- Technical Sessions – usenix.org
The full 21st USENIX Security Symposium Proceedings are now available.
- Workshop Program for HotSec’12 – usenix.org
All sessions will be held in the Auditorium unless otherwise noted.
- Workshop Program for Foci’12 – usenix.org
This is the workshop program for the FOCI’12.
- Workshop Program for HealthSec’12 – usenix.org
All sessions will be held in Grand IJ unless otherwise noted.
- Workshop Program for woot ’12 – usenix.org
All sessions will be held in Grand AB unless otherwise noted.
- Toorcamp 2012
- ToorCamp 2012: Tribes & Technology – tripwire.com
I recently returned from a week on the Olympic Peninsula at ToorCamp where I presented a talk and stayed the week attending workshops, learning electronics, picking locks and other activities.
- Toorcamp 2012 -flickr.com
Pictures for Toorcamp 2012
- BSides Las Vegas 2012 Videos – irongeek.com
These are the videos from the BSides Las Vegas conference. Thanks to all of the BSides Crew for having me out to help record and render the videos.
- Bsides London 2012, Robin Wood – “Breaking into Security” – youtube.com
At Security Bsides London 2012, Robin (@digininja) Wood answers the oft-asked question of, “How do I get into information security” or “how do I become a pen tester.”
- Mobile Hacking 101 – ethicalhacker.net
Next item on the board meeting agenda: the war on smartphones! For some time now, smartphones have been quietly creeping into our society and slowly infiltrating our families and companies. It started off simply enough: the CEO’s husband bought her an iPad for Christmas, and she thought it would be pretty savvy to be able to answer work email on it at a business meeting half way around the world.
- Black Hat USA 2012 update – census.labs.com
This year we have presented our research work at Black Hat USA 2012, the leading information security conference. Our researchers Patroklos Argyroudis and Chariton Karamitas visited Caesar’s Palace at Las Vegas, Nevada and delivered the talk.
- Ghost USB Honeypot Part 1- Interview with Project Leader Sebastian Poeplau – resources.infosecinstitute.com
Malware threats have become very common these days. In the past, many honeypots have been created to detect malware propagation over the network. These honeypots trick the malware into believing that they are a part of the network.
- SecureLogix Releases 2012 State of Voice Security Report – voipsecurityblog.typepad.com
SecureLogix has officially released our State of Voice/UC Security report for 2012. I co-authored this report with Rod Wallace, our VP of services. The report has been out since March, but we have made it available for any and all via our website.
- New Linux Distro for Mobile Security, Malware Analysis, and Forensics – resources.infosecinstitute.com
Yes, you read the title right and I hope I just grabbed your attention! A new GNU/Linux distribution or distro designed for helping you in every aspect of your mobile forensics, mobile malware analysis, reverse engineering and security testing needs and experience has just been unleashed and its alpha version is now available for download for you to try out.
- SQL Server 2008 Local Administrator Privilege Escalation – netspi.com
Unlike previous versions, SQL Server 2008 and 2012 don’t provide local system administrators with database administrator rights by default. This was a great idea by Microsoft to reinforce the practices of least privilege and separation of duties. However, in spite of the fact that their heart was in the right place, it was implemented in such a way that any local administrator (or attacker) can bypass the restriction.
- Why I Choose PowerShell as an Attack Platform – exploit-monday.com
Since the inception of PowerShell, it has been a blessing for Windows administrators everywhere. As Don Jones so eloquently puts it, “you can either learn PowerShell, or learn to ask, ‘would you like fries with that?’” I couldn’t agree with that sentiment more. After all, with server core being the default installation option of Windows Server 2012, knowledge of PowerShell is becoming increasingly crucial.
- The Exploit Magazine 01/2012 – theexploitmag.com
Dear Readers, we proudly present you The ExploitMag. We decided to launch entirely new magazine devoted to exploits. In this very first issue we focused on Metasploit Framework. In the nearest future, you can expect publications on: DoS Attacks, SOAP, WSDL hacking and more.
