Week 7 In Review – 2014

Events Related

  • BruCON 5by5 – WPScan Online Vulnerability Database – ethicalhack3r.co.uk
    For those of you who have been living under a rock, BruCON is a security conference held every year in Belgium (originally Brussels, now Ghent). Last year was the 5th time the conference had been held and so the year before (2012) they setup what they called 5by5.

Resources

  • BSides Huntsville 2014 Videos – irongeek.com
    These are the videos from the BSides Huntsville conference. Download and watch all the videos from here.
  • Checking RDP support across an internal network – labs.portcullis.co.uk
    Portcullis Labs have recently added some new features to rdp-sec-check, which is a Perl script to enumerate security settings of an RDP Service (AKA Terminal Services). The following new features were added to rdp-sec-check.
  • MS SQL Server Audit: Introduction – labs.portcullis.co.uk
    MS SQL Server is Microsoft’s relational database management system with a large number of features and services. This article gives an introduction to the security guidelines available and an overview on what key areas to audit and lock down.
  • NIST Releases Cybersecurity Framework – bankinfosecurity.com
    The National Institute of Standards and Technology has unveiled its long-awaited cybersecurity framework, which provides best practices for voluntary use in all critical infrastructure sectors, including, for example, government, healthcare, financial services and transportation.

    • 3 big problems with the new Cybersecurity Framework -h30499.www3.hp.com
      The White House just released a Cybersecurity Framework developed by the National Institute of Standards and Technology designed to help critical industries both secure their networks and recover from successful breaches. While a move in the right direction, there are some definite problems with the guidelines.
  • The One Quality that Distinguishes Great Leaders – georgeambler.com

Tools

  • fakeAP – github.com
    fakeAP Creates a fake access point in Kali. Determines the correct DHCP settings and creates the dhcpd.conf file for you.
  • HTTP NTLM Information Disclosure – blog.gdssecurity.com
    Remote enumeration of host/service details is a core activity of any penetration test. In support of such activities, GDS blog released a new Nmap script that anonymously enumerates remote NetBIOS, DNS, and OS details from HTTP services with NTLM authentication enabled.

Techniques

  • Apple TV Hacking, Counterattacks, and Certificate Pinning – intrepidusgroup.com
    A few months ago I presented a neat hack at DerbyCon that let you put your own apps on Apple TV. A few days afterwards, the hack stopped working. It’s time dschuetz had a follow-up to explain just what happened.
  • The Keystone Rocks – Foundation Chips of Pentesting Tips Part 1 – blog.spiderlabs.com
    This series of posts will focus entirely upon the Meaningless knowledge and therefore begin with a brief and one-off elaboration of the Relevant category by way of contrast.
  • Dumping Windows Credentials – securusglobal.com
    During penetration testing engagements, we often find ourselves on Windows systems, looking for account credentials. The purpose of this post is to walk through some techniques to gather credentials from Windows systems while being as non-intrusive as possible.
  • Audit services using Windows Programs only – labs.portcullis.co.uk
    Windows have native programs on-board that can be used to gather information about your system, for example:WMIC and CACLS. In this article, we will look specifically at auditing what Windows services are run and could be overrun with WMIC and CACLS.

Vendor/Software patches

  • Assessing risk for the February 2014 security updates – blogs.technet.com
    Microsoft released seven security bulletins addressing 31 unique CVE’s. Four bulletins have a maximum severity rating of Critical while the other three have a maximum severity rating of Important.

    • Microsoft Security Bulletin MS14-007 – Critical -technet.microsoft.com
      This security update resolves a privately reported vulnerability in Microsoft Windows. The security update addresses the vulnerability by correcting the way that Direct2D handles objects in memory.
    • Microsoft Security Bulletin MS14-010 – Critical -technet.microsoft.com
      This security update resolves one publicly disclosed vulnerability and twenty-three privately reported vulnerabilities in Internet Explorer.
    • Microsoft Security Bulletin MS14-011 – Critical -technet.microsoft.com
      This security update resolves a privately reported vulnerability in the VBScript scripting engine in Microsoft Windows. The security update addresses the vulnerability by modifying the way that the VBScript scripting engine handles objects in memory.

Vulnerabilities

  • Change your passwords: Comcast hushes, minimizes serious hack – zdnet.com
    Comcast took a page from Snapchat’s playbook to hush and downplay NullCrew FTS’ successful hack on dozens of Comcast’s servers — from an unpatched, easy-to-fix vulnerability dated December 2013 — which most likely exposed customer data.
  • How I hacked Instagram to see your private photos – insertco.in
    In this article, Christian Lopez would like to explain a vulnerability (now properly fixed) discovered months ago on the Instagram’s web and mobile applications. Certain actions of the instagram’s API were vulnerable to a cross-site request forgery (CSRF) attack.
  • CVE-2014-0050: Exploit with Boundaries, Loops without Boundaries – blog.spiderlabs.com
    In this article Oren Hafif will discuss CVE-2014-0050: Apache Commons FileUpload and Apache Tomcat Denial-of-Service in detail. The article reviews the vulnerability’s technical aspects in depth and includes recommendations that can help administrators defend from future exploitation of this security issue.
  • Android WebView Exploit, 70% Devices Vulnerable – community.rapid7.com
    This week, the biggest news Tod Beardsley think that metasploit have is the release this week of Joe Vennix and Josh @jduck Drake’s hot new/old Android WebView exploit. this vulnerability is kind of a huge deal.
  • Operation SnowMan: DeputyDog Actor Compromises US Veterans of Foreign Wars Website – fireeye.com
    This blog post examines the vulnerability and associated attacks, which we have dubbed “Operation SnowMan.”

Other News

Leave A Comment