Week 51 In Review – 2014

Resources

• AthCon 2012 Slides & Notes – kingcope.wordpress.com
  Slides & notes for “Uncovering Zero-Days and advanced fuzzing” at AthCon 2012. You can download now from here.
• BalCCon2k14 – youtube.com
  BalCCon – Balkan Computer Congress 2014 videos are available now. You can watch and download the videos from here.
• Mass Scanning the Internet – DefCon 2014 (Talk Summary) – manvswebapp.com
  This talk, Mass Scanning the Internet at DefCon 22, piqued M. J. Power’s interest as they at NTO are very fundamentally concerned with gathering massive amounts of security assessment data from a web application. So reading the brief, he thought, wow, these guys are scanning the whole internet!
• Nickolai Zeldovich Lectures – youtube.com
  Here are the lectures of Nickolai Zaldovich available. You can watch and download the videos from here.

Tools

• Introducing Snort 3.0 – snort.org
  Snort has not only become the standard in intrusion detection, but the Snort rules language is used by network researchers to communicate with each other to detect bad traffic.
• BlueMaho Project – Bluetooth Security Testing Suite – darknet.org.uk
  BlueMaho is GUI-shell (interface) for a suite of tools best used for Bluetooth security testing. It is freeware, opensource, written on python, uses wxPython. You can download BlueMaho here.

Techniques

• From MS14-068 to Full Compromise – Step by Step – trustedsec.com
  This blog post will walk through the steps taken in order to exploit the MS14-068 flaw and from there leverage it to add a domain administrative level account.
• Predicting Struts CSRF Token (CVE-2014-7809) – blog.h3xstream.com
  This article will be all about practical exploitation of a LCG pseudo random generator. Buckle up for code review, some math analysis and tons of hex fun!

Other News

• Feds used Adobe Flash to identify Tor users visiting child porn sites – arstechnica.com
  Operation Torpedo relied on long-abandoned Metasploit Decloaking Engine. According to Wired, “Operation Torpedo,” as the FBI sting operation was dubbed, targeted users of three darknet child porn sites.
• North Korea Behind Sony Hack: U.S. Officials – nbcnews.com
  The officials told NBC News the hacking attack originated outside North Korea, but they believe the individuals behind it were acting on orders from the North Koreans.
  • U.S. Said to Find North Korea Ordered Cyberattack on Sony – nytimes.com
    American officials have concluded that North Korea was “centrally involved” in the hacking of Sony Pictures computers, even as the studio canceled the release of a far-fetched comedy about the assassination of the North’s leader that is believed to have led to the cyberattack.
  • Obama: Sony made a mistake by pulling ‘The Interview’ – cnbc.com
    President Barack Obama said Friday that Sony should not have pulled “The Interview” after a North Korean hacking, and he pledged to answer the attack. “We will respond,” he told reporters.
  • Lessons from the Sony Hack – schneier.com
    The Federal Bureau of Investigation now says it has evidence that North Korea was behind the attack, and Sony Pictures pulled its planned release of “The Interview,” a satire targeting that country’s dictator, after the hackers made some ridiculous threats about terrorist violence.
• ICANN HACKED: Intruders poke around global DNS innards – theregister.co.uk
  Domain-name overseer ICANN has been hacked and its DNS zone database compromised, the organization has said. The organization notes it was a “spear phishing” attack, suggesting employees clicked on a link in the messages that took them to a bogus login page.
• 1.16 Million Payment Cards Breached in Staples Hack – gizmodo.com
  In case anybody still believed we were doing ok on cybersecurity, Staples just announced that malware deployed at 115 of its stores nationwide gave hackers access to some 1.16 million customers’ payment cards.