From around the Blogsphere
Forensic memory dumpers for Windows [Malta Info Security]
Couple of interesting tools that seem to have been released recently: ManTech Memory DD ManTech Memory DD captures a record of physical, or random access memory which is lost when the computer is shutdown. Released at no charge under the GPL license [...]
Reasonable Privacy or Not? [CultSEC Blog]
Every now and then I'll see something in the news talking about what employees can expect for privacy. It's always funny to me when this occurs because I don't understand where people get the idea their work computers are theirs, and not the company' [...]
Links for 2008-07-24 [del.icio.us] [Anton Chuvakin Blog - "Security Warrior"]
Event Log Subscriptions in Windows Server 2008 (and Vista) - Realtime Windows Server
Redmond | Column: Syslog ... 20 Years Later
San Francisco network lockup justifies CIO fears
A determined IT staffer has countless opportunities to sabotag [...]
On The Lam ‘Spam King’ Kills Self, Wife, Daughter, Wounds Another [Infosecurity.US]
Yesterday afternoon brought unfortunate news, via the Denver Post, of the recently convicted, so-called ‘Spam King‘ Eddie Davidson. Evidence shows the convicted felon shot his spouse and child and wounded another teen female before turnin [...]
Escapee ‘Spam King’ dead in apparent murder-suicide
Convicted spammer Eddie Davidson, who escaped from federal prison over the weekend, killed his wife and 3-year-old daughter before killing himself in what is being described as a murder-suicide.
Colorado’s 9News.com said the tragic end of the m [...]
More than 60% of Recursive Name Servers Unpatched- CERT [ARCHIMEDIUS]
The DNS vulnerability drum beat goes on. Based on a recent CERT Report published today at least 2/3 of Austrian recursive name servers have not yet been patched. The conclusions are rather grim so far – more than two thirds of the Austrian Internet [...]
SecuriKey Professional Edition 2.1 [Network Security Blog]
Thanks to Rich, I had an opportunity to write a review of SecuriKey Professional for MacWorld. They sent me the USB key fobs, I played around with it for a couple of weeks on my MacBook Pro, and I generally liked the product. The only thing I wish th [...]
Clash Of The Titans [Napera Networks]
Yesterday’s well hyped NAC debate over at Network World certainly received some attention. I was only able to check in between meetings but they posted an entire transcript and it makes interesting reading.
In one corner, Joel Snyder, well resp [...]
NAT/PAT Configuration and DNS Cache Poisoning Solutions [Infosecurity.US]
US-CERT has issued a security advisory, detailing issues with NAT/PAT and it’s affect on mitigating the widespread DNS Cache Poisoning vulnerability. The agency also issued a Vulnerability Note, at the beginning of the month, regarding this iss [...]
Kaminsky suggests long-term fix will still have to be determined, but patch now, or pay soon
I listened to the Black Hat webcast today to grab as much info as I could on this subject. The biggest thing that I heard from the whole talk is that the patch fixes things to a reasonable point, but that long-term, there will have to be more work do [...]
MindshaRE: Cross References in IDA [DVLabs: Blogs]
Posted by Cody PierceI would say besides the navigation keys (Esc, Enter, Ctrl-Enter, Arrows), the most often sequence I use is X / Ctrl-X. That's right, cross references. Okay, maybe I use others just as much, but for today's MindshaRE w [...]
Xobni - Changing How You Use Your Inbox [The Converging Network]
I like to talk about innovate products and Xobni, the plugin for Outlook, definitely fits the bill. I blogged about Xobni on my NWW blog back in February and as you can tell from that post, I was and still...
AT&T iPhones exposed to DNS cache poisioning? Or not?
Here’s a photo of my iPhone after running Dan Kaminsky’s Doxpara DNS Checker tool a few minutes ago: I ran the same test at the DNS-OARC’s DNS checker and got this: 209.183.33.23 (schinetdns.mycingular.net) appears to have GREAT sou [...]
Speculation over possible Skype backdoor
There’s growing speculation coming out of Europe that there’s a backdoor in Skype that allows remote eavesdropping of telephone conversations.
A report in the reputable Heise Online says the issue was discussed at a meeting with ISPs last [...]
Apple looking to hire iPhone hacker
Apple is in the market for someone capable of hacking into the iPhone.
According to this job listing, the company is looking for an iPhone Security Engineer capable of, among other things, developing “proof of concept” attacks on the devi [...]
Full Disclosure, Trolls and Reputation Stupidity
A lot has been said about the info sec trolls over the past couple of years and somehow it seems that there is a lack of any serious means, aiming to tackle this issue. It’s not that this matter is exclusively related to the Information securit [...]
Pwnie Award Nominee
Yesterday a friend of mind let me know that some of my BT Home Hub security research (details here and here) got nominated for the Pwnie Awards. At first I thought “oh, that’s cool”, but then I learned the category my research had b [...]
|)ruid and HD Moore release part 2 of DNS exploit
[Updated 07/24/2008: Gallery images of diffs of code revisions has been included and will be updated as things change, see here.]
Earlier today, noted researchers |)ruid and HD Moore released exploit code for the Metasploit tool for attacking th [...]
