From Security Weekly Wiki
Jump to navigation
Jump to search
← Older edit
Newer edit →
Revision as of 19:54, 25 November 2014
4,820 bytes added
19:54, 25 November 2014
== Paul's Stories ==
#[https://isc.sans.edu%2Fdiary%2FGuest%2Bdiary%253A%2BDetecting%2BSuspicious%2BDevices%2BOn-The-Fly%2F18993 "Guest diary: Detecting Suspicious Devices On-The-Fly]
#[http://seclists.org/bugtraq/2014/Nov/113 Bugtraq: WordPress 3 persistent script injection]
#[https://github.com/google/firing-range google/firing-range · GitHub]
#[http://blog.c22.cc/2014/11/20/deepsec-2014-trusting-your-cloud-provider-protecting-private-virtual-machines-armin-simma/ [DeepSec 2014] Trusting Your Cloud Provider. Protecting Private Virtual Machines – Armin Simma | Cатсн²² (in)sесuяitу / ChrisJohnRiley]
#[https://foxitsecurity.files.wordpress.com/2014/11/cryptophp-whitepaper-foxsrt-v4.pdf ] - Doesn't matter which CMS you run, they all were found with this backdoor.
#[http://motherboard.vice.com/read/michael-ossmann-and-the-nsa-playset Let's Play NSA! The Hackers Open-Sourcing Top Secret Spy Tools | Motherboard] - This one is for Larry and Joff...
#[http://www.darknet.org.uk/2014/11/critical-xss-flaw-affects-wordpress-3-9-2-earlier/ Critical XSS Flaw Affects WordPress 3.9.2 And Earlier] - Oh, and if you run Wordpress, have lots of p
eople who can do upgrades. Lots of people.
#[http://securityvulns.com/news/Apple/TV/1411.html Apple TV multiple security vulnerabilities] - I really want to see an attack against a platform like this. Put some code on it, use it to
harvest credentials, even credit card info? Not sure if that's possible, but I always wonder.
#[http://threatpost.com/remote-code-execution-in-popular-hikvision-surveillance-dvr/109552 Remote Code Execution in Popular Hikvision Surveillance DVR] - RTSP has some buffer overflows, oh
and then there is this: "the devices also ship with a default username (admin) and a default password (‘12345′)". I need a drink. We're all doomed. Its a hacker's playground out there, st
ock up on booze.
#[http://www.darkreading.com/dont-discount-xss-vulnerabilities/d/d-id/1317706 Don't Discount XSS Vulnerabilities] - Great article on XSS, Johannes is quoted as stating that XMLRPC requests
are being used to bypass same origin. Great point. And people tend to give a much lower priority to XSS, likely because the attack success depends largely on the context of the vulnerabil
ity. Sometimes its not likely to be exploited. Other times it can be used to dive deep into your web site and results in root. The trick is figuring out the difference. From a defense stan
dpoint, apply your patches. Likely a patch for XSS will not blow up your site, it could, but in all the years of maintaining web sites, I still recommend to apply those patches. Unfortunat
ely, this means upgrading the entire application, where you get bug fixes, security fixes, and "features". Which could lead to more vulnerabililties. So, get good at upgrading...
#[http://www.spgedwards.com/2014/11/regin-when-did-protection-start.html Regin: When did protection start?]
#[http://windowsitpro.com/blog/strength-numbers-why-layered-network-protection-priority Strength in numbers: Why layered network protection is priority] - So A/V, Patch and "web protection
s". While all those things will help, you need to go so much deeper. Patch and configuration and process go hand-in-hand. Enpoint protection is important, and relying on A/V is so 7 years
ago. EMET comes to mind, as does a good strategy for re-imaging. Web applications comes down to educating developers and having a good testing process. And so. much. more.
#[http://www.infosecurity.us/blog/2014/11/21/all-your-base-are-encrypted "All Your Base] - Eff makes efforts to encrypt the Internet. "The biggest obstacle to HTTPS deployment has been the complexity, bureaucracy, and cost of the certificates that HTTPS requires." Its true, the barriers to properly implementing and maintaining TLS are huge. The big guys get it right, someti
mes. Curious to see what comes next...
#[http://reversemode.com/index.php?Itemid=0&id=80&option=com_content&task=view Reversing Industrial firmware for fun and backdoors I] - Some updates posted here, I wonder if everyone has u
pdated their firmware? Likely not... We seem to lack adequet testing tools, given the nature of embedded systems and how each one is unique. How does your enterprise ensure firmware update
s across devices?
#[http://reversemode.com/index.php?Itemid=0&id=77&option=com_content&task=view Reversing DELL's DRAC firmware] - Turns out, this firmware does not use /etc/shadow. This means the backdoor
found is not accessible remotely. Oh well. This happens when you are reverse engineering firmware. You find artifacts, but sometimes they are not used in the production environment. Maybe
it was only used in a test environment or another hardware revision. Or sometimes the firmware is copied from a different hardware device and some features are not implemented.
== Larry's Stories ==
Retrieved from "
Application Security Weekly
Business Security Weekly
Enterprise Security Weekly
Paul's Security Weekly
Security Weekly News
Security And Compliance Weekly
Tradecraft Security Weekly
Security Weekly Links
About Security Weekly Wiki