Event Related
- Snoopy: A distributed tracking and profiling framework – sensepost.com
At this year’s 44Con conference (held in London) Daniel and I introduced a project we had been working on for the past few months. Snoopy, a distributed tracking and profiling framework, allowed us to perform some pretty interesting tracking and profiling of mobile users through the use of WiFi. - CRIME Slides from ekoparty 2012 – Google Docs – docs.google.com
I think CRIME has been hyped too much. Cookie spoofing ain’t a serious thing. I doubt the advantages of this attack has much impact on net sec. - DerbyCon Day 2 Talk Notes: Social Engineering Defense Contractors on LinkedIn and Facebook – novainfosecportal.com
So I thought I’d check out and blog about this presentation since it seems fairly close to home with many of us in the metro-DC area. Despite there being no abstract I’ve heard the speaker, Jordan Harbinger, on The Social Engineering Podcast a few times and he seems to know his stuff on teaching others to build rapport with others, a key skill for any social engineer.
Resources
- Book Review: “Advanced Penetration Testing for Highly Secured Environments: The Ultimate Security Guide” – cyberarms.wordpress.com
You may have layers of security, popularly known as “Defense in Depth”, but are your security features setup properly? Are their configuration errors that a vulnerability scan will not find? - What is Penetration Testing? – Whiteboard Wednesdays – community.rapid7.com
wondering “What is penetration testing?” Need a quick primer on the topic? In this first video of our Whiteboard Wednesdays series, we’re explaining what a penetration test is as well as some typical reasons why people conduct so-called “pen tests”. - FinSpy Mobile – Configuration and Insight – blog.spiderlabs.com
A couple of weeks ago, Citizen Lab announced the discovery of the mobile component to the previously discovered FinFisher Toolkit (Reference Here). - Email Address Harvesting – pentestgeek.com
Harvesting email addresses is a common part of any external penetration test. Several tools exist that can be easily found with a simple google search that can greatly decrease the amount of time spent combing through search engine results. - Two-stage CSRF attacks – ceriksen.com
This week I ran into an interesting problem. I was doing some poking around with my DLink DIR-615(EU) router while working on some firmware reverse engineering. It occurred very quickly to me that the router had no protection against CSRF attacks.
Techniques
- JSON Hijacking Demystified – blog.spiderlabs.com
JavaScript Object Notation (JSON) is a language and platform independent format for data interchange. JSON is in widespread use with a number of JSON parsers and libraries available for different languages. While some information is available for JSON hijacking this attack is not very well understood. - Hey, I just met you, and this is crazy, but here’s my hashes, so hack me maybe? – blog.spiderlabs.com
Those familiar with password cracking know that KoreLogic’s rule set for John the Ripper has become the de facto standard for password cracking.
Tools
- Everything you need to know about hash length extension attacks – skullsecurity.org
Now I’m gonna release the tool, and hope I didn’t totally miss a good tool that does the same thing! It’s called hash_extender, and implements a length extension attack against every algorithm I could think of. - Cydia – appsec-labs.com
Once you have added AppSecLabs repository to your Cydia you can find all of our latest iOS tools right in Cydia.
Vendor/Software Patches
- Another Critical Security Flaw In Java Appears Before Oracle Has Even Resolved The Last One – forbes.com
If you temporarily disabled Java during the last round of attacks on Oracle’s ubiquitous, buggy program, here’s more evidence that the time has come to remove it altogether. - MS11-080 Revisited – Returning to Ring 0 – blog.securestate.com
Almost a year ago the nice folks at Offensive Security released a reliable exploit for MS11-080. This vulnerability was discovered through an in-depth review of a patch released by Microsoft.
Vulnerabilities
- Tiny Evil Maid CHKDSK Utility Can Steal Passwords – threatpost.com
The utility is designed to look like the Windows CHKDSK tool, which looks for errors or problems with a hard disk before a machine boots. CHKDSK will execute if the system detects a logical error and then attempt to fix it, and anyone who’s been a Windows user for more than a year or two definitely has seen the utility pop up. - Got TouchWiz? Some Samsung Smartphones Can Be Totally Wiped By Clicking A Link – techcrunch.com
I’ve never been a huge fan of the TouchWiz UI Samsung throws onto most of its smartphones (for aesthetic reasons, mostly), but now it seems there’s another reason to be wary of the custom Android interface.
Other News
- The First Few Months of Penetration Testing: What they don’t teach you in School – blog.spiderlabs.coms
I entered into school with the hope and dream of someday entering into the information security industry. I obtained a Bachelors of Science in Information Assurance with a focus on Network Security from Eastern Michigan University in December 2010. - SourceForge Investigates Backdoor Code Found in Copy of phpMyAdmin – threatpost.com
The popular open-source repository SourceForge is investigating how a corrupted copy of phpMyAdmin came to be served from a Korean-based mirror. Logs indicate 400 users downloaded the malicious file before it was removed from rotation today.
Leave A Comment