Event Related

  • DefCon 20
    • Defcon Wi-Fi hack called no threat to enterprise WLANs – networkworld.com
      Enterprise Wi-Fi networks can keep using WPA2 security safely, despite a recent Defcon exploit that has been widely, but wrongly, interpreted as rendering it useless.

    • Is WPA2 Security Broken Due to Defcon MS-CHAPv2 Cracking? – revolutionwifi.blogspot.ca
      A lot of press has been released this week surrounding the cracking of MS-CHAPv2 authentication protocol at Defcon. For example, see these articles from Ars Technica and CloudCracker. All of these articles contain ambiguous and vague references to this hack affecting Wi-Fi networks running WPA2 security. Some articles even call for an end to the use of WPA2 authentication protocols such as PEAP that leverage MS-CHAPv2.
    • Stamping Out Hash Corruption, Like a Boss – blog.spiderlabs.com

      Have you ever dumped LM and NTLM password hashes from a Windows system using the registry and never been able to crack the hashes or pass the hash? If so, maybe this blog post will be of specific interest and/or importance to you.

    • Defcon 20 Day 3 Review – resources.infosecinstitute.com
      Defcon day 3 started with one of the most awaited talks of Defcon 20. It was the talk “Defeating PPTP VPNs and WPA2 Enterprise with MS-CHAPv2″ by Moxie Marlinspike, David Hulton and Marsh Ray. Moxie marlinspike has been one of the most popular speakers at Defcon for the past few years and as expected, the hall was full of people.

    • We are Samurai CTF and we won Defcon CTF this year – reddit.com
      I should mention that people here are PMing me asking to be part of the team. That is great. I encourage it. Just be prepared to give a bit of background on yourself and your skills. Welcome to our new members!

  • Black Hat USA 2012
  • Impressions from Black Hat, Defcon, BSidesLV and IOAsis – blog.ioactive.com
    A week has passed since the Las Vegas craziness and we’ve had some time to write down our impressions about the Black Hat, Defcon and BSidesLV conferences as well as our own IOAsis event.

  • Video: Hardening Windows processes – blog.didierstevens.com
    Help Net Security recorded a video with me speaking about EMET and HeapLocker at Hack In The Box Amsterdam 2012.

Resources

  • Mobile Threat Report, Q2 2012 – f-secure.com
    Here comes the Q2 2012 Mobile Threat Report, detailing the threats that F-Secure Labs analyzed between April to June 2012.

  • Android Security List – code.google.com
    Some apps are not in Google play store. I will try to update the links weekly in batches as I receive email request or discover them. They are some apps that are not or borderline unrelated to Infosec in the truest sense of the form but I think you will understand why I tossed them in for the heck of it. I will add apk descriptions at later date. I’m going for quantity verse quality thus some apps are much better than others.

  • Symantec Intelligence Report: July 2012 – symantec.com
    The Olympics is one of those rare occasions where the entire world comes together, setting aside various differences for the competition. The Games are a chance for each country to put their best foot forward and demonstrate their athletic skill and prowess.

  • Analysis of the FinFisher Lawful Interception Malware – community.rapid7.com
    It’s all over the news once again: lawful interception malware discovered in the wild being used by government organizations for intelligence and surveillance activities. We saw it last year when the Chaos Computer Club unveiled a trojan being used by the federal government in Germany, WikiLeaks released a collection of related documents in the Spy Files, we read about an alleged offer from Gamma Group to provide the toolkit FinFisher to the Egyptian government, and we are reading once again now with the same one being delivered to human rights activists in Bahrain along with some spearphishing attacks.

  • List of Run Commands in Windows 8 – nirmaltv.com
    Windows 8, the latest OS from Microsoft comes with many new features and improvements over Windows 7. Run commands are commands in Windows, which allows you to quickly access features and applications which are default in Windows.

Techniques

  • Sulley and Ronin fuzzing while debugging with Immunity of allmediaserver – 5x5sec.blogspot.com
    As I mentioned in the previous article that I wanted to do a write up on using different fuzzers and debuggers for the allmediaserver. If you haven’t read the previous article you might want to check it out. http://5x5sec.blogspot.com/2012/07/looking-into-exploitation-of.html . Ok lets dive in and see what we get.

  • How to Break Into Security, Miller Edition – krebsonsecurity.com
    For this fifth edition in a series of advice columns for folks interested in learning more about security as a craft or profession, I interviewed Charlie Miller, a software bug-finder extraordinaire and principal research consultant with Accuvant LABS.

Tools

  • WPScan – wpscan.org
    WPScan is a black box WordPress vulnerability scanner.

  • Lotus Domino Scanner – carnal0wnage.attackresearch.com
    The module is in the trunk, you can read the post but in my experience newer version of Lotus Domino dont actually advertise that they are lotus domino in the banner, thus you need a way to identify these and once identified figure out current version so you can see if there are any exploits for it.

  • zynga / hiccup – github.com
    Hiccup is a framework that allows the Burp Suite (a web application security testing tool, http://portswigger.net/burp/) to be extended and customized, through the interface provided by Burp Extender (http://portswigger.net/burp/extender/). Its aim is to allow for the development and integration of custom testing functionality into the Burp tool using Python request/response handler plugins.

  • OWASP Zed Attack Proxy 1.4.1 Released – http://code.google.com
    OWASP ZAP: An easy to use integrated penetration testing tool for finding vulnerabilities in web applications.

  • The Social-Engineer Toolkit (SET) v3.6 available – toolswatch.org
    The Social-Engineer Toolkit (SET) was created and written by the founder of TrustedSec. It is an open-source Python-driven tool aimed at penetration testing around Social-Engineering. SET has been presented at large-scale conferences including Blackhat, DerbyCon, Defcon, and ShmooCon. With over two million downloads, SET is the standard for social-engineering penetration tests and supported heavily within the security community.

Vendor/Software Patches

Vulnerabilities

  • iCloud Hacked
    • Journalist blames Apple tech for allowing iCloud hack – news.cnet.com
      Former Gizmodo reporter says device wipes and Twitter breaches occurred after an AppleCare technician fell victim to a bit of social engineering.

    • Apple Allowed Hackers Access To User’s iCloud Account – forbes.com
      Is your iCloud account secured by a good password? That’s not going to help you if Apple sidesteps your security and hands hackers access to your account.

    • How Apple and Amazon Security Flaws Led to My Epic Hacking – wired.com
      In the space of one hour, my entire digital life was destroyed. First my Google account was taken over, then deleted. Next my Twitter account was compromised, and used as a platform to broadcast racist and homophobic messages. And worst of all, my AppleID account was broken into, and my hackers used it to remotely erase all of the data on my iPhone, iPad, and MacBook.

    • Video: Mat Honan Details His Post-Hack Paranoia – wired.com
      If you’re a regular reader of Wired, or just a curious tech enthusiast, you’ve certainly already heard about the hacking attack suffered by Mat Honan, Gadget Lab’s senior writer. Honan himself documented how hackers assumed control of his digital life in an exhaustive report on Monday, but now we have him on video, describing what happened in greater nuance and detail.

  • Dumped: how my password went public – theverge.com
    On the morning of July 14th, a Saturday, I woke up to find three successive emails in my Gmail inbox. The first, received at 1:56 am, came from the movie site IMDb. The second, sent almost exactly an hour afterwards, was from Yahoo. The third was from Twitter, and it arrived at 3:02 am, just three minutes after Yahoo’s missive. From the subject lines alone, it was pretty clear what had happened.

Other News