Resources

  • Free eBook Download, Getting Started with OpenBTS – openbts.org
    The new OpenBTS book is being made available for free! Fill in your name and e-mail address and they’ll send you a DRM-free PDF of the book.
  • Nosuchcon 2014-Live stream – nosuchcon.org
    Here are a List of HLS streams available. Open with VLC, mplayer, a browser on iOS or Android, etc.
  • Bypassing Windows and OSX Logins with NetHunter and Kon Boot – offensive-security.com
    What happens if the target machine is turned off, or otherwise requires a login to access? The NetHunter HID attack would be useless at this point. Enter Kon-Boot. Kon-Boot is a boot-kit which will silently boot and bypass the authentication process of Windows/OSX based operating systems, without overwriting your old passwords.
  • NIST Revises Guide on Security Controls – bankinfosecurity.com
    New guidance published by the National Institute of Standards and Technology is aimed at helping federal agencies and other organizations in and out of government assess proper security and privacy controls, especially those tied to the continuous monitoring of IT systems for vulnerabilities.

    • Bill OK’d to Enhance NIST Cybersecurity Role -bankinfosecurity.com
      Sen. Jay Rockefeller offered legislation to establish a process for the government to develop IT security best practices with advice from industry that critical infrastructure operators could voluntarily adopt.

Tools

  • PyKEK – github.com
    PyKEK (Python Kerberos Exploitation Kit), a python library to manipulate KRB5-related data. (Still in development).For now, only a few functionalities have been implemented (in a quite Quick’n’Dirty way) to exploit MS14-068 (CVE-2014-6324).
  • Responder – github.com
    Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.

Vulnerabilities

  • Shellshock Worm Exploiting Unpatched QNAP NAS Devices – threatpost.com
    A worm exploiting network attached storage devices vulnerable to the Bash flaw is scanning the Internet for more victims. The worm opens a backdoor on QNAP devices, but to date it appears the attackers are using the exploit to run a click-fraud scam, in addition to maintaining persistence on owned boxes.
  • Some 100,000 or more WordPress sites infected by mysterious malware – arstechnica.com
    About 100,000 or more websites running the WordPress content management system have been compromised by mysterious malware that turns the infected sites into attack platforms that can target visitors, security researchers said.
  • Critical Remote Code Execution Flaw Found in WordPress Plugin -threatpost.com
    There is an easily exploitable remote code execution vulnerability in a popular WordPress plugin that helps manage file downloads and researchers say the bug could be used by even a low-level attacker to run arbitrary code on a vulnerable site.
  • Adobe Patches Flash Player Vulnerability Under Attack -threatpost.com
    As expected, Adobe patched a vulnerability in Adobe Reader disclosed last week by Google’s Project Zero. What was unexpected was a Flash Player update that includes a patch for a vulnerability being exploited in the wild, Adobe said.

Other News

  • Sony Got Hacked Hard: What We Know and Don’t Know So Far – wired.com
    A week into the Sony hack, however, there is a lot of rampant speculation but few solid facts. Here’s a look at what we do and don’t know about what’s turning out to be the biggest hack of the year—and who knows, maybe of all time.