Events Related:

Resources:

  • Slides from CSI 2010 Posted – gdssecurity.com
    For those of you that didn’t attend, I spoke about lessons learned, hints and tips we’ve utilized during a deployment of an enterprise code scanning program at a large financial services institution.
  • Creating a Cyber Defense Team – threatchaos.com
    New threats and new measures to counter them call for a reorganization of IT security teams so that they can focus on defending the organization from targeted attacks.

Tools:

  • w3af: 1.0-rc4 is ready for you to download! – sourceforge.net
    For the first time in the project’s life, we have a roadmap [0] , a prioritized backlog [1] and a structured development process we follow to deliver new features and fixing bugs.
  • SSLTest: A SSL Security Testing Tool! – pentestit.com
    SSLTest is an open source Perl script that is based off another similar tool – Cryptonark.
  • ZigBee ACL – digitalbond.com
    One bug with the fixed MAC address utility that occurs after approximately 20 association packets are sent is a ‘Semantical Error’.
  • toolsmith: Confessor & Mole for IR & security analysis – holisticinfosec.blogspot.com
    We find these tools incredibly useful and are very pleased to be able to release them for public consumption as freely available and open source.
  • NessusDB v1.0 Release – hammackj.com
    The report templates are very extendable and generate as PDF’s.
  • The Social-Engineer Toolkit v1.0 “Devolution” Release – secmaniac.com
    This version adds several key components including new attack vectors, a web GUI interface, a way to automate SET behavior, and a slew of bug fixes.

Techniques:

  • Adobe XML Injection Metasploit Module – carnal0wnage.attackresearch.com/
    So against a patched host or someone that has disabled the service in ColdFusion you’ll see one of two things; either 404′s for the checks or 200 for /flex2gateway/ and 500 for the http or https check.
  • Attacking Cisco Router over TCL – sectechno.com
    When you first log to Cisco router you are in user EXEC mode (level 1) from this mode you can have just some information such as interfaces status, view routes in the routing table.
  • Statistics Don’t Lie… Or Do They? – tllod.com
    What particularly stands out about the EFTPS exploit toolkit is their admin interface.

Vulnerabilities:

  • Heads up… 0-day in an exploit kit – avg.com
    It’s fairly well known (well, well-known if you’re a security geek) that CVE-2010-3962 is in the Wild, but over the last couple of days, we’ve begun detecting it in the Eleonore Exploit Kit.

Vendor/Software Patches:

  • Flash Update Plugs 18 Security Holes – krebsonsecurity.com
    The new version is available from this link, but be aware that if you accept all of the default settings, the update may include additional software, such as a toolbar or anti-virus scanner.

Other News: