Difference between revisions of "Episode97"
|Line 37:||Line 37:|
== Listener Submitted Stories ==
== Listener Submitted Stories ==
Revision as of 22:13, 24 January 2008
Special Guests: Lenny Zeltser, Mike Murr and Bojan Zdrnja - Masters of Malware
Stories of Interest
Myspace Vuln results - [Larry] - A researcher used a vulnerability in myspace to view pictures marked as private, overriding the protections by accessing the private profiles and then the images...he used scripting to retrieve the photos from 44,000 profiles (567,000 images totaling over 17 Gig) over a 94 hour period. Those files are now available via Torrent (which I'd love to see seeded...). Two issues here: Myspace took some time to fix the hole (which was allegedly the same day it was reported) - but as a result, images from individuals under 16 are always marked as private to keep out pedophiles - and guess what this revealed. The other issue is, never put ANYTHING online that you don't want archived for eternity. I think a lot of people miss that, and it comes up time and time again with social networking sites.
Unshredding Documents - [Larry] - German scientists are using software to reconstruct shredded Stasi documents. Think shredding isn't enough? the type of documents here contained several different shredding methods, paper types, and typefaces, and likely this will take LOTS of time and resources (computer and financial) to accomplish. This is certainly beyond the scope of most attackers, even the determined ones.
Packet Analytics - [Larry] - A new company associated with the Los Alamos National Laboratory. Their software claims to be able to churn through mountains of netflow, and other security related information (IDS logs, firewall logs and so on), and can analyze them for breaches. Now, take this with a grain of salt - LANL has a history of accidentally disclosing nuclear secrets, and if I recall, was the home of hacking Fred Durst. That being said, I think that this should investigated as just ONE tool in your arsenal.
Going to meetings... - [Larry] - A successful physical assessment leads to access. When asked to come to a follow up meeting, the client intentionally did not provide access contact info, and asked the tester to get in on their own.
http://go.theregister.com/feed/www.theregister.co.uk/2008/01/22/hp_virtual_rooms_security_bug/ HP Virtual Rooms] - [Larry] - Attend a virtual meeting, and get pwned due to this ActiveX bug. I wanted to bring this up as another vector to some google calendar hacking - search for these public meetings, attend "anonymously" and let pwnage ensue.
VOIP Ownage with BT - [Larry] Oooh, paul, this must be the next best thing to chocolate (read as sex). GNUCitizen talks about vulnerabilities in the BT Home Hub (embedded device) that can allow for VOIP (!) calls to be hijacked, listened to, spoofed and possiblt mis-directed. BT claims to have fixed the issue, but instead of fixing it, they just disabled remote assistance. The attack is possible via an authentication bypass and SeaSurf.
Preventing laptop theft - [Larry] - Obviously, you will want to practice defense in depth, but what about preventing the exposure to begin with? How about:
Inventory management - record and register the serial numbers Laptop "Lo-jack" - Software that phones home Education! - put the laptop in the trunk, or carry it with you Cable locks - I go to so many training classes, where I see rooms full of security professionals leaving their laptops unattended while retrieving tasty snacks. A laptop alarm - but will it be like a car alarm that noone pays attention to?
Listener Submitted Stories
Beer Bread is Great - [PaulDotCom]