Resources
  • Analysis of 250,000 Hacker Conversations – net-security.org
    This forum is used by hackers for training, communications, collaboration, recruitment, commerce and even social interaction. Commercially, this forum serves as a marketplace for selling of stolen data and attack software.
  • Pentesting iPhone Applications – securitylearn.wordpress.com
    I have given a presentation on Pentesting iPhone Applications in c0c0n. This presentation mainly focuses on methodology, techniques and the tools that will help security testers while assessing the security of iPhone applications.
  • Trustwave’s 2011 Global Security Report – trustwave.com
    Featuring analysis of more than 220 data breach investigations and more than 2,300 penetration tests conducted by Trustwave’s SpiderLabs, the Global Security Report 2011 identifies the top vulnerabilities business encountered in 2010 as well as a list of strategic initiatives to help your business improve its overall security. Download the report today!
  • Dr. Charlie Miller Compares The Security of iOS and Android – accuvant.com
    I had the honor of talking to Dr. Charlie Miller, principal research consultant for Accuvant LABS, for a bit during DerbyCon about the security of mobile devices’ operating systems. Specifically, Dr. Miller articulated the differences between Apple’s iOS and the Android OS. Here are some of the highlights before you watch the video to get it directly from the good doctor himself.

Tools

  • Heaplocker: Preventing Heapsprays – blog.didierstevens.com
    I’ve been using my HeapLocker tool for almost a year now, and I’ve encountered no issues, except for the NOP sled detection. When used with Adobe Reader, HeapLocker will generate too many false positives when looking for NOP sleds. So I’ve disabled NOP sled detection for Adobe Reader.
  • LoadDLLViaAppInit 64-bit – blog.didierstevens.com
    Many of my security tools are DLLs. If you want to use these tools inside a 64-bit process, you’re stuck, because you can’t use 32-bit DLLs inside a 64-bit process (and vice versa).
  • The Crudminer files - github.com
    The idea of CrudMiner came from having inherited a large webserver full of user-installed software. As it is nearly always the case, when clients are allowed to install their own software, they never actually bother to keep it patched and updated. I wrote CrudMiner with the sole task of looking for known-outdated web software and reporting it to me in a format that was easy to grok and process.
  • Website v1.0beta automated web passive analysis – code.gogle.com/p/webfight
    I was on AppSec Latam 2011, and Wagner Elias released a tool named WebFight. This tool uses a log parser of Burp and perform a series of tests.
  • RunInsideLimitedJob 64-bit – blog.didierstevens.com
    RunInsideLimitedJob is a tool to sandbox applications by containing their process inside a limited job object. There are 2 versions of my RunInsideLimitedJob tool: a .EXE and a .DLL.

Techniques

  • Re-engineering Android Applications To Introduce Security Bugs – securityaegis.com
    This is an excellent example of how easy this is on Android. Download, patch, resubmit to market, pwn users.
  • When Is Full packet Capture NOT Full Packet Capture – securityonion.blogspot.com
    I was looking at some packets recently and noticed the Wireshark message “Packet size limited during capture”.  This was strange since the packets came from a Sguil sensor performing full packet capture using Snort’s default snaplen on a standard Ethernet connection (no Jumbo frames and no VLAN tags).

Vendor/Software Patches

  • Oracle Patch, Java Update
    Oracle on Tuesday plans to release patches for 56 new vulnerabilities in a huge number of its products through its scheduled quarterly critical patch update. The company said that the various vulnerabilities in this month’s CPU affect hundreds of Oracle products.
  • Mobile Threats On The Desktop – blogs.technet.com
    The MMPC has been routinely monitoring threats (via the desktop) that affect different mobile platforms such as Symbian, Java ME, Android, RIM, iOS and Windows Mobile. One of the increasingly common ways we see mobile devices being compromised is by allowing the user to download and install applications independently. This is because the consumer cannot know if the app might be malicious, thus, protection from mobile threats on the desktop is vital.
  • Adobe fixes Flash privacy panel so hackers can’t check you out – arstechnica.com
    Yesterday, Adobe made changes to a page on an Adobe website that controls Flash user’s security settings—or more specifically, to the Flash .SWF file embedded in the page that opens the Flash website privacy settings panel. The changes are intended to prevent a clickjacking attack that uses the file to activate and access users’ webcams and microphones to spy on them.

Vulnerabilities

Other News