- White hats publish DDoS hijacking manual, turn tables on attackers -arstechnica.com
Turning the tables on miscreants who paralyze websites with torrents of junk data, security researchers have published a detailed manual that shows how to neutralize some of the Internet’s most popular denial-of-service tools.
- Simple but Extremely Useful Windows Tricks – blog.opensecurityresearch.com
Navigating Windows in the most efficient manner possible can be seen as wizardry– it almost seems as if Microsoft tries to make it increasingly more difficult to accomplish simple things. However, there are plenty of very useful tricks and shortcuts built into Windows, the problem is they are not publicized very well. Students in our Ultimate Hacking Courses usually find these Windows tips useful, so we figured we would share them.
- Stealing the Keys to the Kingdom through SQL injection – pentestgeek.com
Recently I was conducting a penetration test for a very large high profile client. The network itself had over 5500+ nodes and nearly 400 subnets. I started out using one of my new tactics by utilizing Nmap’s new http-screenshot.nse script.
- building isecpartners ios-ssl-kill-switch tweak – greenoperator.tumblr.com
For some time it has been a challenge to trap SSL traffic from iOS applications in a web proxy tools such as Fiddler or WebScarab. iOS application in many cases performed Certificate Pinning which checked for specific information within the SSL certificate before accepting allowing the application to complete a request.
- Phone to Phone Android Debug Bridge – github.com
A set of scripts to assist in pulling data, making system changes, etc, with minimal user input.
- XMPPloit: A Tool to Attack XMPP Connections! – pentestit.com
A new day and a new tool from the Blackhat USA 2012 tool arsenal – XMPPloit! Before we talk about the tool itself, let us first know what XMPP is. XMPP stands for Extensible Messaging and Presence Protocol and is a streaming XML protocol that was previously named Jabber.
- DakaRand 1.0: Revisiting Clock Drift For Entropy Generation – dankaminsky.com
So, I’ve been playing with userspace random number generation, as per Matt Blaze and D.P. Mitchell’s TrueRand from 1996.
- Backtrack 5 r3 List of (some of the) new Tools and Programs – cyberarms.wordpress.com
What are the new utilities included with Backtrack 5r3? I couldn’t find a list, so I decided to make one myself comparing BT5r2 with the latest version. This is not an exhaustive list, but hopefully it will help people see some of the very cool new tools and programs added to Backtrack.
- Smartphone Pentest Framework v0.1.1 available (Install Script for BackTrack Included) – github.com
The smartphone penetration testing framework, the result of a DARPA Cyber Fast Track project, aims to provide an open source toolkit that addresses the many facets of assessing the security posture of these devices.
- dnsspider-0.4.py – nullsecurity.net
A very fast multithreaded bruteforcer of subdomains that leverages a wordlist and/or character permutation.
- asef – code.google.com
ASEF – Android Security Evaluation Framework : Open Source Project to perform security analysis of Android Apps by various security measures.
- Sandcat Browser – Pen-Test Oriented Web Browser v2.1 Beta available – syhunt.com
Sandcat Browser is a freeware portable pen-test oriented multi-tabbed web browser with extensions support developed by the Syhunt team, the same creators of the Syhunt Web Application Security Scanner.
- nishang – code.google.com
Nishang is a framework and collection of scripts and payloads which enables usage of PowerShell for offensive security and post exploitation during Penetraion Tests. The scripts are written on the basis of requirement by the author during real Penetration Tests.
- Microsoft Security Bulletin
- Microsoft Security Bulletin MS12-043 – Critical – technet.microsoft.com
This security update resolves a publicly disclosed vulnerability in Microsoft XML Core Services. The vulnerability could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker would have no way to force users to visit such a website. Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email message or Instant Messenger message that takes the user to the attacker’s website.
