Difference between revisions of "Episode278"

From Security Weekly Wiki
Jump to navigationJump to search
Line 33: Line 33:
 
== Paul's Stories ==
 
== Paul's Stories ==
  
 
#[http://carnal0wnage.attackresearch.com/2012/02/easy-directory-traversal-with-burp.html Easy Directory Traversal with Burp]
 
#[http://erratasec.blogspot.com/2012/02/some-ids-comments.html Some IDS comments]
 
#[http://www.mckeay.net/2012/01/26/standing-desk-2-0/ Standing Desk 2.0]
 
#[http://daveshackleford.com/?p=754 Infosec: Where’s our “Long Tail”?]
 
#[http://taosecurity.blogspot.com/2012/02/toughest-question-in-digital-security.html The Toughest Question in Digital Security]
 
#[http://krebsonsecurity.com/2012/02/forcing-flash-to-play-in-the-sandbox/ Forcing Flash to Play in the Sandbox]
 
#[http://www.secsocial.com/blog/?p=622 It all started with a Pillow Fight….]
 
#[http://www.andrewhay.ca/archives/2046 I’m Sorry I Called Your Baby Ugly … But It Is]
 
#[http://www.securitytracker.com/id/1026644 Red Hat Network Satellite Server spacewalk-backend Remote and Local Password Disclosure]
 
#[http://www.networkworld.com/news/2012/020812-trustwave-admits-issuing-man-in-the-middle-digital-255858.html?source=nww_rss Trustwave admits issuing man-in-the-middle digital certificate]
 
#[http://news.cnet.com/8301-1023_3-57372324-93/top-10-pirated-movies-in-the-world-infographic/?part=rss&subj=news&tag=2547-1_3-0-20 Top 10 pirated movies in the world (infographic)]
 
#[http://news.cnet.com/8301-27080_3-20071830-245/keeping-up-with-the-hackers-chart/?part=rss&subj=news&tag=2547-1_3-0-20 Keeping up with the hackers (chart)]
 
#[http://news.hitb.org/content/how-many-monitors-too-many How Many Monitors Is Too Many?]
 
#[http://news.hitb.org/content/caffeine-fix-now-you-can-literally-inhale-it Caffeine fix? Now you can literally inhale it.]
 
#[https://www.securepla.net/dont-stick-that-in-there-hid-human-interface-device/?utm_source=rss&utm_medium=rss&utm_campaign=dont-stick-that-in-there-hid-human-interface-device Don’t Stick That in There – HID (Human Interface Device)]
 
#[http://www.exploit-db.com/exploits/18455/ [webapps] - OSCommerce v3.0.2 - Persistent Cross Site Vulnerability]
 
#[http://googlemobile.blogspot.com/2012/02/android-and-security.html Android and Security - Official Google Mobile Blog]
 
#[http://www.liquidmatrix.org/blog/2012/02/03/fbi-conference-call-tapped-by-antisec/ FBI Conference Call Tapped By Antisec]
 
#[http://isc.sans.edu/diary.html?storyid=12526&rss Sophos 2012 Security Threat Report]
 
#[http://blog.lumension.com/4177/two-approaches-to-managing-mobile-devices/ Two Approaches to Managing Mobile Devices]
 
#[http://securityorb.com/2012/02/microsoft-internet-explorer-forced-tweet-cross-domain/ Microsoft Internet Explorer 'Forced Tweet' Cross Domain]
 
#[http://news.hitb.org/content/remotely-start-your-car-using-arduino Remotely start your car using an Arduino]
 
#[http://news.hitb.org/content/apple-revises-snow-leopard-security-update Apple revises Snow Leopard security update]
 
#[http://news.cnet.com/8301-17938_105-57371788-1/psycho-siri-scariest-siri-parody-yet/?part=rss&subj=latest-news&tag=title 'Psycho Siri': Scariest Siri parody yet? | Crave - CNET]
 
#[http://www.theregister.co.uk/2012/02/06/marriott_hacker_jailed/ Job-seeking Marriott hacker gets 30 months' porridge]
 
#[http://www.telegraph.co.uk/technology/news/9058529/Satellite-phone-encryption-cracked.html Satellite phone encryption cracked - Telegraph]
 
#[http://www.computerworld.com/s/article/9223955/PHP_5.3.10_fixes_critical_remote_code_execution_vulnerability?source=rss_security PHP 5.3.10 fixes critical remote code execution vulnerability]
 
#[https://community.rapid7.com/community/solutions/metasploit/blog/2012/01/23/video-conferencing-and-self-selecting-targets Boardroom Spying for Fun and Profit]
 
#[http://news.cnet.com/8301-11386_3-57360777-76/when-will-wearables-be-wearable/?part=rss&subj=latest-news&tag=title When will wearables be wearable?]
 
