My new series on the VMware vShield product family

Events Related

• – ghostintheshellcode.com Congratulations to ppp for winning the second GitS CTF! The game board as it was when the contest ended is now live, though answers are not accepted, nor are any of the exploitable services running.
• – blog.uncommonsensesecurity.com The goal is to build a truly “enterprise class” network, and they pull it off every year.
• RSA 2011 Last year we produced a pretty detailed Guide to the Conference and it was well received, so – gluttons for punishment that we are – we’re doing it again – securosis.com – darkreading.com

Resources

• USB Attacks On Linux Many people think that Linux is immune to the type of Autorun attacks that have plagued Windows systems with malware over the years. – linux.slashdot.org – blog.iss.net – itnews.com.au
• – resources.infosecinstitute.com Most people hear the term Infosec, and they automatically associate that with network and telecom security, but in reality it’s much broader than that.
• – ossman.blogspot.com Video of my presentation,Project Ubertooth: Building a Better Bluetooth Adapter, at ShmooCon 2011 is now online.
• – blogs.sans.org In this article, I will briefly introduce details of how APN works and present scenarios of how insecure implementations can be abused by malicious parties.
• – blogs.cisco.com The Cisco 4Q10 Global Threat Report is now available for download. The report showcases data from the 4th calendar quarter (October 1, 2010 – December 31, 2010).
• – blog.fortinet.com First, just like in BlackHat DC 2011, this year’s conference had several talks on smart phones. Good news! I was however slightly surprised they all concerned Android.
• – blogs.sans.org Senior developers and architects often make decisions related to application performance or other areas that have significant ramifications on the security of the application for years to come.
• – risky.biz I’m having a hard time getting my fill of security related news and discussion. I’m down to two podcasts that I listen to weekly.
• – securelist.com Exploit kits are packs containing malicious programs that are mainly used to carry out automated ‘drive-by’ attacks in order to spread malware.
• – room362.com Brute force, even though it’s gotten so fast, is still a long way away from cracking long complex passwords.
• – msisac.org I stumbled upon this and was kind of impressed.

Tools

• – labs.m86security.com Most office network printers and scanners have a feature that sends scanned documents over email. Cyber crooks however, have imitated email templates used by these devices for malicious purposes
• – chuvakin.blogspot.com As promised, I will be reposting some of the cool new announcements from The Honeynet Project here on my blogsince I now serve as Project’s Chief PR Officer.
• – blog.metasploit.com On February 1st, Eduardo Prado of Secumania notified us of a privilege escalation vulnerability on multi-user Windows installations of the Metasploit Framework.
• – open-scap.org The OpenSCAP Project was created to provide an open-source frameworkto the community which enables integration with the Security Content Automation Protocol (SCAP) suite of standards and capabilities.
• – sourceforge.net SSL Diagnos is used to get information about SSL usage (protocols ssl2, ssl3, tls, dtls, and ciphers). It can also be used for testing and rating ciphers on SSL clients.
• – terminal23.net This is a classic journo case of an editor-sensationalized title for an article that doesn’t really get reasonable until the last two paragraphs where it kinda puts the brakes on calling password reuse “endemic.”
• – nmap.org Wow! In about two weeks time, another Nmap release! We now have Nmap version 5.51! The last release was Nmap 5.50, which we wrote about here.
• – eeye.com eEye Digital Security, a provider of IT security and unified vulnerability management solutions, today announced the pre-release of Retina Community.
• – fiddler2.com Our first post regarding Fiddler, the web debugger can be found here. On the 13th of February, an update was released.

