Events Related

  • Three Things to Take Away from CanSecWest, Pwn2Own – threatpost.com
    Browsers, brokers and BIOS: you could safely call that triumvirate the past, present and future of security, but you’d be wrong. If last week’s CanSecWest conference, and Pwn2Own and Pwnium contests are indeed a point-in-time snapshot of the technical side of information security, then after last week it’s a no-brainer all three merit more than a lackadaisical passing interest.
  • Financial cryptography 2014 – lightbluetouchpaper.org
    Ross Anderson tried to liveblog Financial Cryptography 2014. The sessions of refereed papers blogged in comments to this post.

Resources

  • CanSecWest2014 – github.com
    It is ga1ois’s slides of CanSecWest2014 : The Art of Leaks: The Return of Heap Feng Shui.
  • projects ida patcher – hesprawl.org
    IDA Patcher is a plugin for Hex-Ray’s IDA Pro disassembler designed to enhance IDA’s ability to patch binary files and memory. The plugin is useful for tasks related to malware analysis, exploit development as well as bug patching.

Tools

  • Introducing the iOS Reverse Engineering Toolkit – blog.veracode.com
    The iRET toolkit, like any toolkit, is not a panacea for iOS mobile penetration testing. However, it will allow you to automate many of the tasks that are required in analyzing iOS applications.
  • SANS SIFT 3.0 Virtual Machine Released – digital-forensics.sans.org
    An international team of forensics experts, led by SANS Faculty Fellow Rob Lee, created the SANS Investigative Forensic Toolkit (SIFT) Workstation and made it available to the whole community as a public service.

Techniques

  • How I got root with Sudo – www.securusglobal.com
    During security engagements, we regularly come across servers configured with the privilege management software Sudo. The purpose of this post is to present a series of examples of common mistakes and insecure configurations that Securus have seen and leveraged on production environments during security assessments and how you can make their team’s life that little bit harder.

  • iClass Is Not Enough – penturalabs.wordpress.com
    After patiently stalking eBay and other tech recycling companies; Andy was lucky enough to obtain a single HID RW300 Rev A, this post will walk through the exploit used to obtain the keys, and follow Meriac’s initial research and exploits.
  • ColdFusion Admin Compromise Analysis (CVE-2010-2861) – blog.spiderlabs.com
    In a previous blog post, Ryan Barnett provided “Method of Entry” analysis for a ColdFusion compromise baed on sanitized data from a SpiderLabs IR/Forensics team investigation which resulted in the attacker’s installing a malicious IIS module that captured customer credit card data. In this blog post, he will analyze another ColdFusion compromise that again resulted in customer credit card data being stolen, however the initial vulnerability and exfiltration methods differed.

Vulnerabilities

  • Remotely Crashing Bluetooth on Android – blog.lacklustre.net
    At CanSecWest last week Mike Ryan demonstrated a remote Bluetooth stack crash in Bluedroid, Android’s Bluetooth stack since Android 4.3. This post briefly describes the bug.
  • The Long Tail of ColdFusion Fail – krebsonsecurity.com
    Earlier this month, Brian Krebs published a story about a criminal hacking gang using Adobe ColdFusion vulnerabilities to build a botnet of hacked e-commerce sites that were milked for customer credit card data. This post examines the impact that this botnet has had on several businesses, as well as the important and costly lessons these companies learned from the intrusions.
  • From Windows to Droids: An Insight in to Multi-vector Attack Mechanisms in RATs – fireeye.com
    FireEye recently observed a targeted attack on a U.S.-based financial institution via a spear-phishing email. The payload used in this campaign is a tool called WinSpy, which is sold by the author as a spying and monitoring tool.
  • Wide Gap Between Attackers, BIOS Forensics Research – threatpost.com
    Vendors have made important strides in locking down operating systems, patching memory-related vulnerabilities and other bugs that could lead to remote code execution or give hackers a stealthy presence on a machine. As the hurdles get higher for the bad guys, the better ones will certainly look for other means onto a system.

Other News