NDSS Symposium 2012 : February 5 to 8 in San Diego, California USA

ACM Conference on Data and Application Security and Privacy (CODASPY) : February 8  to 12 in San Antonio, TX USA

DOJ Cyber Security Conference : February 8 to 9 in Washington, D.C. USA

The Anti-Conference: Suits & Spooks II – Shaping a Revolution in Security Affairs : February 8 in Rosslyn, VA USA

SANS Phoenix : February 13 to 18 in Phoenix, AZ USA

BSides PHX 2012 : February 18 in Tempe, Arizona USA

RSA Conference 2012 : February 27 to March 2 in San Francisco, California USA

BSides San Francisco 2012 : February 27 to 28 in San Francisco, CA USA

Metricon : February 27 in San Francisco, Ca USA

And here are the information security events in the other parts of the world:

Kaspersky Lab Threat Post Security Analyst Summit 2012 : February 1 to February 5 in Cancun, Mexico

NullCon : February 15 to 18 in Goa, India

HITBGSEC 2012 : February 20 to 23 in Mumbai, India

• OWASP ATL Presentation – intrepidusgroup.com
  I recently gave a presentation at OWASP ATL on the OWASP Mobile Top 10 and how to assess mobile applications. This was a light weight discussion of the OWASP Mobile Top 10 and some topical and technical concerns related to securing mobile applications.
• OWASP Benelux Days 2011 – blog.rootshell.be
  The OWASP Benelux Days is a two-days event organized by three OWASP chapters (Belgium, Netherlands and Luxembourg). The 2010 edition was organized in Eindhoven(NL). This year, it was organized in Luxembourg. After a safe trip, sharing my car with a friend, we arrived at the Luxembourg University.
• BSIMM Community Conference – cigital.com
  Cigital recently hosted a second BSIMM Community Conference near Portland, Oregon. The Conference was outstanding, and was a great opportunity for like-minded software security professionals to compare notes.

Resources

• Netsec’s Q4 2011 Information Security Hiring Thread – reddit.com
  If you have open positions at your company for information security professionals and would like to hire from the/r/netsec user base, please leave a comment detailing any open job listings at your company.
• Restricted Character Set Vulnserver Exploit Tutorial – resources.infosecinstitue.com
  Vulnserver is a Windows server application that deliberately includes a number of exploitable buffer overflow vulnerabilities, and was designed to act as a target application to teach and practice basic fuzzing, debugging and exploitation skills. More information on Vulnserver, including a download link, is available here.
• November 2011 OWASP Newsletter – owasp.blogspot.com
  November OWASp newsletter now available for download.

Tools

• Pipal, Password Analyser – digninja.org
  On most internal pen-tests I do I generally manage to get a password dump from the DC. To do some basic analysis on this I wrote Counter and since I originally released it I’ve made quite a few mods to it to generate extra stats that are useful when doing reports to management.
• Intercepter NG-An Advanced Sniffing Tool! – intercepter.nerf.ru/Intercepter-NG.v09.zip
  Intercepter-NG is a new and improved sniffing tool with many added features. It supports several sniffing modes. For instance, in raw mode, it acts like a pure sniffer with appearance similar to Wireshark, providing enough functionality to perform a quick research of the network traffic. In the eXtreme mode Intercepter-NG will analyze all TCP packets without checking ports.
• USRP For NFC Part 1 - intrepidusgroup.com
  The USRP from Ettus Research is an awesome tool for radio analysis. It’s a really complex tool that is capable of doing almost anything involving radio signals (see these two previous Insight posts by Corey and myself, and Raj). That doesn’t even scratch the surface, though. This post will go into the detailed hardware setup for investigating NFC over the air communication using the USRP.
• Signed TaskManager – blog.didierstevens.com
  This new version 0.1.1 of my TaskManager spreadsheet is exactly the same as version 0.1.0, except that it is digitally signed.
• Android Web Content Resolver – labs.mwrinfosecurity.com
  When assessing Android devices and applications we regularly come across vulnerabilities in Android Content-Providers. These vulnerabilities are often similar to those found in web application security tests. In particular SQL Injection and directory traversal vulnerabilities are common problems in Content-Providers.
• How To Find Android 0Day In No Time – labs.mwrinfosecurity.com
  Today we are releasing WebContentResolver, an Android assessment tool which allows you to find Content-Provider vulnerabilities in no time. A Content-Provider is one of Androids IPC endpoints; it is commonly used to implement data storage in applications and to offer access to this data to other applications on the device.
• The Mole – Automatic SQL Injection SQLi Exploitation Tool – darknet.org.uk
  The Mole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based technique.

