Events Related:
- CSAW CTF 2009 – trailofbits.com
A set of capture the flag challenges over at NYU-Poly finished its final round on Nov. 13th. - OWASP 2009 (AppSecDV) Thoughts – preachsecurity.blogspot.com
An look back at the events of the recent security conference - SANS WhatWorks in Incident Detection Summit 2009 – eatingsecurity.blogspot.com
An announcement on the new event of SANS. - IRISS Conference and HackEire – securityninja.co.uk
The first Irish national CSIRT will be on Nov. 19.
Resources:
- OWASP Top 10
A list of the top 10 vulnerabilities from OWASP- OWASP Top 10 – 2010 rc1 Released! – owasp.blogspot.com
- OWASP Top Ten 2010 and The Principles of Secure Development – securityninja.co.uk
- IN(SECURE) Magazine Issue 23 Released – djtechnocrat.blogspot.com
Some details on the articles inside the magazine - Offensive Security Exploit Archive Online
A comprehensive exploit database is now available for use- Offensive Security Exploit Archive Online – offensive-security.com
- The Offensive Security Exploit Database is Live! – djtechnocrat.blogspot.com
- Security Consultants Have Sweet Gigs – terminal23.net
Some thoughts on how to handle IT security for business owners - Yeah, Infosec may be the Hardest Tech Career – terminal23.net
Working in security takes a lot of knowledge and focus to pull off but is worth it. - Pentesting with an Ubuntu Box – hexesec.wordpress.com
A quick way to get an Ubuntu box up and running with a simple script. - A Set of Tutorials in Exploit Writing (via exploitdb @ twitter)
- Part 1 – Stack Based Overflows
- Part 2 – Jump to Shellcode
- Part 3 – SEH
- Part 3b – SEH-based Exploits
- Part 4 – From Exploit to Metasploit: The Basics
- Part 5 – Debugger Modules in Exploit Development
- Part 6 – Bypassing Stack Cookies, SAFESEH, Hardware DEP and ASLR
- Part 7 – Unicode, from 0x00410041 to Calc
Tools:
- New Release of Metasploit Framework, now in v3.3
This test release includes bug fixes, Meterpreter improvements and AV bypassing, among others.- Metasploit Framework 3.3 Released! – metasploit.com
- Metasploit Framework v3.3 Release Candidate 2 Released – security-database.com
- PDFResurrect v0.9 Released – security-database.com
It is a tool used to analyze PDFs and its history. - Katana v1 (Kyuzo) – Portable Multi-Boot Security Suite – darknet.org.uk
The idea behind this tool is to bring together many of the best security distributions and applications to run from one USB Flash Drive. - inSSIDer v1.2.3.1014 – WiFi Network Scanner – security-database.com
This tool is useful for those who need a wifi scanner and run Windows Vista or 64-bit XP. - Knock v1.3B – Subdomain Bruteforcer Scan – security-database.com
A python script designed to enumerate subdomains via a wordlist. - MS CAT.NET v1.1.1.9 – Code Analysis Tool .NET – security-database.com
CAT.NET is a binary code analysis tool tat helps identify common variants of certain prevailing vulnerabilities. - Wireshark 1.2.4 Released – wireshark.org
The network tool includes fixes for saving RTP streams. - A Simplified Astaro UTM Now Free to Businesses – room362.com
A short review on the network tool - Xplico v0.5.3 Released – security-database.com
A tool to extract from an internet traffic capture the applications data contained in it. - OWASP Orizon 2.0 update – owasp.blogspot.com
Some news on the upcoming release update for this security tool. - VideoJak v2.0 – IP Video Security Assessment Tool – security-database.com
VideoJak is an IP Video security assessment tool that can simulate a proof of concept video interception or replay test against a targeted, user-selected video session.
