Week 50 in Review – 2009

• OllyDbg 2.0 Beta Released – djtechnocrat.blogspot.com
  This new release includes debugging of child processes.
• Metasploit Gets New Vulnerability Scanning Features – darkreading.com
  Rapid7 takes first step in integrating its penetration testing tool with its NeXpose vulnerability scanner.
• CANVAS 6.53 Released – forum.immunityinc.com
  The new version includes SploitD fixes and a fix for dialog boxes.
• Lynis v1.2.8 Released – security-database.com
  This update includes Squid support, HP-UX boot authentication checking among others.
• Matriux v0.9.4 Build 091127 Released – security-database.com
  It is a fully featured security distribution consisting of a bunch of powerful, open source and free tools.
• DirChex Help / BT4 version – cktricky.blogspot.com
  A fix for those with issues regarding apt-get installation
• WAFW00F Beta Released : Auditing Web Application Firewall – security-database.com
  WAFW00F allows one to identify and fingerprint WAF products protecting a website
• Graudit v1.5 Released – security-database.com
  A simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility grep
• Halberd v0.2.3 Available : Load Balancer Configuration Auditing – security-database.com
  This is a tool aimed at discovering real servers behind virtual IPs
• JBroFuzz v1.8 Released – security-database.com
  JBroFuzz is a web application fuzzer for requests being made over HTTP and/or HTTPS.
  
• Groundspeed v1.0.1 in the Wild – security-database.com
  An open-source Firefox add-on that allows modification of the web application interface during a pentest by manipulating the forms
• NetSparker
  This is a new web application scanner from Mavituna
  • New Web Application Scanner: Netsparker – pentestmonkey.net
    
  • Netsparker Videos – mavitunasecurity.com
• Offensive-Security Exploit-DB project is now available via svn – twitter.com/exploitdb

• Paper on FPGA cracker released – petefinnigan.com
  Dennis Yurichev publishes a paper that explains the tools and methods he used in creating this cracker.
• Emulating the BlackBerry Phone Call Log Field – chirashi.zensay.com
  An explanation how to emulate the layout of the phone log.
• DEP bypass with SetProcessDEPPolicy() – bernardodamele.blogspot.com
  Several methods on how to circumvent DEP
• A checklist approach to security code reviews – securityninja.co.uk
  The security ninja shares a method for a clear, consisten and repeatable code review.
• BToD Testing an Intranet site / ‘do WWW Authentication’ – cktricky.blogspot.com
  A quick account on Intranet site testing
• DNS Enumeration with Metasploit – darkoperator.com
  A short introduction to DNS enumeration and what type of information can be gathered from this service.
• Database Hacking Video: Tampering with DB Network Protocol Messages – imperva.com
  This is an example of a database protocol attack on the client side for Oracle 10.i.
• IPv6 and your Web Application – blogs.sans.org/appsecstreetfighter
  A few ideas to consider when moving a web application to IPv6
• Snoop-Mag 3 release /+/ Wi-Fi Attacks article by me – hkashfi.blogspot.com
  A few thoughts on WiFi attacks and the Snoop Security Magazine
• Install Adobe Flash Without Adobe DLM – ghacks.net
  A quick guide on how to install Flash for Firefox users without using the Adobe DownLoad Manager
• IndySec Metasploit Class Videos – irongeek.com
  Three videos of IndySec’s Metasploit class
• Assessing and Exploiting Web Applications with the open-source Samurai Web Testing Framework – radajo.com
  A brief overview on the Samurai-WTF framework
  

Vulnerabilities:

• Pentagon Web Site Vulnerabilities Identified – praetorianprefect.com
  A Romanian hacker has discovered security vulnerabilities on a tour images section of the official web site of the Pentagon.
• Hacker scalps NASA-run websites – theregister.co.uk
  Miscreants took advantage of weak security to hack into two NASA-run websites over the weekend.
• VPN Man-in-the-Middle Attacks: Fact or Fiction? – rsa.com
  A post on how to handle the news about this type of attack.
• Massive SQL Injection Attack
  A recent SQL vulnerability infected more than 132,000 sites
  
  • SQL injection attack claims 132,000+ – net-security.org
  • New Wave of SQL Injection Attacks – f-secure.com
  • SQL injection attack knocks out at least 132K websites – techtarget.com
  • SQL Injection Resource – imperva.com
    A glossary resource for SQL injection
• Hacker groups set to expose GSM encryption weaknesses
  Several hacking groups worldwide are compromising the global cellular standard to expose vulnerabilities so they can be addressed
  
  • GSM system about to be compromised – physorg.com
  • Open Source Effort to Hack GSM – ieee.org
  • H4rdw4re to crack GSM encryption – ubergizmo.com

Vendor/Software Patches:

• Adobe to Fix Zero-Day Security Vulnerability – securitywatch.eweek.com
  Adobe Systems is planning to patch a zero-day security vulnerability affecting its Adobe Illustrator software by January.
• Adobe Flash Player and Adobe Air Updates
  Adobe has finally released updates to patch some Flash security holes
  
  • Security updates available for Adobe Flash Player – adobe.com
    The official patch bulletin for Adobe Air and Flash
  • Adobe flash player and air patched – isc.sans.org
    
  • Several holes closed in Adobe Flash Player – h-online.com
  • Don’t Let a Hacked Website Get You – eset.com
    A quick reminder to update your Flash Player and other tips to prevent hacked websites from compromising your computer security
• Microsoft Fixes Zero-Day Internet Explorer Exploit
  The recent Patch Tuesday update fixes several vulnerabilities in IE
  
  • Microsoft Security Bulletin MS09-072 – microsoft.com
    
  • Microsoft plugs zero-day IE hole – cnet.com
    
  • Microsoft Closes Five Holes In IE With Patch Tuesday Update – darkreading.com
• Microsoft December Security Updates
  A round of updates Microsoft recently released for its other products
  
  • Microsoft Security Bulletin MS09-069 – microsoft.com
    Vulnerability in Local Security Authority Subsystem Service could allow denial of service.
  • Microsoft Security Bulletin MS09-070 – microsoft.com
  Vulnerabilities in Active Directory Federation Services could allow remote code execution.
  • Microsoft Security Bulletin MS09-071 – microsoft.com
    Vulnerabilities in Internet Authentication Service could allow remote code execution.
  • Microsoft Security Bulletin MS09-073 – microsoft.com
    Vulnerability in WordPad and Office Text Converters could allow remote code execution.
  • Microsoft patch day includes patches for Windows 7 – h-online.com
    Microsoft has released three critical and three important updates on its December Patch Tuesday.
  • December 2009 Security Bulletin Release – technet.com
    A summary of Microsoft’s recent security bulletin
  • Assessing the risk of the December security bulletins – technet.com
    A table summary on the impact and solutions from the recent Microsoft updates
• Extended Protection for Authentication – technet.com
  This is a mechanism to helf safeguard authentication credentials on the Windows platform.