#[http://it.toolbox.com/blogs/securitymonkey/why-i-love-routerpwn-simplicity-50252?rss=1 Why I Love Routerpwn? Simplicity!]
 
#[http://news.hitb.org/content/10-sharepoint-security-mistakes-you-probably-make 10 SharePoint Security Mistakes You Probably Make]
 
#[http://news.hitb.org/content/basics-embedded-firewalls-exploding-myths Basics of embedded firewalls - Exploding the myths]
 
#[http://1raindrop.typepad.com/1_raindrop/2012/01/firewalls-and-ssl-more-profitable-than-facebook.html Firewalls and SSL: More Profitable than Facebook]
 
#[http://isc.sans.edu/diary.html?storyid=12502&rss Apple and Apache security fixes and releases]
 
#[http://krebsonsecurity.com/2012/02/whos-behind-the-worlds-largest-spam-botnet/ Who’s Behind the World’s Largest Spam Botnet?]
 
#[http://www.darkreading.com/security/news/232600134/socialshield-releases-the-top-social-networking-terms-kids-don-t-want-their-parents-to-know.html SocialShield Releases the Top Social Networking Terms Kids Don’t Want Their Parents To Know]
 
#[http://blog.spiderlabs.com/2012/02/island-hopping-the-spiderlabs-way.html Island Hopping the SpiderLabs Way]
 
#[http://blog.imperva.com/2012/02/verisign-breached.html VeriSign Breached]
 
#[http://www.h-online.com/security/news/item/Hacker-extracts-RFID-credit-card-details-1425974.html Hacker extracts RFID credit card details]
 
#[http://www.h-online.com/security/news/item/HTC-Android-phones-expose-Wi-Fi-passwords-to-apps-1427099.html HTC Android phones expose Wi-Fi passwords to apps]
 
#[http://www.h-online.com/security/news/item/Critical-PHP-vulnerability-being-fixed-1427316.html Critical PHP vulnerability being fixed]
 
#[http://www.tenablesecurity.com/6295.html Opera < 11.61 Multiple Vulnerabilities]
 
#[http://www.tenablesecurity.com/6294.html Google Chrome < 16.0.912.77 Multiple Vulnerabilities]
 
#[http://www.nessus.org/plugins/index.php?view=single&id=57711 OpenSSL 0.9.8s DTLS Denial of Service]
 
#[http://www.nessus.org/plugins/index.php?view=single&id=57713 McAfee Security-as-a-Service (SaaS) mcCIOScn.dll ShowReport Method Remote Command Execution]
 
#[http://www.nessus.org/plugins/index.php?view=single&id=57710 WebSphere MQ Client < 6.0.2.7 / 7.0.1.0 Buffer Overflow]
 
#[http://www.nessus.org/plugins/index.php?view=single&id=57709 WebSphere MQ Server < 6.0.2.7 / 7.0.1.0 Buffer Overflow]
 
#[http://www.nessus.org/plugins/index.php?view=single&id=57701 HP Managed Printing Administration jobDelivery Script Directory Traversal (intrusive check)]
 
#[http://www.nessus.org/plugins/index.php?view=single&id=57700 HP Managed Printing Administration < 2.6.4 Multiple Vulnerabilities]
 
#[http://www.nessus.org/plugins/index.php?view=single&id=57699 HP Managed Printing Administration Detection]
 
#[http://www.darkreading.com/security-monitoring/167901086/security/attacks-breaches/232500660/new-drive-by-spam-infects-those-who-open-email-no-attachment-needed.html New Drive-By Spam Infects Those Who Open Email -- No Attachment Needed]
 
#[http://www.h-online.com/security/news/item/Cisco-Security-Appliances-at-risk-from-Telnet-bug-1423741.html Cisco Security Appliances at risk from Telnet bug]
 
#[http://www.h-online.com/security/news/item/Symantec-publishes-pcAnywhere-security-recommendations-1422777.html Symantec publishes pcAnywhere security recommendations]
 
#[http://news.hitb.org/content/why-your-company-needs-hack-itself Why Your Company Needs To Hack Itself]
 
#[http://news.hitb.org/content/hacking-seen-rising-risk-car-electronics Hacking Seen as Rising Risk With Car Electronics]
 
#[http://news.hitb.org/content/when-antivirus-firms-cant-tell-theyve-been-hacked-were-all-doomed When Antivirus Firms Can't Tell They've Been Hacked]
 
#[http://www.theregister.co.uk/2012/01/27/students_hack_teachers_computers/ Students busted for hacking computers]
 
#[http://www.computerworld.com/s/article/9223825/Feds_say_Megaupload_user_content_could_be_deleted_this_week?source=rss_security Feds say Megaupload user content could be deleted this week]
 
#[http://krebsonsecurity.com/2012/01/warnings-about-windows-exploit-pcanywhere/ Warnings About Windows Exploit]
 