Techniques

• DNS Hacking (Beginner to Advanced) – resources.infosecinstitute.com
  DNS is a naming system for computers that converts human readable domain names e.g. (infosecinstitute.com) into computer readable IP-addresses. However some security vulnerabilities exist due to misconfigured DNS nameservers that can lead to information disclosure about the domain.
• POP POP RET: SEH Exploiting Process – marcoramilli.blogspot.com
  This morning I want to talk a little bit about Structured Exception Handling (SEH) exploitation. Some readers, during a Skype meeting early last week, pointed me out that I never wrote about it, se lets talk a little bit about it.
• "Hacking" Printers – PJL Basics – hackonadime.blogspot.com
  A short while later in my career, I got to be known as the AIX “hacker” because I knew more about AIX than even some IBM techs I’d talk to on the phone. That’s why the term “Hacking” in the title has quotes. What we’re going to talk about today is understanding some very basic features that most people have forgotten about and being able to manipulate those features to help us do some bad stuff.
• CSRF with JSON – Leveraging XHR and CORS – sheeraj.blogspot.com
  Same Origin Policy (SOP) dictates cross domain calls and allows establishment of cross domain connections. SOP bypasses allow CSRF attack vector, an attacker can inject a payload on cross domain page that initiate a request without consent or knowledge of the target user.
• Embedding A Link To A Network Share In A Word Doc – carnal0wnage.attackresearch.com
  Someone asked me how to embed an HTML Link to an smb share into a word doc. End result would be to use the capture/server/smb or exploit/windows/exploit/smb/smb_relay modules. Easy right? Well it wasn’t THAT easy… In office 2010 when I’d go to pull in a picture to the document by adding a picture from a network share the picture would become part of the doc and not be retrieved every time the document opened. The solution was to add some html to the document.
• SQL Injection Attack Happening ATM – isc.sans.edu
  Typically it is inserted into several tables.  From the information gathered so far it looks targeted at ASP, IIS and MSSQL backends, but that is just speculation.  If you find that you have been infected please let us know and if you can share packets, logs  please upload them on the contact form.

Vulnerabilities

• 1% of CMS-Powered Sites Expose Their Database Passwords – feross.org
  Nearly 1% of websites built with a content management system (like WordPress or Joomla) are unknowingly exposing their database password to anyone who knows where to look.
• Researchers Find Big Leaks In Pre-Installed Android Apps – arstechnica.com
  Researchers at North Carolina State University have uncovered a variety of vulnerabilities in the standard configurations of popular Android smartphones from Motorola, HTC, and Samsung, finding that they don’t properly protect privileged permissions from untrusted applications.

