• (Def) #ConSurvival – h-i-r.net
  Some practical tips on how to get through DefCon
• BlackHat and DefCon Tips: 2010/N00b Edition – it.toolbox.com
  More things to remember on your next Vegas security event
• BlackHat Track Schedule – uktek.com
  A full schedule of the when and where certain talks are going to be held.

Tools:

• Ubitack 0.2 – code.google.com/p/ubitack/
  This tool automates some of the tasks you might need on a (wireless) penetration test or while you are on the go.
• SIPVicious 0.2.6 Available – voipsecurityblog.typepad.com
  SIPVicious was written in python and can be used on Linux, Windows, FreeBSD 6.2 and Mac OS X.
• Open source GSM cracker released
  I have named this beast Kraken, after a Norse mythological creature capable of eating many things for breakfast. Kraken feeds of an exclusive diet of A5/1 encrypted data.
  • New ‘Kraken’ GSM-Cracking Software is Released – cio.com
  • The call of Kraken – reflextor.com
  • GSM Cracking Tool. Yes it’s open source – marcoramilli.blogspot.com
• Sagan – Real-time System & Event Log (syslog) Monitoring System – darknet.org.uk
  Sagan can alert you when events are occurring in your syslogs that need your attention right away, in real time!
• PlugBot – theplugbot.com
  PlugBot is a research project led by Jeremiah Talamantes, a penetration tester and security researcher for RedTeam Security.
• WATOBO – THE Web Application Toolbox – sourceforge.net/apps/mediawiki/watobo/
  We are convinced that the semi-automated approach is the best way to perform an accurate audit and to identify most of the vulnerabilities.
• WebEnum 0.1 – code.google.com/p/webenum/
  WebEnum is a tool to enumerate http responses to dynamically generated queries.
• dic – code.google.com/p/dic/
  “Download Indexed Cache” is a Proof of Concept (PoC) which implements the Google SOAP Search API to retrieve content indexed within the Google Cache to support the “Search Engine Reconnaissance” section of the OWASP Testing Guide v3

Techniques:

• Shell of the Future – Reverse Web Shell Handler for XSS Exploitation – andlabs.org
  In pentests XSS is usually considered as a dead-end vulnerability – you discover it, take a screenshot and move on to something else.
• Identifying Suspicious URLs – threatpost.com
  In the Google TechTalk, Justin Ma, a PhD candidate at UC San Diego, discusses a novel method for determining which URLs are malicious by applying large-scale online learning techniques.
• Stuxnet and .lnk related studies
  • CPLINK Shortcut mitigation and certificate revocation – sophos.com
  • Windows ‘LNK’ Exploit Demonstration – attackvector.org
  • Mitigating .LNK Exploitation With SRP – didierstevens.com
  • Details for the LNK issue along with a live sample – @hdmoore
  • Stuxnet Memory Analysis and IOC creation – mandiant.com
  • File Server LNK/stuxnet Protection – attackvector.org
  • Distilling the W32.Stuxnet Components – symantec.com
• Weaponizing the Nokia N900 – Part 1 – voipsa.org
  Broadly speaking, the objective of this series of blog posts is to introduce folks to the tools available and the potential for this phone as a security testing platform.
• Fun with Metasploit payload generation – happypacket.net
  My goal was to figure out how to add the msfencode functionality into the generate_simple function that is used by both XMLRPC and the console so that you can encode payloads and all that fun stuff from within Metasploit.
• iSEC is releasing this pre-advisory for Kerberos flaws to be discussed at BH. Must read for AD Admins. – @alexstamos

Vulnerabilities:

• More news about the Stuxnet Flaw
  The said malware exploits a newly-discovered vulnerability in shortcut files, which allows random code to be executed on the user’s system.
  • Microsoft Has No Plans To Patch New Flaw – slashdot.org
  • The Microsoft LNK / USB worm / rootkit ‘issue’ will kill WIN XP SP2 and WIN2000 earlier… – eddywillems.blogspot.com
  • Shortcut zero-day attack code goes public – sophos.com
  • Stuxnet Saga Evolves With New Digitally Signed Binaries – threatpost.com
  • Tool Blunts Threat from Windows Shortcut Flaw – krebsonsecurity.com
  • Stuxnet-A View From an Energy Perspective – mcafee.com
• Twitter XSS Bug – xs-sniper.com
  99% of XSS bugs are fairly straightforward and this bug was no exception.
• IE and Safari lets attackers steal user names and addresses – theregister.co.uk
  Jeremiah Grossman, CTO of White Hat Security, plans to detail critical weaknesses that are enabled by default in the browsers, which are the four biggest by market share.
• Old Wireless Security Flaws Still Haunting Networks – threatpost.com
  The attack is specifically designed to work against the Cisco Aironet 1200 Series access points and is a twist on existing attacks that have shown WEP to be an eminently defeatable protocol.
• SAP GUI: command execution via wadmxhtml – vigilance.fr
  An attacker can use the wadmxhtml.dll ActiveX of SAP GUI, in order to execute code on computers of victims displaying a malicious HTML page.
• WPA2 vulnerability found – networkworld.com
  Hole 196 lends itself to man-in-the-middle-style exploits, whereby an internal, authorized Wi-Fi user can decrypt, over the air, the private data of others, inject malicious traffic into the network and compromise other authorized devices using open source software, according to AirTight.

Vendor/Software Patches:

• Adobe to use sandboxing to mitigate onslaught of Reader-focused attacks
  The next major version of Adobe’s PDF Reader will feature new sandboxing technology aimed at curbing a surge in malicious hacker attacks against the widely deployed software.
  • Adobe adding ’sandbox’ to PDF Reader to ward off hacker attacks – zdnet.com
  • Adobe: ‘Sandbox’ Will Stave Off Reader Attacks – krebsonsecurity.com

Other News:

