Resources

  • nullcon Goa 2014: Pentesting Proprietary RF Communications by Justin Searle – youtube.com
    This talk will demonstrate practical techniques to identify, assess, and exploit a subclass of control systems found in your companies that use proprietary RF communications, such as fire alarms, proximity cards, automotive security gates, car alarms, conference rooms, and building automation systems.
  • The Best DerbyCon 2014 Talks for Red Teams – blog.cobaltstrike.com
    DerbyCon is one of Raphael Mudge’s favorite conferences. Here is a list of talks from DerbyCon by Raphael that are most relevant to red team operations.
  • Firechat and nearby communication – breizh-entropy.org
    Wireless mesh networks offer an exiting alternative: a wild, disruptive and uncontrollable network. Sam love mesh network so he really wanted to know more about the Firechat app.

Tools

  • theZoo – github.com
    A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

Techniques

  • LM Hash Cracking – Rainbow Tables vs GPU Brute Force – netspi.com
    Karl Fosaaen can’t totally justify saying that using oclHashcat/Hashcat is faster for cracking LM hashes, but given their setup, it’s still pretty fast. That being said, if you don’t have your own GPU cracking rig, you will definitely be better off using Rainbow tables, especially if you multi-thread it on a solid state drive.

Vulnerabilities

  • Yahoo Servers Were Owned By Bash Bug Hackers – forbes.com
    At least two Yahoo servers were compromised over the weekend by hackers exploiting the infamous Shellshock vulnerability, resident in command line processor Bash. A spokesperson for the company said they had locked down an isolated incident, but wouldn’t reveal much more about the apparent attack.

    • FBI Pays Visit to Researcher Who Revealed Yahoo Hack – wired.com
      Jonathan Hall went out of his way to spotlight a network of compromised computer servers that, he says, are controlled by Romanian hackers. He published his findings on his blog, saying he simply wanted to help these companies clean up a nasty computer problem. But with his aggressive investigation, he may have run afoul of the nation’s anti-hacking law, the Computer Fraud and Abuse Act, or CFAA.
  • Massive Moniker.com Breach, Valuable Domains Stolen – dotweekly.com
    It is very likely that ALL, yes ALL Moniker.com accounts were breached (hacked)! It appears that all accounts were accessed via an IP location of: 88.150.178.59.

Other News

  • U.S. Police Are Giving Away Keylogging Software as a ‘Safety’ Measure – gizmodo.com
    The way ComputerCOP works is neither safe nor secure. It isn’t particularly effective either, except for generating positive PR for the law enforcement agencies distributing it. Law enforcement agencies should cease distributing copies immediately and tell parents not to use it.
  • Borked Belkin routers leave many unable to get online – arstechnica.com
    Owners of Belkin routers around the world are finding themselves unable to get online today. Outages appear to be affecting many different models of Belkin router, and they’re hitting customers on any ISP, with Time Warner Cable and Comcast among those affected.
  • Meet the NSA’s hacker recruiter – cnbc.com
    Rocked by the Edward Snowden disclosures and facing stiff competition for top talent from high-paying Silicon Valley firms, the nation’s cyberspy agency is looking to recruit a new generation of college hackers and tech experts. Recently, CNBC sat down with LaFountain in a conference room at NSA’s National Cryptologic Museum to talk about recruiting in the post-Snowden era.