Other News

• Trevor Eckhart vs. Android Phones
  The Android developer who raised the ire of a mobile-phone monitoring company last week is on the attack again, producing a video of how the Carrier IQ software secretly installed on millions of mobile phones reports most everything a user does on a phone.
  • Researcher’s Video Shows Secret Software on Millions of Phones Logging Everything – wired.com
  • BUSTED! Secret app on millions of phones logs keys – theregister.co.uk
  • Android handsets secretly logging keystrokes, SMS messages? – news.cnet.com
  • Is Carrier IQ A Big Data Mercenary? – gigaom.com
  • Carrier IQ Admits Holding ‘Treasure Trove’ of Consumer Data, But No Keystrokes – wired.com
  • Carrier IQ Is tracking Your iPhone Too, But It’s Easy To Turn Off - lifehacker.com
  • Carrier IQ Tracking iPhone Customers Too, Researchers Say – news.cnet.com
  • Carrier IQ: How Big A Threat Is It? – news.cnet.com
• Exclusive: Millions of Printers Open To Devastating Attack, Researchers Say – redtape.msnbc.nbc.com
  Could a hacker from half-way around the planet control your printer and give it instructions so frantic that it could eventually catch fire? Or use a hijacked printer as a copy machine for criminals, making it easy to commit identity theft or even take control of entire networks that would otherwise be secure?
• Staff To Be Banned From Sending Emails – telegraph.co.uk
  Thierry Breton, CEO of Atos and a former French finance minister, wants a "zero email" policy to be in place within as early as 18 months, arguing that only 10 per cent of the 200 electronic messages his employees receive per day on average turn out to be useful. Instead he wants them to use an instant messaging and a Facebook-style interface.
• Targeted Attack Steals Credit Cards From Hospitality And Educational Institutions – nakedsecurity.sophos.com
  A little more than a week ago SophosLabs became aware of a resurgence of an attack against the education and hospitality industries. In at least one case the malware has shown up at a financial services company.
• Researchers Say oracle Leaves Databases Needlessly Vulnerable – darkreading.com
  Is Oracle just paying lip service to database security? Some researchers within the database community think so, complaining that as the software juggernaut has grown with acquisitions such as the blockbuster Sun deal it hasn’t maintained enough resources to securely develop database products and resolve vulnerabilities disclosed by researchers in a timely fashion.
• Java Is The Largest Malware Target According To Microsoft – h-online.com
  In a posting on the Microsoft Security Blog, Tim Rains, a director of Microsoft’s Trustworthy Computing Group, has written of the huge number of Java exploits being found in the wild. In the second half of 2010 and first half of 2011, between a half and a third of all exploits observed by Microsoft’s Malicious Software Removal Tool attacked vulnerabilities in Java.
• The Mystery of Duqu: Part Six (The Command and Control Servers) – securelist.com
  Over the past few weeks, we have been busy researching the Command and Control infrastructure used by Duqu. It is now a well-known fact that the original Duqu samples were using a C&C server in India, located at an ISP called Webwerks. Since then, another Duqu C&C server has been discovered which was hosted on a server at Combell Group Nv, in Belgium.
• Public Java Exploit Amps Up Threat Level – krebsonsecurity.com
  I disclosed how the Java exploit is being sold on cybercrime forums and incorporated into automated crimeware kits like BlackHole. Since then, security researchers @_sinn3r and Juan Vasquez have developed a module for Metasploit that makes the attack tool available to penetration testers and malicious hackers alike.
• UK "Cyber Strategy" : Stuxnet, censorship, and cyber specials – arstechnica.com
  On Friday, the UK government released its "Cyber Security Strategy," acknowledging the importance of the Internet to modern life, but also the risks it poses from criminals, terrorists, and nation states. Over the next four years, and at a cost of £650 million ($1 billion), the National Cyber Security Programme (NCSP) has four objectives: "tackle cyber crime," make the UK more resilient to "cyber attacks," create an open and stable "cyberspace," and ensure that the UK has the skills and knowledge to provide all "cyber security" needs.
• EFF Asks US Copyright Office To Exempt Jailbreaking From DMCA – nakedsecurity.sophos.com
  Currently under the Digital Millennium Copyright Act (DMCA) in the United States it is illegal to circumvent Digital Rights Management (DRM) technology in a device.
• Research Team Finds Disk Encryption Foils Law Enforcement – physorg.com
  A joint U.S./UK research team has found that common encryption techniques are so good that law enforcement, from local to highly resourceful federal agencies, are unable to get at data on a computer hard disk that could be used to prove the guilt of people using the computer to perpetuate crimes.

BayThreat 2011: December 9 to December 11 in Mountain View

SANS Cyber Defense Initiative 2011: December 9 to December 16 in Washington, DC

And here are the information security events in the other parts of the world:

BeneLux OWASP Day 2011: December 1 to December 2 in Luxembourg

BSides Cape Town: December 3 in Cape Town

berlinsides (BSides Berlin): December 28 to December 30 in Berlin

eCrime Europe: December 12 in Amsterdam

The Bay Area scene is very active and covers a broad spectrum, so expect local professional groups presence to be thick.

