Events Related

  • Impressions From DEF CON 24: The Machines Are Rising – securityintelligence.com
    DEF CON 24, the world’s largest hacker conference, ended Aug. 7, and I must say I enjoyed every moment of it. There was so much to see in so little time; I definitely regret missing some great stuff that happened. Even so, I still managed to catch some very interesting events that I would like to highlight.
  • Thoughts from Black Hat and Defcon – blog.coresecurity.com
    Getting home from what we affectionately call Security Summer Camp is almost as much of an adventure as attending the conferences. Getting caught in the Deltapocalypse on the way home just added to the fun. If you want a real challenge, try seeing your way onto earlier flights during a system-wide meltdown of a major legacy carrier.

Resources

Tools

  • kwprocessor – github.com
    Advanced keyboard-walk generator with configureable basechars, keymap and routes
  • ThinkPwn – github.com
    Lenovo ThinkPad System Management Mode arbitrary code execution 0day exploit
  • hashcat v3.10 – hashcat.net
    This release is mostly a bugfix and maintainance release, plus a small set of new features and a new hash-mode.
  • Blue Hydra – github.com
    BlueHydra is a Bluetooth device discovery service built on top of the bluez library. BlueHydra makes use of ubertooth where available and attempts to track both classic and low energy (LE) bluetooth devices over time.

Techniques

  • “Fileless” UAC Bypass Using Eventvwr.exe And Registry Hijacking – enigma0x3.net
    After digging into Windows 10 and discovering a rather interesting method for bypassing user account control, I decided to spend a little more time investigating other potential techniques for getting around UAC. Currently, there are a couple of public UAC bypass techniques, most of which require a privileged file copy using the IFileOperation COM object or WUSA extraction (Windows 7) to take advantage of a DLL hijack in a protected system location.
  • JetBrains IDE Remote Code Execution and Local File Disclosure – blog.saynotolinux.com
    From at least 2013 until May 2016 JetBrains’ IDEs were vulnerable to local file leakage, with the Windows (EDIT: and OS X) versions additionally being vulnerable to remote code execution. The only prerequisite for the attack was to have the victim visit an attacker-controlled webpage while the IDE was open.
  • A First Look At PowerShell on Linux – www.petri.com
    If you had any doubts that the Microsoft of today is vastly different from the Microsoft you grew up with, I think the news out of Redmond today should put those doubts to rest. Microsoft has finally put all the speculation to rest and announced that PowerShell is now an open source project released under the MIT license.

Vulnerabilities

  • Vxworks: Execute My Packetsexodusintel.com
    Earlier this year we reported 3 vulnerabilities in VxWorks to Wind River. Each of these vulnerabilities can be exploited by anonymous remote attackers on the same network without user interaction to take control of the affected device.
  • SQL Injection Vulnerability in Ninja Forms – blog.sucuri.net
    As part of our regular research audits for our Sucuri Firewall, we discovered an SQL Injection vulnerability affecting the Ninja Forms plugin for WordPress, currently installed on 600,000+ websites.

Other News

  • A hacker’s best friend is a nice employee – www.usatoday.com
    When it comes to hacking, the most dangerous thing at most companies may not be their computer network but the lowly desk telephone. “You can get everything you need — information about their security, their operating system, what kind of computers they use. Just with a call,” said Chris Silvers, who runs CG Silvers, an independent security consulting firm in Atlanta.