From Security Weekly Wiki
Jump to navigationJump to search
4,820 bytes added ,  19:54, 25 November 2014
== Paul's Stories ==
#[ "Guest diary: Detecting Suspicious Devices On-The-Fly]#[ Bugtraq: WordPress 3 persistent script injection]#[ google/firing-range · GitHub]#[ [DeepSec 2014] Trusting Your Cloud Provider. Protecting Private Virtual Machines – Armin Simma | Cатсн²² (in)sесuяitу / ChrisJohnRiley]#[ ] - Doesn't matter which CMS you run, they all were found with this backdoor.#[ Let's Play NSA! The Hackers Open-Sourcing Top Secret Spy Tools | Motherboard] - This one is for Larry and Joff...#[ Critical XSS Flaw Affects WordPress 3.9.2 And Earlier] - Oh, and if you run Wordpress, have lots of people who can do upgrades. Lots of people.#[ Apple TV multiple security vulnerabilities] - I really want to see an attack against a platform like this. Put some code on it, use it to harvest credentials, even credit card info? Not sure if that's possible, but I always wonder.#[ Remote Code Execution in Popular Hikvision Surveillance DVR] - RTSP has some buffer overflows, oh and then there is this: "the devices also ship with a default username (admin) and a default password (‘12345′)". I need a drink. We're all doomed. Its a hacker's playground out there, stock up on booze.#[ Don't Discount XSS Vulnerabilities] - Great article on XSS, Johannes is quoted as stating that XMLRPC requests are being used to bypass same origin. Great point. And people tend to give a much lower priority to XSS, likely because the attack success depends largely on the context of the vulnerability. Sometimes its not likely to be exploited. Other times it can be used to dive deep into your web site and results in root. The trick is figuring out the difference. From a defense standpoint, apply your patches. Likely a patch for XSS will not blow up your site, it could, but in all the years of maintaining web sites, I still recommend to apply those patches. Unfortunately, this means upgrading the entire application, where you get bug fixes, security fixes, and "features". Which could lead to more vulnerabililties. So, get good at upgrading...#[ Regin: When did protection start?]#[ Strength in numbers: Why layered network protection is priority] - So A/V, Patch and "web protections". While all those things will help, you need to go so much deeper. Patch and configuration and process go hand-in-hand. Enpoint protection is important, and relying on A/V is so 7 yearsago. EMET comes to mind, as does a good strategy for re-imaging. Web applications comes down to educating developers and having a good testing process. And so. much. more.#[ "All Your Base] - Eff makes efforts to encrypt the Internet. "The biggest obstacle to HTTPS deployment has been the complexity, bureaucracy, and cost of the certificates that HTTPS requires." Its true, the barriers to properly implementing and maintaining TLS are huge. The big guys get it right, sometimes. Curious to see what comes next...#[ Reversing Industrial firmware for fun and backdoors I] - Some updates posted here, I wonder if everyone has updated their firmware? Likely not... We seem to lack adequet testing tools, given the nature of embedded systems and how each one is unique. How does your enterprise ensure firmware updates across devices?#[ Reversing DELL's DRAC firmware] - Turns out, this firmware does not use /etc/shadow. This means the backdoorfound is not accessible remotely. Oh well. This happens when you are reverse engineering firmware. You find artifacts, but sometimes they are not used in the production environment. Maybeit was only used in a test environment or another hardware revision. Or sometimes the firmware is copied from a different hardware device and some features are not implemented.
== Larry's Stories ==


Navigation menu