Event Related
- IPv6 Focus Month
- IPv6 Focus Month: What is changing with DHCP – isc.sans.edu
Among the different methods to configure IPv6 addresses, most managed networks will likely stick with DHCP. DHCPv6 however is a bit different then DHCPv4. We will summarize here some of the basic differences between DHCPv4 and DHCPv6. - IPv6 Focus Month: The warm and fuzzy side of IPv6 – isc.sans.edu
Protocols like IPv6 and IPv4 suffer from two very different types of security issues: Oversights in the specification of the protocol and implementation errors.
- IPv6 Focus Month: What is changing with DHCP – isc.sans.edu
- Google Chrome OS Linux WAS Exploited at Pwnium 2013 for $40,000 – internetnews.com
Earlier this month, Google Chrome running Chrome OS (Linux!) was hailed as being a survivor in the Pwnium/Pwn2own event that hacked IE, Firefox and Chrome browsers on Windows. - CanSecWest 2013 slides – cansecwest.com
CanSecWest 2013 Files - Troopers 13 Presentation Corporate Espionage via Mobile Compromise – viaforensics.com
Troopers was held this year March 11-15th in the beautiful city of Heidelberg, Germany. It was an amazing and intimate event (sold out at 200 attendees) with deeply technical talks focused on education and the goal of “making the world a safer place.” This year I presented on a mobile security topic titled Corporate Espionage via Mobile Compromise: A Technical Deep Dive. - RSA Conference 2013 The Year of the Panel – blog.accuvant.com
At this year’s RSA Conference, panel discussions appeared to dominate the speaking sessions. Personally, I find that panels are more engaging and provide more value overall. In my opinion, a session with more experts who offer different perspectives results in a better learning experience for all attendees.
Resources
- Internet Census 2012 – internetcensus2012.bitbucket.org
While playing around with the Nmap Scripting Engine (NSE) we discovered an amazing number of open embedded devices on the Internet. Many of them are based on Linux and allow login to standard BusyBox with empty or default credentials. - PowerShell Basics – Execution Policy and Code Signing Part2 – darkoperator.com
In my previous blog post where I covered Execution Policy and Code Signing I mentioned that these steps where only useful for content that is downloaded from the internet and to prevent accidental execution of scripts. - The Tallinn Manual – ccdcoe.org
The Tallinn Manual on the International Law Applicable to Cyber Warfare, written at the invitation of the Centre by an independent ‘International Group of Experts’, is the result of a three-year effort to examine how extant international law norms apply to this ‘new’ form of warfare.
Techniques
- Hacking High Scores in iOS GameCenter – netspi.com
In order to modify our scores, we will need to proxy our iOS traffic through Burp. In order to properly intercept the encrypted iOS traffic, you will also need to install the Portswigger certificate on your iOS device - iPillaging – Snarfing Useful Data from iOS Images – pen-testing.sans.org
Tim Medin has taken the SANS Security 575 course on Mobile Device Security and Penetration Testing more than any other human. His frequent stints as a teaching assistant for Josh Wright (yes, mandatoryback rubs) has ensured that unique distinction. - Gravatar Email Enumeration in JavaScript
– blog.whitehatsec.com
A friend recently reminded me about a hackers’ trick − based on using Gravatar − that I’d long forgotten about. The method was last discussed on Stack Overflow a couple of years ago. - Mongodb – Security Weaknesses in a typical NoSQL database – blog.spiderlabs.com
Over the last year or so, I’ve noticed 2 ports appearing more frequently during internal penetration tests, namely 27017/tcp and 28017/tcp.
Vendor/Software Patches
- Update: PDFiD Version 0.1.2 – blog.didierstevens.com
This new version is a bugfix version for Python 3 plus I added a new name in the default report: /XFA - Weekly Update: Introducing Metasploit 4.5.3 – community.rapid7.com
This week, we’ve incremented the Metasploit version number by one trivial point to 4.5.3 — this was mainly done to ensure that new users get the fixes for the four most recent vulnerabilities that were fixed by Rails 3.2.13.
