Week 11 in Review – 2013

Event Related

  • ShmooCon 2013
  • Blackhat Europe 2013
    • Highlights from BlackHat Europe 2013 in Amsterdam – securelist.com
      Every year as Europe wakes up from the cold winter to the warm days of spring, BlackHat traditionally descends to Amsterdam.
    • Black Hat | Europe 2013 – Briefings – blackhat.com
      We are in the middle of a power shift in society that is at least as large as that of the printing press. Information advantage has always been the same as power: when the ruling elite has historically lost the information advantage, they have also lost power.
    • Day 1
      • BlackHat Europe 2013 Wrap-Up Day #1 – blog.rootshell.be
        Hello Everyone, it’s BlackHat time again! Here is my wrap-up for the first day. Yesterday evening, after a safe drive to Amsterdam with @corelanc0d3r, we went out for dinner and had good times with other friends and guys from the Rapid7 team who maintain the Cuckoo project.
      • BlackHatEU2013 Day 1 To dock or not to dock – corelan.be
        Time flies ! After hanging out with @repmovsb and @botherder, it’s time for the last talk of the day. In the “To dock or not to dock, that is the question” talk, Andy Davis, research director at NCC Group shares his research around using laptop docking stations as hardware-based attack platforms.
      • BlackHatEU2013 Day1 Hardening Windows 8 Apps for the Windows Store – corelan.be
        The first talk after having lunch at BlackHat Europe 2013, title “Hardening Windows 8 Apps for the Windows Store” is delivered by Bill Sempf (@sempf).
    • Day 2

Resources

  • Introduction to WMI Basics with PowerShell Part 1 (What it is and exploring it with a GUI) – pauldotcom.com
    WMI is the Microsoft implementation of Web-Based Enterprise Management (WBEM), with some enhancements in the initial version of it, WBEM is a industry initiative to develop a standard technology for accessing management information in an enterprise environment that covers not only Windows but also many other types of devices like routers, switches, storage arrays …etc.
  • 0xdabbad00.com Blog Archive Thoughts on signed executables – 0xdabbad00.com
    In thinking about making an application to do white-listing on Windows, one of the first questions you have is how do you identify what to trust?
  • Virtual Patching Cheat Sheet – OWASP – owasp.org
    The goal with this cheat Sheet is to present a concise virtual patching framework that organizations can follow to maximize the timely implementation of mitigation protections.
  • America’s Next Top Module – community.rapid7.com
    These stats are gathered roughly monthly from the Metasploit exploit database backend, and tend to have a pretty strong recency bias — modules that recently got a lot of press or Twitter buzz tend to shoot up to the top of the list.
  • Windows Auth – The Nightmare Begins (SSO) – passing-the-hash.blogspot.com
    I’m going to start with an overview of Windows authentication and why it’s such a large, complicated, unwieldy beast.
  • The Pentester’s Guide to Akamai – nccgroup.com
    I’m happy to announce we’ve just published a new technical whitepaper based on knowledge gained assessing sites located behind Akamai.
  • Security of RC4 Stream Cipher – home.hiroshima-u.ac.jp
    We published a first plaintext recovery attack of RC4 in the broadcast setting where same plaintext is encrypted by different user keys at FSE 2013 (earlier than AlFardan-Bernstein-Paterson-Poettering-Schuldt Results).

Tools

Techniques

  • How I Hacked Any Facebook Account…Again! – nirgoldshlager.com
    This is my second post regarding Facebook OAuth Vulnerabilities.
  • Phishing Techniques: Similarities, Differences and Trends Part II: Targeted Phishing – resources.infosecinstitute.com
    Spear-phishing is a technique by which a cyber-criminal falsely presents himself in an electronic communication as a CEO, director, manager or a subordinate (an insider) of a particular firm or department of government where his victim works to earn their trust, or he impersonates an entity which is either trusted by the targeted firm/government or the latter has relations or obligations towards it.
  • PowerShell Basics – Extending the Shell with Modules and Snapins – pauldotcom.com
    There is a big miss conception with people starting with PowerShell when they install some server products like Exchange or SharePoint and the programs place a shotcut to what they call a “Management Shell” it is nothing more than PowerShell with a loaded Module or PSSnapin. As you will see extending the shell is quite simple and flexible.

Vendor/Software Patches

Vulnerabilities

Other News

Leave A Comment