Techniques:
- Installing John the Ripper Version 1.7.3.4 Tutorial – reusablesec.blogspot.com
A run-through on how to install this tool in Snow Leopard and some usage tips. - Decompiling Flash Files with SWFScan – carnal0wnage.attackresearch.com
A look at SWFScan and its usage with Flash - Session Fixation via DNS Rebinding – ha.ckers.org
Some thoughts on using session fixing with DNS rebinding - Null Byte Injection – schmoil.blogspot.com
Playing around with some null byte attacks against web apps. - Windows Exploitation Part 2 – threatpost.com
A video that discusses specific techniques for attacking Windows machines. - DNS Rebinding for Credential Brute Force – ha.ckers.org
Using DNS rebinding to hack into passwords - Initial test for SSL renegotiation added to SSL Labs – ivanristic.com
A new implementation is added to see if an SSL server is vulnerable to an Authentication Gap MITM attack. - DNS Rebinding for Scraping and Spamming – ha.ckers.org
Another questionable use of DNS rebinding is talked about in this post. - Using a Cisco Router as a “Remote Collector” for tcpdump or Wireshark – isc.sans.org
A breakdown of the steps to use a router to get a packet dump. - Bob The Backdoor Man – Part 1 – synjunkie.blogspot.com
- Bob The Backdoor Man – Part 2 – synjunkie.blogspot.com
His intention was to use ncat for file transfers, proxies and backdoors. - Brute-Forcing Compatibility – room362.com
An idea on brute force using Burp to get into restricted webpages. - Taking a Look at the New SWF Upload Attack – pauldotcom.com
A post about the newest Flash attack and how it is done. - Authentication Bypass in GINA (Graphical Identification and Authentication DLL) replacements – pauldotcom.com
An explanation on using gina chaining and passsword replacement - Auditing 100,000 Hosts or More with Nessus – tenablesecurity.com
This blog entry summarizes some of the political and deployment strategies used to scan hosts using multiple Nessus scanners.
Vulnerabilities:
- Microsoft advises on the new Windows 7 exploit
Microsoft has now released an advisory about a reported SMB vulnerability.- The First Windows 7 Zero-Day Exploit – slashdot.org
- Microsoft confirms ‘detailed’ Windows 7 exploit – zdnet.com
- Microsoft investigates vulnerability in Windows 7 and Server 2008 R2 – h-online.com
- Interesting JForum vulnerabilities and the ESAPI WAF – i8jesus.com
A discussion on the weaknesses of JForum - New Attack Fells Internet Explorer – slashdot.org
An attack code using to break into older versions of IE is released to the wild. - SSL Renegotiation Bug attack can be used against Twitter, Facebook, API-websites
A Turkish grad student devised a serious, real-world attack on Twitter which uses a vulnerable SSL protocol.- SSL Renegotiation Bug Successfully Used To Attack Twitter – darknet.org.uk
- SSLv3/TLS Renegotiation Stream Injection – hp.com
- Password theft via vulnerability in SSL/TLS protocol – h-online.com
Vendor/Software Patches:
- OpenVPN Fixed OpenSSL Session Renegotiation Issue – isc.sans.org
An update on the VPN software fixes holes in handling OpenSSL
Other News:
- DNSSEC Implementation Held Up by Tech Delays – slashdot.org
Technical delays plague the deployment of DNSSEC, a solution to a major security flaw in DNS. - Does Windows 7 Change the Security Equation? – siblog.mcafee.com
A comment on how security with Windows 7 will affect its relations with security companies. - The Cyberwar Plan – nationaljournal.com
A look into the new form of warfare that helps the US military disarm enemies without bullets and bombs. - US Government Using PS3s to Break Encryption – slashdot.org
Each PS3 is capable of 4 million passwords per second. - Hackers Broke into Brazil Power Grid Operator’s Website Last Thursday – slashdot.org
SQL injections are the probable way in used to break into the ONS website. - NIST updates information security guidelines – nextgov.com
An update on how federal agencies should certify and accredit computer systems. - Two Arrested for Zbot Trojan – slashdot.org
An arrest in Manchester is made for violation of the 1990 Computer Misuse Act and 2006 Fraud Act. - Ethics leaks spur House bill banning P2P apps on .gov PCs – arstechnica.com
A move to prevent further leakage of government data using this file sharing protocol. - IGF attendees: America, surrender the root zone file! – arstechnica.com
A UN-backed forum discusses how to move the ICANN from the iron grip of the US. - FAA Computer Glitch Causes Widespread Airline Delays – slashdot.org
The FAA said in a statement that t is having problems processing flight plan information. - Hacker exposes global warming researcher (Climategate) – erratasec.blogspot.com
The private emails of a reknown climatologist have been hacked and exposed to the world. - Hadley CRU hacked with release of hundreds of docs and emails – examiner.com
An unknown hacker downloaded 1079 emails and 72 documents of various types and published them in a FTP server. - An introduction to the FBI’s anti-cyber crime network – arstechnica.com
An insight into the FBI cyber crime task force, its accomplishments and how it holds up against threats.
Leave A Comment