From Security Weekly Wiki
Jump to navigationJump to search


PaulDotCom Security Weekly - Episode 253 for Thursday July 28th, 2011.

  • Los episodios de PaulDotCom Espanol con Julio Canto, Lorenzo Martinez, Chema Alonso y Ruben Santamarta esta disponible aqui. Tenemos mas entrevistas en las semanas que vienen....
  • Sign up for Blackhat Training Courses:
    • PaulDotCom Blackhat Training Sign up for "Offensive Countermeasures: Making Defense Sexy" as a two-day course at Blackhat July 30-31. Every student gets a FREE "Hack Naked" t-shirt and sticker!

Interview: Nick Selby

Nick Selby is a newly minted police officer of the Dallas-Fort Worth area. He was formerly an information security analyst and consultant for nine years, and worked in physical security and intelligence consulting in various roles since 1993 and was a travel writer for European destinations in a previous life.

7:30 PM

  1. How did you get your start in information security?
  2. What made you decide to become a law enforcement officer from your recent gig at Trident Risk Management & the 451 group?
  3. Tell us about the Police Led Intelligence blog - how great is the need for IT/forensics skills in the police community?
  4. What do you think of the "Don't Talk to the Police" talk by Professor James Duane & Officer George Bruch?
  5. Is Law Enforcement getting better at taking advantage of 'open sources' (i.e., twitter, maltego et al) in researching targets?
  6. What frustrated you about the the InfraGard National Members Alliance newsletter?
  7. Take us thru your posts on the Arizona hacks.
  8. Your personal website briefly teases about an upcoming project: "CSG Analysis" - can you mention that now?
  9. Have you considered combining your Lonely Planet travel writer skills with your InfoSec interests in publishing a guide to Eastern European crime syndicates?
  10. Tell us about your incident with Penn & Teller and Mofo The Psychic Gorilla or your experience as a sound engineer for Chung King House of Metal.

Nick on twitter

Stories For Discussion


Watch the live video version of this segment above. For more videos and to subscribe to PaulDotCom TV visit http://pauldotcom.blip.tv

Larry's Stories

  1. RouterPWN - [Larry] - Need a router hack? Browse to this website, pick your (supported) model that you are connected to and click away. PWNED> Ok, so it makes assumptions about not having internal IP addresses changed, but still a neat concept. No reason you could not edit the code to your on nefarious tasks and update IP addresses - it is all javacsript afterall.
  2. We use the word hack too much - [Larry] - I tend to agree with this article. Is all this stuff we are calling hacking? Well, maybe, but we also have much better words for it, such as "social-engineering" "DDoS" "illegally accessed" and "exploit stupidity". Let's talk about some examples, like Swartz and MIT, etc
  3. New Google hacking tools - [Larry] - From the nice folks over at Stach & Liu, in addition to other tools. Most of the tools related to defense, as opposed to attack. great for looking in on exposure is your own data. You know, reaction as opposed to inaction is always better.
  4. Wanna find embedded devices? - [Larry] - Coming soon to BlackHat, a scanner for discovering embedded devices on the internet based on http headers. Dammit, I hate it when people develop my ideas!
  5. What, no spongebob? Popped collar though. - [Larry] Guys over at iSEC Partners (Don Bailey and Matt Solnik) found ways to unlock and start cars with SMS messages. Well, it is only a car right? Sure, but the same technology is evolving and being found in other types of systems (think SCADA) because the boards and services are becoming less expensive. Oh, that and those that don't learn from security history are destined to repeat it.

Paul's Stories

  1. Incomplete Thought: The Scarlet (Security) Letter - Wow, Mike Rothman and Lenny Zeltzer throw around the idea of a grading system for companies security similar to the resturant industry. Would you eat at a resturant that had a D, or even worse, and F rating? Likely not, depending on your level of hunger and food availability. I believe the consumer still doesn't care when it comes to security because there is no clear or immediate reprocussions. Sure, you may lose your credit card, but you recover quickly from that, quicker than vomitting all night.
  2. LulzSec hacking suspect 'Topiary' arrested in the Shetland Islands - You can't arrest an idea. Prolific words, an unfortunately I believe them to be true. Sure, you can arrest the "leader", but criminal groups are more agile than than, especially "cybercriminals" (drink). Lulzsec will continue, and so will other similar groups, there are just too many people working towards an end, and too many organizations that ignore security threats.
  3. Apache Log Extractor [Alpha] love this idea, simply extract the URLs from your Apache logs! You can find some interesting stuff in your logs, if you know what to look for... Even better, take the logs and run them as input through Burp Intruder, sweet!
  4. Drug Smuggling Scheme Teaches Database Security Lesson - A Mexican woman who was teaching in the USA, crossing the boarder frequently to do so was using Ford's SENTRI (Secure Electronic Network for Travelers Rapid Inspection). Smugglers found her car, got a key made, and used it to smuggle weed. Goes to show you, if you trust something, attackers will use it for eveil, like users. As Schneier says, This attack works because 1) there¿s a database of keys available to lots of people, and 2) both the SENTRI system and the victims are predictable.
  5. ModSecurity SQL Injection Challenge: Lessons Learned - Really AWESOME post about SQLi, using comment characters and splitting up SQL statements into different sections to bypass defenses. And so much more, a must read for all pen testers and defenders alike. Goes to show you, if you app is vulnerable, fix the app, don't try to bandaid it!
  6. 'War Texting' Attack Hacks Car Alarm System - Using GSM attacks, Don Bailey can unlock your car. So cool! There is going to be more of this as we rely on technology to secure things such as our cars and our homes. Now, its limited to people with an insider to the lock or car company, lockpicking, and other physical attacks. Once it becomes as easy as putting an app on your phone, or as east as hacking Wifi, we're in trouble.
  7. iFrame Injection FTW - OVer 90,000 sites vulnerable, showing you just how many sites out there are vulnerable to web application attacks, when will we all learn?
  8. Mac OS X Lion Login Passwords Extracted With Ease - Extracting memory over firewire to grab the password hashes, then crack them in like an hour. When will Apple learn? I mean locking down the password hash should be easy for an OS vendor, right?