Event Related

  • Infiltrate  Conference
    • “Voight-Kampff’ing The BlackBerry PlayBook” at INFILTRATE 2012intrepidusgroup.com
      We gave a talk at Immunity’s awesome INFILTRATE conference in Miami Beach, FL. Our presentation, “Voight-Kampff’ing The BlackBerry Playbook”, discussed some of the blackbox style, independent research we performed on the BlackBerry PlayBook.
    • Infiltrate Wrap Upblog.opensecurityresearch.com
      Our industry is getting over saturated with conferences that are filled with stale and sometimes uninspiring content.  If we cannot collectively raise the bar, we’re not motivating ourselves to produce creative and innovative research – and if we’re not doing that, we might as well surrender our intellect, curiosity, and integrity to the vendors who would prefer to ignore the security of their customers, to increase their profits.

Tools

  • Windows Phone App Analyser v1.0 released today – securityninja.co.uk
    The main reason I wanted to do the WP7 app development was to increase my knowledge about the WP7 application development and submission process.  I have done a lot of mobile security research and even presented about Android and iOS security but I didn’t want to assume that knowledge would apply to WP7 so I got my hands dirty with some app development!
  • Reversing Malware with Android Reverse Engineering (A.R.E.) – sectechno.com
    Malwares on mobile system are increasing dramatically, especially on android smartphone system, this week Trendmicro security lab posted about new campaign targeting this system by infecting users over web applications.
  • The SPToolkit – The Phishing Toolkit Project professionalsecuritytesters.org
    These articles give some good insights into why phishing is on the rise and why you, as an information security professional, should be worried about it.

Techniques

  • Monitoring pastebin.com within your SIEM – blog.rootshell.be
    For those who (still) don’t know pastebin.com, it’s  a website mainly for developers. Its purpose is very simple: You can “paste” text on the website to share it with other developers, friends, etc. You paste it, optionally define an expiration date, if it’s public or private data and you are good.
  • Stuff I learned while writing a CTF – alexmcgeorge.wordpress.com
    This blog entry talks about some of the lessons I learned running the WebHacking class for Infiltrate 2012 which included a WarGame/CTF style hootenanny on the final day.
  • Ncrack presentation   – sock-raw.org
    Just letting people know, I uploaded the slides from my AthCon presentation on Network Exploitation with Ncrack. I will probably get my hands on the video material from the conference soon.

Vendor/Software Patches

  • Oracle Updates
    • Fundamental Oracle flaw revealed   infoworld.com
      Over the past two months, InfoWorld has been researching a flaw in Oracle’s flagship database software that could have serious repercussions for Oracle database customers, potentially compromising the security and stability of Oracle database systems.
    • Oracle Critical Patch Update Advisory – January 2012 – oracle.com
      A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative but each advisory describes only the security fixes added since the previous Critical Patch Update advisory.

Vulnerabilities

  • Security Email – blogs.zappos.com
    The most important focus for us right now is the safety and security of our customer’s information.  Within the next hour, we will begin the process of notifying the 24+ million customer accounts in our database about the incident and help step them through the process of choosing a new password for their accounts.
  • A free Windows Vulnerability for the NSA – blog.ioactive.com
    Some months ago at Black Hat USA 2011 I presented this interesting issue in the workshop “Easy and Quick Vulnerability Hunting in Windows,” and now I’m sharing it with all people a more detailed explanation in this blog post.
  • Excuse me, your clouds are leaking – intrepidusgroup.com
    I recently started playing around with Gliffy, a nice online diagramming tool that has become quite popular.  Gliffy makes sharing your diagrams with the world easy.

Other News

  • Offensive Research Continuing to Advance – threatpost.com
    “The ability to make a difference in the real world against dedicated offensive teams is a rare thing,” Dave Aitel, CEO of Immunity, which put on Infiltrate, said during the conference. “This stuff can change quickly.”
  • A technical examination of SOPA and PROTECT IP – blog.reddit.com
    As you have probably heard, there are two pieces of legislation currently pending that we, and others like us, believe seriously threaten the internet. I wanted to take some time to delve into the text of both of these bills, and outline their potential consequences as I am able to understand them.
  • Man charged with stealing NY Fed Reserve Bank source code – news.cnet.com
    Authorities arrested a computer programmer today and charged him with stealing source code worth $9.5 million from the Federal Reserve Bank of New York.