Resources

Tools

  • EZ-Wave – github.com
    Tools for Evaluating and Exploiting Z-Wave Networks using Software-Defined Radios.
  • firmadyne – github.com
    FIRMADYNE is an automated and scalable system for performing emulation and dynamic analysis of Linux-based embedded firmware.

Techniques

  • Using EMET to disable EMET – www.fireeye.com
    Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) is a project that adds security mitigations to user mode programs beyond those built in to the operating system. It runs inside “protected” programs as a Dynamic Link Library (DLL), and makes various changes in order to make exploitation more difficult.
  • Serialization Must Die: Act 2: XStream (Jenkins CVE-2016-0792) – www.contrastsecurity.com
    XStream is a popular deserialization library. It’s used directly by many popular apps, like JIRA, Confluence, Bamboo, and Jenkins. It’s also used by other popular libraries, like Spring and Struts 2 for unmarshalling XML input into objects.

Vulnerabilities

  • Pirated iOS App Store’s Client Successfully Evaded Apple iOS Code Review – researchcenter.paloaltonetworks.com
    Apple’s official iOS App Store is well known for its strict code review of any app submitted by a developer. This mandatory policy has become one of the most important mechanisms in the iOS security ecosystem to ensure the privacy and security of iOS users.
  • Linux kernel bug delivers corrupt TCP/IP data to Mesos, Kubernetes, Docker containers – tech.vijayp.ca
    The Linux Kernel has a bug that causes containers that use veth devices for network routing (such as Docker on IPv6, Kubernetes, Google Container Engine, and Mesos) to not check TCP checksums. This results in applications incorrectly receiving corrupt data in a number of situations, such as with bad networking hardware.
  • Mousejack Attacks Abuse Vulnerable Wireless Keyboard, Mouse Dongles – threatpost.com
    Wireless keyboards and mice are the latest peripherals to put enterprise networks and user data at risk. Researchers at Bastille Networks today said that non-Bluetooth devices from seven manufacturers including Logitech, Dell and Lenovo are vulnerable to so-called Mousejack attacks that would allow a hacker within 100 meters to abuse this attack vector and install malware or use that machine as pivot point onto the network.

Other News

  • I got hacked mid-air while writing an Apple-FBI story – www.usatoday.com
    Just before midnight last Friday, my plane touched down in Raleigh after a three-hour flight from Dallas. As usual, I’d spent much of the flight working, using American Airlines Gogo in-flight Internet connection to send and answer emails. As I was putting on my jacket, a fellow in the row behind me, someone I hadn’t even noticed before, said: “I need to talk to you.” A bit taken aback, I replied, “It’s late … need to get home.”