== Special Guests: Lenny Zeltser, Mike Murr and Bojan Zdrnja - Masters of Malware ==
== Stories of Interest ==
[http://seclists.org/bugtraq/2008/Jan/0270.html Same Site Scripting] - [
PaulDotCom] - W00t! More scripting attacks! This stems from people using A records such as "localhost IN A 127.0.0.1", which in turns makes things such as "localhost.foo.com" actually resolve. To attack it you have to be on the same UNIX system, and there are other attack vectors involving CUPS. Just fuel for my theory that this will be the year of scripting attacks.
[http://www.symantec.com/enterprise/security_response/weblog/2007/02/driveby_pharming_how_clicking_1.html "Drive-By Pharming"] - [
PaulDotCom] - I hate the phrase "drive-by pharming" because it does little to explain the attack, but some thing it sounds good in the press. Here, the attack uses a 2wire cable modem deployed in mexico to add static host mappings. We covered this some time ago, on the podcast and in my keynote. Its not really new, but still a dangerous attack! Who checks the DNS settins on their router anyway? I'd say that your best bet is to statically assign your DNS servers to opendns to avoid the problem, somwhat... OOOH, and can't someone make a plugin for firefox that alerts us if the IMG tag contains a link to an RFC1918 address?
[http://feeds.feedburner.com/~r/gnucitizen/~3/221722192/name-mdns-poisoning-attacks-inside-the-lan Cool mDNS stuff from GNUCitizen] - [
PaulDotCom] - Some neat tools were released that allow for mDNS enumeration. The nessus plugin does a good job, but I always wanted more control and flexibility. Some python libraries have been deveoped and I am currently testing them. mDNS is like upnp, a service that is typically included on embedded stuff (and in this case apple iTunes/OS X) that have no security and allows you to do fun things, like enumerate all of the devices via a single multicast packet. More to come, stay tuned...
[http://www.gnucitizen.org/blog/call-jacking Speaking on GNUCITIZEN we now have call jacking] - [
PaulDotCom] - This attack uses the authentication bypass vulnerability in BT's home hub (still not patched) and makes it appear as though the victim is receiving a call! So clicking on a link makes an outgoing connection, however the request causes the phone to appear like its ringing from an outside line. Now thats a fierce, fast, phishing attack!
[http://feeds.feedburner.com/~r/securosis/~3/220748352/ Hackers Blamed For Power Outage] - [
PaulDotCom] - I wonder if they used Nmap and an SSH exploit? So, looks like attackers, from the Internet, were able to disrupt some power grid action. "¿In at least one case, the disruption caused a power outage affecting multiple cities,¿ Donahue said in a statement. ¿We do not know who executed these attacks or why, but all involved intrusions through the Internet.¿" Yikes! Not to mention they came from another country, but yet how do you know that if you don't know who did it? Something's fishy...
[http://www.wired.com/politics/security/news/2008/01/myspace_torrent Myspace Vuln results] - [Larry] - A researcher used a vulnerability in myspace to view pictures marked as private, overriding the protections by accessing the private profiles and then the images...he used scripting to retrieve the photos from 44,000 profiles (567,000 images totaling over 17 Gig) over a 94 hour period. Those files are now available via Torrent (which I'd love to see seeded...). Two issues here: Myspace took some time to fix the hole (which was allegedly the same day it was reported) - but as a result, images from individuals under 16 are always marked as private to keep out pedophiles - and guess what this revealed. The other issue is, never put ANYTHING online that you don't want archived for eternity. I think a lot of people miss that, and it comes up time and time again with social networking sites.
== Listener Submitted Stories ==
[http://www.instructables.com/id/Ale-Bread/ Beer Bread is Great] - [
[http://www.beerfordinner.com/2007/10/bratwurst-in-beer.php Bratwurst in beer is not bad either!] - [iamnowonmai]