Events Related

• ShmooCon 2011
  Getting to ShmooCon each year is always challenging (as is trying to get home). Mother Nature seems to enjoy disrupting the travel to and from the conference, which is held in Washington, D.C in January or February of each year.
  • ShmooCon 2011 – intrepidusgroup.com
  • ShmooCon 2011 Conference Wrap Up – blog.tenablesecurity.com
• US Cyber Challenge 2011
  The Center for Internet Security’s US Cyber Challenge today kicked off an online competition to identify high school students possibly interested in cybersecurity career.
  • High school cybersecurity competition kicks off – itknowledgeexchange.techtarget.com
  • New Contest To Promote Cyber Security Skills In Teens – threatpost.com
• Participate remotely on the OWASP Summit – diniscruz.blogspot.com
  The OWASP Summit is gearing up to be an amazing event. If you are not able to make it in person to Portugal, then please make the time to participate remotely.
• Announcing Pwn2Own 2011 – dvlabs.tippingpoint.com
  It’s that time of year again and the Zero Day Initiative (ZDI) team here at HP TippingPoint is proud to announce the 5th annual Pwn2Own competition is back.

Resources

• 2010 Top Web Application Hack Attacks – chaptersinwebsecurity.blogspot.com
  I must admit that I was curious just like everybody else, what 2010 will look like, retrospectively, through the eyes of the international infosec community.
• TiGa’s Video Tutorial Site – woodman.com
  TiGa’s video tutorial series on IDA Pro.
• Mobile Security Tips – f-secure.com
  With data charges getting cheaper and technologies in mobile computing getting more powerful, mobile devices are becoming more like a small personal computer.
• ShmooCon 2011 FireTalks
  • FireTalks at ShmooCon 2011, Night 1 – vimeo.com
  • FireTalks at ShmooCon 2011, Night 2 – vimeo.com
  • Net Neutrality, the FCC, and the end of the Internet as we know it – vimeo.com
• OMG-WTF-PDF Denouement – blog.fireeye.com
  I recently gave this presentation at the 27th Chaos Computer Congress in Berlin. For some reason, the slides never made it from Pentabarf to the Fahrplan.
• Guide to Security for Full Virtualization Technologies – csrc.nist.gov
  The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) promotes the U.S. economy and public welfare by providing technical leadership for the nation’s measurement and standards infrastructure.
• ShmooCon 2011 Library
  This year I talked about my improvements to VERA over the past 6 months. Much of the talk was centered around live demos, which unfortunately did not make it to the slides. The new tracing module and updated versions of the VERA code will be posted here soon.
  • ShmooCon 2011: Visual Malware Reversing – offensivecomputing.net
  • ShmooCon 2011: Zigbee Security: Find, Fix, Finish – youtube.com
  • ShmooCon 2011 video collection – reddit.com
• So you think your *capability* model is bad? – Icamtuf.blogspot.com
  In his recent post, Brad Spengler mocked the Linux capability system – a somewhat ill-conceived effort to add modern access controls on top of the traditional Unix permission model.

Tools

• Password Length Matters – justanotherhacker.com
  In fact, it matters so much that the term password is just plain wrong. Passphrase is better, and I did mean to start using that term instead.
• UPDATE: Cain & Abel v4.9.38 – oxid.it
  Our previous post regarding Cain & Abel can be found here. Now, oxid.it has released an updated Cain & Abel version 4.9.38!
• Another update to gdbinit for iOS and ARM support to ptool.pl and offset.pl – reverse.put.as
  I have fixed some of the missing stuff in gdbinit for iOS. Now the jump conditions are displayed for ARM and Thumb modes and the “stepo” command is working for ARM and semi-working for Thumb (to be fixed in the next release).
• THC Hydra v6.1 released – vulnerabilitydatabase.com
  THC-Hydra – the best parallized login hacker: for Samba, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support and is part of Nessus.
• Majordomo2- Directory Traversal (SMTP/HTTP) – exploit-db.com
• GoogleDiggity
  The Google Hacking Diggity Project is a research and development initiative dedicated to investigating the latest techniques that leverage search engines, such as Google and Bing, to quickly identify vulnerable systems and sensitive data in corporate networks
  • Exclusive!! GoogleDiggity the exclusive Google hacking project v0.2 – stachliu.com
  • SharePoint – GoogleDiggity dictionary file – stachliu.com
• Pentesting Web Services with WS-Attacker v1.0 – sourceforge.net
  WS-Attacker is a modular framework for web services penetration testing. It is a free and easy to use software solution, which provides an all-in-one security checking interface with only a few clicks.
• I found a hotmail “exploit” that allows me to change a large percentage of people’s passwords – reddit.com
  As the title says, I found an exploit on Hotmail that allows me to change hotmail/msn/live passwords for people using their service.
• InformIT: comparing static analysis tools – mail-archive.com
  There are cases where dynamic and static each have clear strengths. Pragmatic combination of the two has promise in solving a broad spectrum of test-cases.
• UPDATE: NetworkMiner 1.0 – sourceforge.net
  Fresh off the compiler again! A newer version of NetworkMiner has just been released a few hours ago! The updated NetworkMiner version 1.0 is out!
• QuickRecon: A Simple Information gathering Python Script! – pypi.python.org
  The first submission for the year 2011! We are proud to present to all of you QuickRecon. It is a simple information gathering tool.
• GWT-Penetration-Testing-Toolset – github.com
  A set of tools made to assist in penetration testing GWT applications. Additional details about these tools can be found on my OWASP.

