHTRI-Security gave 13 0days against most black hats tools – tehtri-security.com
Today, during our humble new talk at SyScan 2010 Singapore, we have just released many 0days and new offensive concepts against most of the tools used by attackers currently, like web shells, exploit packs, etc. - Risk Management 103 – Choosing Threat Agents – greebo.net
We’re talking about the attackers (threat agents) on the left today. - Review of darkjumper v5.7 – stateofsecurity.com
In continuing our research and experimentation with PHP and the threat of Remote File Inclusion (RFI), our team has been seeking out and testing various tools that have been made available to help identify web sites that are vulnerable to RFI during our penetration tests. - Security Intelligence: Defining APT Campaigns – sans.org
The “persistence” in APT intrusions is manifested in two ways: maintaining a presence on your network, as well as repeatedly attempting to gain entry to areas where presence is not established. - Side Channel Attacks in SSL – ha.ckers.org
Initially it really upset me off that this paper was written, not because it’s not excellent, but because it’s partially what I was going to be speaking about at BlackHat. - How Secure are Secure Interdomain Routing Protocols? – microsoft.com
In response to high-profile Internet outages, BGP security variants have been proposed to prevent the propagation of bogus routing information. - Episode #101: Third-Party Party – commandlinekungfu.com
Yes, believe it or not, there are instances where some things are really straight-forward and fun on Windows, and are inscrutably ugly on Linux. - Comparing web application scanners – portswigger.net
Earlier this year, Larry Suto published a paper comparing web application vulnerability scanners. - In-depth analysis of a PHP attack that lead to Apple information disclosure – acunetix.com
Security experts blame this breach on “poorly designed software”. - The National Strategy for Trusted Identities in Cyberspace – whitehouse.gov
Cyberspace has become an indispensible component of everyday life for all Americans. - US interested in Aussie zombie code – zdnet.com
Australia’s Internet Industry Association (IIA) took its e-security code of conduct to the White House, where it met with Barack Obama’s cyber-security coordinator, Howard Schmidt, to discuss it as a potential model for the US internet industry to adopt. - Linux Buffer Overflow Tutorial – gunslingerc0de.wordpress.com/
- Improving HTTPS Side Channel Attacks – ha.ckers.org
In regards to the previous post and the impending Blackhat speech with Josh Sokol, I thought I’d spend some time enumerating some of the possibilities for reducing the chatter over SSL/TLS that the browser introduces. - Yep, they broke it. – golubev.com
I don’t know how they test drivers or even are they test drivers at all but situation is pretty weird. - Another round of Asprox SQL injection attacks – m86security.com
Earlier this month, we reported on a new variant of Asprox malware which was being spammed out by the Pushdo botnet. - Using KillerBee with ZigBee devices – digitalbond.com
Yesterday I received a few of the Raven ZigBee USB sticks with the KillerBee firmware loaded on it, thank you Joshua Wright. - Botnet Command and Control Methods – attackvector.org
I think probably the biggest reason would be that there would be a pretty cut and dry trail of what the bots are doing. - Places to MITM – ha.ckers.org
There’s a lot of places there than an attacker can get in the middle and mess things up. - The Low Hanging Fruit scanner strategy can get you into trouble – jeremiahgrossman.blogspot.com
Vulnerabilities identifiable in an automated fashion, such as with a scanner, can be loosely classified as “low-hanging fruit”. - SQLmap 0.8 and SOAP based Web-Services – invalid-packet.blogspot.com
Lately I was pen-testing SOAP Web-Services, and I came to learn that SQLmap wasn’t aware of SOAP syntax.
Vulnerabilities:
- New Firefox Flaw Enables URL Spoofing, Code Injection – threatpost.com
A prominent security researcher has identified a problem with the way that Mozilla Firefox handles links that are opened in a new browser window or tab.
Vendor/Software Patches:
- Pre-Notification – Quarterly Security Updates for Adobe Reader and Acrobat – adobe.com
A Security Advisory has been posted in regards to the upcoming Adobe Reader and Acrobat updates scheduled for June 29, 2010.
Other News:
- Napolitano: US must balance liberties, security – google.com
Fighting homegrown terrorism by monitoring Internet communications is a civil liberties trade-off the U.S. government must make to beef up national security, the nation’s homeland security chief said Friday. - Looking For Vulns In All The Right Places? Experts Say You Might Be Missing A Few – darkreading.com
Network-attached devices, paper documents, and your physical plant should be included in vulnerability scans, researchers warn. - Malicious code on Lenovo driver download page – Update – h-online.com
Various virus scanners issued alerts about a Java-based Trojan downloader or dropper. - Defenders of the Faith – vrt-sourcefire.blogspot.com
Quite recently, Tavis Ormandy released a 0-day vulnerability in a prominent piece of software. - Researchers find 12 zero day flaws, targeting 5 web malware exploitation kits – zdnet.com
Security researchers from TEHTRI-Security, have found 12 zero day flaws targeting 5 of the most common web malware exploitation kits. - White House unveils plan to combat online piracy and counterfeit goods – thehill.com
“I have a warning to you, we’re committed to putting you out of business,” Intellectual Property Enforcement Coordinator Victoria Espinel, also known as the “copyright czar,” said. - Apple leaves iPad vulnerable after monster iPhone patch job – computerworld.com
However, the first-generation iPhone and iPod Touch, as well as the much newer iPad, may be vulnerable to some or all of the 65 bugs. - Inquiry into Cyber Crime – aph.gov.au
On Monday 21 June 2010, the Standing Committee on Communications tabled its report on the inquiry into Cyber Crime entitled Hackers, Fraudsters and Botnets: Tackling the Problem of Cyber Crime. - Not even FBI was able to decrypt files of Daniel Dantas – g1.globo.com
Hard drives were seized by the feds during Operation Satyagraha, in 2008. - VeriSign SSL Hackable – Comodo Exposes, VeriSign Denies – networkworld.com
Comodo announced today that it requested an independent third-party to notify VeriSign of a security vulnerability affecting its customers’ web sites, including a major financial institution. - Exploiting the Exploiters – krebsonsecurity.com
Last week, French security researchers announced they had discovered a slew of vulnerabilities in several widely used “exploit packs,” stealthy tool kits designed to be stitched into hacked and malicious sites. - Researcher ‘Fingerprints’ The Bad Guys Behind The Malware – darkreading.com
Black Hat USA researcher will demonstrate how to find clues to help ID actual attackers, plans to release free fingerprinting tool. - Inside the Carding Underworld – avertlabs.com
Carder.cc is a German online forum dedicated to helping criminals in trading stolen credit card and login details obtained via their carding or phishing activities. - ATM scammers take it to a new level – dailytelegraph.com.au
Thieves set up a fake ATM that recorded the bank details of unsuspecting users whose accounts were later robbed, in the first such scam discovered in China. - Accused Hacker Who Balked at 2-Year Prison Deal Now Faces Decades – wired.com
An alleged hacker who declined a 2-year plea deal is facing decades behind bars after federal authorities Thursday added multiple charges, including possession and distribution of child pornography. - Senate Working To Consolidate Cybersecurity Bills – darkreading.com
There is broad agreement between key Senate committees in terms of key elements that need to be included in any comprehensive legislation. - Android Also Gives Google Remote App Installation Power – threatpost.com
It turns out that Android also includes a feature that enables Google to remotely install apps on users’ phones as well.
Tags: EC2ND, FIRST, Night da Hack, NovaInfoSec, Nuit du Hack, Sharkfest, SummerCon