Vulnerabilities
- iOS 6.1.3
- Apple’s New iOS Update Blocks Evasi0n Jailbreak–After It’s Been Used About 18 Million Times – forbes.com
After 43 days of jailbreaking frenzy, Apple has closed the cell doors again. The latest 6.1.3 update to iOS released Tuesday includes a patch that prevents the use of the hacking tool evasi0n, which since early February has become the most popular program ever for “jailbreaking” phones and tablets to remove their software restrictions. - iOS 6.1.3 security flaw allows passcode lock bypass again [VIDEO] – nakedsecurity.sophos.com
iOS 6.1.3 has only just been released by Apple, and already a security hole has been followed – allowing anyone to bypass the passcode lock on iPhones, and access private data on the device. Anyone else getting a sense of Deja Vu?- New Apple ID Exploit Allows Others to Reset Your Password; Here’s How to Protect Yourself [UPDATED] – lifehacker.com
Apple may have finally added two-factor authentication, but a new exploit is putting Apple IDs at risk that two-factor authentication can’t necessarily fix. Here’s what you need to know.- Spy-Pi: Do you trust your laptop docking stations? – nccgroup.com
Laptop docking stations are widely used in organisations, often in hot-desking environments. They provide a neat connectivity solution for workers who are semi-mobile and therefore use laptops rather than desktop PCs.- Cisco switches to weaker hashing scheme, passwords cracked wide open – arstechnica.com
Crypto technique requires little time and computing resources to crack.- T-Mobile Wi-Fi Calling – cs.berkeley.edu
We discovered a vulnerability which would allow attackers to eavesdrop on and even modify calls and text messages sent via T-Mobile’s “Wi-Fi Calling” feature. The feature, which we estimate is installed on millions of T-Mobile Android smartphones, allows customers to make and receive calls and text messages even when they don’t have cellular reception.Other News
- What 420,000 insecure devices reveal about Web security – cnet.com
Using a simple technique, a researcher creates a benign botnet to survey the breadth of the Internet, and finds a back door flung wide open and beckoning the bad guys. Read this article by Don Reisinger on CNET News. - A Penetration Tester’s Pledge – pen-testing.sans.org
Over the weekend, I was thinking about the wonderful psexec capabilities of tools like Metasploit, the Nmap Scripting engine smb-psexec script, and the psexec tool itself from Microsoft Sysinternals. - Same hacker may have targeted Ars, reporter Krebs, and Wireds Honan – arstechnica.com
Krebs gets the name of hacker tied to attacks, calls him to discover a 20-year-old. - The Obscurest Epoch is Today – krebsonsecurity.com
To say that there is a law enforcement manhunt on for the individuals responsible for posting credit report information on public figures and celebrities at the rogue site exposed.su would be a major understatement. - Disconnect: Defunding EnergySec/NESCO and Promoting Info Sharing – digitalbond.com
The Executive Order and proposed Cybersecurity Legislation focuses on information sharing yet the USG decides to defund an electric sector info sharing org. - RC4 in TLS is broken: Now what? – blog.ivanristic.com
RC4 has long been considered problematic, but until very recently there was no known way to exploit the weaknesses. - Cyberattack Disrupts South Korean TV, Banks – threatpost.com
The other Korea’s specter loomed large among speculators and fingers pointers Wednesday morning when reports surfaced that the networks of several prominent South Korean banks and broadcasters dropped offline. - Pentagon to Deploy More Than 100 Cyber Teams by 2015 – mashable.com
Within three years, the Pentagon’s Cyber Command will deploy more than 100 teams focused predominantly on defending military networks rather than attacking adversaries’ systems, according to Defense Department officials.
- New Apple ID Exploit Allows Others to Reset Your Password; Here’s How to Protect Yourself [UPDATED] – lifehacker.com
- Apple’s New iOS Update Blocks Evasi0n Jailbreak–After It’s Been Used About 18 Million Times – forbes.com
Leave A Comment