Event Related

  • SOURCE Dublin
    • SOURCE Dublin Wrap-Up Day #1 – blog.rootshell.be
      I flew on Wednesday evening to Dublin, Ireland to attend the SOURCE conference (previously, it was organised in Barcelona). The conference was held in the Trinity College, in the centre of the city.
    • SOURCE Dublin Wrap-Up Day #2 – blog.rootshell.be
      This second day started with Vincenzo Lozzo‘s keynote. Lorenzo gave first, some facts. From an economic point of view, Internet will generate nice business in the coming years (2012: $60B, in 2016: $86B – according to Gartner).
  • ISSA Kentuckiana Web Pen-Testing Workshop – irongeek.com
    Below are the videos form the Kentuckiana ISSA’s Web Pen-Testing Workshop. It was put on in part to raise funds for Hackers For Charity.
  • Scanner identifies malware strains, could be future of AV – net-security.org
    At the annual AusCert conference held this week in Australia a doctorate candidate from Deakin University in Melbourne has presented the result of his research and work that just might be the solution to this problem.
  • NoSuchCon13 and crashing Windows with two instructions – j00ru.vexillium.org
    The first edition of the NoSuchCon security conference held in Paris ended just a few days ago. Before anything else, I would like to thank all of the organizers (proudly listed at nosuchcon.org) for making the event such a blast!

Resources

  • Interview With A Blackhat
    • Interview With A Blackhat (Part 1) – blog.whitehatsec.com
      Over the last few years, I have made myself available to be an ear for the ‘blackhat community.’ The blackhat community, often referred to as the internet underground, is a label describing those participating on the other side of the
      [cyber] law, who willingly break online terms of service and software licensing agreements, who may trade in warez, exploits, botnets, credit card numbers, social security numbers, stolen account credentials, and so on.
    • Interview With A Blackhat (Part 2) – blog.whitehatsec.com
      This is part 2/3 of my interview with “Adam” – a blackhat who has decided to go legit.
  • OWASPs 2013 Web Vulnerabilities List Will Shuffle the Top Ten – resources.infosecinstitute.com
    The OWASP Top 10 list publicizes the most critical web application security flaws as determined by Open Web Application Security Project (OWASP), a nonprofit, vendor-independent IT security organization formed in 2001. In this article, we preview the 2013 edition of this popular security resource.
  • Reverse Engineering Obfuscated Assemblies – resources.infosecinstitute.com
    In previous articles that talked about .NET reverse engineering, we covered almost every aspect of reversing .NET assemblies, we explained how this kind of binary is compiled, executed, how we can compile it, decompile it, how to apply patches, as well as the concept of round trip engineering and how to bypass strong name signatures.
  • Five Common Corporate Pitfalls in Cyber Security Management – blog.rsa.com
    This blog discusses five of the high level missteps common to organizations that have experienced needlessly prolonged negative effects of cyber security incidents.
  • Alert-driven vs Exploration-driven Security Analysis – blogs.gartner.com
    Is alert-driven security workflow “dead”?! It is most certainly not.
  • YouTube – Practical Exploitation – Effective NTLM / SMB Relaying – youtube.com
    Using ZackAttack, Responder and proxychains we can utilize relayed credentials more effectively than previously available.

Tools

  • th3l33k/php-nessus-api – github.com
    The Nessus Vulnerability Scanner provides an API interface via XMLRPC.
  • Download Multiple Nessus Reports via the Nessus XML-RPC API – security.sunera.com
    Several months back I began to look at various ways to automate some of the common tasks that are usually performed within the Nessus GUI. I was familiar with nessuscmd, and had leveraged that tool within some scripts, but it didn’t fit the bill for a lot of the administrative activity that I thought could be automated, or at least made more efficient.
  • MoVP II – 2.1 – RSA Private Keys and Certificates – volatility-labs.blogspot.com
    Those of you who downloaded the Volatility Cheat Sheet v2.3 may have noticed a plugin named dumpcerts, which is a relatively new addition to the plugin scene for Windows. Its based on the work by Tobias Klein called Extracting RSA private keys and certificates from process memory.
  • zfasel/ZackAttack – github.com
    ZackAttack! is a new Tool Set to do NTLM Authentication relaying unlike any other tool currently out there.
  • Dissecting Blackberry 10 An initial analysis – sec-consult.com
    In 2013, Blackberry has presented a brand new operating system which significantly differs from others presented on the smartphone market. A very high security level is announced, and the expectations are corresponding. Some analytics consider this as the last chance for Blackberry “to get back in the big game” and stand in the row with such giants as iOS and Android.

Techniques

  • Improving the security of your SSH private key files – martin.kleppmann.com
    When you start reading about “crypto stuff”, you very quickly get buried in an avalanche of acronyms. I will briefly mention the acronyms as we go along; they don’t help you understand the concepts, but they are useful in case you want to Google for further details.
  • Re: exploitation ideas under memory pressure – seclists.org
    The question is how to get PATHALLOC() to succeed under memory pressure so we can make this exploitable, my first thought was have another thread manipulating the free pool, but I can’t figure out how to synchronize that. Getting code execution should be trivial after this.
  • Breaking Out! of Applications Deployed via Terminal Services, Citrix, and Kiosks – netspi.com
    In order to meet business requirements and client demand for remote access, many companies choose to deploy applications using Terminal Services, Citrix, and kiosk platforms. These platforms are commonly deployed in both internal networks as well as internet facing environments.
  • Java Web Vulnerability Mitigation on Windows – tojoswalls.blogspot.com
    The ubiquity of the Java browser plug-in has made it one of the largest attack surfaces on Windows clients for web-based attacks, particularly making it easy to perform undetectable drive-by download and “poisoning the well” attacks.

Vendor/Software Patches

Vulnerabilities

  • WordPress Under Attack – cylance.com
    In the last few weeks, Internet hacking attacks have increased and thousands of sites have already been compromised. Many security observers have seen 1,000,000s of scans of their WordPress installation on a single day in April, as noted by the Sucuri Blog on April 11, 2013 – see http://blog.sucuri.net/2013/04/the-wordpress-brute-force-attack-timeline.html.

Other News