Week 44 In Review – 2015

Resources

• Welcome to the SaintCON 2015 files section! – files.saintcon.org
  SaintCON materials.

• RWSPS: WPA/2 Cracking Using HashCat
  [ch5pt2] – www.rootsh3ll.com
  If you remember in the previous part, we learned Speeding up WPA/2 Cracking Using Pre-generated PMKs. Which certainly uses CPU as the primary part for the calculations of the PMKs. It surely gives us speed for cracking as while using PMKs for cracking we are not performing actual calculations in real-time.

• Inside Yubikey Neo – www.hexview.com
  Yubikey Neo is a $50 authentication token (with bells and whistles) from Yubico. Yubico advertizes it as “practically indestructible”.

Tools

• Sniffly – github.com
  Sniffing browser history using HSTS + CSP.

• NOPC version 0.4.7 released – labs.portcullis.co.uk
  NOPC (Nessus-based Offline Patch Checker) is a patch-checker for primarily Linux distribution and UNIX-based systems.

• WSUSpect Proxy – github.com
  A tool for MITM’ing insecure WSUS connections.

Techniques

• Exploiting padding Oracle to gain encryption keys – blog.gdssecurity.com
  This type of vulnerability allows an attacker to decrypt ciphertexts and encrypt plaintexts.

Other News

• TalkTalk breach
  A major organization’s website is hacked, millions of records containing PII are taken, and the data is held for ransom. Oh, and the alleged perpetrator(s) were teenagers, not professional cyber-criminals.
  • Boy, 15, arrested in Northern Ireland in connection with TalkTalk hack – www.bbc.com
  • Saving Systems from SQLi – blog.whitehatsec.com

• Cisco Beefs Up Security, Buys Lancope For $453M – techcrunch.com
  As HP downsizes its own holdings in network security, another IT giant is ramping up: today Cisco announced that it would acquire Lancope, which focuses on behavior analytics, threat visibility and security intelligence to detect malicious activity on corporate networks.

• VICTORY: State Department Decides Not to Classify “Cyber Products” as “Munitions” – www.eff.org
  This week, the U.S. Department of State’s Defense Trade Advisory Group (DTAG) met to decide whether to classify “cyber products” as munitions, placing them in the same export control regime as hand grenades and fighter planes.
• Library of Congress Says It’s OK to Hack Your Car – www.wired.com
  Car hackers rejoice: today the Library of Congress approved copyright law exemptions that will allow you to modify the software on your car for purposes of security research, maintenance, or repair.

• Sustaining Digital Certificate Security – googleonlinesecurity.blogspot.com
  Following our notification, Symantec published a report in response to our inquiries and disclosed that 23 test certificates had been issued without the domain owner’s knowledge covering five organizations, including Google and Opera.