Events Related:
- Where You Want to Be This Week (11-09) – novainfosecportal.com
Some events you might be interested in if you are in the D.C. area.
Resources:
- 30 Best Security Feeds – houseofhackers.ning.com
A list of some feeds you might want to add to your reader.
Tools:
- Fiddler v2.2.7.5 Released – insidehttp.blogspot.com
The update features running in 64-bit mode, Inspector improvements, among others. - RATS v2.3 – Rough Auditing Tool for Security – security-database.com
RATS is a tool for scanning source code and flagging common security errors in them. - Origami v1.0.0-Beta1B Released – security-database.com
A ruby framework designed to parse analyse and forge PDF docs - NetworkMiner v0.9 Released! – security-database.com
A NFAT for Windows get updated. - PenTBox v1.0.1 – Secure IM Client – security-database.com
PenTBox is a security suite of testing tools for networks. - Metasploit Framework 3.3 Release Candidate 1 Released – security-database.com
A pre-release which folds in a lot of the previous beta features. - Turbodiff v1.01 Beta Released – Detect Differences Between Binaries – darknet.org.uk
A binary diffing tool developed as an IDA plugin for discovering and analyzing two binaries. - Tool for hacking jailbroken iPhones discovered – sophos.com
A hacking tool takes advantage of iPhones whose root password is still set to the default one. - winAUTOpwn version 2.0 has been released – professionalsecuritytesters.org
The update bundles in a GUI and supports all console arguments, among others. - UCSniff 3.0 Released – professionalsecuritytesters.org
The new version includes real-time VOIP and video monitoring, new code support, among others. - Cain & Abel v4.9.35 – Password Sniffer, Cracker and Brute-Forcing Tool – darknet.org.uk
A look at this password recovery tool for Microsoft operating systems.
Techniques:
- Quickpost: “Hiding” a PDF Document – didierstevens.com
Using incremental updates, you can hide a PDF inside a PDF. Cause we heard you liked PDFs, dawg. - Real-World Testing of Wireshark 1.3.1 (by Tony Fortunato) – lovemytool.com
A quick test of this network auditing tool. - Layer 2 Network Protections against Man-in-the-Middle Attacks – isc.sans.org
A discussion on network protections that provide mitigation for all services against SSL and TLS MITM attacks. - Abuse Citrix and own the domain – bernardodamele.blogspot.com
A Citrix exploit written with Little Bobby Tables in mind. - Stealing Cookies with SSL Renegotiation – iss.net
An attacker can prefix the victim’s entire HTTP request as a post and then read it back out.
Vulnerabilities:
- Flash Vulnerability Found, Adobe Says No Fix Forthcoming – slashdot.org
No easy fix exists and no patch is forthcoming.
- Win 7 and Win Server 2008 SMB Exploit
The crash is caused by sending a NetBIOS header which specifies that the SMB packet is 4 bytes from its actual size.- Remote SMB Exploit: Crashing Windows 7 and server 2008 – praetorianprefect.com
- Windows 7 / Windows Server 2008 R2 Remote SMB Exploit – isc.sans.org
- DoS vulnerability in the SMB client of Windows 7 and Server 2008 R2 – h-online.com
Vendor/Software Patches:
- A summary of Microsoft’s new patches
The software company has a host of updates for Windows, Windows Server, Excel and Word today.- Microsoft Security Bulletin MS09-063 – microsoft.com
Vulnerability in Web Services on Devices API could allow remote code execution - Microsoft Security Bulletin MS09-064 – microsoft.com
Vulnerability in License Logging Server could allow remote code execution - Microsoft Security Bulletin MS09-065 – microsoft.com
Vulnerability in Windows Kernel-Mode Drivers could allow remote code execution - Microsoft Security Bulletin MS09-066 – microsoft.com
Vulnerability in Active Directory could allow remote code execution - Microsoft Security Bulletin MS09-067 – microsoft.com
Vulnerability in Microsoft Office Excel could allow remote code execution - Microsoft Security Bulletin MS09-068 – microsoft.com
Vulnerability in Microsoft Office Word could allow remote code execution - Microsoft Patch Tuesday – November 2009 – symantec.com
- Microsoft plugs 15 holes in Windows, Office – washingtonpost.com
- Major patch day for Excel – h-online.com
- Microsoft Security Bulletin MS09-063 – microsoft.com
- Apple ships 50+ security updates – washingtonpost.com
Apple released fixes for firewall, Quicktime, Spotlight and others.
Other News:
- Pirate attack leaves phone system plundered – chicagotribune.com
A computer design firm gets hacked and racks up over $17,000 for calls to Somalia. - Indictment issued for debit card hackers
The US Attorney’s Office indicted a group of hackers who used cloned cards to withdraw up to $9 million.- 4 Hackers Indicted in $9.5 Million Bank Card Attack – wired.com
- Indictment for cloned debit card fraud – h-online.com
- Microsoft’s COFEE and how it got spilt
- Microsoft’s COFEE forensic tool leaks unto the web – sophos.com
- A first impression of Microsoft’s forensic tools that got away – h-online.com
- How Vulnerable is Our Power Grid? – slashdot.org
An important question is posed on the security of the US national power network. - Reaction to the 60 Minutes Story – taosecurity.blogspot.com
A comment on the story about Brazilian hackers disabling an electrical grid. - Bot herders hide master control channel in Google cloud – theregister.co.uk
A rogue app in the search giant’s app engine is used to control zombie computers. - Feds Charge $522K for FOIA Request – wired.com
The Treasury Department requires half a million dollars to comply with the Freedom of Information Act. - Inside the Security Operations Center – h-online.com
A peek into the offices of Symantec’s security team. - Hackers pillage jailbroken iPhones – computerworld.com
A new malware is used to gain control of iPhones with root access. - Media-servers.net Compromised – websense.com
Malicious code was found on a high-profile advertiser’s website. - Microsoft Tries To Censor Bing Vulnerability – slashdot.org
The tech giant uses a cease and desist letter to cover up the Bing cash-back exploit. - Seven keyholders for the DNS root zone – h-online.com
Signing the root zone is necessary to ensure that there is an unbroken chain of trust in the entire DNS. - Keeping pacemakers safe from hackers – slashdot.org
European researchers have developed a method to protect implanted devices from wireless threats. - Recovering the Slums of the Internet – slashdot.org
A comment on the state of the Internet in relation to blacklisted IPs. - Researchers: Flaw in Fed Wiretaps Could Allow Circumvention – wired.com
A theoretical way to stop wiretapping is proposed by researchers.
A few news and reviews on the latest leak of MS software, an online forensic tool used by the police.
Leave A Comment