Techniques

• – blog.kaffenews.com I developed it in 5 mins just because I had to do a PT on a list of IP Addresses and it was needed to get the Domains from IPs.
• TrueCrypt After I read the documentation and some reviews I realize that it is a very secure piece of software that implements many high level features so I knew I will not be easy, at least in theory. – shortinfosec.net – q-protex.com
• – peripheral.at Mausezahn is a free fast traffic generator written in C which allows you to send nearly every possible and impossible packet.
• Proxocket – sethioz.co.uk – darknet.org.uk – netresec.com

• – carnalOwnage.attackresearch.com So thanks to mubix for telling me that ncrack now supports RDP. very cool stuff.
• – justanotherhacker.com Are you left or right handed? How about your password? English based passwords seem to be predominantly left handed.
• – symantec.com Over the last few years, Symantec has observed a substantial rise in the use of exploit kits.
• – net-ninja.net I will be discusing ways in which we can include error handling, anonymimity and how we can build the exploit so that the auditor has a reliable and flexible weapon.
• – research.zscaler.com Injecting clear text or obfuscated malicious Iframes has become a common attack vector.
• – reverse.put.as I have decided to re-release my beginners tutorial, this time based on a crackme, so it deserves the upgrade to Universe instead of World.
• – spareclockcycles.org This post documents an XSS vulnerability that I discovered in the default Gmail app (v1.3) provided by Google in Android 2.1 and prior.
• – thomascannon.net This project all started when I was asked tot ake a look at a software product that was under evaluation.
• – dfsforensics.blogspot.com Many organizations use Pointsec (Check Point) full disk encryption in order to keep their data secure, especially in the case of laptops.
• – research.zscaler.com Recently, we have seen an increase in Blackhole exploit kit attacks. Blackhole is yet another web exploit kit developed by Russian hackers.
• – blog.wearpants.org Good password security is a pain in the neck. Done properly, it requires a different password for every site.

Vendor/Software Patches

• – isc.sans.edu Here are the February 2011 Black Tuesday patches.  Enjoy!
• Adobepatch Adobe released updates for Reader for 9.4.2 and 10.0.1.  While this page on Adobe’s site doesn’t actually list them correctly, if you drill down into the actual product and OS, you’ll see the updates listed for 2/8/2011. – isc.sans.edu – isc.sans.edu
• – krebsonsecurity.com Talk about Patch Tuesday on steroids! Adobe, Microsoft and WordPress all issued security updates for their products yesterday. In addition, security vendorTipping Point released advisories detailing 21 unpatched vulnerabilities in products made by CA, EMC, HP, Novell and SCO.
• – vmware.com Updated versions of the Cisco Nexus 1000V virtual switch address a denial of service in VMware ESX/ESXi.

Vulnerabilities

• – dvlabs.tippingpoint.com These vulnerabilities are being published as per the ZDI disclosure changes announced in August of 2010.
• – exploit-db.com With these default credentials, internal attackers can modify deviceconfigurations to leverage more significant attacks, including redirection of DNS requests.

Other News

• Anonymous vs. Aaron Barr/HBGary A security researcher claims to have infiltrated the higher echelons of the Anonymous organisation and identified key leaders’ names and addresses. –  reddit.com – v3.co.uk – krebsonsecurity.com – readwriteweb.com – lightbluetouchpaper.org – guardian.co.uk – dazzlepod.com – wired.com – uiu.me – uiu.me – dazzlepod.com – cryptome.org
• – stfu.cc Come on, I know it’s /r/netsec, so we should be familiar with checking URLs before clicking, but I’d expect at least a warning before clicking a direct download of a company’s database.
• – 1raindrop.typepad.com By itself its an derisive, throw away comment that security people make about developers all the time, and of course developers are not averse to throwing haymakers back at security people.
• – twitpic.com My life is complete. Sue yourself, Sony.
• iPhone Password Hack Researchers in Germany say they’ve been able to reveal passwords stored in a locked iPhone in just six minutes and they did it without cracking the phone’s passcode. – techworld.com.au – cyberarms.wordpress.com – nakedsecurity.sophos.com – engadget.com
• – wikileaks.ch Three information security consultancies with links to US spy agencies cooked up a dirty tricks campaign late last year to destroy Wikileaks by exploiting its perceived weaknesses.
• – bbc.co.uk Hackers have run rampant through the networks of at least five oil and gas firms for years, reveals a report.
• – nakedsecurity.sophos.com Many readers will have seen the press around a series of hacking attacks that have been labelled the ‘Operation Night Dragon’ attacks by McAfee.