Events Related

  • The End of the Internet Dream – medium.com
    In 20 years, the Web might complete its shift from liberator to oppressor. It’s up to us to prevent that.

Resources

Tools

  • BinNavi – github.com
    BinNavi is a binary analysis IDE – an environment that allows users to inspect, navigate, edit, and annotate control-flow-graphs of disassembled code, do the same for the callgraph of the executable, collect and combine execution traces, and generally keep track of analysis results among a group of analysts.

Techniques

  • Bad AS – More on Broken JBoss Configurations – breenmachine.blogspot.com
    It’s been a while since I’ve posted anything about JBoss. Once in a while I still get an email or IM about someone trying to use the exploit code released here or in the “clusterd” framework against a JBoss instance that should be vulnerable, but seems to fail when the payload attempts to deploy.

Vendor / Software Patches

Vulnerabilities

  • Nasty Cisco Attack – www.schneier.com
    Cisco Systems officials are warning customers of a series of attacks that completely hijack critical networking gear by swapping out the valid ROMMON firmware image with one that’s been maliciously altered.
  • WordPress Compromises Behind Spike in Neutrino EK Traffic – threatpost.com
    Unsurprisingly, a rash of compromised WordPress websites is behind this week’s surge in Neutrino Exploit Kit traffic, researchers at Zscaler said. In a report published yesterday, Zscaler said it spotted attacks against sites running older versions of the content management system, 4.2 and earlier.

Other News