• OWASP Bay Area – According to their official page the last meeting was on June 22. To keep abreast of any future events or doings, it might be a good decision to join the mailing list.
• iSec Open Security Forum – Not really a specific chapter for a national organization, iSec just happens to have a San Francisco based office aside form branches in Seattle and New York. Call it an open venue for security professionals to exchange notes and hash out ideas. Visit their site to access a wealth of resources.
• ISSA  San Francisco Bay Area Chapter – Have a meeting on September 7 and an Incident Response Management course the following month. These guys are very active.
• ISACA San Francisco Chapter – There’s a Fall Conference on November 7 to 9. Membership is open and there’s a newsletter available for subscription.
• San Francisco Bay Area Infragard Chapter – The latest quarterly meeting is on August 18. As Infragard chapters go, these guys regularly coordinate with the San Fran FBI office. Go visit the site for resources and an official chapter-specific news blog.

For some reason, the local meetings aren’t as prolific this time around.

• SF2600 – First meeting of the month already happened last Friday. Stay tune for September then! Visit the site for the good stuff, i.e. info on future meets.

As far as databases and other search tools go, there’s just a single registered hackerspace in the Bay Area.

• Noisebridge – HQ is over at Mission Street. They’ve got an extensive selection of projects and lots of extracurricular activities for skills development. Check the site for a schedule breakdown.

Last, a few big security events.

• SF ISACA Fall Conference – Won’t be till November and registration isn’t even open yet. But mark this on your calender if interested.
• IEEE Symposium on Security and Privacy – Established in 1980, the yearly event takes place in Oakland. Registration is still open but is classified ‘nearly full.’
• USENIX Security Symposium – Kicks off in San Francisco this week. Visit the site for inof, schedule, and resources.
• RSAConference - Actually happened all the way back in March. But it’s still on same time next year.

There might be a few groups and events we missed. If so, feel free to chime in at the comments.

To visit an older version of this community page, go here.

The city of angels is a diverse melting pot that’s also Hollywood’s beating heart. Thanks to the presence of major industries, there are local professional groups all over Los Angeles. The whole scene is bustling with activity.

• OWASP Los Angeles Chapter – Next meeting is on the night of June 22. Open the link for the whole scoop on mailing lists and contacts. There are also tons of resources in their chapter page over at OWASP HQ.
• Los Angeles ISSA Local Chapter – Have a big summit happening next week. Open the link to check out their official site; mailing lists. membership openings, and other resources are available there.
• ISACA Los Angeles Chapter - They also have a dinner meeting next week (the 14th to be specific). Like most ISACA chapters, there’s an open invitation for membership and a wealth of info on their website, where an official newsletter can be subscribed to.
• InfraGard Los Angeles Chapter – Probably the largest, broadest, and most eclectic branch of InfraGard in the United States. Infragard L.A. covers all seven counties and have lots of meetings. This month alone has more than a couple. Check their calendar for the necessary details.
• AITP Los Angeles – Unlike most AITP Chapters, the Los Angeles people are up and running the whole year round. In fact, they’ve got a meeting on the 23rd. Membership, archives, and contacts are all available in their website, so just open the link.

Considering how much action there is on a weekly basis, it’s no surprise things are pretty intense on the local meetings front as well.

• DefCon Los ANgeles/DC213 – There seems to be a problem with the site. Try DefCon HQ for an alternative means of getting in touch with this DefCon group.
• LA2600 – One of the oldest 2600 groups in existence. Here’s the latest on their next meet: “Union Station, corner of Macy & Alameda. Inside main entrance by bank of phones.” This happens first Friday of every month.
• Dorkbot SoCal – They just wrapped an event over at hackerspace Machine project. but stay tuned, they’re pretty active.

Los Angeles must be full of hackerspaces, right? Right.

