Week 44 In Review – 2013

Resources

• Advanced iOS kernel debugging for exploit developers – www.youtube.com
  Advanced iOS kernel debugging for exploit developers: A presentation by Stefan Esser (@i0n1c) at the Breakpoint security conference in Melbourne, Australia.
• ekoparty Security Conference 9th Edition(2013) – ekoparty.org
  The ekoparty 2013 Videos & Papers are available here.

Tools

• The Social-Engineer Toolkit (SET) v5.4 “Walkers” Released – trustedsec.com
  TrustedSec is proud to announce the release of The Social-Engineer Toolkit (SET) v5.4 codename “Walkers”. This version has a significant amount of changes, performance upgrades, bug fixes, and efficiency. This blog post will cover some of the major highlights from Java 7 Update 45 and how to get around the security “enhancements”.
• Toorcon 2013 – github.com
  Toorcon 2013 Talk contains configuration scripts, examples, and of course the talk notes.

Techniques

• Phishing With Linkedin’s Intro – jordan-wright.github.io
  In this post, we’ll take a look and see what exactly Linkedin is doing to its users’ email, as well as how we can spoof this information, gaining full control of the information shown to the user.
  • Linkedin’s Response to My “Phishing With Intro” Post -jordan-wright.github.io
• Drop Box on The Cheap – securepla.net
  A drop box is a small lightweight system that you can drop into an environment that will call back to you. The concept is that you are on a physical penetration test and you are able to social engineer your way into the building.
• Use Microsoft’s Sigcheck 2.0 to check all files in a folder on Virustotal – www.ghacks.net
  Microsoft has released Sigcheck 2.0 a couple of days ago. The excellent program enables you to verify information about files — including digital certificates, version numbers and timestamp information – by pointing it to a folder that you want checked.

Vulnerabilities

• HTTP Request Hijacking – www.skycure.com
  This post contains details about a coding pitfall Yair Amit recently identified in many iOS applications, which he calls HTTP Request Hijacking (HRH). If you are an iOS developer in a hurry to fix this issue, feel free to jump over to the “Remediation” section. Skycure created a quick-and-easy solution that will automatically protect all vulnerable iOS apps.
• Dragos Ruiu’s “badBIOS”
  #BADBIOS (And Lotsa Paranoia, Plus Fireworks) – kabelmast.wordpress.com
  Update on the malware formerly known as “BIOS SDR,” now known as #badBIOS: Dragos’s post to his Facebook page basically reads like the video message voice-over at the beginning of a post-apocalyptic horror film.
  • Dragos Ruiu’s post to his Facebook page -facebook.com
  • #badBIOS features explained -blog.erratasec.com
    Dan Goodin at Ars Technica has reported on Dragos Ruiu’s “badBIOS” analysis. Robert Graham thought he’d explain how some of this stuff works.
  • Meet “badBIOS,” the mysterious Mac and PC malware that jumps airgaps -arstechnica.com
    Three years ago, security consultant Dragos Ruiu was in his lab when he noticed something highly unusual: his MacBook Air, on which he had just installed a fresh copy of OS X, spontaneously updated the firmware that helps it boot. Stranger still, when Ruiu then tried to boot the machine off a CD ROM, it refused.
    • Interesting comments and analysis -ycombinator.com
    • Interesting comments and analysis -reddit.com

Other News

• British man charged with hacking NASA and US military computers – www.pcworld.com
  A British man has been charged with hacking into U.S. government computers and stealing personal data about thousands of employees, then bragging about it on Twitter. He is charged with one count of accessing a U.S. department or agency computer without authorization and one count of conspiracy.
  • Alleged Hacker Indicted In New Jersey For Data Breach Conspiracy Targeting Government Agency Networks -justice.gov
• Russia spied on G20 leaders with USB sticks – telegraph.co.uk
  Russia used complimentary ‘Trojan horse’ pen drives to spy on delegates at G20 summit, it has been reported.
• Hackers Break Currency Validator To Pass Any Paper As Valid Euro – it.slashdot.org
  • Researcher Finds Method to Insert Malicious Firmware into Currency Validator -threatpost.com
    The anti-counterfeiting technology in use today of course relies on computers and software, and like all software, it has bugs, as researchers at IOActive discovered when they reverse-engineered the firmware in a popular Euro currency verifier and found that they could insert their own firmware and force the machine to verify any piece of paper as a valid Euro note.
• Fake social media ID duped security-aware IT guys – itworld.com
  Penetration testers used a faked woman’s identity on social networks to break into a government agency with strong cybersecurity defenses.