Events Related:
- Shmoocon Infosec Conference Event – novainfosecportal.com
A few details on this security event to be held next year. - Toorcon 11 San Diego 2009 – cassandrasecurity.com
A brief post on a presentation shown during this security event.
- Presentation from NIST SCAP – chuvakin.blogspot.com
- Notes from NIST SCAP 5th Security Automation Conference – chuvakin.blogspot.com
A copy of the presentation this author did during the 5th Annual IT Security Automation Conference
Resources:
- Getting your n00b fill of security – room362.com
A list of sites to help out the information security beginner - Twitter Lists = all the @SecurityTwits in one place – h-i-r.net
All your favorite security Twitter feeds in one place. - New version of NIST 800-41, Firewalls and Firewall Policy Guidelines – isc.sans.org
A updated document to keep you abreast with the latest NIST Firewall rules.
Tools:
- Multi-boot security distro on USB: Katana 1.0 – terminal23.net
A short post on Katana, a bootable security distribution - Cain & Abel v4.9.35 – Released – oxid.it
This is a password recovery tool for Microsoft operating systems. - OpenSCAP v0.5.4 Released – nvd.nist.gov
The goal of this tool is to provide a simple, easy to use set of interfaces to serve as the framework for community use of SCAP. - Wireshark 1.2.3, 1.0.10 and 1.3.1 Released – wireshark.org
A new update for the stable and development versions that fixes several security bugs. - Microsoft ‘EMET’ for stronger apps
This is a free tool from the Redmond software giant to fortify older software from malware and exploits.- Microsoft Releases ‘Enhanced Mitigation Evaluation Toolkit’ – djtechnocrat.blogspot.com
- Free tool from Microsoft hardens programs against attack – h-online.com
- More powerful searches, by looking at what’s NOT there.. – osvdb.org
The goal of OSVDB is to assist tool developers to identify vulnerability checks or signatures that are not already present in their products. - Focus on HP’s Scrawlr SQL Injection Tool – hp.com
This tool is lightning fast and uses intelligent engine technology to dynamically craft SQL injection attacks on the fly. - Secunia CSI 3.0 – Final – secunia.com
The final version of this scanning tool is now available.
Techniques:
- Caution advised when using the ldd system tool – h-online.com
Running this standard sysad tool on an executable can result in executing arbitrary code. - Token Kidnapping’s Revenge – nomoreroot.blogspot.com
Windows 7 can still be exploited using an attack vector to perform token kidnapping. - Yokoso! – Web Infrastructure Fingerprinting & Delivery Tool – darknet.org.uk
This is a collection of infrastructure fingerprints, useful for pentesters to determine the infrastructure in use and well as the admins of that structure. - Kiss your BlackBerry spyware goodbye – chirashi.zensay.com
Kisses detects hidden programs running on your mobile phone for easy removal. - Hacking CSRF Tokens using CSS History Hack – securiteam.com
This technique is a client side attack so it will be able to bypass firewalls and other detection. - Cyber Security Awareness Month
A month long discussion of cybersec at the Internet Storm Center - Cache_Snoop.pl – misc-security.com
Snooping a DNS cache for fun and profit. - PhoneSnoop for bugging BlackBerrys
The DHS sent a warning on this PoC app for listening in on incoming calls done on BlackBerry phones.- DHS: PhoneSnoop app bugs BlackBerrys – washingtonpost.com
- PhoneSnoop: Spying on BlackBerry users – symantec.com
- Fixing Bugs, But Bypassing the Source Code – slashdot.org
An MIT group released a software that can fix certain bugs in minutes without access to the source code. - New Improvements On the Attacks On WPA/TKIP – slashdot.org
An improvement to an attack on WPA was presented during the NorSec Conference. - More On Metasploit Meterpreter & Timestomp – carnal0wnage.attackresearch.com
A few thoughts and code on this tool within Metasploit - DNS Rebinding in Firefox – ha.ckers.org
A few comments on how Firefox handles DNS pinning