• Crash Space – Regularly meet on Tuesdays and spend ridiculous amounts of time on awesome DIY builds.
• Hacker’s Bike Ride L.A. – A strange combination of bicycle rides and computer lust. Worth checking out. A lot of serious hacking goes down here on a regular basis, so maybe you’d want to pay them a visit.
• Machine Project – A special enclave where all manner of art and science project monstrosities come to life.
• Null Space Labs – Weekly meetings, hacking fun, and a welcoming atmosphere (always open to visitors). You’re really tempted to drop by the place.
• Sugar Shack – A haven for creative types of any persuasion. They’ve got projects and art in great abundance. They meet on Sundays.

Lots of big security events too.

• 3rd Annual Information Security Summit – A rare meeting of corporate, IT, and security professionals that transpire son June 15. The theme is protecting businesses from cyber attacks. (Hello Sony?) Register here.
• BSides Los Angeles – Won’t happen until August. It happens by the beach and registration is already open.
• ISACA LA Spring Conference 2011 – A bit too late since it happened two months ago. Still, there’s going to be a sequel next year for sure.

There might be a few groups and events we missed. If so, feel free to chime in at the comments.

Not quite as hyper as L.A. and a little too laid back compared to bustling San Fran, but San Diego has its own charms. No surprise then that there’s a significant presence of local professional groups.

• OWASP San Diego Local Chapter – Are pretty active and concluded a meeting just last month. For news on their doings, join the mailing list.
• SD ISSA Local Chapter – Just concluded a training event last week and a membership meeting wend down on the 11th These guys are very active and can be reached via Twitter. The chapter is also open to new members.
• ISACA San Diego Chapter – These guys meet once a month and the 19th has already been booked. Get n touch by opening the link.
• Infragard San Diego Chapter – They’ve got a meet on the 20th. For contacts and extra details, just open the link.
• AITP San Diego – National University, San Diego State, and U of San Diego all have student groups who are quite active. Open the links for the whole scoop on their doings.

Since there are lots of groups, there are definitely lots of local meetings too.

• San Diego 2600 – It’s at Regent’s Pizza, 4150 Regent’s Part Row #170. If you’re itching to, then don’t miss it. San Diego 2600 get together every first Friday of the month.

Woah! check out these hackerspaces.

• Nucleon – Haven’t done anything significant in a while. But they at least have an extensive back log.
• San Diego Hacker News Meetup – Quite the shadowy bunch. They do have a physical address though.
• HackerspaceSD – Another group who keep a really low profile. Try the link for interesting stuff.

There wouldn’t be much of a scene without security events.

• SANS Security West San Diego – It actually just finished yesterday, but just so you know it happened.
• ToorCon San Diego – Already wrapped last year but there’s another come October, so stay tuned on this front.
• CyberSecurity Symposium – Happens on May 17. An all day event at the Doubletree Hotel.
• BarCamp San Diego – A long running series that just concluded its first 2011 outing on January. Check the link for updates and registration for future meets.
• Security Day San Diego – A campus event at UCSD that happens at least once a year. The last installment was on November 2010, so expect its follow up on the same date this 2011.

There might be a few groups and events we missed. If so, feel free to chime in at the comments.

Since Little Rock is  a big city in the small state of Arkansas, there must be local professional groups, right? Right.

• ArkLaTex ISSA – A conglomeration of infosec pros from Arkansas, Texas and Louisiana. This motley group’s last meeting was on September 2010. No word yet on any future gathering.
• Northwest Arkansas ISSA – Might as well throw these guys in even if they’re from Bentonville. They hold meetings on the first Tuesday of every month but for details just open the link.
• ISACA Central Arkansas – Last meeting was on March 8 but a new one is in the works. Get in touch by opening the link.
• Infragard Little Rock – Aren’t very busy at the moment. Explore their website for info and any possible news about future meetings.
• AITP University of Arkansas – Same as the above. Not much on the horizon but might be worth a moment’s perusal.

Where there are groups, there are local meetings.

