From Security Weekly Wiki
Jump to navigationJump to search
10 bytes removed ,  19:55, 25 November 2014
#[ ] - Doesn't matter which CMS you run, they all were found with this backdoor.
#[ Let's Play NSA! The Hackers Open-Sourcing Top Secret Spy Tools | Motherboard] - This one is for Larry and Joff...
#[ Critical XSS Flaw Affects WordPress 3.9.2 And Earlier] - Oh, and if you run Wordpress, have lots of people people who can do upgrades. Lots of people.#[ Apple TV multiple security vulnerabilities] - I really want to see an attack against a platform like this. Put some code on it, use it to harvest credentials, even credit card info? Not sure if that's possible, but I always wonder.#[ Remote Code Execution in Popular Hikvision Surveillance DVR] - RTSP has some buffer overflows, oh and then there is this: "the devices also ship with a default username (admin) and a default password (‘12345′)". I need a drink. We're all doomed. Its a hacker's playground out there, stock stock up on booze.
#[ Don't Discount XSS Vulnerabilities] - Great article on XSS, Johannes is quoted as stating that XMLRPC requests
are being used to bypass same origin. Great point. And people tend to give a much lower priority to XSS, likely because the attack success depends largely on the context of the vulnerabilityvulnerability. Sometimes its not likely to be exploited. Other times it can be used to dive deep into your web site and results in root. The trick is figuring out the difference. From a defense standpointstandpoint, apply your patches. Likely a patch for XSS will not blow up your site, it could, but in all the years of maintaining web sites, I still recommend to apply those patches. UnfortunatelyUnfortunately, this means upgrading the entire application, where you get bug fixes, security fixes, and "features". Which could lead to more vulnerabililtiesvulnerabilities. So, get good at upgrading...
#[ Regin: When did protection start?]
#[ Strength in numbers: Why layered network protection is priority] - So A/V, Patch and "web protectionsprotections". While all those things will help, you need to go so much deeper. Patch and configuration and process go hand-in-hand. Enpoint Endpoint protection is important, and relying on A/V is so 7 yearsago. EMET comes to mind, as does a good strategy for re-imaging. Web applications comes down to educating developers and having a good testing process. And so. much. more.#[ "All Your Base] - Eff makes efforts to encrypt the Internet. "The biggest obstacle to HTTPS deployment has been the complexity, bureaucracy, and cost of the certificates that HTTPS requires." Its true, the barriers to properly implementing and maintaining TLS are huge. The big guys get it right, sometimessometimes. Curious to see what comes next...#[ Reversing Industrial firmware for fun and backdoors I] - Some updates posted here, I wonder if everyone has updated updated their firmware? Likely not... We seem to lack adequet adequate testing tools, given the nature of embedded systems and how each one is unique. How does your enterprise ensure firmware updates updates across devices?
#[ Reversing DELL's DRAC firmware] - Turns out, this firmware does not use /etc/shadow. This means the backdoor
found is not accessible remotely. Oh well. This happens when you are reverse engineering firmware. You find artifacts, but sometimes they are not used in the production environment. Maybe


Navigation menu