- Enterprise Open Source Intelligence Gathering
A series of posts in gathering data from public sources to get better insight about your company on the web
- Microsoft IIS WebDAV Remote Authentication Bypass – rec-sec.com
This vulnerability is possible because WebDAV fails to properly handle unicode character ‘/’. - Analysis of 10k Hotmail Passwords – Even More Brute Force – reusablesec.blogspot.com
A comparison of letter frequency analysis, brute force and Markov models in cracking passwords. - Simple yet effective: Directory Bruteforcing – securityaegis.com
A few comments on brute force attacks, Wfuzz and Dirbuster - CubeCart 4 session management bypass leads to administrator access – acunetix.com
An exploit on this free eCommerce solution is explained. - Xrumer: The Spammer’s Toolkit – symantec.com
A look into a spammer’s modus that uses Google Wave to conduct a social engineering attack. - The Anatomy of a Spyware Application – Part 1 – chirashi.zensay.com
A closer look at FlexiSpy, a commercial spyware application targeting mobile phones. - Update to Dennis Yurichev’s FPGA cracker plus exploit code for the CPU CVSS 10.0 bug – petefinnigan.com
Some updates on this password cracker for Oracle databases. - Bob’s Double Penetration Adventure – Part 2 – synjunkie.blogspot.com
Not pr0n but just a look into a penetration method using Metasploit.
Vulnerabilities:
- Blogger: Time Warner Routers Still Hackable Despite Company Assurance – wired.com
Last Tuesday, an internet startup-founder published information about the vulnerability in Time Warner’s SMC8014 modems. - Alleged critical vulnerability in Sun Java System Web Server – h-online.com
The vulnerability involves a buffer overflow which can be exploited remotely. - Hacking JBoss with JMX Console – notsosecure.com
A whitepaper on this exploit
Vendor/Software Patches:
- VMware Security Advisory: VMSA-2009-0015 – isc.sans.org
A new VMware patch resolves two security issues in their virtualization products. - Mozilla fixes critical bugs with Firefox 3.5.4 and 3.0.15 – h-online.com
The new browser version boasts security fixes and better SSL page handling. - Advance notification of Security Updates for Java SE – sun.com
Some Java updates to patch a few security holes. - Microsoft releases fix for crypto patch – h-online.com
This patch is designed to fix a glitch in a few server products from Microsoft.
Other News:
- TV coverage of online banking card-reader vulnerabilities – lightbluetouchpaper.org
A tampered terminal could collect authentication code for online banking and fraudulently transfer up to £10,000. - Obama nominates Wagner as DHS intell chief – fcw.com
The position oversees information technology systems designed to share information with federal, state and local officials. - DHS To Announce Cyber Merger – dodbuzz.com
The US Computer Emergency Readiness Team and National Coordinating Center for Telecommunications are set to merge. - NSA to Run $1.5B Security Data Center – threatpost.com
A new data center in Utah will be erected to analyze communications intelligence. - Low level information collection – decurity.com
A tale of a guy’s experience with a trash sifter who was trying to gather papers like bank statements and other docs. - Gift cards convenient and easy to hack – darkreading.com
Cybercriminals can easily sniff out gift card data in order to clone it and buy items for free. - Automated Social Networking Surveillance Systems – security4all.be
Some thoughts on spying and social networks - FDIC Warns Banks to Watch for ‘Money Mules’ Duped By Hackers – wired.com
Using specialized Trojan horse malware, cybercooks have been intercepting bank info to launder money throughout the US. - New Honeypot Mimics The Web Vulnerabilities Attackers Want To Exploit – darkreading.com
A tool that will pose as a server with thousands of vulnerabilities to gather firsthand data from real attacks targeting sites. - A makeover for federal cybersecurity reporting – washingtonpost.com
A look into FISMA why it needs to be updated
Leave A Comment