• New plug-in tester mimics Mozilla’s – cnet.com
  Qualys’ BrowserCheck helpfully targets out-of-date plug-ins, and provides links to download updates.
• VeriSign adds malware scanning to SSL services – cnet.com
  VeriSign is adding malware scanning to its authentication services for Web site operators, the company announced on Monday.
• Siemens SCADA comes with hard-coded password, doesn’t recommend changing it.
  A sophisticated new piece of malware that targets command-and-control software installed in critical infrastructures uses a known default password that the software maker hard-coded into its system.
  • SCADA System’s Hard-Coded Password Circulated Online for Years – wired.com
  • Yes, there’s malware. But don’t change your SCADA password, advises Siemens – sophos.com
• Dell KACE Secure Browser Sandboxes Your Browsing – lifehacker.com
  Secure Browser is designed so even if you find yourself on a site that could harm your computer, the harmful effects are contained within the browser sandbox.
• Skimmers Siphoning Card Data at the Pump – krebsonsecurity.com
  Forced to re-issue an unusually high number of bank cards due to fraudulent charges on the accounts, a regional bank serving Colorado and surrounding states recently began searching for commonalities among the victimized accounts.
• Google Ups the Bug Bounty Ante to $3133.7 – threatpost.com
  The maximum reward for a single bug has been increased to $3,133.7. We will most likely use this amount for SecSeverity-Critical bugs in Chromium.
• PC giant warns of hardware trojan – newscientist.com
  Further information posted on Dell’s community forum reveals that the trojan in the affected motherboards is stored in onboard flash memory rather than firmware ROMs.
• Certified uncertainty – sophos.com
  Second, this particular component of the threat was signed on January 25th, 2010. This implies the perpetrators of this attack have been planning their strategy for quite some time.
• How Mass SQL Injection Attacks Became an Epidemic – threatpost.com
  Mass compromises of legitimate sites really began in earnest in 2007, and the volume and severity of the attacks has increased significantly since then.
• Why Steal Digital Certificates? – eset.com
  In theory the digital signature also tells you who signed the file, and who issued the digital certificate so you can decide if you trust the person or company who signed the file and if you trust the organization who issued the certificate.
• Forget Walmart. Hackers Conference Badges Show The Future of RFID Tracking – gizmodo.com
  This year, HOPE’s Attendee Meta-Data or AMD badge reached new heights, and suggested more about what you could do with RFID attached to people—both good and bad.
• Backtrack vs Windows – youtube.com
  Spoof of evo vs iphone with an influence in security .. DEFCON 18

• RECON 2010: The best conference ever in the worst hotel ever – ncircle.com
  It was held in Montreal from July 9th to the 11th at a supposedly posh hotel where the air-conditioning wasn’t working at all building-wide during a heat wave.
• SOUPS Keynote & Slides – emergentchaos.com
  In “Engineers Are People, Too” Adam Shostack will address an often invisible link in the chain between research on usable security and privacy and delivering that usability: the engineer.
• Photos: The Next HOPE (Hackers On Planet Earth) – laughingsquid.com
  Pictures from the the Hotel Pennsylvania event.
• Assange is a no-show
  A Wikileaks editor, deciding not to risk a confrontation with federal agents, skipped a high-profile speaking engagement at a hacker conference here on Saturday.
  • HOPE: scheduled keynote by Julian Assange of Wikileaks – boingboing.net
  • Wikileaks editor skips NYC hacker event – cnet.com

Resources:

• Python tools for penetration testers – dirk-loss.de
  If you are involved in vulnerability research, reverse engineering or penetration testing, I suggest to try out the Python programming language.
• See 20 Minute Video Presentation on How to Choose an IPS – icsalabs.com
  Considering which network IPS is the best fit for your enterprise or SMB?

Vulnerabilities:

• Firefox Add-On Exploited
  It was discovered that this add-on contains code that intercepts login data submitted to any website, and sends this data to a remote location.
  • Mozilla Sniffer – mozilla.com
  • Firefox security test add-on was backdoored – netcraft.com
• Rootkit.TmpHider – anti-virus.by
  Modules of current malware were first time detected by “VirusBlokAda” company specialists on the 17th of June, 2010 and were added to the anti-virus bases as Trojan-Spy.0485 and Malware-Cryptor.Win32.Inject.gen.2.
• USB Shortcuts Introduce New Can Of Worms To Windows Systems
  Researchers have discovered a sophisticated new strain of malicious software that piggybacks on USB storage devices and leverages what appears to be a previously unknown security vulnerability in the way Microsoft Windows processes shortcut files.
  • Experts Warn of New Windows Shortcut Flaw – krebsonsecurity.com
  • Zero-Day vulnerability allows USB malware to run automatically, Sophos reports – sophos.com
  • Windows zero-day attack works on all Windows systems – sophos.com
• Trojan.Sasfis: A Closer Look – symantec.com
  In our recent article on Trojan.Sasfis we focused on the spam angle of the attack and in this piece we will take a deeper look at this somewhat persistent threat which our global sensors indicate is recently on the rise.
• Researchers: Authentication crack could affect millions – computerworld.com
  A well-known cryptographic attack could be used by hackers to log into Web applications used by millions of users, according to two security experts who plan to discuss the issue at an upcoming security conference.
• Malware exploiting x86 machine code redundancy – sophos.com
  By definition an emulator will never be exactly like ‘the real thing’, and malware authors continually try to exploit this fact in order to evade detection.

Vendor/Software Patches:

• Microsoft’s New Patch Tuesday
  As part of our usual monthly update cycle, today Microsoft is releasing four security bulletins to address five vulnerabilities in Windows and Microsoft Office.
  • July 2010 Security Bulletin Release – technet.com
  • Microsoft Security Bulletin MS10-042 – Critical – microsoft.com
  • Microsoft Security Bulletin MS10-043 – Critical – microsoft.com
  • Microsoft Security Bulletin MS10-044 – Critical – microsoft.com
  • Microsoft Security Bulletin MS10-045 – Important – microsoft.com
  • MS10-042: Vulnerability in Help and Support Center – technet.com
  • MS10-045: Microsoft Office Outlook Remote Code Execution vulnerability – technet.com
  • Microsoft Patch Tuesday – July 2010 – symantec.com
  • Express patch for Windows Help Center – h-online.com
• Winamp 5.58 eliminates critical FLV vulnerabilities – h-online.com
  According to French security services provider VUPEN, the problem is related to integer and buffer overflow issues within the VP6 decoder “vp6.w5s” used by Winamp when opening a specially crafted Flash Video (FLV) file.

Other News:

• FBI Raids ‘Electronik Tribulation Army’ Over Witness Intimidation – wired.com
  Jesse William McGraw, aka “GhostExodus,” pleaded guilty in May to computer-tampering charges for putting malware on a dozen machines at the Texas hospital where he worked as a security guard.
• GFI Software acquires Sunbelt Software – sunbeltblog.blogspot.com
  Today, it was announced that Sunbelt Software has been acquired by GFI Software.
• Developers just don’t go to security conferences – swreflections.blogspot.com
  Developers and managers need to choose carefully where to spend their company’s money and time – or their own.
• Secunia Half Year Report for 2010 shows interesting trends – sans.edu
  Since 2005, no significant up-, or downward trend in the total number of vulnerabilities in the more than 29,000 products covered by Secunia Vulnerability Intelligence was observed.
• Talk on Chinese Cyber Army Pulled From Black Hat – threatpost.com
  A talk on China’s state-sponsored offensive security efforts scheduled for the Black Hat conference later this month has been pulled from the conference after concerns were raised by some people within the Chinese and Taiwanese government about the talk’s content.
• “Millions” Of Home Routers Vulnerable To Web Hack – forbes.com
  The upcoming Black Hat security conference in Las Vegas offers an annual parade of security researchers revealing new ways to break various elements of the Internet.
• Mozilla Bumps Bug Bounty to $3,000 – threatpost.com
  In an effort to enlist more help finding bugs in its most popular software, such as Firefox, Thunderbird and Firefox Mobile, Mozilla is jacking up the bounty it pays to researchers who report security flaws to $3,000
• MS Windows Token Kidnapping Problems Resurface – threatpost.com
  Cesar Cerrudo, founder and CEO of Argeniss, a security consultancy firm based in Argentina, first reported the token kidnapping hiccup to Microsoft in 2008 and after waiting in vain for a patch, he released the details during the Month of Kernel Bugs project.
• DNS root zone finally signed, but security battle not over – arstechnica.com
  This is an important step in the deployment of DNSSEC, the mechanism that will finally secure the DNS against manipulation by malicious third parties.

