Paul's Security Weekly - Episode 363 for Thursday February 20th, 2014
- Security Weekly will be at the SANS ICS Summit from March 12-18th, doing a live podcast on Sunday night, covering the courses and attending the 2-day summit. Security Weekly subscribers can now enjoy a 20% off discount code! Use SecurityWeekly20 on checkout to get that discount applied. This conference will be held in Orlando at the Contemporary Resort & Convention Center in sunny Orlando, FL REGISTER NOW!
- We are looking for sponsors for our weekly webcasts and shows. Contact paul -at- hacknaked.tv for details, there are still a few slots available!
- SECURITY B-SIDES ORLANDO April 5-6th, 2014 : "COMMUNITY DRIVEN EVENT SEEKING TO BRING TOGETHER CENTRAL FLORIDA INFOSEC WITH A PASSION FOR MAKING, BREAKING, AND PROTECTING."
- Paul will be speaking at this years Northeast Linux Fest which will be held on April 5 of 2014 at Harvard University and on April 6.
- Pwnie Express will be at RSA 2014 at San Francisco's Moscone Center from 24 - 28 of February. If you're planning to attend, we'd love to have you stop by our booth (#2513). We're going to be offering special show pricing and also signing people up towin a Pwn Pad 2014.
- I'm also slated to speak at the Charlotte ISSA conference in 2014 and the NOLA conference in New Orleans in June.
Guest Interview:Kat Sweet
Kat Sweet is a geek-of-all-trades: maker, musician, ham (call sign K7FTW), and firm advocate of NSFW 3D printing. She presented on the latter, giving a talk titled "The Sensual Side of 3D Printing" at BSidesLV and SkyTalks in 2013. She can be followed on twitter at @TheSweetKat
GitHub repo with the 3D toys (NSFW): https://github.com/TheSweetKat/Sensual-3D-Printing
- When you first heard of and/or read about 3D printing, what were your initial thoughts?
- How does one get into 3D printing? Can we buy our own machines?
- What are the links between hacking and 3D printing?
- How does 3D printing tie into the privacy debate?
- What are people's reactions when you tell them you created a project to use a 3D printer to create adult toys?
- Are there helpful things you can create for security assessments using 3D printers?
- Three words to describe yourself
- If you were a serial killer, what would be your weapon of choice?
- If you wrote a book about yourself, what would the title be?
- In the popular game of Ass Grabby Grabby do you prefer to go first or second?
- If you could have dinner with one celebrity, who would it be?
- "Over 250 Internal Security Breaches
- Another Day a New Router Vulnerability Discovered - So, if you have the AiCloud service enabled, you also enable anonymous FTP access to all of your files too. Oh, and you also share your system files with the world as well, allowing attackers to get at both your files and your passwords. Yikes. It is my experience as well, turning off services on these cheap embedded routers is not always easy. The interfaces pretty much suck, and as a result, you are sharing files with the world! Details are still a bit sketchy to me, and some suggest that upgrading firmware will help, but will it? I wonder if this embarrassment, along with the Linksys Router worm, will start to make consumers care about security? I hate to have it happen this way, but I don't believe it will change until security impacts consumer spending on embedded systems. Maybe this coupled with features that actually work? For example, could I market a new, secure device, that also has a few shiny features that will make people want to go through the trouble of getting rid of their router? What about the ones that come from the ISP that you need a service call to get an Ethernet handoff? This is, always has been, and will be for the future, a big problem.
- Common Linux Misconfigurations - InfoSec Institute - Okay, so the list goes like this User home directory permissions, getgid and setuid binaries, World-readable and writable files/folders, Weak services in use, Default NFS mount options or insecure export options. Age old problems, right? If you are managing more than one UNIX/Linux system, this level of security should be automated. Tools exist to make sure these conditions do not occur, and if they do, raise a flag. You can use CFengine, Puppet and other tools to push out configuration, then use Nessus to make sure everything is configured properly. This is hardening and systems security 101, embrace it.
- WRT120N fprintf Stack Overflow
- Apple TV Hacking - Pretty neat stuff, though due to signing, you can't re-hack your apple tv 6.0+ if you haven't already hacked it before in order to get custom apps anyhow. This was based on a talk given at Derbycon about getting custom apps on an Apple TV. Neat stuff.
- Technical Details Behind a 400Gbps NTP Amplification DDoS Attack | CloudFlare Blog
- The Keystone Rocks - Foundation Chips of Pentesting Tips Part 1 - SpiderLabs Anterior - Good foundations post. If you've never done pen testing before and/or never used Bash, this post is for you. Sorting by IP address comes in handy when pen testing, but more importantly using Bash during pen testing is just one of those crucial things (like screen ;). For a more in-depth look at command line tricks, check out the Command Line Kung Fu Blog Index
- "Hackers circulate thousands of FTP credentials
- Dear Asus router user: You've been pwned
- Webcams exposed in Google Drive clickjack attack
- Malware-flinging Linksys vulnerability confirmed as a HNAP1 bug - I wrote about some of the shortcomings in HNAP in 2010 here. I really wish I had dug deeper! But yea, a lightweight protocol to make it easy for devices to share information just spells P-W-N-E-D. We already have UPnP, which is very similar. Don't forget many devices still run SNMP, TELNET and FTP, all of which are plain-text protocols. This is the problem, we want to make things easy to talk to each other in the Internet of Things, but that means we have to leave out security!
- Belkin patches WeMo bug
- 5 Tactics To Help Triage Patching
- Belkin Wemo Smart Home Networks In Danger Of Hacks
- Hackers Are Switching To Chargeware Scams
- Two-Factor Authentication Vulnerability Identified in WordPress Plugins
- Email Attack on Vendor Set Up Breach at Target
- Egor Homakov: How I hacked Github again.
- - Linksys upgrade bug - [Larry] - an obscure remote acces bug that only manifests itself at upgrade time when port 8083 is open on the wan for remote access, even though remote admin is disabled.
- Radio Signals analysis book - [Larry]- An interesting set of books on radio analysis. It is a little bit more focused on ham radio type of stuff, but the knowledge can be leverages as part of other assessment methodologies. Also have a look at this too for some good stuff with audio and waterfall displays.
- Belkin WeMo isues - [Larry] - The Belkin WeMo home automation outlets suffer from many vulnerabilities, including lack of SSL, static keys and default passwords. With these issues, it is possible to compromise the devices, and replay commands that can turn on and off an affected device, as well as installing malicious firmware than can allow for compromise of controlling laptops and mobile devices.
- Take away admin rights? Crazy Talk! - [Larry] - Apparently it is the simplest way to start securing your Microsoft software according to Avecto, who says that 90% of the critical vulns posted by MS last year would have been rendered ineffective it the users were running as a standard, non administrative user. I know shocking, isn't it? I think we have been saying that since the first episode of this podcast nearly 7 years ago.
- RTL-SDR Software - [Larry] - Yes, I'm all about the SDRs right now, as I'm working in this area quite a bit. Here's a whole bunch of tools and projects that support the inexpensive RTL-SDRs.
- Adobe OOB Flash player update - [Larry] - I can't wait to see more analysis on this one. Already in the wild. I'm wondering what the next big thing will be in stead of flash will be.
- Blackhat training just got posted Get yours.
- A More Powerful, Stealthier and Uncommon ARP Poisoning Technique Of potential interest to local network exploitation junkies!
- Kickstarter got hacked Looks like no passwords or money were stolen
gleaning info from a Windows crash report thanks to good old Dr. Watson