Event Related
- OWASP AppSec USA 2011 Schedule/Slides/Video – appsecusa.org
Schedule, slides, and video for OWASP AppSec USA 2011 – September 20-23 - ShmooCon 2012 – January 27-29 – Presentations – shmoocon.org
ShmooCon 2012 Presentations and Videos available here. - FOSDEM 2012 – First video recordings uploaded! – fosdem.org
We are pleased to announce that the first video recordings of FOSDEM 2012 have been uploaded to our master server; they should be available shortly as our mirrors synchronize with our main server. You can browse the contents through video.fosdem.org. - Security Zone 2011 Videos – securityzone.co
Security Zone 2011 Videos available here.
Resources
- Secunia Yearly Report 2011 – secunia.com
Download the Secunia Yearly Report 2011 - MS12-013: Vulnerability in C Run-Time Library could allow remote code execution Exploit Shop – exploitshop.wordpress.com
Update (Feb 16): Confirmed PoC is working. You can download compiled .exe file, which is dynamically linked with msvcrt.dll. Tested on Windows 7 32bit and 64bit. Download ms12-013poc.exe. - Attack Surface Reduction – Chapter 4 – resources.infosecinstitute.com
This is Chapter 4 in Tom Olzak‘s book, “Enterprise Security: A practitioner’s guide.” - Is the iPhone really Malware Free? – anti-virus-rants.blogspot.com
Friday morning mikko hypponen posted a tweet about the folks behind flexispy changing the look of their site, and i took the opportunity to pose a question to him about iphone malware. you see, flexispy is (or was) a piece of mobile malware that f-secure posted about about 6 years ago. - Should we be focusing on vulnerabilities or exploits? – zdnet.com
This post was inspired by a recent ZDNet article “Offensive security research community helping bad guys” and this ThreatPost interview after the Kaspersky security analyst summit, in which Adobe security chief Brad Arkin explains his (Adobe’s) philosophy on addressing software vulnerabilities. - CVE-2010-0842 Java MixerSequencer Vulnerability Metasploit Demo – eromang.zataz.com
Timeline :Vulnerability reported to ZDI by Peter VreugdenhilVulnerability reported to the vendor by ZDI the 2009-12-10Coordinated public release of the vulnerability the 2010-04-05Details of the vulnerability and first PoC disclosed the 2010-05-21Metasploit PoC provided the 2012-02-15PoC - Pass the iOS Privacy Salt Hashing Does NOT Guarantee Privacy. – neohapsis.com
There has been a lot of concern and online chatter about iPhone/mobile applications and the private data that some send to various parties.
Tools
- WordPress Security: Plugins and Vulnerability Scanning Tools – resources.infosecinstitute.com
So in this article we will cover some tools and plug-ins to audit WordPress software for security holes and vulnerabilities. We will also discuss the possible ways and tools that an attacker might use to hack into WordPress, and some of the best way(s) to secure a WordPress blog.
Techniques
- Dumping Cleartext Credentials with Mimikatz – pauldotcom.com
Ever have that moment where hashes just aren’t good enough? Where you don’t have time or power to brute force a 15 character NTLM password? Well, if you were able to dump hashes in the first place, then you’ve already achieved the necessary pre-requisites to dump the passwords in clear text. Yes… you read that correctly, clear text. - Shreeraj’s security blog: CSRF with upload XHR-L2, HTML5 and Cookie replay – shreeraj.blogspot.com
XHR level 2 calls embedded in HTML5 browser can open a cross domain socket and deliver HTTP request. Cross Domain call needs to abide by CORS. - Exploiting Sudo format string vunerability – vnsecurity.net
In this post we will show how to exploit format string vulnerability in sudo 1.8 that reliably bypasses FORTIFY_SOURCE, ASLR, NX and Full RELRO protections. - Nessus 5 Making My Pentesting WorkflowEasier – darkoperator.com
With the recent release of Nessus 5 it comes with several improvements like better filtering in policy creation, analysis, reporting and a faster lighter engine for scanning. - Virtualization Security: Hacking VMware with VASTO – resources.infosecinstitute.com
With the advancement of the technology in the field of computers, requirement for hybrid setups has also escalated. Nowadays every company is using a heterogeneous infrastructure for its variety of tasks. - Bypassing Web Application Firewalls with SQLMap Tamper Scripts – r00tsec.blogspot.com
The focus of the tamper scripts is to modify the request in a way that will evade the detection of the WAF (Web Application Firewall) rules. In some cases, you might need to combine a few tamper scripts together in order to fool the WAF. - Hunting & Exploiting Directory Traversal – carnal0wnage.attackresearch.com
In cktricky’s last post he provided a great outline on the ins and outs of leveraging burp’s built in support for directory traversal testing. There are two questions, however, that should immediately come to mind once you are familiar with this tool: How do I find directory traversal & what should I look for if I do? - Using Metasm To Avoid Antivirus Detection (Ghost Writing ASM) – pentestgeek.com
It seems that more and more these days I find myself battling head to head against my client’s Antivirus Software. Payloads I encoded to successfully bypass one solution get picked up by another. - Feb 9 CVE-2011-1980 MSOffice DLL Loading vulnerability + Trojan Nflog – contagiodump.blogspot.com
On February 9, 2012 Symantec disclosed that the previously patched MS Office insecure library loading vulnerability was exploited in the wild. DLL loading vulnerabilities were used in targeted attacks at least with two other exploits in 2011 and they did not reach epidemic proportions like it happend with CVE-2010-3333 RTF or some of the Adobe PDF exploits.