#[http://it.slashdot.org/story/12/01/30/177220/shmoocon-demo-shows-easy-wireless-credit-card-fraud Shmoocon Demo Shows Easy]
 
#[http://www.h-online.com/security/news/item/Rootkit-has-rhythm-1424576.html Rootkit has rhythm]
 
#[http://www.liquidmatrix.org/blog/2012/01/19/iran-to-execute-programmer/ Iran To Execute Programmer]
 
#[http://holisticinfosec.blogspot.com/2011/05/toolsmith-security-onion.html toolsmith: Security Onion]
 
#[http://news.hitb.org/content/t-mobile-reused-staff-passwords T-Mobile reused staff passwords]
 
#[http://www.schneier.com/blog/archives/2012/01/using_false_ala.html Using False Alarms to Disable Security]
 
#[http://www.secure-value.com/douglasdavidson/2012/01/why-should-senior-management-be-involved-in-security-decisions-.html Why should senior management be involved in security decisions?]
 
#[http://blog.algosec.com/2012/01/rising-network-insecurity-and-the-need-to-re-examine-security-fundamentals.html Rising Network Insecurity… and the Need to Re-examine Security Fundamentals]
 
#[http://securityuncorked.com/2012/01/understanding-collisions-and-duplex-in-wireless/ Understanding collisions and duplex in wireless]
 
#[http://blog.watchfire.com/wfblog/2012/01/microsoft-anti-xss-library-bypass.html Microsoft Anti-XSS Library Bypass (MS12-007)]
 
#[http://securityuncorked.com/2012/01/why-more-aps-arent-always-better/ Why more APs aren’t always better]
 
#[http://www.irongeek.com/i.php?page=videos%2Fbasic-setup-of-security-onion-snort-snorby-barnyard-pulledpork-daemonlogger&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+IrongeeksSecuritySite+%28Irongeek%27s+Security+Site%29 Basic Setup of Security-Onion: Snort]
 
#[https://community.rapid7.com/community/solutions/metasploit/blog/2012/01/12/what-you-need-to-observe-when-running-a-penetration-test-in-the-amazon-cloud How To Run Penetration Tests From The Amazon Cloud - Without Getting Into Trouble]
 
#[http://www.f-secure.com/weblog/archives/00002301.html What the heck is SOPA?]
 
#[http://www.darkreading.com/advanced-threats/167901091/security/vulnerabilities/232400494/top-10-trends-in-information-security.html Top 10 Trends In Information Security]
 
#[http://www.darkreading.com/blog/232500095/i-left-my-data-in-el-segundo.html I Left My Data In El Segundo - Dark Reading]
 
#[http://security-sh3ll.blogspot.com/2012/01/reflection-scan-off-path-attack-on-tcp.html Reflection Scan: an Off-Path Attack on TCP]
 
#[http://www.h-online.com/security/news/item/Symantec-admits-to-more-exposed-code-1416271.html Symantec admits to more exposed code]
 
#[http://www.h-online.com/security/news/item/Dusseldorf-airport-closes-security-holes-1415780.html Dusseldorf airport closes security holes]
 
#[http://www.securitytracker.com/id/1026539 Cisco IP Video Phone E20 Default Account Lets Remote Users Obtain Root Access]
 
#[http://www.networkworld.com/columnists/2012/011812-cloud-secure.html?source=nww_rss Into the cloud -- securely]
 
#[http://www.computerworld.com/s/article/9223506/Fundamental_Oracle_flaw_revealed?source=rss_security Fundamental Oracle flaw revealed]
 
#[http://www.computerworld.com/s/article/9223513/Secunia_sets_six_month_deadline_for_vulnerability_disclosures?source=rss_security Secunia sets six-month deadline for vulnerability disclosures]
 
#[http://wineadors.com/ Custom Wineador™ Creations - Home]
 
#[http://www.darkreading.com/security-monitoring/167901086/security/perimeter-security/232400385/five-principles-to-better-your-security-monitoring.html Five Principles To Better Your Security Monitoring]
 
#[http://www.h-online.com/security/news/item/Wireshark-1-4-x-and-1-6-x-updates-close-security-holes-1407576.html Wireshark 1.4.x and 1.6.x updates close security holes]
 
#[http://www.h-online.com/security/news/item/PHP-5-3-9-released-with-hash-DoS-fix-1407472.html PHP 5.3.9 released with hash DoS fix]
 
#[http://www.schneier.com/blog/archives/2012/01/recovering_a_ha.html Recovering a Hacked Gmail Account]
 
#[http://www.liquidmatrix.org/blog/2012/01/15/10-years-of-breach/ 10 years of breach]
 
#[http://isc.sans.edu/diary.html?storyid=12397&rss Sysinternals Updates - http://blogs.technet.com/b/sysinternals/archive/2012/01/13/updates-autoruns-v11-21-coreinfo-v3-03-portmon-v-3-03-process-explorer-v15-12-mark-s-blog-and-mark-at-rsa-2012.aspx]
 
#[http://www.infosecurity.us/blog/2012/1/14/prc-targeting-dod-smart-cards.html PRC Targeting DoD Smart Cards]
 
#[http://blog.eset.com/2012/01/14/time-to-check-your-dns-settings Time to check your DNS settings?]
 