Technique

• Java Cisco Group Password Decrypter – neohapsis.com
  For whatever reason I have found myself needing to “decrypt” Cisco VPN client group passwords throughout the years.
• Darkshell: A DDos bot targeting vendors of industrial food processing equipment – asert.arbornetworks.com
  This week, we continue our efforts to document the crowded space of Chinese DDoS bots by analyzing Darkshell.
• Padocon 2011 CTF Karma 400 exploit: the data re-use way – vnsecurity.net
  Karma 400 at Padocon 2011 Online CTF is a fun challenge. The binary was provided without source code, you can reach its decompiled source at disekt’s team writeup.
• Exploiting SEH Overwrites Using ROP – blog.metasploit.com
  In the final days of 2010, an exploit for the Windows CreateSizedDIBSECTION vulnerability was added to the Metasploit trunk.
• TaskManager.xls – blog.didierstevens.com
  TaskManager.xls is a simple taskmanager implemented in Excel/VBA. It can list the running processes; and terminate, suspend or resume selected processes.
• Exploiting Networks with Loki on Backtrack 4 R2 – packetstan.com
  Loki is the impressive layer 2/3 network manipulation tool by Daniel Mende, Rene Graf and Enno Rey of ERNW.
• Unchecked redirection + URL shortener = Spam – research.zscaler.com
  Recently, I found several legitimate sites, with bad coding practices,  used to redirect users to spam sites with the help of URL shorteners.
• Adobe Reader X stops malicious PDF spam campaign dead in its tracks – nakedsecurity.sophos.com
  A new malicious spam campaign underlines the security benefits of upgrading to the latest version of Adobe Reader – Adobe Reader X.
• Mac OS Forensics How-To: Simple RAM Acquisition and Analysis with Mac memory reader – computer-forensics.sans.org
  In Part 1 of this post, I showed you how to acquire the contents of physical RAM of a Mac OS X computer using ATC-NY’sMac Memory Reader, and did some simple analysis using strings and grep searches.
• ShmooCon Ghost in the Shellcode 2011 – ppp.cylab.cmu.edu
  Just got back from ShmooCon and it seems that some people want a writeup for the taped challenge. I highly encourage you to try it yourself first, because once you see the bug, it takes away some of the fun.

Vendor/Software Patches

• Critical Adobe Reader X Patches On Deck – threatpost.com
  Adobe will join Microsoft on the security patch treadmill next Tuesday (February 8, 2011) with “critical” updates for code execution holes in its flagship Adobe Reader and Adobe Acrobat products.
• Patch Tuesday heads -up: Critical flaws in Windows, Internet Explorer – zdnet.com
  As part of this month’s Patch Tuesday schedule, Microsoft plans to ship a dozen bulletins with fixes for 22 vulnerabilities, some serious enough to allow hackers complete access to a vulnerable Windows machine.

Vulnerability

• Veracode Free JAVA Cross-Site Script Scanning Service – veracode.com
  As we know – cross-site scripting(XSS) is a type of computer security vulnerability typically found in web applications that enables malicious attackers to inject client-side script into web pages viewed by other users.
• Cisco Security Advisory: Default Credentials for Root Account on Tandberg E, EX and C Series Endpoints – cisco.com
  Tandberg C Series Endpoints and E/EX Personal Video units that are running software versions prior to TC4.0.0 ship with a root administrator account that is enabled by default with no password. An attacker could use this account in order to modify the application configuration or operating system settings.

Other News

• ATM Skimmers That Never Touch The ATM – krebsonsecurity.com
  Media attention to crimes involving ATM skimmers may make consumers more likely to identify compromised cash machines, which involve cleverly disguised theft devices that sometimes appear off-color or out-of-place.
• Facebook flaw allowed websites to steal user’s personal data without consent – nakedsecurity.sophos.com
  A couple of weeks ago two students conducting security research contacted me about a vulnerability which they believed they had found with Facebook.
• Research Reveals Huge Cache Of FTP, Email Credentials Stolen By Waledac – threatpost.com
  Researchers have discovered that the gang behind the once-and-future botnet Waledac has gathered nearly 500,000 stolen passwords for email accounts, along with close to 125,000 sets of pilfered credentials for FTP accounts.
• Red Gate: We could not make the free model work for us as a commercial company – zdnet.com
  If you’re a .NET developer, chances are you’ve heard of .NET Reflector, a decompilation, debugging, and reverse engineering tool for managed code.
• IPv6-What’s New – blogs.cisco.com
  IPv6 is becoming more widely deployed as the availability of IPv4 addresses continue to decline. In June, Cisco will be participating in World IPv6 Day, a 24-hour global “test drive” of IPv6 that is organized by the Internet Society.
• New Android Market web store could open backdoor for phone hackers – nakedsecurity.sophos.com
  If you follow the Google Android operating system scene, you will probably have heard about the new, web-based Android Market store which was launched a few days ago.
• How To: Forensically Sound Mac Acquisition in Target Mode – computer-forensics.mac.org
  It is really a matter of personal opinion, Mac’s are an engineering marvel just ask anyone that has had to remove a hard drive from a Mac for forensic imaging and then try to put it back together properly.