Week 20 in Review – 2013

Event Related

• NoSuchCon #1 Wrap-Up – blog.rootshell.be
  So, let’s welcome the newly born conference called “NoSuchCon“. The first edition was just organized in Paris across the last three days.

Resources

• Download: Mobile Threat Report Q1 2013 – f-secure.com
  All of our past reports are also available in the “Labs” section of f-secure.com.
• Big Iron Back Door: MainTP (Part Two) – mainframed767.tumblr.com
  The is the second part of a two part article about using FTP, JCL, OMVS and Netcat to get shell access on a mainframe.
• Vulnerability Assessment of SNMP Service II – resources.infosecinstitute.com
  This is our second article in a series on vulnerability assessment of SNMP Service. In the previous article, we learned how we could set up a SNMP Service on a Linux box (Ubuntu in our case).
• The Difference Between a Vulnerability Assessment and a Penetration Test – danielmiessler.com
  There are many views on what constitutes a Vulnerability Assessment versus a Penetration Test. The main distinction, however, seems to be that some believe a thorough Penetration Test involves identifying as many vulnerabilities as possible, while others feel that Penetration Tests are goal-oriented and are mostly unconcerned with what other vulnerabilities may exist.
• Index of /talks – nosuchcon.org
  Resources for Index of Talks

Tools

• Scanning PLC Devices – PLCScan – digitalbond.com
  PLCScan is a utility that was released by scadastrangelove to help identify PLC devices.
• Rapid Web Assessments with RAWR – novainfosec.com
  A few weeks ago I had an opportunity to chat with Adam “@al14s” Byers and Tom “@c0ncealed” Moore at AIDE about an interesting new assessment tool they created called RAWR or Rapid Assessment of Web Resources.
• CSRF Tool – homakov.blogspot.ru
  I facepalm when I hear about CSRF in popular websites. (I was searching for them in the past but then realized that’s a boring waste of time).

Techniques

• Firmware Hacking: The Samsung smart TV turn – marcoramilli.blogspot.com
  I am not going to explain every step in details but I just want to give an idea on how it’s possible to perform a reverse engineering process starting from a firmware self-installable.
• Patching Java executable the easy way – netspi.com
  The process of patching a Java executable (.jar files) without the original source code has been known for a while. As I know of, currently there are two ways of doing it.
• CMS Hacking, A Look Into The ECCouncil Hack – blog.imperva.com
  Yesterday, EC Council was reported to have been compromised by a hacker called “Godzilla”.

Vendor/Software Patches

• SSL: Another reason not to ignore IPv6 – isc.sans.edu
  Currently, many public web sites that allow access via IPv6 do so via proxies. This is seen as the “quick fix”, as it requires minimum changes to the site itself. As far as the web application is concerned, all incoming traffic is IPv4.

Other News

• Security expert details how he nabbed millions of dollars from a bank – slashgear.com
  Bank heists – they’re the subject of movies, books, and, in some cases, real-world news. While not every mission goes as planned, many have managed to gain ill-gotten wealth from lax security systems, prompting banks to step up their game and stay on top of ever-changing technologies.
• California Launches Cybersecurity Task Force – govtech.com
  On May 13, California government officials and private-sector leaders met behind closed doors to discuss a comprehensive cybersecurity plan for the state — it was the beginning of the California Cybersecurity Task Force, the first state-led collaboration of its kind.