Week 13 in Review – 2010

• CanSecWest posts
  A round-up of the events in the recent Canadian conference
  • CanSecWest 2010 Day 1 – sophos.com
  • CanSecWest 2010 day 2 summary – sophos.com
  • CanSecWest 2010 day 3 summary – sophos.com
  • Hacker Olympics: a shout-out from Vancouver, BC! – technet.com
• Videos in Hack in the Box – hitb.org
  Videos of the keynotes of HITB Malaysia 2009

• Passware Kit Forensic Decrypts TrueCrypt Hard Disks in Minutes – forensicfocus.com
  Passware Kit Forensic has become the first commercially available software to break TrueCrypt hard drive encryption without applying a time-consuming brute-force attack.
• HD Moore on Metasploit, Exploitation and the Art of Pen Testing – threatpost.com
  Dennis Fisher talks with HD Moore, the founder of the Metasploit Project and the chief security officer at Rapid7.

• OpenSSL 1.0 – openssl.org
  The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit SSL v2/v3 and TLS v1 protocols.
• Vicnum v1.4 – sourceforge.net/projects/vicnum/
  A lightweight flexible vulnerable web application written in PERL and PHP.
• Plecost v0.2.2-8 – plecost.googlecode.com
  Wordpress finger printer tool, plecost search and retrieve information about the plugins versions installed in WordPress systems.
• DBAPPSecurity web application scanner MatriXay 3.6 – professionalsecuritytesters.org
  MatriXay 3.6 not only has the remarkable scanning ability, but also provides powerful penetration testing functions and web Trojan detection.
• Zigbee Analysis Tools – sans.org
  KillerBee is a Python based framework and tool set for exploring and exploiting the security of ZigBee and IEEE 802.15.4 networks.
• pvefindaddr v1.27 – corelan.be
  Immunity Debugger is a powerful new way to write exploits, analyze malware, and reverse engineer binary files.
• Buck Security v0.5 – buck-security.org
  Buck Security is a collection of security checks for Linux.
• pwnat v0.2-Beta – samy.pl
  Simply put, this is a proxy server that works behind a NAT, even when the client is behind a NAT, without any 3rd party.
• Nmap v5.30 Beta 1 – nmap.org
  Nmap is a free open source utility for network exploration or security auditing.
• Wireshark 1.2.7 – wireshark.org
  Wireshark is the world’s most popular network protocol analyzer.
• SQLFury –  sqlfury.com
  SQL injection is a technique that exploits a security vulnerability occurring in the database layer of an application.
• w3af v1.0-RC3 – sourceforge.net/projects/w3af/
  The w3af core and it’s plugins are fully written in python.
• CMS Explorer (or: what’s that CMS running?) – sunera.com
  CMS Explorer is currently set up to test Drupal, WordPress and Joomla!/Mambo, with exploration support for Drupal and WordPress.
• Microsoft SDL version 5 – msdn.com
  The largest change in SDLv5 is the inclusion of SDL for Agile Development as an Addendum at the end.
• LoverBoy – loverboy.sourceforge.net
  A web application penetration testing tool that can extract data from SQL Server, MySQL, DB2, Oracle, Sybase, Informix, and Postgres.
• CUPP v3 – remote-exploit.org
  Going through different combinations and algorithms, CUPP can predict specific target passwords by exploiting human vulnerabilities.
• Skipfish v1.29B – skipfish.googlecode.com
  Skipfish is an active web application security reconnaissance tool.
• Kon-Boot v1.1 – piotrbania.com/all/kon-boot
  Kon-Boot is an prototype piece of software which allows to change contents of a Linux kernel.
• Flint 1.0.5 – chargen.matasano.com
  Flint examines firewalls, quickly computes the effect of all the configuration rules, and then spots problems.

Vendor/Software Patches:

• MS patches lots of holes in Internet Explorer Microsoft fixes 10 security leaks in their flagship browser
  • Security Bulletin MS10-018 Released – technet.com
  • Microsoft issues emergency patch for 10 IE holes – cnet.com
• Apple patching a lot of flaws
  The update corrects more than 90 security flaws and weaknesses in a variety of Apple and third-party products.
  • Monster Mac OS X Update – krebsonsecurity.com
  • Apple patching frenzy: Security holes in QuickTime, iTunes, AirPort – zdnet.com
  • QuickTime update patches 16 vulnerabilities – h-online.com
• Java fixed up
  Security updates for Java SE and Java for Business have been released as Java 6 Update 19.
  • Java 6 Update 19 closes 26 security holes – h-online.com
  • Java Patch Plugs 27 Security Holes – krebsonsecurity.com
  • Oracle Java SE and Java for Business Critical Patch Update Advisory – sans.org
• Foxit Reader Security Update – foxitsoftware.com
  Foxit Reader has released a security that fixes an issue that runs an embedded executable in a PDF document without asking the user’s permission.

Other News:

• AP Exclusive: `Smart’ meters have security holes – google.com
  At the very least, the vulnerabilities open the door for attackers to jack up strangers’ power bills.
• Heartland data breach could be bigger than TJX’s – networkworld.com
  The company said the intrusion may have been the result of a “widespread global cyberfraud operation”.
• iPhone hacked in Pwn2Own, and more
  Among other things, they were able to read the entire SMS database, including text messages that had already been deleted.
  • IE8, Safari, Even iPhone Fall at Pwn2Own Contest – pcmag.com
  • Pwn2Own 2010: iPhone hacked, SMS database hijacked – zdnet.com
  • iPhone Hacker Thinks He’s Cracked the iPad, Too – wired.com
  • iPhone, Safari, IE 8, Firefox hacked in CanSecWest contest – cnet.com
• Frenchman Arrested After Hacking Into Obama’s Twitter Accounts – wsj.com
  A Frenchman will face trial after hacking into Twitter accounts, including that of U.S President Barack Obama.
• U.S. Faces Cyber Security Gap Without Training, Education – esecurityplanet.com
  One of the most important steps policymakers can take is to nourish the education and training of a new crop of security experts.
• Senate panel passes Cybersecurity Act with revised “kill switch” language – opencongress.org
  The goal of the bill was to develop a public-private plan for strengthening national security in the case of internet-based attacks.
• How I’d Hack Your Weak Passwords – lifehacker.com
  If you invited me to try and crack your password, how many guesses would it take before I got it?
• School laptop spy case prompts Wiretap Act rethink – arstechnica.com
  The existing Wiretap Act already bans oral, wire, and electronic communications gathered without consent.
• Facebook data erased due to lawsuit threats.
  Legal threats from Facebook have led to the destruction of a social science dataset about to be released to researchers.
  • Data sifted from Facebook wiped after legal threats – newscientist.com
  • UPDATED: Facebook Data Deleted After Lawsuit Threat – gigaom.com
• Report: 64% of all Microsoft vulnerabilities for 2009 mitigated by Least Privilege accounts – zdnet.com
  BeyondTrust’s quantitative report message is simple – get back to the basics.
• More “hotel door hacking” and lockcon – blackbag.nl
  The chain is a weak link by itself as it was obvious if had been broken and repaired many times before.
• US Navy Wants to Field Cyber-Attack System – military.com
  In 2018, the U.S. Navy hopes to take a major step toward fielding a cyber-attack system on a tactically survivable, fighter-size aircraft.
• Peoplesoft passwords – gasparotto.blogspot.com
  Since nobody give the database user/password connection string on application connection, Peoplesoft will de-encrypt the password to be able to reconnect to the database.