Week 48 In Review – 2013

Events Related

• Course Review: SANS SEC 760 Advanced Exploit Development for Penetration Testers – ethicalhacker.net
  SANS SEC 760 Advanced Exploit Development for Penetration Testers is a six-day course that teaches the advanced techniques that are needed to compromise modern information systems.
• OWASP Benelux Day 2013 Wrap-Up – blog.rootshell.be
  Xavier just back from Amsterdam where was organized the 5th edition of the OWASP Benelux Day. Here is the wrap up of the conference by him.

Resources

• Building Secure Container Slides From Appsec USA – blog.gdssecurity.com
  The talk focused on uncovering the techniques used by commercial BYOD secure container solutions in order to implement your own.
• Slides from OWASP AppSec USA – blog.sendsafely.com
  In case you missed the presentation by SendSafely’s Brian Holyfield and Erik Larsson at OWASP AppSec USA, Sendsafely blog had posted a copy of the deck in their GitHub repository. Brian and Erik discussed some of the challenges they faced here at SendSafely when implementing Content Security Policy (CSP) on their site.
• Security Headers on the Top 1,000,000 Websites: November 2013 Report – veracode.com
  It has been almost exactly a year since Veracode researcher conducted the first top 1 million security headers report so it is a great time to re-run the analysis and see how well security header adoption is growing.

Tools

• Nimbostratus – andresriancho.github.io
  Tools for fingerprinting and exploiting Amazon cloud infrastructures. These tools are a PoC which Andresriancho developed for his “Pivoting in Amazon clouds” talk, developed using the great boto library for accessing Amazon’s API.
• GRR – code.google.com
  GRR is an Incident Response Framework focused on Remote Live Forensics. GRR is currently in an Beta release, ready for testing by end users.
• Sparty – github.com
  Sparty is an open source tool written in python to audit web applications using sharepoint and frontpage architecture.

Techniques

• Bypassing Seagate ATA Security Lock – hackaday.com
  Here’s a common story when it comes to password retrieval.

Vulnerabilities

• WordPress OptimizePress hack (file upload vulnerability) – www.osirt.com
  Thousands of WordPress sites are at risk of being hacked using a newly-discovered vulnerability in the popular OptimizePress theme. OSIRT team tried to find an official announcement of this vulnerability, but the search only turned up a PasteBin post from Nov. 23 that has since been removed.
• Attack Exploits Windows Zero-Day Elevation of Privilege Vulnerability – symantec.com
  On November 27, Microsoft issued a security advisory regarding the recent discovery of a zero-day vulnerability in a kernel component of Windows XP and Windows Server 2003. The advisory states that the Microsoft Windows Kernel ‘NDProxy.sys’ Local Privilege Escalation Vulnerability (CVE-2013-5065) can allow an attacker to execute arbitrary code with kernel-level privileges.