#[http://news.hitb.org/content/windows-live-may-be-vulnerability-xbox-live-users Windows Live may be a vulnerability for Xbox Live users]
 
#[http://news.hitb.org/content/zappos-says-hackers-accessed-24-million-customers-account-details Zappos Says Hackers Accessed 24 Million Customers' Account Details]
 
#[http://blog.acrossecurity.com/2012/01/is-your-online-bank-vulnerable-to.html ACROS Security Blog: Is Your Online Bank Vulnerable To Currency Rounding Attacks?]
 
#[http://krebsonsecurity.com/2012/01/flying-the-fraudster-skies/ Flying the Fraudster Skies]
 
#[http://www.ashimmy.com/2012/01/how-come-my-blogpodcast-wasnt-nominated.html How Come My Blog/Podcast Wasnt Nominated?]
 
#[http://taosecurity.blogspot.com/2012/01/its-time-to-name-winner-of-best-book.html Best Book Bejtlich Read in 2011]
 
#[http://research.zscaler.com/2012/01/example-of-likejacking-facebook.html An example of likejacking (Facebook clickjacking)]
 
#[http://1raindrop.typepad.com/1_raindrop/2012/01/google-renews-push-into-china.html Google Renews Push Into China]
 
#[http://blog.spiderlabs.com/2012/01/honeypot-alert-extensive-setupphp-scanning-detected.html [Honeypot Alert] Extensive ‘setup.php Scanning Detected]
 
#[http://blog.rootshell.be/2012/01/12/show-me-your-ssids-ill-tell-who-you-are/ Show me your SSID’s]
 
#[http://www.networkworld.com/news/2012/011212-pastor-254843.html?source=nww_rss How a Baptist pastor in Florida became the go-to IT guy]
 
#[http://packetstormsecurity.org/news/view/20442/Robot-Makers-Not-Thrilled-To-Be-Stuck-Next-To-Justin-Bieber.html Robot Makers Not Thrilled To Be Stuck Next To Justin Bieber ≈ Packet Storm]
 
#[http://www.theregister.co.uk/2012/01/09/apple_rim_indian_government_backdoor/ Apple]
 
#[http://netsec.blogspot.com/2012/01/can-you-be-forced-by-law-to-decrypt.html Can you be forced by law to decrypt your computer? US v. Fricosu court case rages on]
 
#[http://www.darkreading.com/insider-threat/167801100/security/security-management/232400109/when-someone-else-s-insider-is-your-threat.html When Someone Else's Insider is Your Threat]
 
#[http://news.hitb.org/content/inconvenient-truth-about-passwords The inconvenient truth about passwords]
 
#[http://news.hitb.org/content/oracle-firewalls-against-sql-injection-are-good-idea-after-all Oracle: Firewalls Against SQL Injection Are a Good Idea After All]
 
#[http://news.hitb.org/content/why-security-does-not-concern-generation-y Why Security Does Not Concern Generation Y]
 
#[http://news.hitb.org/content/microsoft-denies-xbox-live-security-breach Microsoft denies Xbox Live security breach]
 
#[http://www.theregister.co.uk/2012/01/09/smart_meter_privacy_oops/ Smart meter SSL screw-up exposes punters' TV habits]
 
#[http://www.theregister.co.uk/2012/01/09/hp_fixes_lasetjet_uberbug/ HP sneaks out printer firebomb firmware security fix]
 
#[http://www.theregister.co.uk/2012/01/09/apple_power_adapter_password_recovery/ Apple patent stashes passwords in chargers]
 
#[http://news.cnet.com/8301-31921_3-57355331-281/paul-ryan-turns-against-sopa-following-a-reddit-based-attack/?part=rss&subj=news&tag=2547-1_3-0-20 Paul Ryan turns against SOPA following a Reddit-based attack]
 
#[http://reviews.cnet.com/8301-13727_7-57356236-263/adobe-to-release-zero-day-fixes-for-reader-and-acrobat/?part=rss&subj=news&tag=2547-1_3-0-20 Adobe to release zero-day fixes for Reader and Acrobat]
 
#[http://news.cnet.com/8301-27080_3-57356294-245/microsoft-finally-vanquishes-the-beast-related-bug/?part=rss&subj=news&tag=2547-1_3-0-20 Microsoft finally vanquishes the BEAST-related bug]
 