• Third SHB Workshop – schneier.com
  This is a two-day gathering of computer security researchers, psychologists, behavioral economists, sociologists, philosophers, and others.
• HiTB News
  HiTB  organizes conferences for a while in Dubaï and Kuala Lumpur but this is the first time that an event is held in Europe and not too far from Belgium.
  • Hack in the Box Day #1 Wrap Up – rootshell.be
  • Hack in the Box Day #2 Wrap Up – rootshell.be

• Notes from OWASP Bay Area Security Summit – michael-coates.blogspot.com
  However the portion on dynamic identification and quarantine of malicious scripts was very interesting.
• Hacking the Next Hope Badge – travisgoodspeed.blogspot.com
  The following are some notes that will help enterprising neighbors to hack these badges, which will be running an MSP430 port of the OpenBeacon firmware.

Resources:

• Comparing web application scanners, part 2 – portswigger.net
  Scanners were scored based on their ability to identify different types of vulnerabilities in different scanning modes.
• Cisco IOS Auditing – digitalbond.com
  Earlier this month Tenable released a new policy compliance plugin for Nessus that allows auditing of Cisco router and switch configuration.
• Third-Party Web Widget Security FAQ – jeremiahgrossman.blogspot.com
  Millions of websites such as online news, blogs, e-commerce, banks, webmail, social networking and more utilize third-party hosted content on their webpages in the form of JavaScript, Adobe Flash, Microsoft Silverlight, HTML IFrames, and images.
• securityacts it security e-zine issue 3 – terminal23.net
  If you’re looking for a new security-related e-zine to read, check out SecurityActs.
• New AMTSO guidelines – f-secure.com
  Anti-Malware Testing Standards Organization (AMTSO), which F-Secure is a member of, had a meeting in Helsinki in May.

Tools:

• BackTrack
  BackTrack started as a personal side project well over 5 years ago and by now has been downloaded over 5 million times.
  • BackTrack, Present and Future – backtrack-linux.org
  • BackTrack 4 Development Roadmap – backtrack-linux.org
• Autoruns and Dead Computer Forensics – sans.org
  It is essentially a targeted registry dump, peering into at least a hundred different Windows Registry keys that the boot and logon processes rely upon.
• Netsparker Community Edition 1.5.0.0 Released – mavitunasecurity.com
  There are not many new features in Community Edition but this release addresses the most common issues and includes several improvements.
• Skipfish 1.46beta – code.google.com/p/skipfish/
  A fully automated, active web application security reconnaissance tool.
• FxCop – .NET Framework Security Analysis Tool – darknet.org.uk
  FxCop is an application that analyzes managed code assemblies.
• bsqlbf v. 2.6 – notsosecure.com
  The new addition is the execution of any metasploit payload after executing OS code against Oracle database server by exploiting SQL Injection from web apps.
• upSploit – Press Release – tmacuk.co.uk
  This Vulnerability Advisory Gateway (VAG) should break down the barriers for security researchers and professionals to pass details of vulnerabilities to vendors in a structured easy to follow process.
• SandKit – s7ephen.github.com
  SandKit is a toolset that is intended to assist with the investigation of Sandbox technologies.
• IDA Pro 5.7 highlights – hexblog.com
  We have released a IDA Pro 5.7 few days ago.
• WinPcap – winpcap.org
  The latest stable WinPcap version is 4.1.2.
• ostinato 0.1.1 – code.google.com/p/ostinato/
  Ostinato is an open-source, cross-platform packet/traffic generator and analyzer with a friendly GUI.

Techniques:

• Got database access? Own the network! – bernardodamele.blogspot.com
  The presentation highlights techniques to exploit a MySQL, PostgreSQL or Microsoft SQL Server database server in real world.
• SSL gives point-to-point, not end-to-end security – root.org
  SSL provides good point-to-point privacy and integrity protection. However, there is no guarantee to upper layers that SSL is indeed in use.
• HCP Vulnerability Exploited in the Wild – pandasecurity.com
  This vulnerability disclosure has fueled an intense debate amongst security professionals on responsible disclosure, as the Google researcher only allowed Microsoft 5 days before going public with the flaw details.
• The curious case of JBoss Hacking – inner-knowledge.blogspot.com
  It is not so rare seeing jboss where the jmx-console is not password protected.
• Linux buffer overflow II – gunslingerc0de.wordpress.com
  In the first edition of my tutorial tutorial explains berbuffer 400-byte buffer overflow.
• Set Wallpaper Meterpreter Script – room362.com
  Certainly nothing to fuss over, but I’ve had a fascination with setting my target’s wallpaper as sort of a calling card for years now.
• Vulnerability Assessment Testing Automation Part I – sans.edu
  In my SANSFire presentation I described how and why to automate parts of the security testing process.
• V3rity has released a redo log mining tool to extract DDL from redo logs – petefinnigan.com
  V3rity is the new company founded by David Litchfield in March 2010 since he left NGS and until recently his site had little on it.
• Full-Disclosure, Our Turn – jeremiahgrossman.blogspot.com
  No Web applications, no forms, no log-in, no user-supplied input where XSS can hide.
• Social Security Number Format – attackvector.org
  First, for those of you who live under a rock, or across the pond, a social security number is in the format of xxx-xx-xxxx.
• CSRF flaws that pack a punch – holisticinfosec.blogspot.com
  A year after DEFCON 17, cross-site request forgery (still one of my favorite bugs) continues to present itself in some mighty interesting places.
• Wifi Security Slides – trustedsignal.blogspot.com
  There are a few canned video demos in the PPT version that are obviously not in the PDF version and the PPT version contains copious notes, not found in the PDF.
• Memory acquisition and the pagefile(s) – mandiant.com
  The easiest way to do this with Memoryze is to use the MemoryDD.bat script from the command line or to use the UI, Audit Viewer.
• sqlmap and SOAP based web services – bernardodamele.blogspot.com
  Last week a sqlmap user, Chilik Tamir, provided me with a patch to add basic support for SOAP based requests to the tool.
• Lessons from criminals – Good passwords matter – sophos.com
  Unless this is an elaborate public relations stunt, it appears the integrity of AES-256 as a military-grade encryption standard has been proven in a rather public way.
• more with rpcclient – carnal0wnage.attackresearch.com
  Got asked to help remotely locate local admins on boxes on a network.
• You want the BlackBerry Event Log? beg damnit! – chirashi.zensay.com
  If I succeeded at understanding this topic, I would be able to directly connect to a BlackBerry device and collect all the information that I wanted.
• Twitter updates
  • Looks like it’s possible to infinitely brute force Windows passwords without hitting lockout policy using “Change Passwd” Is that old news? – ax0n
  • Arduino + MetaSploit + USB wireless presenter dongle == VNC remote access on the box. – hdmoore
  • @ax0n you have to be authenticated to the domain to access the SAM function though right? Once you have an account, it works – hdmoore
• How to write shellcode – gunslingerc0de.wordpress.com
  I previously had written an article about buffer overflow, it is time I wrote an article how to write shellcode.
• Secunia Survey of DEP and ASLR – taosecurity.blogspot.com
  At the FIRST conference last month, Dave Aitel said something to the effect that DEP and ASLR are the only two noteworthy technologies produced by Microsoft since starting their security initiative.
• Hacking wireless presenters with an Arduino and Metasploit – teusink.net
  Someone in the audience can control the slides and can send any keystroke you want to the victim, as if they were sitting at the keyboard.
• CiscoWorks TFTP directory traversal exploit – teusink.net
  So far I have not seen any details published so I decided to see if I could find the bug.

