Event Related

Resources

  • M-Trends: The One Threat Report You Need to Read – blog.mandiant.com
    Today is a big day. If you’ve followed us for a while you know that once a year we step back and take stock of what we’ve seen on the front lines battling targeted attacks. What is the advanced persistent threat (APT) up to?

Tools

  • TaskManager.xls V0.1.2 Update – blog.didierstevens.com
    This is a new version of TaskManager.xls with memory usage statistics, with code given to me by sciomathman.
  • Zscaler tool can find unprotected embedded web servers – zdnet.com
    The web-based tool can scan IP ranges to find multi-function printers and photocopiers, VOIP devices and video-conferencing systems that are currently.
  • Introducing Adobe SWF Investigator – adobe.com
    Today I am launching a beta of a tool on Adobe Labs called, Adobe SWF Investigator. This Adobe AIR-based application is a suite of tools that may be useful to SWF developers, quality engineers, and security researchers.
  • Ettercap v0.7.4.1 Lazarus Released – ettercap.sourceforge.net
    Ettercap is a suite for man in the middle attacks on LAN. It features sniffing of live connections, content filtering on the fly and many other interesting tricks.
  • Wireshark and Pcap-ng – blog.wireshark.org
    When Wireshark 1.8.0 is released in the next few months it will introduce two major features: the ability to capture from multiple interfaces at once and the ability to annotate packets.
  • Mole v0.3 (2012-03-02) – themole.nasel.com.ar
    Command line sql injection tool
  • WCE v1.3beta 32bit released – hexale.blogspot.com

    WCE v1.3beta 32bit released.

Techniques

  • Testing the Security of Virtual Data Centers – community.rapid7.com
    If you are doing security assessments, you are probably running into virtual servers every day. According to analyst firm Gartner, 80% of companies now have a virtualization project or program. With the recent 4.2 release of Metasploit, your next penetration test should be much more fun.
  • Why Security Assessments Must Cover IPv6, Even In IPv4 Networks – community.rapid7.com

    What’s your company doing to prepare for IPv6? Probably not an awful lot. While 10% of the world’s top websites now offer IPv6 services, most companies haven’t formulated an IPv6 strategy for the network.

  • Foot printing – Finding your target… – sensepost.com
    Network foot printing is, perhaps, the first active step in the reconnaissance phase of an external network security engagement. This phase is often highly automated with little human interaction as the techniques appear, at first glance, to be easily applied in a general fashion across a broad range of targets.

Vulnerabilities

Other News

  • Uncle Sam: If It Ends in .Com, It’s Seizable – wired.com

    The U.S. government says it has the right to seize any .com, .net and .org domain name because the companies that have the contracts to administer them are based on United States soil, according to Nicole Navas, an Immigration and Customs Enforcement spokeswoman.

  • Sabus sordid story detailed in FBI indictment – nakedsecurity.sophos.com

    Hector Xavier Monsegur may have portrayed the exploits of Anonymous and LulzSec as a glamorous fight against “the man”, but the dark criminal realities of their exploits were exposed in his indictment. It appears he wasn’t just in it for the lulz.

  • Dropbox Abused by Spammers – symantec.com

    Recently we noticed spammers abusing Dropbox, a popular cloud-based, file-hosting and synchronization tool, to spread spam. Dropbox accounts have a public folder where files can be placed and made publicly available. This function is useful to spammers, as it effectively turns Dropbox into a free hosting site.