#[http://blogs.technet.com/b/msrc/archive/2011/12/29/microsoft-releases-ms11-100-for-security-advisory-2659883.aspx Microsoft releases MS11-100 for Security Advisory 2659883]
 
#[http://it.toolbox.com/blogs/securitymonkey/wps-security-on-wireless-access-points-pwn3d-video-49920?rss=1 WPS Security on Wireless Access Points pwn3d: VIDEO]
 
#[http://news.hitb.org/content/when-give-your-girlfriend-your-password When to Give Your Girlfriend Your Password]
 
#[http://www.computerworld.com/s/article/9223082/Hacking_group_releases_more_Stratfor_subscriber_data?source=rss_security&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+computerworld%2Fs%2Ffeed%2Ftopic%2F17+%28Computerworld+Security+News%29 Hacking group releases more Stratfor subscriber data - Computerworld]
 
#[http://www.btsecurethinking.com/2012/01/the-most-influential-voices-in-security/ The Most Influential Voices in Security]
 
#[http://www.darknet.org.uk/2011/12/patator-multi-purpose-brute-forcing-tool/ Patator – Multi Purpose Brute Forcing Tool]
 
#[http://isc.sans.edu/diary.html?storyid=12292&rss Wi-Fi Protected Setup (WPS) PIN Brute Force Vulnerability]
 
#[http://netsec.blogspot.com/2011/12/hacking-google-for-fun-and-profit.html Hacking Google for Fun and Profit]
 
#[http://www.veracode.com/blog/2011/12/is-code-quality-seasonal-3/ Is Code Quality Seasonal?]
 
#[http://xs-sniper.com/blog/2011/12/20/the-siemens-simatic-remote-authentication-bypass-that-doesnt-exist/?utm_source=rss&utm_medium=rss&utm_campaign=the-siemens-simatic-remote-authentication-bypass-that-doesnt-exist The Siemens SIMATIC Remote]
 
#[http://www.ghacks.net/2011/12/15/password-improvements-coming-to-windows-8/ Password Improvements Coming To Windows 8]
 
#[http://reversemode.com/index.php?option=com_content&task=view&id=80&Itemid=0 Reversing Industrial firmware for fun and backdoors I]
 
#[http://carnal0wnage.attackresearch.com/2011/12/not-0wning-that-coldfusion-server-but.html Not 0wning That ColdFusion Server but Helping...]
 
#[http://www.exploit-db.com/exploits/18245/ Splunk Remote Root Exploit]
 
#[http://blogs.technet.com/b/msrc/archive/2011/12/13/a-look-back-at-2011-s-security-landscape.aspx A look back at 2011’s security landscape]
 
#[http://netsec.blogspot.com/2011/12/ettercap-updated-after-more-than-seven.html Ettercap updated after more than seven years.]
 
#[http://netsec.blogspot.com/2011/12/putty-stored-plaintext-passwords-in.html PuTTY Stored Plaintext Passwords in Memory After Authentication]
 
#[http://www.shredderchallenge.com/ DARPA Shredder Challenge]
 
#[http://www.fishnetsecurity.com/blogs/?p=250 Path of Least Resistance : FishNet Security]
 
#[http://resources.infosecinstitute.com/vlan-hacking/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+infosecResources+(InfoSec+Resources) VLAN Hacking |  InfoSec Institute – IT Training and Information Security Resources]
 
#[http://community.websense.com/blogs/websense-insights/archive/2011/12/15/3-tips-when-speaking-to-the-board-of-directors.aspx Prepping for 2012: 3 Tips When Speaking to the Board of Directors]
 
#[http://pauldotcom.com/2011/12/metasploit-pentest-plugin-part.html Metasploit Pentest Plugin Part 1]
 
#[http://searchsecurity.techtarget.com/news/2240112288/Top-5-mobile-phone-security-threats-in-2012 Top 5 mobile phone security threats in 2012]
 
#[http://www.darkreading.com/authentication/167901072/security/client-security/232300464/vpn-an-oft-forgotten-attack-vector.html VPN An Oft-Forgotten Attack Vector]
 
#[http://www.computerworld.com/s/article/9222690/Microsoft_gets_silent_upgrade_religion_will_push_IE_auto_updates?source=rss_security Microsoft gets silent upgrade religion]
 
#[http://www.theregister.co.uk/2011/12/15/feds_cuff_simmons_ddos_hack_suspect/ Feds cuff KISS rock star's DDoS suspect]
 
#[http://www.h-online.com/security/news/item/Backdoors-in-industrial-control-systems-1395141.html Backdoors in industrial control systems]
 
#[http://www.darkreading.com/database-security/167901020/security/news/232300305/can-security-teams-and-dbas-play-nicely.html Can Security Teams And DBAs Play Nicely?]
 
