Events Related

  • Amazon Fire Phone, iPhone, Nexus 5, Samsung S5 All Popped At Mobile Pwn2Own – forbes.com
    A slew of the world’s most popular smartphones have been prized open at the Mobile Pwn2Own hacking contest in Tokyo, Japan this week. Hosted by the HP Zero Day Initiative, the competition offered up big cash prizes for those who could successfully show off their exploits and a handful whitehats managed to break security protections on the Amazon Fire Phone, iPhone 5S, LG Nexus 5 and the Samsung S5.

    • HP TippingPoint + Mobile Pwn2Own = Zero Day Filter Protection – h30499.www3.hp.com
      HP DVLabs are back and coming at you from Tokyo, Japan with another round of Mobile Pwn2Own. The security intelligence of HP TippingPoint’s DVLabs is partnering with the HP Zero Day Initiative (ZDI) to provide exclusive network security against a set of highly dangerous vulnerabilities. Here’s a quick recap of the 2014 contest.
    • HP TippingPoint + Mobile Pwn2Own: Day 2 – h30499.www3.hp.com
      It is day 2 at Mobile Pwn2Own Tokyo, where five of the seven exploits planned for this elite contest were completely successful against their target and the remaining two had partial execution (enough to be concerned about as a mobile user).

Resources

  • Aaron Swartz Files – swartzfiles.com
    Federal law enforcement documents about Aaron Swartz, released under the Freedom of Information Act. Here U.S secret service videos, photos and documents are available.
  • Cyber Attacks on U.S. Companies in 2014 – heritage.org
    This list includes only cyber attacks that have been made known to the public. Most companies encounter multiple cyber attacks every day, many unknown to the public and many unknown to the companies themselves. Here the data breaches are listed chronologically by month of public notice.

Tools

  • ExploitRemotingService – github.com
    A tool to exploit .NET Remoting Services vulnerable to CVE-2014-1806 or CVE-2014-4149. It only works on Windows although some aspects might work in Mono on *nix.
  • Vivisect – github.com
    Now all as one project! Vivisect is fairly un-documented static analysis / emulation / symbolik analysis framework for PE/Elf/Mach-O/Blob binary formats on various architectures. For more in-depth docs on various topics, see here.

Techniques

  • Removing Wirelurker from Your iOS or OSX Device – blog.trendmicro.com
    In this blog post, we’d like to share practices and recommendations for users and enterprises in order secure their devices from the Wirelurker malware threat. There are some simple steps for users to check whether their Apple devices are infected by this malware.
  • Protecting Privileged Domain Accounts: Restricted Admin and Protected Users – digital-forensics.sans.org
    This article will cover specific updates Microsoft has provided to help protect user credentials. To summarize the changes built into Windows 8.1/2012R2, as well as the corresponding updates added to Windows 7 and higher via KB2871997, the main takeaways are described here.
  • Simple guest to host VM escape for Parallels Desktop – blog.cr4.sh
    This is a little story about exploiting guest to host VM escape not-a-vulnerability in Parallels Desktop 10 for Mac. Discovered attack is not about some serious hardcore stuff like hypervisor bugs or low-level vulnerabilities in guest-host communication interfaces, it can be easily performed even by very lame Windows malware if your virtual machine has insecure settings.
  • Reverse Engineer a Verisure Wireless Alarm part 1 – Radio Communications – funoverip.net
    This post is the first part of foip’s Verisure story and aims to observe radio communications between the multiple devices of the alarm. In other words, They will translate the radio communication into binary messages.

Vendor/Software patches

  • SSL MiTM Vulnerability Among Vulns Patched in Pidgin – threatpost.com
    A handful of security vulnerabilities were patched in the most recent release of the Pidgin open source instant messaging client, Pidgin 2.10.10, including a SSL/TLS certificate validation issue that could be exploited in man-in-the-middle attacks.

  • Microsoft Security Updates
    Microsoft Security Bulletin MS14-066 – Critical – technet.microsoft.com
    This security update resolves a privately reported vulnerability in the Microsoft Secure Channel (Schannel) security package in Windows. The vulnerability could allow remote code execution if an attacker sends specially crafted packets to a Windows server.
  • Microsoft Security Bulletin MS14-064 – Critical – technet.microsoft.com
    This security update resolves two privately reported vulnerabilities in Microsoft Windows Object Linking and Embedding (OLE). The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer.

    • IBM X-Force Researcher Finds Significant Vulnerability in Microsoft Windows – securityintelligence.com
      The IBM X-Force Research team has identified a significant data manipulation vulnerability (CVE-2014-6332) with a CVSS score of 9.3 in every version of Microsoft Windows from Windows 95 onward. This complex vulnerability is a rare, “unicorn-like” bug found in code that IE relies on but doesn’t necessarily belong to.
    • CVE-2014-6332: it’s raining shells – forsec.nl
      @yuange tweeted a proof of concept for CVE-2014-6223. CVE-2014-6332 is a critical Internet Explorer vulnerability that was patched with MS-14-064.
  • Adobe Patches 18 Vulnerabilities in Flash – threatpost.com
    Adobe pushed out security updates for Flash Player, addressing 18 different vulnerabilities, all critical, that could allow an attacker to take control of an affected system running the multimedia platform according to a security bulletin posted Tuesday.

Vulnerabilities

  • Masque Attack: All Your iOS Apps Belong to Us – fireeye.com
    FireEye mobile security researchers have discovered that an iOS app installed using enterprise/ad-hoc provisioning could replace another genuine app installed through the App Store, as long as both apps used the same bundle identifier. They verified this vulnerability on iOS 7.1.1, 7.1.2, 8.0, 8.1 and 8.1.1 beta, for both jailbroken and non-jailbroken devices. They named this attack “Masque Attack”.

  • BASHLITE Affects Devices Running on BusyBox – blog.trendmicro.com
    Trend Micro have continuously monitored this vulnerability and on their latest research, they observed that recent samples of BASHLITE (detected by Trend Micro as ELF_BASHLITE.SMB) scans the network for devices/machines running on BusyBox, and logs in using a set of usernames and passwords.

Other News