Week 47 In Review – 2016

Events Related

BSides DC 2016 – Opening – www.youtube.com
Alex Norman does what Alex Norman does best. Open the con. Inspirational, motivational and most importantly… short.

AppSecUSA 2016 – www.youtube.com
Recordings from AppSecUSA 2016 in Washington, DC

Highlights from the O’Reilly Security Conference in Amsterdam 2016 – www.oreilly.com
Watch highlights covering security, defense, tools, and more. From the O’Reilly Security Conference in Amsterdam 2016.

Resources

Slides about my Windows Metafile research (Ruxcon, PacSec) and fuzzing (Black Hat EU) now public – j00ru.vexillium.org
At a majority of the events, I presented the results of my Windows Metafile security research, which took place earlier this year and yielded vulnerabilities in GDI (exploitable e.g. in Internet Explorer), GDI+ (e.g. Microsoft Office), ATMFD.DLL (Windows local privilege escalation) and the Virtual Printers mechanism in VMware Workstation.

PoisonTap – samy.pl
PoisonTap siphons cookies, exposes internal router & installs web backdoor on locked computers

Tools

jSQL Injection – github.com
jSQL Injection is a lightweight application used to find database information from a distant server.

Test Your Might With The Shiny New Metasploitable3 – github.com
Metasploitable3 is a VM that is built from the ground up with a large amount of security vulnerabilities.

Techniques

JTAGing Mobile Phones – sysforensics.org
Joint Test Action Group (JTAG) is the group of companies that came together in 1985 to define a standard for boundary-scan testing of integrated circuits.

Video PoC Exploit for Nginx packaging on Debian-based distros – legalhackers.com
The video demonstrates how an attacker using the CVE-2016-1247 vulnerability in Nginx packaging on Debian-based systems (such as Debian, Ubuntu etc.), could escalate their privileges to root user upon gaining access to the system as www-data user.

Live tweeting a Mirai botnet infection – storify.com
Rob Graham (@ErrataRob) live tweets as he sets up a camera from amazon and it gets infected with Mirai.

Vulnerabilities

CVE-2016-4484: Cryptsetup Initrd root Shell – hmarco.org
A vulnerability in Cryptsetup, concretely in the scripts that unlock the system partition when the partition is ciphered using LUKS (Linux Unified Key Setup). The disclosure of this vulnerability was presented as part of our talk “Abusing LUKS to Hack the System” in the DeepSec 2016 security conference, Vienna.

New iPhone security flaw lets anyone access messages and photos without your PIN – bgr.com
Yes, there’s a new iOS flaw that can let someone access sensitive personal iPhone data by bypassing the passcode that encrypts the device. But don’t freak out just yet, as this security flaw probably not affect anyone and Apple will surely patch it soon.

Good News: Ubuntu Now Ships With unattended-upgrades On By Default! – blog.appcanary.com
The vuln is a pretty serious remote code execution vulnerability in memcached, and as far as we could tell our user was indeed using the most recent version available for their distribution — 1.4.25-2ubuntu2.1.

Other News

New NIST Guidance Takes Engineering Approach to InfoSec – www.bankinfosecurity.com
NIST Special Publication 800-160, “Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems,” emphasizes a methodical engineering approach to information security as IT grows more complex, dynamic and interconnected, such as through the growth of the internet of things.

BOM gets Cray supercomputer for weather prediction – www.zdnet.com
The Bureau of Meteorology’s (BOM) new Cray XC-40 supercomputer has been successfully commissioned, bolstering the organisation’s ability to predict the weather.

Iphones Secretly Send Call History to Apple, Security Firm Says – theintercept.com
The company has gone to great lengths to secure customer data in recent years, by implementing better encryption for all phones and refusing to undermine that encryption.