Attack code published for DNS flaw
The urgency to patch Dan Kaminsky’s DNS cache poisoning vulnerability just went up a few notches.
Exploit code for the flaw, which allows the insertion of malicious DNS records into the cache of the target nameserver, has been added to Metasplo [...]
‘Spam King’ escapes from federal prison
[ UPDATE: Davidson was found dead, involved in an apparent murder-suicide that involved his wife and 3-year-old daughter. ] Edward “Eddie” Davidson, a notorious e-mail spammer who was sentenced to jail time in April, has escaped from a fe [...]
iPhone vulnerable to phishing, spamming flaws
Security researcher Aviv Raff (left) has discovered a pair of basic design flaws that could turn your iPhone into easy bait for malicious phishing and spamming attacks.
According to an advisory from Raff, the iPhone’s Mail and Safari applicatio [...]
Researchers borrow from Google PageRank for network defense service
Using a link analysis algorithm similar to Google PageRank, researchers at the SANS Institute and SRI International have created a new Internet network defense service that completely revamps the way network blacklists are formulated and distributed. [...]
Professional Soldier
I would like to draw a simple analogy between professional soldiers and professional penetration testers. I find a lot in common between them and I believe that this exercise may help some members of the audience to clarify their understandings regar [...]
The Way of Logic into Dan’s DNS Flaw
There is a serious flaw in the DNS system and apparently it is a design bug, the types of bugs I like the most. I am very curious to learn what exactly Dan has prepped for us and I get the feeling that we will be deeply shaken by its simplicity. Alth [...]
What have we achieved so far?
In this post I would like to summarize some of the things we (GNUCITIZEN) have achieved so far. I am writing this post purposefully for myself, and for our group and I hope that we can use it as a base reference point to go even further. When I look [...]
SecUrls Revamped
Well, this is going to be a very quick post. I would like to let you know that SecUrls was redesigned and now it feels a lot better then before. Keep in mind that this is just an experiment just like some of our other projects. If it does not prove t [...]
OWI: Yet Another Anonymous Point of Attack?
About a month ago I traveled by train for a pre-sales meeting with a prospective customer. The trip was about two hours long, which would usually mean that it’d be boring. In this case it was different though: I was surprised with free OWI (Onb [...]
American Smears Vol. 1
As you probably have already heard, Barack Obama recently launched a brand new sub-domain, aiming to tackle false information throughout the Web. As far as I know, this is the one of the first mature attempts in the field of politics to wage an offic [...]
Save your passwords with Mozilla’s Weave
Save all your passwords and session identifiers in the cloud with Mozilla’s Weave. What do you think about that? Now this is not entirely unique feature to Mozilla only. We’ve seen the same trend with Microsoft’s Live Mesh and I sus [...]
Tiger Team Operations vs. Penetration Tests
If you read the Wikipedia’s definition of Tiger Team you get the following: A tiger team is a specialized group tasked with testing the effectiveness of an organization’s ability to protect assets by attempting to circumvent, defeat or ot [...]
Security Companies are Boring
I was flipping the pages of the latest SC Magazine and I am afraid to admit that it was very boring. And this is not because the idea behind the magazine is bad. Not at all. It is mainly the fault of the numerous info security companies SC Magazine i [...]
More UPnP Hacking Fun with Google Media Server
The fun with hacking UPnP enabled devices has just began. We’ve started our exploration in the fields of UPnP earlier this year with some smoking posts which covered some basic attacks and the advance flash attacks. Today I stumbled across Goog [...]
Landing Blogsecurify
During the last couple of days we combined forces with Blogsecurity.NET in an effort to improve their online Wordpress vulnerability scanner. The result of these efforts is our new initiative called Blogsecurify. Blogsecurify was created to help indi [...]
Google and Wildcard Domains
Ok, ignore the image. This is the best I could find online. This post is about a thing I happen to notice while messing around with my own Google for Applications accounts. Basically, Google allows you to use custom domains for your Google for Applic [...]
OWASP Europe 2008 Ghent
This year’s OWASP Europe event was based in Ghent, Belgium. I had to take an early train from London to Brussels, which is by the way dead easy. As usual the event was excellent. Now there were a few funny things but the most funnies of all was [...]
RISK 2008 Oslo
I need to do a lot of clean up work around all my projects. So, expect a series of quick posts which a meant to fill the gaps. Here you will be able to find my slides from a quite cool event in Oslo. The topic is Web2.0 again. I know what you are thi [...]
The Receipt
You know, being away from the blog does not mean that I did not have fun. Not at all. What’s wrong with this picture? Btw, this is absolutely authentic. Apart from the 64bit encryption, pay attention on the two fields after that. Ouch!
Fear
Here is a thought for you: The entire information security industry today is based on fear. The fear of getting hacked and your integrity and reputation being publicly jeopardized and challenged. This is what gives security vendors the power to sell [...]
Virtualizations
Please don’t take this post as a rant towards all the virtualization hackers out there. You are doing a great job and there is no doubt about that. My sole purpose is to get to the bottom of a problem which I believe is widely ignored when it c [...]
