Week 28 In Review

Resources

  • A Look Inside Targeted Email Attacks – symantec.com
    The number of targeted attacks has increased dramatically in recent years. Major companies, government agencies, and political organizations alike have reported being the target of attacks. The rule of the thumb is, the more sensitive the information that an organization handles, the higher the possibility of becoming a victim of such an attack.

Tools

  • Centralized Exploit/Vulnerability Search Engine – exploitsearch.net
    This is a online search for currently utilizing data from NVD, OSVDB, SecurityFocus, Exploit-DB, Metasploit, Nessus, OpenVAS, and PacketStorm. Well search engine does the work but this is a specific search engine for better results. There not much to write about just visit the site and all your queries.
  • Update: THC Hydra v6.5! – freeworld.thc.org
    THC-HYDRA is a very fast network logon cracker which support many different services. This tool is a proof of concept code, to give researchers and securityconsultants the possibility to show how easy it would be to gain unauthorized access from remote to a system. It was tested to compile cleanly on Linux,Windows/Cygwin, Solaris, FreeBSD and OSX.
  • Loki: An Open Source Layer 3 Packet Generating and Attacking Python Framework! – ernw.net
    Loki was released by security researchers for the Germany based ERNW GmbH at BlackHat USA 2010. It includes a GUI that has been programmed in GTK/GLADE and lots of protocols that none of the other tools have implemented yet! To be precise, the following protocols are supported.

Techniques

  • Military Password Analysis – blog.imperva.com
    The recent attack against Booz Allen led to 90,000 leaked passwords.  Unlike previous breaches where the passwords weren’t encyrpted, it looks like in this case some care was taken to scramble the data.
  • Abusing Password Resets – carnal0wnage.attackresearch.com
    Dave Ferguson has beaten up on forgotten/reset password functionality for some time and recently participated in an OWASP podcast where he discussed these problems. The podcast reminded me of some techniques I’ve used in the past which have been successful and may be worth sharing. Accessing other user’s accounts with insecurely coded forgot/reset password functionality is more common than you might think.
  • Automating Post Modules And Meterpreter Across Sessions – darkoperator.com
    I wrote a couple of weeks ago a Metasploit plugin for automating running Metasploit post modules across several sessions while writing and testing the post exploitation mixin for Linux since there are so many distros I had a large number of sessions including some to Solaris and Windows host and testing one by one of the sessions was a bit of a pain.
  • Teensy PDF Dropper Part 1 – blog.didierstevens.com
    Pentesters need to drop files on targets. If a box is not connected to the Internet, and doesn’t accept removable storage, they need to come up with some tricks. Inputting the file via the keyboard is an option, but typing several millions of bytes is not. This needs automation.
  • On-Screen Keyboards Considered Harmful – blog.thinkst.com
    We rarely talk about it these days, but shoulder surfing is a pretty old (but reliable) attack. This is why most password prompts are masked. Many modern mobiles (and tablets) however will highlight keys pressed on the keyboard making old style shoulder surfing attacks trivial (and reasonably automatable) again.
  • Blocking and Detecting A Teensy Dropper – blog.didierstevens.com
    A Teensy dropper presents itself as a keyboard (HID) to a PC and this is how it can be used to drop files even if you don’t allow removable drives. You can prevent the installation of new HIDs, but this is an issue when you need to replace keyboards or mice.

Vendor/Software Patches

Vulnerabilities

  • Microsoft Black Tuesday
    This security update resolves a privately reported vulnerability in the Windows Bluetooth Stack. The vulnerability could allow remote code execution if an attacker sent a series of specially crafted Bluetooth packets to an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This vulnerability only affects systems with Bluetooth capability.
  • Java Vulnerability Demonstrates File Planting – h-online.com
    Researchers at ACROS Security have shown how the current Java Runtime Environment (JRE) can be coerced into running an executable in the current directory. They offer it up as an example of “file planting”, a more general version of binary planting seen last year as Windows applications were found to be loading DLLs from unsafe sources.
  • Vulnerability In Skype Allows Accounts To Be Hijacked – h-online.com
    Popular VoIP software Skype contains a security issue which could enable an attacker to gain access to a contact’s account. In a security advisory, Levent Kayan, who discovered the vulnerability, reports that in some cases it could even allow access to the user’s system.

Other News

  • Security App Aims To Keep Malware From Spreading Through iOS Devices – readwriteweb.com
    It seems that every other week there are reports about new malware targeting Android devices though the Android Market. To date, there have been no viruses, rootkits or Trojans that have been able to worm through the Apple App Store into user devices. That doesn’t mean that iOS devices cannot be conduits for malware.
  • Wi Fi Hacking Neighbor From Hell Sentenced To 18 Years – wired.com
    A Minnesota hacker prosecutors described as a “depraved criminal” was handed an 18-year prison term Tuesday for unleashing a vendetta of cyberterror that turned his neighbors’ lives into a living nightmare.
  • Critics: U.S. Cybersecurity Plan Has Holes, Few New Items – computerworld.com
    The new Strategy for Operating in Cyberspace issued by the Department of Defense on Thursday covers a collection of topics that have been discussed for years and leaves a number of important unanswered questions, critics said. Deputy Secretary of Defense William Lynn unveiled the new strategy during a speech on Thursday, and a transcript of the speech was made available online.
  • DoD Announces First Strategy For Operating In Cyberspace – defense.gov
    The Department of Defense released today the DoD Strategy for Operating in Cyberspace (DSOC).  It is the first DoD unified strategy for cyberspace and officially encapsulates a new way forward for DoD’s military, intelligence and business operations.

Leave A Comment