Events Related

  • SANS FOR610: Reverse Engineering Malware – Course Review – blog.c22.cc
    What follows is a review of the SANS FOR610: reverse engineering malware class taken at the SANS Prague 2013 event. What follows are rough notes, feelings and impressions from the class as it was taking place. Take it as you will, and we hope it proves useful for you in evaluating the class.
  • My experiences at #sectorca in 2013 – anti-virus-rants.blogspot.com
    Well, another year, another sector conference. kurt wismer almost got another of his colleagues at work to go too but in the end it didn’t happen. Kurt is going to have to see if there’s anything more he can do to make it happen next year.

Resources

  • Tradecraft – Red Team Operations – www.youtube.com
    Tradecraft is a training course on how to execute a targeted attack as an external actor. Here are all the training lectures video links by Raphael Mudge.
  • HackinTheBox 2013 Kuala Lumpur- slides -conference.hitb.org
    Here are the HackinTheBox 2013 Kualalumpur conference presentation links. You can download all pdf files from here.
  • OWASP Vulnerable Web Applications Directory Project -www.owasp.org
    The OWASP Vulnerable Web Applications Directory Project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available. These vulnerable web applications can be used by web developers, security auditors and penetration testers.
  • iMessage Privacy -blog.quarkslab.com
    iMessage is probably one of the most trendy instant messaging systems. Apple presents it as very secure, with high cryptographic standards, including end-to-end encryption preventing even Apple from reading the messages. Is this true? Here you can download quarkslab slides of the presentation they gave at HITBSecConf2013.
  • VB2013 Berlin – slides -virusbtn.com
    Here are the presentation slides shown by speakers at the VB2013 conference in Berlin. The slides are arranged in chronological order of the presentations. All files are in PDF format unless otherwise specified.
  • NCC Group 44Con Workshop: How to assess and secure ios apps – slideshare.net
    The workshop slides are available here.
  • Penetration testing practice lab- Vulnerable Apps/Systems – amanhardikar.com
    Following table gives the URLs of all the vulnerable web applications, operating system installations, old software and war games
    [hacking] sites.
  • Hack3rcon 4 Videos – www.irongeek.com
    Here are the videos from Hack3rcon^4. Enjoy!

Tools

  • Update: XORSearch Version 1.9.2 – blog.didierstevens.com
    Didier Stevens has released another updated tool. Download it from here.
  • A Spoofing WAKE-ON-LAN Script – hackwhackandsmack.com
    Doug was recently tasked with testing a Wake-On-LAN (WOL) solution. This script represents a template that can be applied a large number of situations so even if you choose not to use it for WOL then you may use it to build something more exciting.

Techniques

  • Analysis of a Malware ROP Chain – blog.opensecurityresearch.com
    Back in February an Adobe Reader zero-day was found being actively exploited in the wild. You may have seen an analysis of the malware in a number of places. Brad Antoniewicz recently came across a variant of this malware and figured it would be nice to provide a little more information on the ROP chain contained within the exploit.
  • From China, With Love – www.devttys0.com
    Lest anyone think that D-Link is the only vendor who puts backdoors in their products, here’s one that can be exploited with a single UDP packet, courtesy of Tenda.
  • My Python gdb Extensions – thegreycorner.com
    If you started to learn reverse engineering and exploit development on 32 bit Windows systems as Stephan did, you were probably very unimpressed when you first attempted to try out your skills on *nix machines and started (trying to) use gdb. Gdb is quite powerful, but it seems to be focused more on debugging applications with source and debug symbols.

Vulnerabilities

  • Facebook CSRF leading to full account takeover (fixed) – pyx.io
    Some cross site request forgeries are mere annoyance (like logout CSRF), some can be useful (example: changing name of user), and some – like the one Josip Franjković found – can be pretty devastating. He would like to thank Facebook’s security team for running their bug bounty program, and for quickly patching this issue.
  • Researchers uncover holes that open power stations to hacking – arstechnica.com
    A pair of researchers have uncovered more than two dozen vulnerabilities in products used in critical infrastructure systems that would allow attackers to crash or hijack the servers controlling electric substations and water systems. Of the 25 vulnerabilities they uncovered, the most serious was the buffer overrun vulnerability that would allow someone to inject arbitrary code into the system and own the server.
  • Ship trackers ‘vulnerable to hacking’, experts warn – www.bbc.co.uk
    A system used globally to track marine activity is highly vulnerable to hacking, security experts have warned. Weaknesses in outdated systems could allow attackers to make ships disappear from tracking systems – or even make it look like a large fleet was incoming.
  • Capturing the Flag, SQLi-Style – darkreading.com
    Penetration tester and long-time security professional Sumit ‘Sid’ Siddharth has developed a real-world SQL injection sandbox simulator, and invites the public for a capture the flag event later this month.

    • SQL Injection Labs – securitytube-training.com
      SQL Injection Labs, a platform that gives anyone with a subscription access to wreak havoc via SQLi without worrying about legal trouble or client engagement issues. SQL Injection Labs provides an on-line platform to master The Art of Exploiting SQL Injection.
    • Free capture the flag (CTF) event – ctf.notsosecure.com
      Notsosecure are pleased to announce that to celebrate the launch of SQLi labs they will be hosting a public CTF. Siddharth says hopes will raise awareness about the platform and the danger of SQLi vulnerabilities among IT professionals and the businesses they work for.

Other News

  • Ten Physical Security Tips for Mobile Devices – blog.cyveillance.com
    There have been numerous articles written about security vulnerabilities in mobile devices and the potential for hackers to steal data from those devices. However, one of the easiest ways to keep information stored on a mobile device safe is to keep the device physically secure.
  • Tradeoffs in Cyber Security – geer.tinho.net
    This is Dan Geer’s recent keynote, a very good read.  looking at the state of the current world, he decided to focus on personal data and the government.