Vendor/Software Patches:

• Critical hole closed in PNG reference library – h-online.com
  As numerous browsers use libpng to display images, specially crafted web pages could infect visitors’ PCs with malicious code.
• Adobe Patches PDF /Launch Hole
  Adobe today shipped a critical Reader/Acrobat patch to cover a total of 17 documented vulnerabilities that expose Windows, Mac and UNIX users to malicious hacker attacks.
  • Security updates released for Adobe Reader and Acrobat – adobe.com
  • Critical PDF Reader Patch Fixes ‘/Launch’ Command Attack Vector – threatpost.com

Other News:

• ‘LikeJacking’ – What is it? – zscaler.com
  The term has been adopted enough, that there is a Wikipedia page for it, with a very straight-forward definition.
• Privacy problems persist in latest Windows Messenger 2011 beta – infoworld.com
  Earlier versions of Messenger played fast and loose with your privacy.
• SSL Certificates In Use Today Aren’t All Valid – esecurityplanet.com
  Ivan Ristic, director of engineering at Qualys, said that he found that only about 23 million of the sites were actually running SSL.
• White House Cybersecurity Czar Unveils National Strategy For Trusted Online Identity – darkreading.com
  Devil’s in the details for Obama administration’s draft plan for eliminating passwords and advancing authentication, security expert says.
• Regular domains beat smut sites at hosting malware – theregister.co.uk
  A study by free anti-virus firm Avast found 99 infected legitimate domains for every infected adult web site.
• IBM to Acquire BigFix – Hallelujah! Can I Get a Witness?! – techbuddha.wordpress.com
  I will post more later but given all the blood, sweat, and tears we have poured into BigFix we are extremely excited about this move.
• Top Apps Largely Forgo Windows Security Protections – krebsonsecurity.com
  Many of the most widely used third-party software applications for Microsoft Windows do not take advantage of two major lines of defense built into the operating system.
• Why Johnny Can’t Pentest – ethicalhack3r.co.uk
  The three authors of the paper (Adoupe, Marco, Vigna) test the black-box scanners against their custom vulnerable web application they called WackoPicko.

• Security BSides Las Vegas announcements – uncommonsensesecurity.com
  The first few talks confirmed are great and there are plenty more killer talks to be announced.
• KartCon2010 – owasp.org
  RSVP now to the 5th Annual OWASP KartCon 2010!
• Penetration Testing Summit 2010 – tenablesecurity.com
  The SANS Penetration Testing Summit was held this year at the Hyatt Baltimore in Baltimore, MD on June 14 – 15 and was focused on “What Works in Penetration Testing”.

Resources:

• Metasploit 101 – darknet-consulting.com
  Are you a security professional that needs to learn the basis of metasploit but haven’t found a source?
• Mutillidae: A Deliberately Vulnerable Set Of PHP Scripts That Implement The OWASP Top 10 – irongeek.com
  What I’m attempting to do with Mutillidae is implement the OWASP Top 10 in PHP, and do it in such a way that it is easy to demonstrate common attacks to others.
• Have you ever configured your Adobe Flash Player? – f-secure.com
  Flash’s settings are rather curious as the controls themselves aren’t located on the computer but are instead accessed through a Flash object hosted by Adobe.
• Internet Fraud Alert – ifraudalert.org
  Internet Fraud Alert creates a trusted and effective mechanism for participating researchers to report stolen account credentials discovered online to the appropriate institution responsible for that account.
• Book Review: Chained Exploits: Advanced Hacking Attacks from Start to Finish – jukt-micronics.com
  To its credit, Chained Exploits: Advanced Hacking Attacks from Start to Finish is fairly well written.
• Insecure 26 Now Available – net-security.org
  Insecure 26 is available, and as usual, has plenty of interesting articles such as a lengthy one on analyzing Flash content for vulnerabilities.
• Penetration Testing versus Vulnerability Scanning – plynt.com
  Penetration Testing is usually referred to testing by an ethical hacker to break into a target network with limited information about the said network.

• The Ninth Workshop on the Economics of Information Security (WEIS 2010) – econinfosec.org
  Program for the upcoming Harvard security event.
• HackMiami Pwn-Off – n00bz.net
  Time to fire up the test machines because we have a battle royal.
• Workshop on the economics of information security 2010 – lightbluetouchpaper.org
  The workshop kicked off with a keynote talk from Tracey Vispoli of Chubb Insurance.

Resources:

• Past, Present, Future of Windows Exploitation – abysssec.com
  This is v0.1 of this post and in this post i’m going to have a review and brief history on exploitation with focus on windows.
• Additional notes in PHP source code auditing – abysssec.com
  Today, I decide talk about some of my experience about methods of vulnerability discovery techniques through source code auditing.

