Week 20 In Review – 2016

Events Related

  • Cybersecurity sleuths learn to think like hackers – www.cnet.com
    About 35 high-school students sit at neatly arranged rows of tables in the university’s gym. Another 115 college-level contestants surround the high schoolers. The room is pretty quiet, with only the occasional rattle from the New York subway tunnels below cutting into the hushed conversations.

Techniques

  • Building an EmPyre with Python – www.harmj0y.net
    The PowerShell Empire code base is actually fairly language agnostic. The server essentially just handles key negotiation to stage a full script-based agent and provides a variety of language-specific post-exploitation modules.
  • Detecting ImageTragick with Burp Suite Pro – blog.silentsignal.eu
    After ImageTragick (CVE-2016–3714) was published, we immediately started thinking about detecting it with Burp, which we usually use for web application testing. Although collaborator would be a perfect fit, as image processing can happen out-of-band, there’s no official way to tap into that functionality from an extension.

Vendor / Software Patches

Vulnerabilities

  • Clearing up some misconceptions around the “ImageTragick” bug – lcamtuf.blogspot.com
    The recent, highly publicized “ImageTragick” vulnerability had countless web developers scrambling to fix a remote code execution vector in ImageMagick – a popular bitmap manipulation tool commonly used to resize, transcode, or annotate user-supplied images on the Web.
  • Severe 7-Zip vulnerabilities cause top security, software tools patch panic – www.zdnet.com
    7-Zip is an open-source file archiver and decompressor which is used in a range of utilities and applications which also includes AES-256 encryption options. Not only is 7-Zip used by thousands of consumers, but a number of technology companies and developers also implement the system in their own tools and software.

Other News

  • Yubikey – plus.google.com
    I must, sadly, withdraw my endorsement of yubikey 4 devices (and perhaps all newer yubikeys), as apparently Yubico has replaced all open-source components that made yubikey NEOs so awesome with proprietary closed-source code in Yubikey 4s.

One Comment

  1. Week 20 In Review – 2016 – sec.uno May 16, 2016 at 11:21 am

    […] post Week 20 In Review – 2016 appeared first on Infosec […]

Leave A Comment