Events Related

  • RSA Conference 2014
    • RSA protests by DEF CON groups, Code Pink draw ire – news.cnet.com
      The RSA security conference (where the world’s security companies come to do business with each other), opened its doors this week in San Francisco to a wide range of protests by security professionals who would otherwise be attending and speaking at the conference.
    • Highlights for the RSA Conference Day four – tripwire.com
      The following are some more highlights from some of the sessions Anthony attended and the awesome artwork of Kelly Kingman who attended some sessions to “visualize” the presentations in real-time as the talks were being given.
    • Smartphone app for RSA security conference puts users at risk, researchers say – arstechnica.com
      After learning about a smartphone app dedicated solely to this week’s RSA security conference in San Francisco, Dan Goodin publicly questioned why anyone would install it . After all, RSA’s recently discovered history of either deliberately or unknowingly seeding its trusted products with dangerous code developed by the National Security Agency has left many people suspicious.
    • Marisa’s RSA Conference Week In Review – blog.bugcrowd.com
      RSA Conference 2014 was certainly not Marisa’s first RSA, but it was definitely her favorite. There’s something amazing about being on the leading edge of a trend that is changing the industry.
    • At the RSA Security Conference, Things Get Testy and Then They Get Awkward – bits.blogs.nytimes.com
      It was hard to avoid the shadow of Edward J. Snowden at the annual RSA security conference this week. The sprawling computer security conference held in the city’s Moscone Center had protesters, a counter-conference, a show-floor booth for the government agency many people here are terribly unhappy with, and many, many security company executives trying to assure customers they can still be trusted.
  • TrustyCon’s RSA Conference rebels promise more to come – news.cnet.com
    Government-sponsored malware, the legal implications of the US government’s pro-spying defense, and a discussion of tools to fight for the future lit up the agenda at the first Trustworthy Technology Conference.

Resources

  • Building A Security Program From The Ground Up: Crawl, Walk, Run! – securityweekly.com
    Several folks have asked Security weekly for the materials from their webcast titled “Building A Security Program From The Ground Up: Crawl, Walk, Run!” So, here ya go! Enjoy!
  • BsidesSF 2014 Fix What Matters – slideshare.net
    Why using CVSS for vulnerability management is nuts. How to fix the vulnerabilities that truly matter, and how to create and measure an effective security practice.
  • The 2013 FireEye Advanced Threat Report! – fireeye.com
    FireEye has just released its 2013 Advanced Threat Report (ATR), which provides a high-level overview of the computer network attacks that FireEye discovered last year. In this ATR, FireEye focused almost exclusively on a small, but very important subset of their overall data analysis – the advanced persistent threat (APT).
  • NTFS Alternate Data Streams for pentesters (Part 1) – labs.portcullis.co.uk
    Alternate Data Streams (ADS) have been present in modern versions of Windows for a long time. In the following posts information required to understand and identify potential ADS-related issues will be provided. This post will provide the required background to understand some common scenarios that could be useful during the penetration testing engagements.
  • Trey Ford: Testing, notification should not be criminalized (slides) – zdnet.com
    At informal infosec conference Security B-Sides SF, former Black Hat General Manager and current Global Strategist for Rapid7 Trey Ford outlined the gaps between hacking and legislation in America.
  • TrustyCon Video – www.f-secure.com
    TrustyCon, the first “Trustworthy Technology Conference” was held yesterday in San Francisco. And Google/YouTube volunteered a camera crew. Nice! The full event can be viewed here.

Tools

  • wig – WebApp Information Gatherer – Identify CMS – darknet.org.uk
    wig is a Python tool that identifies a websites CMS by searching for fingerprints of static files and extracting version numbers from known files. You can download wig here.
  • iCloudHacker – github.com
    iCloudHacker is Arduino code to brute force 4-digit iCloud PINs and bypass Apple’s theft protection.
  • CVE-2014-1266-poc – github.com
    This repository contains some Go code that demonstrates the recently discovered SSL verification vulnerability in iOS and OS X.
  • mimikatz – blog.gentilkiwi.com
    A small utility to play with Windows. To compile the version 2.0, the Windows Driver Kit 7.1 is required. Download binaries from here.
  • EyeWitness – github.com
    EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

Techniques

  • Checking OCSP revocation using OpenSSL – blog.ivanristic.com
    If an OCSP responder is malfunctioning, it is often difficult to understand why exactly. As is usually the case with SSL, the best approach is to use OpenSSL for troubleshooting.
  • Uncovering Hidden SSIDs using Wireshark – cybersecuritylabs.wordpress.com
    Hidden SSID is an option for every access-point in order to not broadcast the SSID. Finally using Wireshark Cybersecuritylab revealed the SSID of the wireless network.
  • Decrypting IIS Passwords to Break Out of the DMZ: Part 1 – www.netspi.com
    In this blog Scott Sutherland will cover how to use native IIS tools to recover encrypted database passwords from web.config files and leverage them to break into the internal network from the DMZ.

Vendor/Software patches

  • Bypassing EMET 4.1 – labs.bromium.com
    Bromium Labs regularly do security research on a variety of computer threats and protections. EMET (Enhanced Mitigation Experience Toolkit) is a free download provided by Microsoft to enhance the security of an endpoint PC.

    • Researchers Develop Complete Microsoft EMET Bypass -threatpost.com
      Researchers at Bromium Labs are expected to announce today they have developed an exploit that bypasses all of the mitigations in Microsoft’s Enhanced Mitigation Experience Toolkit (EMET).

Vulnerabilities

Other News

  • The cyber security skills gap – www.j4vv4d.com
    The topic – “Closing the cyber security skills gap” where conversation flowed extremely well. Javvad Malik threw out a few questions and sat back and watched the show. TripWire had commissioned an artist to draw a visual representation of the conversation which turned out to be fantastic.