Tools:

• New Memoryze, Audit Viewer, and Training – mandiant.com
  The new version of the software includes all of the memory analysis features that are available in the newly released MANDIANT Intelligent Response (MIR) 1.4.
• Poet cracks server-encrypted session data
  Two researchers have released a tool which can be used to crack web server-encrypted session data contained in cookies and parameters hidden in HTML pages.
  • Padding Oracle Exploit Tool – netifera.com
  • Tool for cracking encrypted session data – h-online.com
• DirBuster Dictionary Populator – 0×0lab.org
  Dirbuster and dirb are in the toolset of all web application security fans.
• DIRB – dirb.sourceforge.net
  DIRB is a tool for automating the search of (normally hidden) web applications.
• Try Metasploit Express Edition – rapid7.com
  Metasploit Express Edition was specifically designed for penetration testers and security professionals, addressing many of the key limitations of the existing market.
• Knock v1.3b – Subdomain Enumeration/Brute-Forcing Tool – darknet.org.uk
  Knock is a python script designed to enumerate sub-domains on a target domain through a wordlist.
• ArpON 2.0 released! – arpon.sourceforge.net
  ArpON (Arp handler inspectiON) is a portable handler daemon that make Arp secure in order to avoid Arp Spoofing/Poisoning & co.
• Wireshark 1.2.9, 1.0.14, and 1.4.0rc1 Released – wireshark.org
  Installers for Windows, Mac OS X 10.5.5 and above (Intel and PPC), and source code are now available.
• Samurai Web Testing Framework v0.8 Released – Pen Testing Security LiveCD – darknet.org.uk
  This is quite a major release with the integration of metasploit, target applications and tons of tool updates.

Techniques:

• Evocam Remote Buffer Overflow on OSX – offensive-security.com
  After discovering a buffer overflow vulnerability in EvoCam, a WebCam application on OS X, I thought it would be a good idea to try and develop an exploit for it.
• Bypassing Safari 5 XSS Auditor – 0×0lab.org
  It took me just under a couple of minutes to discover that the following bypassed the filter just fine.
• Can All Mozilla People Look Away Now Please – thespanner.co.uk
  Custom setters syntax are being removed from Firefox in the next version.
• SensePost Corporate Threat(Risk) Modeler – sensepost.com
  The original principle behind the tool, first released in 2007 at CSI NetSec, was to throw out existing threat modeling techniques and start from scratch.

Vulnerabilities:

• Exploit.PDF-Dropper.Gen – f-secure.com
  Our telemetry indicates that several thousand customers have already been exposed to the exploit.
• June security bulletins
  Three have a maximum severity rating of Critical and seven have a maximum severity rating of Important.
  • Assessing the risk of the June Security Bulletins – technet.com
  • Microsoft Patch Tuesday – June 2010 – symantec.com
  • June 2010 Security Bulletin Release – technet.com
  • Microsoft Security Bulletin MS10-032 – Important – microsoft.com
  • Microsoft Security Bulletin MS10-033 – Critical – microsoft.com
  • Microsoft Security Bulletin MS10-034 – Critical – microsoft.com
  • Microsoft Security Bulletin MS10-035 – Critical – microsoft.com
  • Microsoft Security Bulletin MS10-036 – Important – microsoft.com
  • Microsoft Security Bulletin MS10-037 – Important – microsoft.com
  • Microsoft Security Bulletin MS10-038 – Important – microsoft.com
  • Microsoft Security Bulletin MS10-039 – Important – microsoft.com
  • Microsoft Security Bulletin MS10-040 – Important – microsoft.com
  • Microsoft Security Bulletin MS10-041 – Important – microsoft.com
  • MS10-032: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege – technet.com
  • MS10-035: Cross-Domain Information Disclosure Vulnerability – technet.com
  • MS10-041: XML Signature HMAC Truncation Bypass Vulnerability – technet.com
• Adobe Zero-Day in the Wild
  We have received notification that a proof of concept (POC) has been found in malware taken from the wild and is currently being exploited.
  • Adobe POC in the Wild – sans.edu
  • Analysis of a Zero-day Exploit for Adobe Flash and Reader – symantec.com
  • Flash Player + VMware = Vulnerability – fortinet.com
• The Help Center Vulnerability
  The vulnerability allows bypassing checks normally performed when helpctr.exe receives the “-FromHCP” command-line parameter when opening an HCP URI.
  • Help and Support Center vulnerability full-disclosure posting – technet.com
  • Googler releases Windows zero-day exploit, Microsoft unimpressed – zdnet.com
  • Microsoft Windows helpctr.exe Unofficial Hotfix Inadequate – secunia.com
  • Windows Help Centre Vuln – ha.ckers.org
• Mass SQL Injection Attack Hits Sites Running IIS – threatpost.com
  There’s a large-scale attack underway that is targeting Web servers running Microsoft’s IIS software, injecting the sites with a specific malicious script.

Vendor/Software Patches:

• Microsoft Patches IE Flaw Used In Attack That Bypassed Its Built-In Security Controls – darkreading.com
  Winning ‘Pwn2Own’ flaw was memory corruption bug, its patch among 10 released by Microsoft today.
• New Adobe Flash Version Plus Security Holes
  As promised, Adobe has released a new version of its Flash Player software to fix a critical security flaw that hackers have been exploiting to break into vulnerable systems.
  • Security Bulletin – Adobe Flash Player – adobe.com
  • Adobe Flash Player 10.1 Finalized, You Can Download Now – gizmodo.com
  • Adobe Flash Update Plugs 32 Security Holes – krebsonsecurity.com

Other News:

• Military officer arrested in light of Wikileaks whistle blowing
  High-profile hacker Adrian Limo turned over SPC Brad Manning after the latter allegedly delivered classified US military document to Wikileaks.
  • U.S. Intelligence Analyst Arrested in Wikileaks Video Probe – wired.com
  • Hacker explains why he reported ‘Wikileaks source’ – bbc.co.uk
  • ‘I Can’t Believe What I’m Confessing to You’: The Wikileaks Chats – wired.com
  • Suspected Wikileaks Source Described Crisis of Conscience Leading to Leaks – wired.com
• Big breach exposes email addresses of A-list iPad users
  A security breach has exposed iPad owners including dozens of CEOs, military officials, and top politicians.
  • Apple’s Worst Security Breach: 114,000 iPad Owners Exposed – gawker.com
  • Over 114 Thousand 3G iPad Owners’ Email Addresses Harvested – Is Spam The Worst Consequence For Users? – laptopmag.com
• Hiring Hackers – schneier.com
  Would you hire someone convicted of a computer crime to fill a position of trust in your computer network?
• CERT’s role still unclear: government-owned and operated national CERT – theaustralian.com.au
  Defence Minister John Faulkner launched CERT Australia in January, with the opening of a Cyber Security Operations Centre in the Defence Signals Directorate.
• Drupal clarifies security rules after White-House gaper – theregister.co.uk
  Webmasters running unfinished modules for Drupal do so at their own risk after the open-source CMS updated its guidelines on fixing security vulnerabilities.
• Fierce 2.0 To Be Released – ha.ckers.org
  Jabra completely re-wrote Fierce, taking in my wish-list and a whole new set of features he wanted, like XML support to quickly integrate with nmap and all kinds of other stuff.
• Tool Automates Social Engineering In Man-In-The-Middle Attack – darkreading.com
  Researchers demonstrate attack that dupes victims in online chats.
• IRC server had backdoor in source code for months – Update – h-online.com
  The backdoor allows anyone to execute commands on the server running UnrealIRCd, with the privileges of the user running the IRC daemon, even if the IRC server is a hub or requires passwords to access it normally.

