Info Sec News, Dec 2, 2008

A rootkit was found in an Enterprise Information Security software, reports Heise Security and The Register.

Another vulnerability was found in the popular VLC media player. So if you can, update.

The Chicago Tribune reports that a new round of cyber attacks has the Pentagon worried. They normally get a whole number of attacks per day, however, the magnitude and way the new attacks are being done are apparently designed to specifically attack military networks. Heise also covers the same topic here and here.

The Linux on iPhone project has released the first results of its project.

Anti-virus seems to be ineffective versus new malware that makes zombies out of PCs. Stuart Staniford talks about it in his blog.

WordPress update fixes XSS vulnerability.

Google denies security hole in GMail.

Microsoft adds malware detection to its Webmaster tools. Speaking of Microsoft, a new windows worm builds a massive botnet worth around half a million computers and growing.

For the first time, Apple quietly recommended Anti Virus software in a technote. About.com has Mac Anti-Virus recommendations. iAntivirus and ClamXav are free.

Advertisement

Hack in The Box Conference 2008 Materials

Amitpal Dhillon – Addressing Identity Management.pdf 3.7M

Dino Dai Zovi – Mac OS Xploitation.pdf 623K

Ero Carrera – Analysis and Visualization of Common Packers.pdf 3.7M

Hernan Ochoa – Pass-The-Hash Toolkit for Windows.pdf 535K

Jim Geovedi – Hacking a Bird in the Sky 2.0.pdf 3.1M

Julian Ho – Moocherhunter.pdf 124K

Peter Silberman – Full Process Reconstitution from Memory.pdf 144K

Alexander Tereshkin – Bluepilling the Xen Hypervisor.pdf 8.3M

Alexander Tereshkin – Bluepilling the Xen Hypervisor Demo (Large File) 142M

Eric Lawrence – IE 8 – Engineering a Trustworthy Browser.pdf 13M

Jonathan Squire – A Fox in the Hen House.pdf 3.5M

Paul Craig – Hacking Internet Kiosks.pdf 1.2M

Roberto Preatoni – Time for a Free Hardware Foundation.pdf 11M

Saumil Shah – Browser Exploits – A New Model for Browser Security.pdf 2.1M

The Grugq – How the Leopard Hides His Spots.pdf 01-Nov-2008 12:39 128K

Mel Mudin and Lee – Advanced Network Forensics Lab Demo (Large File) 29M

Charlie Miller – iPwning the iPhone.pdf 9.8M

Charl van Der Walt – Pushing the Camel Through the Eye of a Needle.pdf 23M

Ilfak Guilfanov – Decompilers and Beyond.pdf 418K

Kris Kaspersky – Remote Code Execution Through Intel CPU Bugs.pdf 1.3M

Petko D Petkov – Client Side Security.pdf 1.0M

AR Samhuri – Next Generation Reverse Shell.pdf 7.7M

Adrian Pastor – Cracking into Embedded Devices and Beyond.pdf 889K

Mary Yeoh – Security Penetration Testing at RTL Level.pdf 4.4M

Matthew Geiger – How to Build Your Own Password Cracker and Disassembler.pdf 471K

Shreeraj Shah – Top 10 Web 2.0 Attacks.pdf 1.1M

Advanced Wireless Lab (Very Large File) 1.2G

Ching Tim Meng – Detecting and Removing Malware without Antivirus Software.pdf 321K

KEYNOTE 1 – Jeremiah Grossman – The Art of Click-Jacking.pdf 2.5M

KEYNOTE 2 – Marcus Ranum – Cyberwar is Bullshit.pdf 54K

KEYNOTE 3 + 4 – The Pirate Bay Dissolving a Billion Dollar Industry as a Hobby.zip 38M

Launching of DefCon Philippines

Soft Launching of Defcon Philippines (DC3662) will be on Dec 20, 2008 with a half day event (1-6PM) at Handuraw, 460 Gorordo Avenue, Cebu City.

For more info, check out www.defconph.org.
There’s also great info in their blog section. They will be sponsored by opononline and Empress of Drac.

A couple of Blogs about this event:

Beyond the norms

cebubloggers

Third Wave

---

Since I posted something about Social Networks and the Philippines probably around a week back, you might want to check out the Pinoy Post Blog by Melvin Calimag over at ZDNetAsia who recently wrote an informative article about the same topic.

Since the author seems to be one of the few writers on IT in the Philippines, I googled him and came upon this interesting article written around the start of this year.

---

Other Info Sec News

Security update for xt:commerce Shop system

Obama’s cell phone records breached

Verizon staff break into Obama’s cell phone account

US Military’s ban of USB thumb drives highlights security risks

Buffer overflow in Vista’s TCP/IP stack

Microsoft to offer free security solution, discontinue OneCare. This is also related to,
Microsoft hopes free security means less malware

Key Logger Spyware ordered off the market

Brief study shows difficulty in detecting malware

Apple plugs a dozen iPhone security holes

Computer virus brings London hospital networks to a standstill

---

New Links:

MASE Consulting – Policies and Procedures
Software Assurance Forum for Excellence in Code

Wireless Hacking part 2

Yesterday, I had a post on Using Nmap to detect Rouge Wireless Access Points. With that post were various links to tools on hacking wireless networks that are freely available on the net. This is of course to help inform the public on the perils of wireless network computing. However, I also posted a link on the advantages on wireless and how to secure it. As is often the case, one must seek a balance or prioritize among that OTHER security triad of COST vs SECURITY vs CONVENIENCE.

For the history buffs, there is a A Brief History of Wireless Security from SecurityUncorked.com. CSOonline, back in May 2008, also published a very informative article on Wireless Security: The Basics.

News from SC Magazine US, SecurityFocus.com and Heise Security just came out that WPA can now be cracked in around 15 minutes.

The SecurityFocus.com news item above talks about Recovering a WEP key in less than a minute using the aircrack-ptw tool that is used with the aircrack-ng toolsuite.

I remember a few months ago Risky Business podcasts interviewed the maker of Metasploit framework, HD Moore, regarding his evil Eee PC. It’s about the new KARMA+Metasploit 3 framework which is a set of tools that listens to all client probe requests and can then become a fake wireless AP for any requested network. The scary thing here is that you can possibly get owned as long as your wireless is enabled and its automatically looking for a wireless access point, without the user even knowing it. The older Karma framework is available here.

If the Risky Business podcast didn’t get you a wee bit paranoid, an interview by Network World on, Wireless security foiled by new exploits, just might do the trick. They interviewed Joshua Wright who writes the security blog WillHackforSushi.com and is also the author of the six-day SANS Institute course, Assessing and Securing Wireless Networks.

I wonder what tools were used for the “Wall of Sheep” at the Defcon conferences, which was also at the BlackHat, this year. In case you’ve never heard of the “Wall of Sheep”, its a wall with a projection of Usernames and part of the passwords for the users foolish enough to not have enough security on their wireless connections. MySpace and Gmail accounts have also shown up (in spite of Gmail using the default https, but just for log-on) through the use of replay attacks. Apple iPhones and Window’s mobile phones have also shown up.

Since you’ll want to save some of the information from the KARMA+Metaploit 3 framework, I’m guessing newer mini-notebooks like the Acer Aspire One which retails for around $350, and Lenovo Ideapad S10 which retails for around $400, would both be great for this.

Since its related, there’s an On Demand Webcast sponsored by Nokia on, Corporate Mobility Policy and Device Management. In case your organization is PCI compliant or is looking forward (or dreading) compliance in the future, Network World will be having a webcast next month on PCI Wireless Compliance Demystified.