- Microsoft Security Bulletin MS12-053 – Critical – technet.microsoft.com
This security update resolves a privately reported vulnerability in the Remote Desktop Protocol. The vulnerability could allow remote code execution if an attacker sends a sequence of specially crafted RDP packets to an affected system. By default, the Remote Desktop Protocol (RDP) is not enabled on any Windows operating system. Systems that do not have RDP enabled are not at risk.
- Microsoft Security Bulletin MS12-054 – Critical – technet.microsoft.com
This security update resolves four privately reported vulnerabilities in Microsoft Windows. The most severe of these vulnerabilities could allow remote code execution if an attacker sends a specially crafted response to a Windows print spooler request. Firewall best practices and standard default firewall configurations can help protect networks from attacks that originate outside the enterprise perimeter. Best practices recommend that systems connected directly to the Internet have a minimal number of ports exposed.
- Microsoft’s Free Security Tools – BinScope Binary Analyzer – blogs.technet.com
This article in our series focused on Microsoft’s free security tools is on a tool called BinScope Binary Analyzer. This tool can be helpful for both developers and IT professionals that are auditing the security of applications that they are developing or deploying/managing.
- UPDATE: OllyDbg 2.01 Beta 2 – pentesit.com
Our first post regarding OllyDbg can be found here. Recently, a beta – OllyDbg version 2.01 Beta 2 – was released! OllyDbg itself has hardly changed. This release only has minor improvements.
- Update: InstalledPrograms.xls V0.0.2 – blog.didierstevens.com
I fixed InstalledPrograms as earthsound suggested: now I include 32-bit installations on 64-bit systems (provided you use 64-bit Excel).
- Scanning SharePoint with PowerShell – obscuresecurity.blogspot.com
A few months ago, I published Get-HttpStatus – a PowerShell function that aides in generic directory and file fuzzing. In order to get it added to PowerSploit, Matt suggested several improvements and eventually made a few of his own.
- CVE-2012-1535: Adobe Flash being exploited in the wild – labs.alienvault.com
Yesterday Adobe issued a security update to address CVE-2012-1535 that was being exploited in the wild.
- UPDATE: Samurai Web Testing Framework 2 Final – pentestit.com
The Samurai Web Testing Framework is a live Linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites.
- How to respond to the inevitable security breach – gcn.com
Breaches have become an inevitable part of IT security, making incident response an important element in security programs.
- PDF fuzzing and Adobe Reader 9.5.1 and 10.1.3 multiple critical vulnerabilities – gynvael.coldwind.pl
Several months ago, we started an internal Google Security Team effort to improve the general security posture of the Chrome embedded PDF reader, in an approach similar to the Flash fuzzing performed several months ago by Tavis Ormandy.
- WoW, New Blizzard Password Dump? – novainfosecportal.com
Yesterday we came across an interesting Pastebin password dump from 8/15 that we noticed on OZDC.net called ”World of Warcraft Database Hacked 10[NEW].” It’s since been removed however given the possible breach of passwords Blizzard announced last week this particular dump caught our attention.
- WikiLeaks Stirs Global Fears on Antiterrorist Software – nytimes.com
A new release of stolen corporate e-mails by WikiLeaks has set off a flurry of concern and speculation around the world about a counterterrorist software program called TrapWire, which analyzes images from surveillance cameras and other data to try to identify terrorists planning attacks.
- Elusive FinSpy Spyware Pops Up in 10 Countries – bits.blogs.nytimes.com
FinFisher is a spyware product manufactured by the Gamma Group, a British company that sells surveillance technology. It says its spyware offers “world-class offensive techniques for information gathering.”
- Could The New Air Traffic Control System Be Hacked? – npr.org
The Federal Aviation Administration is in the midst of a multibillion-dollar upgrade of the nation’s air traffic control system. The new system is called the Next Generation Air Transportation System, or NextGen.
- XMPPloit: A Tool to Attack XMPP Connections! – pentestit.com