• Two Thumbs Up For These Security Podcasts – matthewneely.com
  I am going to discuss the security podcasts I listen to, with a short description of each one.
• “Useable” CVE Security Vulnerability Data – cvedetails.com
  his is an effort to provide an easy to use web interface to CVE vulnerability information.
• Gary McGraw on BSIMM2, Software Security and Cargo Cult Science – threatpost.com
  Dennis Fisher talks with Gary McGraw of Cigital about the release of the BSIMM2 model.
• BSIMM2 – cigital.com
  We’re pleased today to announce the publication of BSIMM2.
• Metasploit Class Videos – irongeek.com
  The instructors were David “ReL1K” Kennedy, Martin “PureHate” Bos, Elliott “Nullthreat” Cutright, Pwrcycle and Adrian “Irongeek” Crenshaw.
• Hakin9 Magazine is now FREE — Get your copy NOW! – hakin9.org
  Download May issue of Hakin9 magazine today!

• SOURCE Boston Re-Cap – tenablesecurity.com
  The SOURCE conferences, founded by Stacy Thayer, are small in size but big on content.

Resources:

• Google’s cheesy web app course
  Google has released a new online training course for Web application developers designed to teach them how to avoid common programming mistakes
  • Web Application Exploits and Defenses – jarlsberg.appspot.com
  • Google Releases Web App Security Course – threatpost.com
• Didier Stevens on PDF Hacking and Security – threatpost.com
  Dennis Fisher talks with Didier Stevens, the security researcher who developed the innovative method for using the /launch command in PDF readers to execute code on remote machines.
• My Best PCI DSS Presentation EVER! – chuvakin.blogspot.com
  Addressing an audience of about 130 mostly University IT, IT security and finance (!) professionals in charge of their payment and PCI DSS programs was a fun challenge.

Tools:

• Netsparker Community Edition – “The Sparkler” – securityaegis.com
  Netsparker announced today that it is releasing a community edition, lacking only a few features of the pro version.
• Wireshark 1.2.8, 1.0.13, and 1.3.5 Released – wireshark.org
  The new versions pack in the usual security fixes and a fix for the DOCSIS and interface bugs.
• FUU v0.1 – code.google.com/p/fuu/
  FUU (Faster Universal Unpacker) is a GUI Windows Tool with a set of tools (plugins) to help you to unpack, decompress and decrypt most of the programs packed with programs like UPX, ASPack, FSG, ACProtect, etc.

Techniques:

• Why Buffer Overflow Exploitation Took So Long to Mature, a two-part series
  Executing code via a buffer overflow was published at least as early as 1972.
  • Why buffer overflow exploitation took so long to mature – root.org
  • Why buffer overflow exploitation took so long to mature (part 2) – root.org
• Bad “Visual” PDF – pandasecurity.com
  Last week a PDF document which downloaded malware fell into my hands.
• More with Metasploit and WebDAV – carnal0wnage.attackresearch.com
  You’ll want to make sure you pay attention to the part about allowing your IUSR_WHATEVER account to have have write access or you can set up a windows account to use authentication.
• Writing WIN32 Shellcode With a C-compiler – didierstevens.com
  The advantage of my method is that you can debug your shellcode inside the Visual Studio IDE.
• Metasploit Lotus Domino Version Scanner – carnal0wnage.attackresearch.com
  I pushed out the first of a few Lotus Domino modules I’ve been working on to the metasploit trunk last nite [sic].
• Wireshark and TShark: Decrypt Sample Capture File (by Joke Snelders) – lovemytool.com
  In this article I will describe how you can decrypt packets in a sample capture file.
• 0day or not today: exploit in the wild – fortinet.com
  In this post I will dissect a PDF document using this trick, indeed found in the wild.
• Android SSL Apps & Burp – cktricky.blogspot.com
  The app refused to communicate with Burp because of the certificate mismatch error.
• “Identifying Load Balancers in Penetration Testing” – whitepaper – sans.org
  Here is a good whitepaper on load balancers and how to deal with them while doing penetration testing.
• 0exploit Privilege Escalation – room362.com
  This user has Read and Execute, but no Write access, and a very limited field of view to boot.
• Fuzzing and Exploit Development With Metasploit – Louisville Metasploit Class – nullthreat.net
  We start with fuzzing and go through the basic steps of development.
• Generate an NTLM hash in 3 lines of Python… – secmaniac.com
  While combing through the RFC and found that writing this was extremely easy.
• Metasploit jboss deployment file repository exploit – carnal0wnage.attackresearch.com
  MC pushed out a new exploit today.

Vendor/Software Patches:

• Foxit Reader update blocks new PDF attack tactic – computerworld.com
  Adobe Reader rival adds ’safe mode’ to stymie embedded-malware attacks.
• Security firm reveals Microsoft’s ’silent’ patches – computerworld.com
  Microsoft acknowledges fixing internally-found flaws without disclosing details.

Other News:

• United States Treasury Websites Hacked
  The websites involved were bep.gov (Bureau of Engraving and Printing), bep.treas.gov and moneyfactory.gov.
  • Treasury Website Hacked – avg.com
  • Hacked US Treasury websites serve visitors malware – theregister.co.uk
  • U.S. Treasury Website Hacked Using Exploit Kit – pandasecurity.com
  • U.S. Treasury Site Compromise Linked to the NetworkSolutions Mass WordPress Blogs Compromise – ddanchev.blogspot.com
  • Malware Injection Campaign: A Retaliation? – eset.com
• Metasploit’s HD Moore from (almost) rags to (not quite) riches – networkworld.com
  Metasploit might become an example of how a fully FOSS project grows up to turn a profit.
• Former Con Man Helps Feds Thwart Alleged ATM Hacking Spree – wired.com
  A North Carolina grocery worker is being held on attempted computer hacking charges after inadvertently partnering with an undercover FBI agent in an alleged citywide ATM-reprogramming caper.
• Cybersecurity Act of 2010 is a bad bill – threatchaos.com
  It is time for the security industry to take a close look at this $1.82 billion bill as it contains some pretty drastic measures that are going to be very disruptive, and I believe detrimental.
• Wi-Fi key-cracking kits sold in China mean free Internet – networkworld.com
  Dodgy salesmen in China are making money from long-known weaknesses in a Wi-Fi encryption standard, by selling network key-cracking kits for the average user.
• Dangerous Malware Alert – Self-Hosted Sites Hack Update – Go Daddy Responds! – wpsecuritylock.com
  We have had reports for not only WordPress installations, but Joomla, Pligg and “Simple Machines Forum” as well.
• Hacker Develops Multi-platform Rootkit for ATMs – yahoo.com
  Security researcher Barnaby Jack plans to deliver the talk and disclose a new ATM rootkit at the computer security conference.
• The ABC’s of ACH Fraud – bankinfosecurity.com
  It’d be foolish to think that ACH fraud will go away after a single symposium.
• Losing the desktop security battle
  Many organizations, particularly in the financial services industry, have gotten to the point of assuming that their customers’ desktops are compromised.
  • Ceding the desktop security battle, almost the war – jeremiahgrossman.blogspot.com
  • Have We Lost the Desktop Security Battle? – threatpost.com
• Fun with ATM Skimmers, Part III – krebsonsecurity.com
  According to the European ATM Security Team (EAST), a not-for-profit payment security organization, ATM crimes in Europe jumped 149 percent form 2007 to 2008.
• More news on the recent WordPress-related breach
  We are seeing multiple reports today of Wordpress sites (running their latest version) getting compromised.
  • Breaking News: WordPress Hacked with Zettapetta on DreamHost – wpsecuritylock.com
  • New attack today against Wordpress – sucuri.net
  • Simple cleanup solution for the latest Wordpress hack – sucuri.net
  • Wordpress Hidden Link Injection Fix – ivonson.com
• Verizon Partners With U.S. Secret Service on Data Breach Report – threatpost.com
  Verizon’s invaluable Data Breach Investigations Report will now include data from hundreds of computer crime cases investigated by the U.S. Secret Service, the company announced this week.
• Continuing attacks at Network Solutions? – sucuri.net
  This morning we started to receive reports of a very similar kind of attack against sites on their shared servers.
• Your choice of programming language doesn’t matter, they are all insecure! – securityninja.co.uk
  I believe that secure code is the product of a secure development process and real business commitment to deliver secure applications which includes developer education.
• Facebook Leaks IP Addresses – binint.com
  You will get the IP address of your friend and clicking on it will get a geolocation-based map.