• Central Arkansas Innovative Alliance – Have an open invitation for a meeting/discussion this April 14th. If you’re in town, you might not want to miss it.

If you look hard enough, a couple of hackerspaces will reveal themselves.

• Mont/HackNetCentral – Is still in the works and is going to open soon.

There might be a few groups and events we missed. If so, feel free to chime in at the comments.

• Minneapolis St. Paul Local Chapter – Just concluded a meeting at the end of last month. If you don’t want to miss their next get together, join the mailing list. These guys aren’t shy about welcoming new sponsors too.
• Minnesota ISSA Chapter – A state-wide organization with headquarters in St. Paul. Last meeting was on March 15. To keep tab on what they’re planning for the future, just visit the site.
• ISACA Minnesota Chapter – Yet another state-wide chapter. These guys are active too and are currently prepping for a big Secure360 event next next month.  The chapter is having a round table meeting at Month’s end. For more info, visit the home site or check their schedule for details.
• Infragard Minneapolis -  These guys are also looking forward to Secure360 on May and have upcoming meetings already scheduled until November.  Get in touch here.
• AITP Minnesota – Have a meeting next month. Either go to the site for details and contacts or check out their profile.

Where there are groups, there are local meetings.

• DC612 – These Minneapolis misfits congregate every month but canceled on March 10. Expect fresh news on their activities once April rolls in.
• Dorkbot Minneapolis – Whoever is involved are still in the process of scheduling a meet sometime in the future.
• Minneapolis 2600 – Next meeting is at Java J’s coffee house at 7pm.

Let’s not forget to mention a hackerspace or two.

• Twin Cities Maker – They meet every week and work on really cool things. Get in touch here.

And last, the all-important security events.

• ISACA Training Week – This five day event won’t be until September though. Register here. The hotel accommodations look nice.
• 6th Annual Secure360 Conference – It’s on May, just two days long, and there’s lots of cool activities in the itinerary for those wishing to participate. You don’t want to miss this.

There might be a few groups and events we missed. If so, feel free to chime in at the comments.

More than just the edge-of-your-seat thrill of the Indy 500, the state capital has a lot to offer the open-minded visitor. Lest we forget to mention it, Indianapolis is also teeming with local professional groups.

• OWASP Indianapolis Local Chapter – They meet on a regular basis and already wrapped a January get together. Don’t fret because there are upcoming meets on March 29 and April 19. For more info, join their mailing list.
• Central Indiana ISSA – Are currently putting the finishing touches on their website. They’ve got a LinkedIn page. For additional contacts, go here.
• ISACA Central Indiana Chapter – Certification exams are coming on June. For info on this, just visit the homepage.
• InfraGard Indiana – A small group that aren’t very busy at the moment.
• Indiana AITP – There are a ton of student chapters spread across the state that are more or less active. Just check the entry on Indiana for the full list.

Despite the heavy presence of local groups, the local meetings front is pretty quiet.

• IN2600 – Their next meeting is just around the corner. Check the site for details.

Don’t miss these cool hackerspaces.

• Club Cyberia – It’s still a work in progress, but stay tuned!
• GammaLab – Same as the above though it seems to have changed its name to The Cove.

Here’s an upcoming security event.

• PCI/DSS Workshop 2011 – Won’t be until May. Registration is pretty steep, but there’s free lodging thrown in. Open the link for details and registration.

There might be a few groups and events we missed. If so, feel free to chime in at the comments.

• CanSecWest
  Event debriefing
  • CanSecWest, a decade later and still growing - privasectech.com
  • CanSecWest 2011 day 1 – the-interweb.com
  • CanSecWest 2011 day 2 - the-interweb.com
  • CanSecWest 2011 day 3 – the-interweb.com
  • Highlights of CanSecWest Day 1 – blogs.mcafee.com
  • Highlights of CanSecWest Day 2 – blogs.mcafee.com
  • Understanding and Exploiting Flash Vulnerabilities – log.fortinet.com
  • CanSecWest Presentations – research.phreedom.org

• CodeGate 2011 YUT Quals - ppp.cylab.cmu.edu
  The problems consisted of web vulnerabilities, forensics, cryptography, binary reversing, and some problems related to security topics that had been in the news.

