[cyber] law, who willingly break online terms of service and software licensing agreements, who may trade in warez, exploits, botnets, credit card numbers, social security numbers, stolen account credentials, and so on.
Interview With A Blackhat (Part 2) – blog.whitehatsec.com
This is part 2/3 of my interview with “Adam” – a blackhat who has decided to go legit.
OWASPs 2013 Web Vulnerabilities List Will Shuffle the Top Ten – resources.infosecinstitute.com
The OWASP Top 10 list publicizes the most critical web application security flaws as determined by Open Web Application Security Project (OWASP), a nonprofit, vendor-independent IT security organization formed in 2001. In this article, we preview the 2013 edition of this popular security resource.
Reverse Engineering Obfuscated Assemblies – resources.infosecinstitute.com
In previous articles that talked about .NET reverse engineering, we covered almost every aspect of reversing .NET assemblies, we explained how this kind of binary is compiled, executed, how we can compile it, decompile it, how to apply patches, as well as the concept of round trip engineering and how to bypass strong name signatures.
Five Common Corporate Pitfalls in Cyber Security Management – blog.rsa.com
This blog discusses five of the high level missteps common to organizations that have experienced needlessly prolonged negative effects of cyber security incidents.
Alert-driven vs Exploration-driven Security Analysis – blogs.gartner.com
Is alert-driven security workflow “dead”?! It is most certainly not.
YouTube – Practical Exploitation – Effective NTLM / SMB Relaying – youtube.com
Using ZackAttack, Responder and proxychains we can utilize relayed credentials more effectively than previously available.
- th3l33k/php-nessus-api – github.com
The Nessus Vulnerability Scanner provides an API interface via XMLRPC.
- Download Multiple Nessus Reports via the Nessus XML-RPC API – security.sunera.com
Several months back I began to look at various ways to automate some of the common tasks that are usually performed within the Nessus GUI. I was familiar with nessuscmd, and had leveraged that tool within some scripts, but it didn’t fit the bill for a lot of the administrative activity that I thought could be automated, or at least made more efficient.
- MoVP II – 2.1 – RSA Private Keys and Certificates – volatility-labs.blogspot.com
Those of you who downloaded the Volatility Cheat Sheet v2.3 may have noticed a plugin named dumpcerts, which is a relatively new addition to the plugin scene for Windows. Its based on the work by Tobias Klein called Extracting RSA private keys and certificates from process memory.
- zfasel/ZackAttack – github.com
ZackAttack! is a new Tool Set to do NTLM Authentication relaying unlike any other tool currently out there.
- Dissecting Blackberry 10 An initial analysis – sec-consult.com
In 2013, Blackberry has presented a brand new operating system which significantly differs from others presented on the smartphone market. A very high security level is announced, and the expectations are corresponding. Some analytics consider this as the last chance for Blackberry “to get back in the big game” and stand in the row with such giants as iOS and Android.
- Improving the security of your SSH private key files – martin.kleppmann.com
When you start reading about “crypto stuff”, you very quickly get buried in an avalanche of acronyms. I will briefly mention the acronyms as we go along; they don’t help you understand the concepts, but they are useful in case you want to Google for further details.
- Re: exploitation ideas under memory pressure – seclists.org
The question is how to get PATHALLOC() to succeed under memory pressure so we can make this exploitable, my first thought was have another thread manipulating the free pool, but I can’t figure out how to synchronize that. Getting code execution should be trivial after this.
- Breaking Out! of Applications Deployed via Terminal Services, Citrix, and Kiosks – netspi.com
In order to meet business requirements and client demand for remote access, many companies choose to deploy applications using Terminal Services, Citrix, and kiosk platforms. These platforms are commonly deployed in both internal networks as well as internet facing environments.
- Java Web Vulnerability Mitigation on Windows – tojoswalls.blogspot.com
The ubiquity of the Java browser plug-in has made it one of the largest attack surfaces on Windows clients for web-based attacks, particularly making it easy to perform undetectable drive-by download and “poisoning the well” attacks.
- WordPress Under Attack – cylance.com
In the last few weeks, Internet hacking attacks have increased and thousands of sites have already been compromised. Many security observers have seen 1,000,000s of scans of their WordPress installation on a single day in April, as noted by the Sucuri Blog on April 11, 2013 – see http://blog.sucuri.net/2013/04/the-wordpress-brute-force-attack-timeline.html.
- If You Didnt Care About HIPAA Before, You May Need to Now – blog.cisco.com
The HIPAA Omnibus Final Rule, released January 2013, greatly expands the number of organizations that must comply with HIPAA beyond the known ‘Covered Entities.’
- Teenage burglar with electronic tag pulls a fast one on G4S security official – telegraph.co.uk
A 16-year-old burglar sentenced to a home curfew pulled a fast one on the
security company which was setting up his electronic tag, a court heard.
- FedRAMP seal of approval clears Amazon for more government work – gigaom.com
AWS is the first major cloud provider to get its FedRAMP certification which should make it easier for government agencies to put more workloads on Amazon’s cloud.
- Power company targeted by 10,000 cyberattacks per month – arstechnica.com
A Congressional survey of utility companies has revealed that the country’s electric grid faces constant assault from hackers, with one power company reporting a whopping 10,000 attempted cyberattacks per month.
- US Department of Justice lays out cybersecurity basics every company should practice – networkworld.com
Speaking at the Georgetown Cybersecurity Law Institute this week, Deputy Attorney General of the United States James Cole said there are a ton of things companies can do to help government and vice-versa, combat cyber threats through better prevention, preparedness, and incidence response.
- Climbing the InfoSec Career Ladder – bankinfosecurity.com
Breaking into the information security field – a male-dominated profession – is a challenge for women. Lisa Xu, CEO of NopSec, identifies the hurdles she’s had to overcome and offers strategies for women to grow in their careers.
- DHS Workers’ PII Exposed for Nearly 4 Years – bankinfosecurity.com
A Department of Homeland Security system used to conduct background checks may have exposed personally identifiable information of employees and contractors for nearly four years.