Vendor/Software Patches
- Microsoft February Security Updates
- MS12-008 – Critical : Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2660465) – technet.microsoft.com
This security update resolves a privately reported vulnerability and a publicly disclosed vulnerability in Microsoft Windows. - MS12-010 – Critical : Cumulative Security Update for Internet Explorer (2647516) – technet.microsoft.com
This security update resolves four privately reported vulnerabilities in Internet Explorer. The most severe vulnerabilities could allow remote code execution if a user views a specially crafted web page using Internet Explorer. - MS12-013 – Critical : Vulnerability in C Run-Time Library Could Allow Remote Code Execution (2654428) – technet.microsoft.com
This security update resolves a privately reported vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if a user opens a specially crafted media file that is hosted on a website or sent as an email attachment. - MS12-016 – Critical : Vulnerabilities in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution (2651026) – technet.microsoft.com
This security update resolves one publicly disclosed vulnerability and one privately reported vulnerability in Microsoft .NET Framework and Microsoft Silverlight. - Assessing risk for the February 2012 security updates – blogs.technet.com
Today we released nine security bulletins. Four have a maximum severity rating of Critical with the other five having a maximum severity rating of Important. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment. - MS12-014: Indeo, a blast from the past – blogs.technet.com
Today, we shipped security update MS12-014 to address an issue in the Indeo codec. With this blog post, we hope to preemptively answer some common questions that are likely to surface as researchers analyze this security update. - MS12-013: More information about the msvcrt.dll issue– blogs.technet.com
Today we are shipping a security update to address a Critical-class memory corruption vulnerability in the Microsoft C Run-Time Library (msvcrt.dll) shipped with Windows.
- Mozilla patches critical bug in new Firefox version | Security – InfoWorld – infoworld.com
For the third consecutive release of Firefox, Mozilla has pushed users a patch shortly after launching a new version of the browser. - Critical Fixes from Microsoft, Adobe – krebsonsecurity.com
If you use Microsoft Windows, it’s time again to get patched: Microsoft today issued nine updates to fix at least 21 security holes in its products. - Java Security Update Scrubs 14 Flaws – krebsonsecurity.com
Oracle has shipped a critical update that fixes at least 14 security vulnerabilities in its Java JRE software. The company is urging users to deploy the fixes as quickly as possible. - Flash Player Update Nixes Zero-Day Flaw – krebsonsecurity.com
Adobe has issued a critical security update for its ubiquitous Flash Player software.
Vulnerabilities
- Horde Groupware backdoor
- Horde Groupware contains backdoor – h-online.com
Unknown perpetrators infiltrated a backdoor into several installation packages during an attack on groupware provider Horde’s FTP server. Horde 3.3.12, Groupware 1.2.10 and the webmail edition of the groupware product are all affected. - CVE-2012-0209 Horde backdoor analysis – eromang.zataz.com
The 13/02 Horde team has release a security alert concerning their products. An unknown intruder has hack the FTP server of Horde since minimum November 02 2011 and has manipulate three Horde releases to allow unauthenticated remote PHP execution. - Southwest Airlines iPhone app vulnerable to hackers – blogs.denverpost.com
Southwest Airlines’ iPhone app leaves a user’s information vulnerable to hackers, according to a recent study by a University of Colorado at Colorado Springs master’s student. - Ticketmaster warns of hacked mailing list, Adobe Reader spams sent out – sophos.com
The UK branch of the ticketing firm Ticketmaster has warned its online customers that they might have received a series of unauthorised emails after its TicketWeb subsidiary’s mailing list system was compromised.
Other News
- Nortel Hacked for Years?
- Nortel hacked for years but failed to protect itself, report says – news.cnet.com
The company didn’t try hard enough to stop a 10-year incursion by hackers likely working from China, says a former Nortel exec cited by the Wall Street Journal. Read this blog post by Lance Whitney on Security. - Nortel Networks hackers had “access to everything” for years – arstechnica.com
Nortel Networks suffered a security breach that for almost a decade gave attackers with Chinese IP addresses access to executive network accounts, technical papers, employee emails and other sensitive documents at the once-thriving telecommunications firm, The Wall Street Journal reported. - Chinese hackers had free rein at Nortel – h-online.com
According to a report, hackers, allegedly from China, had access to telecoms equipment manufacturer Nortel’s IT systems over a period of several years – access that they took full advantage of. - Weak RSA Keys
- Crypto shocker: four of every 1,000 public keys provide no security (updated) – arstechnica.com
An astonishing four out of every 1,000 public keys protecting webmail, online banking, and other sensitive online services provide no cryptographic security, a team of mathematicians has found. The research is the latest to reveal limitations in the tech used by more than a million Internet sites to prevent eavesdropping. - Weak RSA Keys Plague Embedded Devices, But Experts Caution Against Panic – threatpost.com
Weak RSA encryption keys are a problem, according to new research, but Paul Kocher says that has been true for a long time and there are many other security flaws plaguing cryptosystems. - Cybersecurity Act of 2012 Introduced Without Emergency Presidential Powers Provisions – threatpost.com
A bipartisan group of Senators introduced the Cybersecurity Act of 2012 yesterday. The bill aims to secure federal and private sector networks that provide essential services or that are deemed “critical” to the nation in some other way. - NIST to Update Controls Guidance at RSA – bankinfosecurity.com
NIST’s Ron Ross will be quite busy at RSA Conference 2012, not only promoting revised guidance on security and privacy controls to be unveiled at the securing conclave, but also participating in a panel on one of his favorite topics: continuous monitoring. - ‘0-day exploit middlemen are cowboys, ticking bomb’ – zdnet.com
Christopher Soghoian: What if a weaponized zero-day sold to a foreign government is used against critical infrastructure in the United States? - York Facebook hacking student Glenn Mangham jailed – bbc.co.uk
A software development student from York who hacked into Facebook has been jailed for eight months.
Leave A Comment