Events Related

Resources

  • PDFXray Files – github.com
  • Clickjacking for Shells – morningstarsecurity.com
    Two years after the world was warned about clickjacking, popular web apps are still vulnerable and no web app exploits have been published. With many security pros considering clickjacking to have mere nuisance value on social networks, the attack is grossly underestimated. I will demonstrate step by step how to identify vulnerable applications, how to write exploits that attack web apps and also how to protect against clickjacking.

Tools

  • Qubes Beta 2 Released – theinvisiblethings.blogspot.com
    We faced quite a few serious problems with this release that were caused by an upgrade to Xen 4.1 (from Xen 3.4) that we used in Beta 1. But finally we managed to solve all those problems and all in all I’m very happy with this release. It includes many performance optimizations compared to Beta 1 (CPU- and memory-wise) and also many bugfixes.
  • tftptheft – code.google.com
    TFTP Theft is a tool which allows one to quickly scan/bruteforce a tftp server for files and download them instantly.

Techniques

  • Crawling For Domain Admin With Tasklist – pauldotcom.com
    The scenario is this. You’ve used a tool such as NBTEnum to enumerate Domain Admin account names. You’ve also managed to gain Local Administrator credentials by dumping and cracking the hashes of a vulnerable system on the network. Like most of corporate America, the target organization is using a universal Local Administrator account across most of their enterprise.
  • A Brave New Wallet, First Look At Decompiling Google Wallet – intrepidusgroup.com
    For the record, I welcome our new contactless payment overlords. I truly see the value in having the ability to make a payment transaction with our mobile devices. This opens up an opportunity to make these transactions more secure, give customers a better user experience, and also give them more control over payment options.
  • ARM, Pipeline and GDB, oh my! – intrepidusgroup.com
    This post off will start with an important question. Look at Listing 1 below; after executing the instruction located at main+12, what values will be stored in r0 andr1? Take a moment to consider this.
  • hack.lu CTF 2011 nebula DB systems – vnsecurity.net
    While you were investigating the Webserver of Nebula Death Stick Services, we, the Galactic’s Secret Service, put our hands on a SSH account of one of the Nebula Death Stick Services founders.
  • simple-shellcode-generator.py – blog.didierstevens.com
    Why is using malware a bad idea? It’s dangerous and not reliable. Say you use a trojan to test your sandbox. You notice that your machine is not compromised. But is it because your sandbox contained the trojan, or because the trojan failed to execute properly? It might surprise you, but there’s a lot of unreliable malware out in the wild.

Vulnerabilities

  • OS X Lion Password Flaw
    In OS X, user passwords are encrypted and then are stored in files called “shadow files” which are placed in secure locations on the drive. Based on system permissions, the contents of these files can then only be accessed and modified by the user, or by administrators provided they first give appropriate authentication.
  • Security Duo Finds Another Pair of Vulnerabilities In Android – reviews.cnet.com
    Remember the duo who released an Angry Birds spoof application last fall in effort to highlight some of Android’s vulnerabilities? If so, perhaps you also recall hearing that Google had to implement the remote kill feature in Android about the same time. Well, those guys are back and, judging by their latest finding, things still don’t look to be all that secure.
  • EFF’s Open Source Security Audit Uncovers Security Vulnerabilities in Messaging Software – eff.org
    We recently did a security audit in which we uncovered and helped to fix vulnerabilities in the popular open source messaging clients Pidgin and Adium. We were motivated by our desire to bolster the security of cryptographic software that we often recommend to individuals and organizations as a defense against surveillance.

Vendor/Software Patches

Other News