From Security Weekly WikiJump to navigationJump to search
# [http://jvn.jp/en/jp/JVN14313132/index.html Cisco Router and Security Device Manager XSS] - [PaulDotCom] - Anytime you can get an XSS on the software that manages the entire network, SCORE! This XSS attack lives on the SDM, software used to manage Cisco routers and firewalls. Let me make a guess, it yours called "sdm.yourinternaldomain.com"? Could I try to launch an attack against it by sending email? Sure can...
# [http://www.computerworld.com/s/article/9176371/Hacker_develops_multi_platform_rootkit_for_ATMs?source=rss_news Hacking ATMS - You do know Jack] - [PaulDotCom] - Barnaby Jack does some really awesome research, primariy in embedded systems. This time he's targeting ATMs. His previous employer, Juniper networks, made him pull his talk on ATM security last year because the vendors complained. This year, he's just got a new job at IOActive and will deliver the talk, and talk about two different model ATMs from two different manufacturers and their software vulnerabilities. Jeff Moss is quoted as saying, "Apparently you can make all the money come out". Freaking sweet! And good for Barnaby Jack (BJ for short?) for leaving an doing whats right, rock on man!
= Other Stories =