• Presentation Materials from HITB Dubai available for Download – hitb.org
  Presentation materials from the 4th annual Hack In The Box Security Conference are now available for download!
• Black Hat Europe 2010 Media Archives – blackhat.com
  Presentations, video, papers and other media from this Barcelona event.
• Security BSides Boston on Flickr – flickr.com
  Pictures of this security event.

Resources:

• OWASP Top 10 for 2010 – owasp.org
  The Open Web Application Security Project (OWASP) today issued the final version of its new Top 10 list of application security risks.
• vSphere 4.0 Hardening Guide Released – vmware.com
  This version incorporates the extensive feedback from the VMware community on the previous draft release.
• NIST on Protecting Personally Identifiable Information – schneier.com
  Just published: Special Publication (SP) 800-122, “Guide to Protecting the Confidentiality of Personally Identifiable Information (PII).”
• HITB Ezine – Issue #002 – hackinthebox.org
  The people of Hack In the Box, decided to make the ezine available for free in the continued spirit of HITB in “Keeping Knowledge Free”.
• Hakin9 Magazine now FREE in Digital Format – hakin9.org
  All you need to do in order to get a new issues each month is subscribe to our newsletter.

Tools:

• Fuzzdb – code.google.com/p/fuzzdb/
  A comprehensive set of fuzzing patterns for discovery and attack during highly targeted brute force testing of web applications.
• ReFrameworker v1.1 – appsec.co.il
  ReFrameworker performs the required steps of runtime manipulation by tampering with the binaries containing the framework’s classes.
• Sandcat v4.0 – syhunt.com
  Sandcat allows web administrators to perform aggressive and comprehensive scans of an organization’s web server to isolate vulnerabilities and identify security holes.
• OWASP Code review Guide v2.7 – codecrawler.codeplex.com
  A tool aimed at assisting code review practitioners.
• OpenSCAP v0.5.9 – open-scap.org
  It is the goal of OpenSCAP to provide a simple, easy to use set of interfaces to serve as the framework for community use of SCAP.
• Xplico v0.5.6 – xplico.org
  Xplico is an open source Network Forensic Analysis Tool (NFAT).
• Security Ninja security tool, more than a sneak preview! – securityninja.co.uk
  This idea was inspired by the Application Security Portfolios blog post that Nick Coblentz published in 2009.
• Blazentoo – gdssecurity.com
  Blazentoo is an Adobe AIR application that can be used to exploit insecure Adobe BlazeDS and LiveCycle Data Services ES servers.
• Skipfish v1.33B – skipfish.googlecode.com
  Skipfish is an active web application security reconnaissance tool.
• SIP Inspector – sites.google.com/site/sipinspectorsite/
  SIP Inspector is a tool written in JAVA to simulate different SIP messages and scenarios.
• Aircrack-ng v1.1 – aircrack-ng.org
  It implements the standard FMS attack along with some optimizations like KoreK attacks.

Techniques:

• PDF Ownage: It is getting ugly out there – intrepidusgroup.com
  he current news is that the Zeus botnet is being used to push a malicious PDF that attempts to abuse /Launch actions.
• Stuffing Javascript into DNS names – skullsecurity.org
  If you’ve installed nbtool, you may have noticed that, among other programs it comes with, one of them is called dnsxss.
• Metasploit Express posts
  We will be introducing Metasploit Express, an easy to use security solution that is designed to bring penetration testing capabilities to security professionals everywhere.
  • Approaching Metasploit 3.4.0 and Metasploit Express – metasploit.com
  • Metasploit Express – metasploit.com
• Optimizing John the Ripper’s “Single” Mode for Dictionary Attacks – reusablesec.blogspot.com
  I decided to optimize John the Ripper’s “Single” mode word mangling rules for use in normal dictionary based attacks.
• Near Real-Time Detection (NRT) – labs.snort.org
  Today’s client side attack threats represent a boon for the attacker in ways to obfuscate, evade, and hide their attacks methods.
• A New Detection Framework – vrt-sourcefire.blogspot.com
  I worked on deep parsing and detection on PDF files and Patrick worked on ways to provide me the full file data.
• OWASP NYNJMetro – Pentesting Adobe Flex Applications – gdssecurity.com
  I’ve uploaded my slides from the presentation I gave last week at the OWASP NYC Chapter on Pentesting Adobe Flex Applications.
• Black Hat Presentation: Abusing Adobe PDF Reader memory management – fortinet.com
  The slides include a real-world case study, involving a “former-zero-day” vulnerability (CVE-2010-1241, previously CVE-2010-2000).
• Optimizing JtR’s Single Mode Follow Up – reusablesec.blogspot.com
  One of my concerns though has always been over-training my password cracking techniques.
• Manual Verification of SSL/TLS Certificate Trust Chains using Openssl – sans.org
  Firefox 3.6.3 (the latest available version) displayed a digital certificate error when accessing the ISC login page through SSL/TLS.
• Using Meterpreter to control netcat and third party exploits – pauldotcom.com
  Metasploit has A LOT of exploits, but from time to time you will very likely need to use exploits that are not part of the framework.