Most Attractive Targets: SaaS
Ok, so I have been busy. But soon you will see why. In the meanwhile I would like to draw your attention on a very interesting discussion me and ap have started some time ago. For those of you who don’t know, SaaS stands for Software as a Servi [...]
Black PR is not just a Subset of Disinformation
There is a big dispute over the PR community whether or not, the Black PR strategies are entirely based on lies and deception. Well, the truth is that no one can estimate for sure how many of them are actually made of false statements and imaginative [...]
A New Cold War?
Associate Press published an interesting article the other week, implying that the Chinese government has been involved in snooping the networks of the American Commerce Department. Here is an excerpt from the story: According to later publications, [...]
The Intermixed Web
If you haven’t noticed yet, a lot of the useless sections of this site have been removed. The microblogs are also gone since they were kind of redundant. Nevertheless, I still have the urge to post random thoughts that I would like to share. So [...]
Dumping the admin password of the BT Home Hub (pt 2)
This is just a quick update regarding our previous post which details how to extract the default admin password for the latest firmware of the BT Home Hub (6.2.6.E at time of writing). I recommend you to read the previous post if you have not done so [...]
Black Liquid
Guest blogger for Spin Hunters for this month is Sam Aldis, the founder of darkstar.me.uk. Sam started as a blackhat/script kiddie but soon he has learned a life lesson when he broke into a big football(soccer) leagues site. Sam did not serve any sen [...]
Dark Websites hide many Security Threats
One of the most common and useful tools in any crisis management strategy is the creation of a dark website. This practice is pretty common and it is one of the must- have policies in consumer sectors such as larger airlines, food/beverage companies, [...]
Rumors gone wild in the City
One of the biggest UK financial groups, HBOS, got the media attention last week by claiming that its structures had been targeted by a precise Black PR campaign. The news broke out with the allegations that the low record share prices of the group ar [...]
Black PR 2.0
Usually when we talk about Black PR (BPR) we refer to the ability to destroy our enemy’s identity and reputation. There are many approaches BPR practitioners can employ, but the basic aim in most cases remains one: to smash the basic relationsh [...]
Negative PR is not Propaganda, but…
I have a quite unique job and to the best of my knowledge only around 50 people worldwide are actually doing this for a living. Pretty cool, ah?! I am a professional spin hunter and I try to protect our corporate clients in terms of deliberate reputa [...]
Is Spitzer a victim of a Black PR campaign?
When I woke up this Monday I thought this would be one of those tedious weeks, when nothing really happens in the PR horizon. Thankfully, I was totally wrong! The New York Times put a smile on my face with its shocking disclosure that the governor (n [...]
Twitteroo
fukami: rotfl @dakami in teh yellow press http://tinyurl.com/65apl7
nate_mcfeters: @ccg good for you guys, you deserve it! Decent food?
nate_mcfeters: @wintr thanks man, appreciate it.
dakami: "Problems with DNS really cutting into Rock Band time, says girlfriend." @ccg, she is not subtle
nate_mcfeters: @hdmoore damn, that does sound good. You'll be at BH I'm assuming? We need to meet at some point.
dakami: @hdmoore patched > pwned
nate_mcfeters: For my next trick, Mind Hack #2: Water and/or Diet Coke tastes as good as Belgian Beer... estimated chance of success -10%
nate_mcfeters: Mind Hack #1: I have successfully convince myself through hacking my own brain that veggies and hummus is as good as deep dish pizza
nate_mcfeters: @shawnmoyer oh man... now I have to tare my eyes out too
nate_mcfeters: ATTN WORLD: Can we please never play Smashmouth ever again for any reason? I beg. Might rip my ears off of my head otherwise.
nate_mcfeters: @marcinw good to see you on finally.
nate_mcfeters: @jth we must know the same person! Do you also know little bobby tables?
nate_mcfeters: @singingarc yep, I just haven't seen Kalamazoo brewing company anywhere yet either. It's "close" to Bells, not exact. Where did you see?
dakami: Retweeting @stepto: ugh. screenshot of DNS attack attempts graphed out on my DNS server. http://www.stepto.com/images/dns.jpg
nate_mcfeters: @Beaker if it helps, your post on starbucks was runner up in my book for the Nate McFeters TOM award.
nate_mcfeters: @dinodaizovi wait, wait... I thought that we all always hoarded porn regardless of the imminent destruction of the intarwebs...
nate_mcfeters: @dinodaizovi Dino, NYCResistor = u and Cabetas? Where can I get info for next NYC trip?
ryanaraine: obama in berlin panorama (requires flash 9) http://tinyurl.com/59lan6
ryanaraine: @GeorgeVHulme i'm watching that show on cnn. mostly old/known stuff but still interesting to mom/pops.
ryanaraine: @BlackHatUSA2008 that would be nice. thanks much. or naraine/gmail
YouTube
Blogroll
The best blogs in the info sec field.
- GNUCITIZEN - Cutting-edge Think tank | Ethical Hacker Outfit
- Hakiri - Hacker Lifestyle
- Zero Day - ZDNet
