- ToorCon Seattle 2013 – Weaponizing your coffee pot – danielbuentell0.blogspot.com
As SoC price continue to drop and their implementation continues to rise, connected “appliances” (Internet of Things) will be become an attractive avenue for cyber criminals. Due to the fact they provide no traditional feedback (monitor) or input (mouse/keyboard), If one were able to compromise an embedded host it would be the perfect vantage point for a MITM attack or a beachhead to launch other attacks.
- U.S. Federal Agents Blacklisted at DEF CON
- Hackers convention ask government to stay away over Snowden – reuters.com
The annual Def Con hacking convention has asked the U.S. federal government to stay away this year for the first time in its 21-year history, saying Edward Snowden’s revelations have made some in the community uncomfortable about its presence.
- Feds ‘not welcome’ at DEF CON hacker conference – zdnet.com
Last year NSA Director Keith Alexander keynoted the annual DEF CON hacker conference in Las Vegas. This year, DEF CON organizers warn that U.S. government Federal agents are explicitly not welcome.
- Hackers convention ask government to stay away over Snowden – reuters.com
- Hardware Recon – danielbuentell0.blogspot.com
In the software world if you want to start probing a system you have your go to tools (nmap, whois, web app scanners, etc…). They automate a lot of the grunt work and generally give you somewhere to start looking for bugs. In the hardware world you have… well you don’t really have much. Or so it may seem.
- Securing Microsoft Windows 8: AppContainers – news.saferbytes.it
Recently, we have been conducting an analysis concerning the new Windows 8 security features. There are few documents available in Internet about this topic and no one of them explains the entire implementations in detail.
- ModSecurity Advanced Topic of the Week: Detecting Banking Trojan Page Modifications – blog.spiderlabs.com
Banking Trojan software such as Zeus and SpyEye have become extremely sophisticated and can manipulate a wide range of user interactions with the web application. One of the techniques used by the banking trojans is to attempt to phish extra user data during login. The banking trojan will monitor HTTP stream data via the wininet.dll library and will modify content on the fly. The data modification capability within Zeus is controlled by a file called webinjects.txt.
- Good Exploits Never Die: Return of CVE-2012-1823 – community.rapid7.com
According to Parallels, “Plesk is the most widely used hosting control panel solution, providing everything needed for creating and offering rich hosting plans and managing customers and resellers, including an intuitive User Interface for setting up and managing websites, email, databases, and DNS.” (source: Parallels). On Jun 05 kingcope shocked Plesk world by announcing a new 0 day which could allow for remote command execution:
- How elite security ninjas choose and safeguard their passwords – arstechnica.com
If you felt a twinge of angst after reading Ars’ May feature that showed how password crackers ransack even long passwords such as “qeadzcwrsfxv1331”, you weren’t alone. The upshot was clear: If long passwords containing numbers, symbols, and upper- and lower-case letters are this easy to break, what are users to do?
- Web Application Security Testing should be part of QA Testing – mavitunasecurity.com
A typical software and web application development company has a testing department, or a QA (quality assurance) team that constantly tests the software and web applications developed by the company to ensure that the products work as advertised and have no bugs. Larger software companies also invest hundreds of thousands, if not millions of dollars on software to automate some of the testing procedures and ensure that the product is of a high end quality.
- Scan Your Device for the Android Master Key Vulnerability – bluebox.com
The Bluebox Security Scanner app produced by our research team allows you to directly check if your Android device has been patched for this vulnerability without the hassle of having to contact the device manufacturer or mobile carrier. It will also scan devices to see if there are any malicious apps installed that take advantage of this vulnerability. Once we discovered the bug we set out to create a tool to help individuals to evaluate their risk and that app is now available for free at both Google Play, Amazon AppStore for Android and GetJar.
- properssl/sslcertx GitHub – github.com
sslcertx is a command line tool to extract the X.509 certificate of a remote server. It connects to the remote server and prints the server certificate it receives in the SSL handshake.
- Introducing RiskRater – a free tool for benchmarking endpoint, mobile and user risk management programs – community.rapid7.com
After lurking for a little while, I’m starting to write on SecurityStreet today in order to introduce RiskRater, a tool we’ve been working on recently. RiskRater is an interactive free tool designed to give security professionals a quick snapshot of how they are doing in terms of their security controls for endpoints, mobile devices and user-based risk.
- Quick Reversing – WebEx One-Click Password Storage – blog.opensecurityresearch.com
The One-Click Client has the ability to save a user’s password, so I decided to take a quick look at that functionality – in about an hour I was able to determine the storage, reverse the method it used to encrypt the password, and write a proof of concept tool to decrypt the local storage of the password. The aim of this blog post is to document that process and maybe encourage you to do some reversing!
- How to speed up OWASP ZAP scans – blog.mozilla.org
So you’ve used OWASP ZAP to scan your web application, and its taking far too long. Is that it, do you have to lump it or leave it? There are actually many things you can do, but the first thing you have to do is work out why its taking a long time.
- Adobe, Microsoft Release Critical Updates Krebs on Security – krebsonsecurity.com
Patch Tuesday is upon us once again. Adobe today pushed out security fixes for its Flash and Shockwave media players. Separately, Microsoft released seven patch bundles addressing at least 34 vulnerabilities in Microsoft Windows and other software. At least one of the Windows flaws is already being exploited in active attacks.
- Microsoft Updates July 2013 – Serious flaws in IE, DirectShow and Multiple TrueType Font Handling Code Paths – securelist.com
As promised in Microsoft’s July Advance Notification, Microsoft ships seven security bulletins this month (MS13-052 – MS13-058). At least 34 CVE are being patched. Six of the Security Bulletins are rated “critical” due to remote code execution issues. The vulnerabilities being fixed this month enable RCE across all versions of Windows operating systems, but most of these serious flaws have all been privately reported and there is no indication that they are publicly known or exploited yet. Some however, are publicly known and drew attention from a number of exploit developers.
- Assessing risk for the July 2013 security updates – blogs.technet.com
Today we released seven security bulletins addressing 34 CVE’s. Six bulletins have a maximum severity rating of Critical, and one has a maximum severity rating of Important. We hope that the table below helps you prioritize the deployment of the updates appropriately for your environment.
- How Easily Can a Moving Car Be Hacked? – motherboard.vice.com
Shortly after Rolling Stone contributing editor Michael Hastings died in a fiery auto crash in Los Angeles, conspiracy theories began to pop up online. The mysterious circumstances practically begged for a new brand of ’70s-era Nixonian paranoia.
- Some Emergency Alert System decoders vulnerable to hacking – theverge.com
Some key parts of the Emergency Alert System are vulnerable to hacking, according to a report from security research firm IOActive. The EAS, which replaced the old Emergency Broadcast System and can now be utilized to send alerts to phones as well as television stations, uses direct digital and analog communication that involves local application servers called decoders.
- An Empirical Study of Vulnerability Rewards Programs – cs.berkeley.edu
Some software vendors pay security researchers for the responsible disclosure of a security vulnerability. Programs implementing the rules for this exchange are known as vulnerability rewards programs (VRPs) or bug bounty programs. The last couple of years have seen an upsurge of interest in VRPs, with some vendors expanding their existing programs