Events Related

Resources

  • McAfee SiteList.xml password decryption – funoverip.net
    Recently, a very good friend of mine pointed me out the story of a pentester who recovered the encrypted passwords from a McAfee SiteList.xml file, using Responder.
  • Brute-forcing Microsoft Lync via NTLM – www.hackwhackandsmack.com
    NTLM like many other services is made fairly simple to brute-force or attempt one password guess against many accounts.

Tools

  • NetworkMiner 2.0 Released – www.netresec.com
    NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows (but also works in Linux / Mac OS X / FreeBSD). NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the network.

Techniques

  • Hacking an Arris Cablemodem – blog.korelogic.com
    Welcome to part four in our four part series on firmware and embedded devices. In our final part, we will discuss a remote root vulnerability in a popular cable modem
  • SQL Injection: Exploitation – www.gracefulsecurity.com
    Structured Query Language (SQL) is used all over the web and is potentially vulnerable to an injection attack any time that user input is insecurely concatenated into a query. An injection attack allows an attacker to alter the logic of the query and the attack can lead to confidential data theft, website defacement, malware propagation and host or network compromise.

Vendor/Software Patches

  • Critical Fixes Issued for Windows, Java, Flash – krebsonsecurity.com
    Microsoft Windows users and those with Adobe Flash Player or Java installed, it’s time to update again! Microsoft released 13 updates to address some three dozen unique security vulnerabilities. Adobe issued security fixes for its Flash Player software that plugs at least 22 security holes in the widely-used browser component.

Vulnerabilities

  • Hardware and firmware attacks: Defending, detecting, and responding – code.facebook.com
    The attack landscape for firmware is maturing and needs more attention from defense and detection communities. Recent examples of firmware attacks include the Equation Group’s attacks on drive firmware, Hacking Team’s commercialized EFI RAT, Flame, and Duqu.
  • Skimmers Hijack ATM Network Cables – krebsonsecurity.com
    If you have ever walked up to an ATM to withdraw cash only to decide against it after noticing a telephone or ethernet cord snaking from behind the machine to a jack in the wall, your paranoia may not have been misplaced: ATM maker NCR is warning about skimming attacks that involve keypad overlays, hidden cameras and skimming devices plugged into the ATM network cables to intercept customer card data.
  • Using IPv6 with Linux? You’ve likely been visited by Shodan and other scanners – arstechnica.com
    One of the benefits of the next-generation Internet protocol known as IPv6 is the enhanced privacy it offers over its IPv4 predecessor. With a staggering 2128 (or about 3.4×1038) theoretical addresses available, its IP pool is immune to the types of systematic scans that criminal hackers and researchers routinely perform to locate vulnerable devices and networks with IPv4 addresses.

Other News

  • Metel Bank Robbers Borrowing from APT Attacks – threatpost.com
    Banking malware, however, may soon not be good enough for the bad guys. More and more are copycatting the techniques deployed by advanced hackers to steal millions of dollars from banks and other financial institutions.
  • Is The Cybersecurity Bubble About To Burst? – www.darkreading.com
    The stock markets in general have been delivering a lot of bloody noses in the year to date, but one of the particularly big surprises in this downward slide has been the absolute beating cybersecurity companies are taking.