Subscribe to Infosec Events
Infosec Events Feed Stay up to date with all of the latest security news by subscribing to our RSS Feed. Alternatively, you can have updates sent directly to your email address.

Week 7 In Review – 2011

Published: February 21st, 2011 | Category: Local Meetings, Security Conferences, Security Tools, Security Training, Security Vulnerabilities, Security Workshops

Events Related

Resources

  • 2010 Breach Statistics – blog.absolute.com
    As you can see from the tally above, 662 breaches were reported for 2010. Those breaches exposed more than 16million records, though if you look closely into the report, you’ll see that quite a number of the breaches are left with a 0 for records reported – numbers may yet be unknown.
  • Tour guide to the seven types of malicious hackers – infoworld.com
    When I learned over the weekend that hackers had planted malware on a Nasdaq Web server, I wasn’t exactly surprised.
  • Metasploit Unleashed 2011 – offensive-security.com
    This past month has seen a number of additions to our free Metasploit Unleashedtraining course, primarily in our on-going effort to build out the Metasploit Module Reference section.
  • Data Loss Prevention and Internal Threats – tripwire.com
    Combine the major players getting into DLP and the rise of Wikileaks, and now everyone is concerned and aware of internal threats and losing their data.
  • SSDs prove difficult to securely erase - nakedsecurity.sophos.com
    At this week’s Usenix FAST 11 conference on File and Storage Technologies in San Jose, California researchers published a paperexamining the effectiveness of different secure erasure methodologies on Solid State Disks (SSDs).
  • CISSP Domain – Security Architecture and Design – resources.infosecinstitute.com
    This article will cover some of the major areas within Security Architecture and Design by looking at: design concepts, hardware architecture, OS and software architecture, security models, modes of operations, and some system evaluation methods, specifically CAP.
  • I uploaded some raw data and quick diff results from Windows 7 (x86) SP0 -> SP1: http://bit.ly/hauWee (read the README)- twitter.com, @hdmoore

Tools

  • Manual Blind SQL Injection and password cracking w/ DVWA and JTR - pauldotcom.com
    The following video demonstrates the manual exploitation of blind SQL injection vulnerabilities in DVWA, followed up by a quick crack of the stolen hashes with John the Ripper.
  • IRONBEE: The Open Source Next generation WAF - pentestit.com
    Its like building a universal web application firewall in the cloud Open Source Next Generation WAF for the Community! It is a new open source project from Qualys to build a universal web application firewall sensor in the cloud through collective efforts of the community.
  • Nikto 2.1.4 available! - cirt.net
    We’re happy to announce the immediate availability of Nikto 2.1.4!
  • Nessus “Exploitable With” Field Updated – blog.tenablesecurity.com
    Over the past few months, fields in Nessus reports indicating whether or not an exploit exists for a given vulnerability have continued to evolve.
  • The Yeti is here - sensepost.com
    After several months of dedicated … uh dedication, our new network footprinting tool is being made available to the masses.
  • Open-SCAP v0.7.0 released - open-scap.org
    The OpenSCAP Project was created to provide an open-source framework to the community which enables integration with the Security Content Automation Protocol (SCAP) suite of standards and capabilities.
  • Web security v0.8 final released - code.google.com
    Websecurify Security Testing Framework identifies web security vulnerabilities by using advanced browser automation, discovery and fuzzing technologies.
  • NessusDB v1.2 Released – github.com
    NessusDB is Nessus XMLv2 parser, which pushes reports into anActiveRecord database, easing report generation.
  • inSSIDer v2.0.7.0126 The Wi-Fi network scanner released – metageek.net
    Because NetStumbler doesn’t work well with Vista and 64-bit XP, exits an open-source Wi-Fi network scanner designed for the current generation of Windows operating systems.
  • Volatility the advanced memory forensics framework v1.4 released - code.google.com
    The Volatility Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory (RAM) samples.
  • Debdroid: Run a Network Sniffing Debian System on Android – afrosec.org
    Just recently, it was announced that the Android phone operating system has grown a lot in the last two years.

Techniques

  • Yeti – Footprinting Your Network - blog.rootshell.be
    “Footprinting” is a technique to gather information about information systems. The goal is to collect as much information as possible and correlate them to build some kind of “business card” of the target.
  • Episode #134: Never Out of Sorts – blog.commandline.kungfu
    I was recently working a case where we had extracted a bunch of date-stamped messages from unallocated space, and we wanted to output them in reverse-chronological order.
  • Bypassing MDM Restrictions for Mobile Safari on iOS 4.2 - intrepidusgroup.com
    When deploying iOS devices, such as the iPhone or iPad, to a corporate population, the security-minded may ask “how can we keep people from using this device for inappropriate web surfing?”
  • The trick to defeating tamper-indicating seals - freedom-to-tinker.com
    Even so, when the state stuck a bunch of security seals on their voting machines in October 2008, I found that I could easily defeat them. I sent in a supplement expert report to the Court, explaining how.
  • HeapLocker: String Detection – blog.didierstevens.com
    When you enable string monitoring, HeapLocker will create a new thread to periodically check (every second) newly committed virtual pages that are readable and writable.
  • Possibly the most fascinating HTML parser behavior ever – Icamtuf.blogspot.com
    If this happens to be a single or a double quotation mark, the second parsing strategy is used; otherwise, the first method is a go.

Vendor/Software Patches

Vulnerabilities

  • Patched vulnerabilities remain prime exploitation vector - zdnet.org
    Which is the most popular tactic that cybercriminals uses on their way to infect users with malicious code (malware) and generate yet another botnet?
  • Windows O-day SMB mrxsmb.dll vulnerability - vupen.com
    A vulnerability has been identified in Microsoft Windows, which could be exploited by remote attackers or malicious users to cause a denial of service or take complete control of a vulnerable system.
  • Oracle Passlogix Vulnerability – securityfocus.com
    An attacker can exploit this issue to view and execute arbitrary files on the target system. Successful exploits may aid in a compromise of the underlying computer.

Other News

Be Sociable, Share!

    Tags: , ,

    RSS feed | Trackback URI

    1 Comment »

    Name (required)
    E-mail (required - never shown publicly)
    URI
    Your Comment (smaller size | larger size)
    You may use <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> in your comment.

    Trackback responses to this post

    © Godai Group 2014
    Home - Calendar - Communities - Training - Archives - Contact