#[http://www.h-online.com/security/news/item/Study-Chrome-the-most-secure-browser-1393723.html Study: Chrome the most secure browser]
 
#[http://www.schneier.com/blog/archives/2011/12/dumbest_camera.html Dumbest Camera Ban Ever]
 
#[http://www.infosecurity.us/blog/2011/12/11/bonkersworld-backwards-compatibility.html BonkersWorld: Backwards Compatibility]
 
#[http://superconductor.voltage.com/2011/12/shamirs-predictions-of-the-future.html Shamir’s predictions of the future]
 
#[http://blog.lumension.com/4047/two-bets-on-2012/ Two Bets on 2012]
 
#[http://news.hitb.org/content/8-out-10-software-apps-fail-security-test 8 Out of 10 Software Apps Fail Security Test]
 
#[http://www.offensive-security.com/vulndev/ms11-080-voyage-into-ring-zero/ MS11-080 - A Voyage into Ring Zero]
 
#[http://www.networkworld.com/news/2011/120911-two-zero-day-vulnerabilities-found-in-253946.html?source=nww_rss Two zero-day vulnerabilities found in Flash Player]
 
#[http://www.networkworld.com/news/2011/121211-the-security-threat-stephen-king-253987.html?source=nww_rss The security threat Stephen King warned us about?]
 
#[http://havacigar.blogspot.com/2011/12/chief-havas-top-cigars-of-2011.html Chief Hava's Top Cigars of 2011 (Honorable Mentions)]
 
#[http://www.stogieguys.com/2011/12/12122011-cigar-tip-give-the-gift-of-cigars-this-christmas.html Cigar Tip: Give the Gift of Cigars this Christmas]
 
#[http://securityvulns.com/docs27398.html Security Advisory: [security bulletin] HPSBPI02728 SSRT100692 rev.1 - Certain HP Printers and HP Digital Senders]
 
#[http://blog.ncircle.com/blogs/patterns/archives/2011/12/which_half_of_your_business_ar.html nCircle Patterns Blog: Which Half of Your Business Are You Protecting?]
 
#[http://www.veracode.com/blog/2011/12/hp-faces-class-action-lawsuit-over-printer-software-vulnerability/ HP Faces Class Action Lawsuit Over Printer Software Vulnerability]
 
#[http://www.h-online.com/security/news/item/Facebook-glitch-gave-access-to-other-users-private-pictures-1391270.html Facebook glitch gave access to other users' private pictures]
 
#[http://www.h-online.com/security/news/item/Download-com-apologises-for-bundling-1392501.html Download.com apologises for bundling]
 
#[http://www.telegraph.co.uk/technology/news/8921033/Staff-to-be-banned-from-sending-emails.html Staff to be banned from sending emails - Telegraph]
 
#[http://carnal0wnage.attackresearch.com/2011/11/embeding-link-to-network-share-in-word.html Carnal0wnage & Attack Research Blog: Embeding A Link To A Network Share In A Word Doc]
 
#[http://hackonadime.blogspot.com/2011/12/hacking-printers-pjl-basics.html Hacking On A Dime: “Hacking” Printers - PJL Basics]
 
#[http://1raindrop.typepad.com/1_raindrop/2011/12/top-5-security-influencers.html Top 5 Security Influencers]
 
#[http://www.darknet.org.uk/2011/12/sslyze-fast-and-full-featured-ssl-configuration-scanner/ sslyze – Fast and Full-Featured SSL Configuration Scanner]
 
#[http://www.secureconsulting.net/2011/12/3-common-ways-security-fails-p.html 3 Common Ways Security Fails People]
 
#[https://365.rsaconference.com/blogs/mike-gentile/2011/12/07/how-being-green-makes-you-stink-at-security-print-bigger How being Green Makes You Stink at Security: Print Bigger]
 
#[http://carnal0wnage.attackresearch.com/2011/12/aggressive-mode-vpn-ike-scan-psk-crack.html Aggressive Mode VPN — IKE-Scan]
 
#[http://nakedsecurity.sophos.com/2011/12/08/justin-bieber-stabbed-facebook-scam/ Justin Bieber stabbed by a crazed fan? It’s a Facebook scam]
 
#[http://infosecevents.net/2011/12/05/week-48-in-review-2/ Week 48 In Review]
 
#[http://crookedburn.blogspot.com/2011/07/review-my-father-el-hijo.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+CrookedBurn+%28Crooked+Burn%29 REVIEW: My Father El Hijo]
 
#[http://www.atlanticcigar.com/All-Cigars/Paul-Garmirian-Gourmet-Series-Corona-Grande.asp Paul Garmirian Gourmet Series Corona Grande | Atlantic Cigar Company]
 
#[http://blog.tenable.com/sc4dashboards/2011/06/detecting-new-hardware-by-ethernet-address.html Detecting New Hardware by Ethernet Address]
 
#[http://securityvulns.com/docs26454.html Security Advisory: Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified IP Phones 7900 Series - security vulnerabilities database]
 
