Week 48 In Review – 2013

Events Related

Resources

  • Building Secure Container Slides From Appsec USA – blog.gdssecurity.com
    The talk focused on uncovering the techniques used by commercial BYOD secure container solutions in order to implement your own.
  • Slides from OWASP AppSec USA – blog.sendsafely.com
    In case you missed the presentation by SendSafely’s Brian Holyfield and Erik Larsson at OWASP AppSec USA, Sendsafely blog had posted a copy of the deck in their GitHub repository. Brian and Erik discussed some of the challenges they faced here at SendSafely when implementing Content Security Policy (CSP) on their site.
  • Security Headers on the Top 1,000,000 Websites: November 2013 Report – veracode.com
    It has been almost exactly a year since Veracode researcher conducted the first top 1 million security headers report so it is a great time to re-run the analysis and see how well security header adoption is growing.

Tools

  • Nimbostratus – andresriancho.github.io
    Tools for fingerprinting and exploiting Amazon cloud infrastructures. These tools are a PoC which Andresriancho developed for his “Pivoting in Amazon clouds” talk, developed using the great boto library for accessing Amazon’s API.
  • GRR – code.google.com
    GRR is an Incident Response Framework focused on Remote Live Forensics. GRR is currently in an Beta release, ready for testing by end users.
  • Sparty – github.com
    Sparty is an open source tool written in python to audit web applications using sharepoint and frontpage architecture.

Techniques

Vulnerabilities

  • WordPress OptimizePress hack (file upload vulnerability) – www.osirt.com
    Thousands of WordPress sites are at risk of being hacked using a newly-discovered vulnerability in the popular OptimizePress theme. OSIRT team tried to find an official announcement of this vulnerability, but the search only turned up a PasteBin post from Nov. 23 that has since been removed.
  • Attack Exploits Windows Zero-Day Elevation of Privilege Vulnerability – symantec.com
    On November 27, Microsoft issued a security advisory regarding the recent discovery of a zero-day vulnerability in a kernel component of Windows XP and Windows Server 2003. The advisory states that the Microsoft Windows Kernel ‘NDProxy.sys’ Local Privilege Escalation Vulnerability (CVE-2013-5065) can allow an attacker to execute arbitrary code with kernel-level privileges.

Leave A Comment