• Pwn2Own 2011
  What went down and various news bits
  • Researcher chains three exploits to take down IE8 at PWn2Own – computerworld.com
  • Google’s Chrome untouched at Pwn2Own hackmatch – computerworld.com
  • Safari, IE hacked first at Pwn2Own – computerworld.com
  • iPhone, BlackBerry tumble to Pwn2Own hackers - computerworld.com
  • Pwn2Own 2011: no one goes after Chrome – h-online.com
  • Pwn2Own Day 2: iPhone and BlackBerry hacked – h-online.com
  • Hacker kills his own Pwn2Own bug for Android phones - theregister.co.uk
  • IE8, Safari, iPhone, BlackBerry exploited in Pwn2Own contest – news.cnet.com
  • Pwn2Own Winner Stephen Fewer – threatpost.com
  • Apple Safari and Internet Explorer 8 Go Down at Pwn2Own, iPhone Up Next - threatppost.com
  • iPhone, BlackBerry Fall on Second Day of Pwn2Own – threatpost.com
  • Why Pwn2Own Is What’s Right With Security – threatpost.com
  • Safari, MacBook first to fall at Pwn2Own 2011 – zdnet.com
  • BlackBerry falls to webkit browser attack – zdnet.com
  • Charlie Miller wins Pwn2Own again with iPhone 4 exploit – zdnet.com
  • Pwn2Own considered (somewhat) harmful – Icamtuf.blogspot.com

Resources

• RootedCon 2011 “WCE Internals” presentation available at slideshare – hexale.blogspot.com
  Check out my presentation on “WCE Internals” (based on WCEv1.1) available at slideshare.
• 11th WhiteHat Website Security Statistic Report -whitehatsec.com
  WhiteHat Security’s 11th Website Security Statistics Report, presents a statistical picture gleaned from over five years of vulnerability assessment results taken from over 3,000 websites across 400 organizations under WhiteHat Sentinel management.
• PenTest Execution Standard
  The point behind all of this is a simple goal of raising the bar of penetration testing and how it’s performed.
  • Penetration Testing Execution Standard wiki - pentest-standard.org
  • PTES – Penetration Testing Execution Standard – zonbi.org
• Android Market Security Tool - globalthreatcenter.com
  The “Android Market Security Tool” performs a number of tasks on the handset to remove all remnants of the infections before deleting itself.
• Browser Exploitation for Fun & Profit Revolutions – blog.taddong.com
  Each episode content somehow builds on the topics and knowledge covered on the previous episodes, trying to minimize the overlap, except for the most important messages and goals I wanted to address with this initiative.

• Stack Based Buffer Overflow Tutorial
  This tutorial, in three parts, will cover the process of writing a simple stack based buffer overflow exploit based on a known vulnerability in the Vulnserver application.
  • Part 1 Introduction – resources.infosecinstitute.com
  • Part 2 Exploiting the Stack overflow – resources.infosecinstitute.com
  • Part 3 Adding shellcode – resources.infosecinstitute.com

Tools

• WCE v1.1 is out! - hexale.blogspot.com
  Windows Credentials Editor (WCE) allows to list logon sessions and add, change, list and delete associated credentials.
• Metasploit Framework 3.6.0 Released! – blog.metasploit.com
  In coordination with Metasploit Express and Metasploit Pro, version 3.6 of the Metasploit Framework is now available.
• Agnitio v1.2 – darknet.org.uk
  Agnitio is a tool to help developers and security professionals conduct manual security code reviews in a consistent and repeatable way.
• AntiSamy 1.4.4 released! - i8jesus.com
  The biggest move of this release is to officially change the default parser/serializer from the DOM engine to the SAX engine.
• BeEF v0.4.2.3-alpha! - code.google.com
  BeEF, the Browser Exploitation Framework is a professional security tool provided for lawful research and testing purposes.
• iAnalizer: An Integrity Analyzer for SAP! - onapsis.com
  Though this tool was talked about last year at the BlackHat security conference, it is only now that the tool is being released for download.
• Analyzing PDF exploits for finding payloads used – research.zscaler.com
  In this blog, we will examine yet another in the wild PDF exploit which has hidden it’s malicious code under different objects.
• This Is Not the Android Market Security Tool You Are Looking For – intrepidusgroup.com
  We have been actively following and analyzing the spate of Android malware in the Android Market place.

