Event Related

  • ShmooCon Firetalks 2012
    • ShmooCon Firetalks 2012 – irongeek.com
      These are the videos I have for the ShmooCon Firetalks 2012.
    • ShmooCon Epilogue 2012 – irongeek.com
      These are the videos I have for ShmooCon Epilogue 2012. Georgia recorded the live parts, and my rig was used for the slides. Sorry that there are some missing talks, Georgia may have them on her site.
    • ShmooCon 2012 FireTalks – Update 8 (Videos from Saturday) – novainfosecportal.com
      To follow up with Friday’s post re getting a lot of the other awesome ShmooCon Firetalks out there, here is the complete line up from Saturday night. And if you are interested in seeing all the talks from each night, IronGeek has just put out a post with two longer videos from each evening.
  • FOSDOM Presentation
    • Sandbox applications quickly with KVM or LXC – h-online.com
      In the “Building application sandboxes on top of LXC and KVM with libvirt” FOSDEM presentation, Red Hat developer Daniel Berrange introduced libvirt-sandbox, which confines individual applications in a secured area (“sandbox”) using the KVM (Kernel-based Virtual Machine) virtualisation solution or LXC (Linux Containers).
  • DoD Cyber Crime Conference Presentation: Recipes for Remediation – blog.mandiant.com
    Wendi Rafferty and I presented at the DoD Cyber Crime conference in Atlanta, GA. Our presentation, “Recipes for Remediation: Key Ingredients for Building a More Resilient Security Program,” has been posted to the MANDIANT Archive Presentations page here.

Resources

Tools

  • Qubes Beta 3! – theinvisiblethings.blogspot.com
    A new ISO with the just released Qubes Beta 3 is now available for download here.
  • THC-HYDRA v7.2 – thc.org
    “THC-HYDRA is a very fast network logon cracker which support many different services. This tool is a proof of concept code, to give researchers and security consultants the possibility to show how easy it would be to gain unauthorized access from remote to a system. It was tested to compile cleanly on Linux, Windows, Cygwin, Solaris, FreeBSD and OSX.”
  • TrueCrypt 7.1a – truecrypt.org
    TrueCrypt is a software system for establishing and maintaining an on-the-fly-encrypted drive. On-the-fly encryption means that data are automatically encrypted or decrypted right before they are loaded or saved, without any user intervention.
  • Improving and Adding More Pentesting Tools for BackTrack 5 – theprojectxblog.net
    For BackTrack users out there, I found a good shell script which is bt5-fish.sh that fixes your BackTrack 5 installation and adds more open source penetration testing tools. The tools / packages will be installed / converted to svn installs.

Techniques

  • JSON CSRF with Parameter Padding – blog.opensecurityresearch.com
    The JavaScript Object Notation (JSON) format is one of the prominent data exchange formats of the contemporary web applications. When a web application implements JSON, Cross Site Request Forgery (CSRF) payload delivery gets bit tricky because of query string and JSON format mismatch. With couple of tricks however, we can successfully execute CSRF attacks with JSON payloads.
  • Quickpost: Disassociating the Key From a TrueCrypt System Disk – blog.didierstevens.com
    TrueCrypt allows for full disk encryption of a system disk. I use it on my Windows machines.
  • Direct Shellcode Execution via MS Office Macros with Metasploit – carnal0wnage.attackresearch.com
    scriptjunkie recently had a post on Direct shellcode execution in MS Office macros I didnt see it go into the metasploit trunk, but its there. How to generate macro code is in the post but i’ll repost it here so i dont have to go looking for it elsewhere later.
  • Hacking Cradle Point Routers – Obscurity at the Peak – zeroknock.blogspot.com
    Cradle-point wireless routers are used heavily for setting small networks. However, Cradle-point uses interesting MAC specific authentication credentials which are unique for every router because of the MAC address uniqueness.
  • MindshaRE: IDAception – dvlabs.tippingpoint.com
    If you’ve ever tried collaborating with other people while reverse engineering a vulnerability your process probably includes some tedious steps, like transferring.

Vendor/Software Patches

Vulnerabilities

  • Satellite Phone Encryption Cracked – telegraph.co.uk
    German academics said they had cracked two encryption systems used to protect satellite phone signals and that anyone with cheap computer equipment and radio could eavesdrop on calls over an entire continent. Hundreds of thousands of satellite phone users are thought to be affected.
  • Another Serious Security Bug on PHP 5.3.9 – PHP Classes blog – phpclasses.org
    PHP 5.3.9 release was mostly meant to fix a security bug, but it introduced a new more serious bug. PHP 5.3.10 was just released to fix this issue.
  • Flaw in Home Security Cameras Exposes Live Feeds to Hackers – wired.com
    A flaw in home security cameras made by Trendnet potentially exposed thousands of customers to hackers who could access the live video feeds without a password.
  • ‘CVE-2012-0056 Metasploit Exploit – pastebin.com
    This file is part of the Metasploit Framework and may be subject toredistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use.

Other News

  • Critics slam SSL authority for minting certificate for impersonating sites – arstechnica.com
    Critics are calling for the ouster of Trustwave as a trusted issuer of secure sockets layer certificates after it admitted minting a credential it knew would be used by a customer to impersonate websites it didn’t own.
  • Google to strip Chrome of SSL revocation checking – arstechnica.com
    Google’s Chrome browser will stop relying on a decades-old method for ensuring secure sockets layer certificates are valid after one of the company’s top engineers compared it to seat belts that break when they are needed most.
  • Hacker Sentenced to 30 Months in Prison – securityweek.com
    A hacker who tried to land an IT job at Marriott by hacking into the company’s computer systems and then unwisely extorting the company into hiring him, has been sentenced to 30 months in prison.
  • AntiSec leaks Symantec pcAnywhere source code after $50k extortion not paid – blogs.computerworld.com
    Symantec had said it would pay $50,000 to a group of hackers associated with Anonymous and AntiSec in order to keep its source code from being leaked online.
  • Trustwave issued a man-in-the-middle certificate – h-online.com
    Certificate authority Trustwave issued a certificate to a company allowing it to issue valid certificates for any server.
  • Hackers hit CIA, UN Web sites – news.cnet.com
    With the CIA site inaccessible, the Twitter account for @YourAnonNews tweeted “CIA TANGO DOWN: cia.gov #Anonymous” and included a link to a news story about the outage on Russian site RT.com.