Week 4 In Review – 2016

Events Related

• ShmooCon: LastPass design elements create perfect Phishing opportunity – www.csoonline.com
  Cassidy’s presentation at ShmooCon on Saturday morning outlined a clever Phishing attack against LastPass users, which is made possible due to design elements within the password manager’s core functions.

• BSides Conference
  • BSides Columbus 2016 Videos – www.irongeek.com
  • BSidesNYC2016 – github.com

Tools

• dnstwist – github.com
  Domain name permutation engine for detecting typo squatting, phishing and corporate espionage

Techniques

• Autopwn every Android < 4.2 device on your network using BetterCap and the “addJavascriptInterface” vulnerability – www.evilsocket.net
  Recently I’ve been playing with Android’s WebView based vulnerabilities, focusing on how to exploit them using a MITM attack.
  One of the most interesting ones is the addJavascriptInterface vulnerability ( CVE-2012-6636 ) which affects every device running a version older than Android 4.2.

• Jailbreak iOS 8.1.2 and Analyze Related Exploits – en.wooyun.io
  I wish that you could learn the process of a jailbreak, the exploits required for a jailbreak and some exploitation methods through this article.

• Hot Potato – Windows Privilege Escalation – foxglovesecurity.com
  Hot Potato (aka: Potato) takes advantage of known issues in Windows to gain local privilege escalation in default configurations, namely NTLM relay (specifically HTTP->SMB relay) and NBNS spoofing.

Vulnerabilities

• Serious Linux Kernel Vulnerability Patched – threatpost.com
  The vulnerability affects versions 3.8 and higher, said researchers at startup Perception Point who discovered the vulnerability. The flaw also extends to two-thirds of Android devices, the company added.

• New Trojan Spies on Linux Users by Taking Screenshots and Recording Audio – news.softpedia.com
  Web, a Russian antivirus maker, has detected a new threat against Linux users, the Linux.Ekocms.1 trojan, which includes special features that allow it to take screengrabs and record audio.

• Deliberately hidden backdoor account in several AMX (HARMAN Professional) devices – blog.sec-consult.com
  “AMX (www.amx.com) is part of the HARMAN Professional Division, and the leading brand for the business, education, and government markets for the company. As such, AMX is dedicated to integrating AV solutions for an IT World.

• Analysis of iOS & OS X Vulnerability: CVE-2016-1722 – blog.zimperium.com
  During our fuzzing attempts in effort to improve the state of security on iOS devices, we investigated one of the crashes that our fuzzer triggered. Our fuzzer was not targeting syslog code, but once we investigated the crash it led to a comprehensive review of the open-source portion of syslogd.

Other News

• Worried about cyberattacks on US power grid? Stop taking selfies at work – www.csmonitor.com
  Experts warn that malicious hackers gain valuable insight when companies and employees reveal too much information on the Web – especially when they work at sensitive facilities.