#[http://blogs.technet.com/b/srd/archive/2011/05/18/new-version-of-emet-is-now-available.aspx New version of EMET is now available]
 
#[https://login.techweb.com/cas/login?service=http://www.darkreading.com/blog/229900095/logging-isn-t-hard-getting-started-is.html&gateway=true Logging Isn't Hard -- Getting Started Is]
 
#[http://www.h-online.com/security/news/item/Worm-uses-built-in-DHCP-server-to-spread-1255388.html Worm uses built-in DHCP server to spread]
 
#[http://www.networkworld.com/reviews/2011/060311-ms-web-application-configuration.html?source=nww_rss MS Web Application Configuration Analyzer]
 
#[http://www.networkworld.com/news/2011/060411-police-man-stole-nude-photos.html?source=nww_rss Police: Man stole nude photos from hacked e-mail accounts]
 
#[http://news.hitb.org/content/vcash-crypto-and-anonymization-equals-drugs-your-door vCash]
 
#[http://www.computerworld.com/s/article/9217240/8_security_considerations_for_IPv6_deployment?source=rss_security&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+computerworld%2Fs%2Ffeed%2Ftopic%2F17+%28Computerworld+Security+News%29 8 security considerations for IPv6 deployment]
 
#[http://www.computerworld.com/s/article/9217294/So_why_are_senior_U.S._officials_using_Gmail_?source=rss_security&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+computerworld%2Fs%2Ffeed%2Ftopic%2F17+%28Computerworld+Security+News%29 So]
 
#[http://www.computerworld.com/s/article/9217328/Apple_iOS_Why_it_s_the_most_secure_OS_period?source=rss_security&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+computerworld%2Fs%2Ffeed%2Ftopic%2F17+%28Computerworld+Security+News%29 Apple iOS: Why it's the most secure OS]
 
#[http://www.theregister.co.uk/2011/06/03/pla_needs_to_get_into_cyber_warfare/ Chinese army: We really need to get into cyber warfare]
 
#[http://www.hackerfactor.com/blog/index.php?/archives/432-Looks-Like-It.html Looks Like It]
 
[paulda@Pauls-MacBook-Pro:~/Downloads]$ awk -F',' '{print "\#\[" $1 " " $2 "\]"}' instapaper-export\ \(8\).csv  | sed -e 's/\"//g' > 278.txt
 
[paulda@Pauls-MacBook-Pro:~/Downloads]$ vi !$
 
vi 278.txt
 
[paulda@Pauls-MacBook-Pro:~/Downloads]$ vim 278.txt
 
  
 
#[http://securityvulns.com/docs27440.html Security Advisory: Vulnerabilities in D-Link DAP 1150 - security vulnerabilities database] - Same old song and dance, many
 
#[http://securityvulns.com/docs27440.html Security Advisory: Vulnerabilities in D-Link DAP 1150 - security vulnerabilities database] - Same old song and dance, many

Revision as of 21:59, 16 February 2012


Announcements & Shameless Plugs

PaulDotCom Security Weekly - Episode 278 for Thursday February 16th, 2012


  • John Strand will be teaching Offensive Countermeasures at SANS Orlando March 23-24th: Check it out here
  • Subscribe to our only non-computer security related show dedicated to Cigar Enthusiasts Stogie Geeks with Paul Asadoorian and Tim "BugBear" Mugherini. Wether you smoke an occasional cigar or daily, this show is for you! Tune in as we review the latest cigars being released and talk "Stogie Tech".

Interview: Jeremiah Grossman

Jeremiah Grossman founded WhiteHat Security in August 2001, and is a world-renowned expert in Web security. He's a founder of the Web Application Security Consortium (WASC), and was named one of InfoWorld's Top 25 CTOs for 2007. Prior to WhiteHat, Mr. Grossman was an information security officer at Yahoo! responsible for performing security reviews on the company's hundreds of websites. Follow him on Twitter at @jeremiahg


JGrossman.jpg


Four years and 4,000 websites video, slides

  1. Tell us about the "Top Ten Web Hacking Techniques of 2011" survey
  2. There is always a lot of discussion about the value of certifications in infosec, but the Certified Application Security Specialist credential has retained its cachet. As one of the founders, what lessons can you share with other certification bodies such as (ISC)2 and ISACA in their attempts to remain relevant?

Stories

Paul's Stories

  1. Security Advisory: Vulnerabilities in D-Link DAP 1150 - security vulnerabilities database - Same old song and dance, many

model D-Link routers have issues such as default passwords, CSRF, and suffer from brute force attacks. The thing that scares me the most is that people are running t hese things and have no clue that they are vulnerable. Until such time, as I don't know, maybe never, or maybe when their bank account is empty and they are left won dering why. ADSL routers are the scariest, because whose job is it to update the firmware? The provider, who is already losing money, or at least cost cutting, and t he first thing to go is security. Sorry, no shiny rainbows at the end of this story.