Techniques

• Dumpstrings.1sc – blog.didierstevens.com
  I wrote another script for my 010 Editor.
• Can You Hack Your Own Site - net.tutsplus.com
  We’ve been asked by our client to incorporate into an existing site, a book review system.
• Flash InternalInterface.call() JavaScript Injection – soroush.secproject.com
  According to the Adobe website, ExternalInterface.call() can accept a JavaScript function name as the first argument and a string which would be sent to that JavaScript function.
• SMBRelay by Oracle - dsecrg.blogspot.com
  Our next target is Oracle. Oracle is one of the most widespread RDBMS and many Enterprises use it as backend.
• Hacking GDB - acsu.buffalo.edu
  To see how a function in GDB is implemented, seek calls to the following functions in GDB source tree.
• At least, I got DoS – blogs.recurity-labs.com
  Due to Wireshark having more than 1,000 different packet dissectors in this directory, I chose a pretty dumb approach to find interesting code parts.
• Hacking crappy password resets (part 1) – skullsecurity.org
  For this first part, I’m going to take a closer look at some very common code that I’ve seen in on a major “snippit” site and contained in at least 5-6 different applications.
• How Android/Fake10086 selectively blocks SMS – blog.fortinet.com
  In brief, Android/Fake10086.A!tr looks like a handy hotel reservation application, but in the background it communicates with a remote web server and blocks some incoming SMS messages.
• BFF 2.0 ImageMagick Fuzz Run Tutorial - youtube.com
  A walk-through of the Basic Fuzzing Framework’s default ImageMagick fuzz run.

Vendor/Software Patches

• Apple issues mammoth security update for Safari browser - nakedsecurity.sophos.com
  Apple has released Safari 5.0.4 – the latest version of Apple’s browser software for Windows and Mac users – patching an eye-watering 62 security vulnerabilities in the process.
• March 2011 Microsoft Black Tuesday Summary – isc.sans.edu
  Here are the March 2011 Black Tuesday patches.  Enjoy!
• VMWare Security Advisories 2011 - vmware.com
  VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.

Vulnerabilities

• Oracle padding attacks – isc.sans.edu
  We can see a valid request (HTTP status code 200) and then a series of 500 requests, as well as a single 403 request.

Other News

• Anonymous makes a laughing stock of HBGary – h-online.com
  Trying to explain Anonymous is a hopeless undertaking – as a first approximation you can view them as a group of anonymous internet activists.
• Hackers spear-phish, infiltrate French Ministry of Finances - arstechnica.com
  The break-in was reported in Paris Match, and has since been confirmed by Minster of Budget François Baroin.
• With hacking, music can take control of your car – itworld.com
  By adding extra code to a digital music file, they were able to turn a song burned to CD into a Trojan horse.
• Making Sport of browser security, hackers topple IE, Safari once again – theregister.co.uk
  Contestants in a high-stakes hacking contest had no trouble toppling the Apple Safari and Microsoft Internet Explorer browsers.
• Green Skimmers Skimming Green - krebsonsecurity.com
  To combat an increase in ATM fraud from skimmer devices, cash machine makers have been outfitting ATMs with a variety of anti-skimming technologies.
• Router-rooting malware pwns Linux-based network devices - megapanzer.com
  Security researchers have discovered a rare strain of router-rooting malware that targets network devices running either Linux or Unix.
• Hackers versus Apple: An interview with Charlie Miller and Dino Dai Zovi -  h-online.com
  Heise’s new Mac & i magazine recently interviewed Charlie Miller and Dino Dai Zovi, co-authors of “The Mac Hacker’s Handbook” about Apple security and how to compromise it.