Vulnerabilities:

• Security gone awry: IE 8 XSS filter exposes sites to XSS attacks – zdnet.com
  The cross-site scripting filter on Internet Explorer 8 browser can be abused by attackers to launch cross-site scripting attacks on websites otherwise be immune to this threat.
• McAfee security breach causes chaos for users
  McAfee’s “DAT” file version 5958 is causing widespread problems with Windows XP SP3.
  • How to fix the McAfee SVCHOST crash from the virus definition update – brianseekford.com
  • McAfee DAT 5958 Update Issues – sans.org
  • How McAfee turned a Disaster Exercise Into a REAL Learning Experience… – sans.org
  • A Long Day at McAfee – mcafee.com

Vendor/Software Patches:

• PayPal Patches Critical Security Vulnerabilities – darknet.org.uk
  A security researcher has uncovered multiple vulnerabilities affecting PayPal, the most critical of which could have enabled attackers to access PayPal’s business and premier reports back-end system.

Other News:

• WebOS hacked thru SMS
  Security researchers have hacked into Palm’s new WebOS platform, using nothing more than text messages to exploit a slew of dangerous web app vulnerabilities.
  • Palm Pwned: Researchers Hack WebOS With Text Messages – threatpost.com
  • Palm’s WebOS hacked via SMS message – neowin.net
• Network Solutions mass hack attack revealed
  Network Solutions’ security team is battling a mysterious attack that has silently infected a “huge” number of the websites it hosts with malicious code.
  • Network Solutions customers hit by mass hack attack – theregister.co.uk
  • corpadsinc.com redirecting Network Solutions customers again – stopmalvertising.com
  • Network Solutions sites hacked again – computerworld.com
  • We feel your pain and are working hard to fix this – networksolutions.com
  • Network Solutions Again Under Siege – krebsonsecurity.com
  • Network Solutions Cleaning Up After Second Round Of Attacks – darkreading.com
• Truth in Caller ID Act posts
  The bill aims to prevent misrepresentation of the called-from number on voice calls through any channel.
  • House Passes Bill Outlawing Caller-ID Spoofing – ecommercetimes.com
  • Caller ID Spoofing Ban is Bad for Business – pcworld.com
• Follow up stories about the Google hack last December
  The program, code named Gaia for the Greek goddess of the earth, was attacked in a lightning raid taking less than two days last December.
  • Cyberattack on Google Said to Hit Password System – nytimes.com
  • Google CEO: ‘We’re now paranoid’ about security – cnet.com
• Mozilla Disables Insecure Java Plugin in Firefox – krebsonsecurity.com
  Mozilla is disabling older versions of the Java Deployment Toolkit plugin for Firefox users, in a bid to block attacks against a Java security hole.
• Second-hand photocopiers might be carrying sensitive information on your company
  Nearly every digital copier built since 2002 contains a hard drive – like the one on your personal computer – storing an image of every document copied, scanned, or emailed by the machine.
  • Digital Photocopiers Loaded With Secrets – cbsnews.com
  • Health Insurer Notifies More Than 409,000 Of Potential Breach – darkreading.com
  • Stored images on photocopiers a security risk – h-online.com
• PasswordCard Hides Mentally Encrypted Passwords in Your Wallet – lifehacker.com
  The PasswordCard itself is printed in color, and has different symbols heading each column, and a different color for each row.
• Gmail accounts hit by spammers
  Google is investigating a growing number of reports that hackers are breaking into legitimate Gmail accounts and then using them to send spam messages.
  • Drug-dealing Spammers Hit Gmail Accounts – pcworld.com
  • Checking if your Gmail has been breached – google.com
• Dmitry Naskovets of CallService.biz, Meet the FBI – garwarner.blogspot.com
  When the FBI designed to take over the management of the CallService.biz website, they did a little relocation first.
• Microsoft Recommends NoScript – hackademix.net
  The technical core of this research is very worth reading, if you’re interested in XSS attack and defense techniques.
• Someone might be able to hack into your cellphone privacy
  The first part of the operation involves getting a target’s cell phone number from a public database that links names to numbers for caller ID purposes.
  • Legal spying via the cell phone system – cnet.com
  • New Hack Pinpoints Cell Phone User’s Location, Personal And Business Relationships – darkreading.com
• Why Employees Break Security Policy (And What You Can Do About It) – darkreading.com
  Companies that monitor network behavior say many employees still break rules in order to get their jobs done.
• Researcher Demonstrates How To Counterattack Against A Targeted Attack – darkreading.com
  Proof-of-concept turns the tables on attackers who wage targeted attacks on enterprises.
• Hundreds of high profile sites unprotected from domain hijacking – zdnet.com
  A MarkMonitor review shows that less than 10% of the top 300 most highly trafficked sites were protected using it.
• Local computer security expert investigates police practices – seattlepi.com
  Rachner discovered through sleuthing that police had withheld video-recorded evidence in his case.
• Can America win a cyberwar – newsweek.com
  The United States economy depends on the Internet more than any other developed country in the world.
• Blippy Reveals Credit Card Numbers On Google – gizmodo.com
  It’s a huge, huge privacy concern, and if you have a Blippy account I’d recommend taking immediate action.
• HP researchers propose human-centric web app security tests – searchsecurity.techtarget.com.au
  Two application security experts are working on a way to improve the testing of Web applications by incorporating application data flow maps.
• Microsoft pulls faulty patch, plans re-release – cnet.com
  A patch for the hole, which could allow an attacker to take control of a system, was released during Patch Tuesday last week.
• Facebook hacker claims to be in NZ – nzherald.co.nz
  A Russian hacker who says he is living in New Zealand attempted to sell the login details of millions of Facebook users.
• Peeking Into Users’ Web History – technologyreview.com
  A team of European researchers found that they were able to hijack Google’s personalized search suggestions to reconstruct users’ Web search histories.
• Facebook checked out, 1.5 million accounts overdue for password changes? – eset.com
  It remains to be seen if so many accounts have indeed been breached or if Kirllos the criminal hacker is perhaps running an audacious scam on fellow fraudsters.
• A New Law Could Change the Way You Build Database Applications – sqlmag.com
  Massachusetts recently passed a sweeping new data security law that will have a profound impact on the way the United States manages and develops data-centric applications.

Events Related:

• Announcing 1st Workshop: Malicious PDF Analysis – brucon.org
  Didier Stevens talks about PDFiD and pdf-parser at Brucon this year.
• MSU Red Team – Fun, Success – mcgrewsecurity.com
  This CCDC was a “practice” run for two Alaskan teams and two Hawaiian teams.

Resources:

• Cell Phone Security – cellphones.org
  With the increased capabilities and conveniences of today’s cell phones comes the increased risk of viruses, malware and identity theft.
• How to choose your Information Security Training – offensive-security.com
  Welcome to our “10 questions you should be asking your Information Security Training Provider“.
• Vulnerable Sites Database – vs-db.info
  Just what it says, a database of vulnerable sites on the web
• phpBB Exploits aggregator v1 – phpbbexploit.com
  A collection of phpBB flaws.