  1. PHP Vulnerability Hunter v.1.2.0.1 Released - I could write this very easily in the form of a script that detects if you are running PHP, and returns "Yes, you are vulnerable" if you are. On the flip side, this is a neat little tool to mess around with as PHP applications are notorious for having issues, so running a specialized little fuzzer against them may be worth your while.
  2. Avi Rubin: All Your Devices Can Be Hacked - Just an FYI, we prevent computers from being stolen, and stop pe

ople from getting viruses from your computers.

  1. Twitter Enables HTTPS By Default At Last - Uhm, a little late no? We've been
saying it for years, SSL IS THE SOLUTION TO ALL YOUR SECURITY PROBLEMS!
  1. PSA: Paula Deen - Freaking great post, deep fried cheese filled brownies for everyone! Paula Dean is a great che

f, until it comes out that she has diabetes. Same thing happens in security, your doing X and it seems okay, until it relates to something bad, then someone comes up

with a solution, and everyone gravitates to it. Its a very interesting social aspect of security.
  1. Why are we talking philosophy instead of technology? - I disagree with this

article. We don't need more non-technical talks, and we really don't need less of them. What we need is balance. We should have 10% talks be really high level, 10% b e extremely technical, and the remaining 80% should be a balance of technical and non-technical aspects of security.

  1. I Want to Detect and Respond to Intruders But I Don't Know Where to Start! - Start wi

th thinking about how an attacker would attack your network, like your web server, then talk about how you would respond. You'd likely need to look at the logs. If y ou aren't collecting them, hey look you have something to do now!

  1. The Cloud’s Low-Rent District - The cloud in general is a slum, and Amazon is the slum lord.
  2. Continuous patching – is it viable in the enterprise? - I disagree with Raf, we need patches, lots of patches all the time. Its simple, how can someone else (e.g. the vendor) tell you when you should apply a
patch? It makes ZERO sense. Rothman makes more sense in the case.
  1. I’ve always wondered how many vulnerable devices - Answer: LOTS.
  2. Dumping Cleartext Credentials with Mimikatz - Sweet post!
  3. What people think industry analysts do - This is just classic
  4. Cisco Zine: Nmap for IOS? No - Neat, a portscanner for Cisco IOS! Uses TCLshell.
  5. Employment for security professionals at all-time high - We are in a great field, however now we have a problem, finding talent. So, if you need a job...
  6. Android Security Threat From 'Reverse Smudge Engineering' - If you eat lots of pot

ato chips, this could be a security risk! Put the chips away, bitch...

  1. Adobe issues Flash Player update
  2. The Sudafed Security Trade-Off - Its no secret, people use Sudafed for two reasons: Clearing up
your sinuses when you get a cold (its the only thing that works for me) and cooking Meth. So since people use it to cook Meth, we must "Ban" it and require a persci

prion. If you do the math, this could mean a $1.5 billion dollar bill for the healthcare industry. It goes to show that making something harder to get doesn't always

make it more secure. I think this most closely relates to people using their own cell phones and tablets, the moment you try to ban them, it will just have horrible
reprecussions, like people using them anyway without you knowing. Getting back to cookin' meth, according to the great TV show "Breaking Bad" you can use a differen

t chemical process using "methlymine", which the characters in the show have to steal because you can't walking into any store and just buy it).

  1. Been Caught Stealin' - People steal SIM cards out of stuff, like traffic lights.
  2. Penetration Tests: Not Getting 'In' Is An Option - I almost want to d

iagree and say you need to define what "getting in" means to your customer, and then attempt to do just that, and then see if they can detect/prevent it, if they do,

move to plan B, C, D, etc... Its all about defining goals, and yea, sometimes its not about getting in.

Larry's (taken over by Darren cause Larry is a slacker) Stories

  1. Mountain Lion preview (OSX 10.8) - Apple has released a preview of OSX 10.8 due for release later this year. New security feature called Gatekeeper is coming. Looks like developers with valid Dev IDs will create a certificate that will be used to sign all their work. In the event a given developer does something wrong the cert can be pulled and the apps will not run. There are 3 levels of options the iphone option I call it where you can ONLY use apps on the app store nothing else can be installed, or install from anywhere but must have certificate, and lastly the install from anywhere cert or no cert option.
  2. iPhone Address book access - Apple is set to fix an issue that app developers were allowed to gather users contact list with out permission from the phones owner. Now you will be prompted with a pop up asking if you wish to allow this access.
  3. patch patch patch patch and then patch some more - Yet another Adobe 0day.
  4. Insder threats are real - Example that your own employees are your biggest threat.
  5. Nortel hacked for years - Former Nortel exec (they are all former now) says they were compromised for years and Nortel didn't try to hard to stop it.

Jack's Stories