Daily Digs – 09.14.2009
Well, "daily" has been more like "weekly" as of late, but the digs are back.
I think this one is good on a few fronts, but mostly from a humorous perspective. Joe Lieberman and Susan Collins should stick to whatever they do best - and that doesn't include addressing "cyber crime". They're proposing a public / private relationship so that the government (really?) can help them defend against attacks. OK, didn't the FBIs website just get defaced recently? Unless the blunt plan is to put up some sort of subsidy (which I'm not at all endorsing) the government is just going to spin up more useless programs that are run by people who just-don't-get-it.
[Committee Examines Growing Cyber Threat to Businesses]
[FBI Jobs Site Gets Hacked]
Unique is not random is not secure. I'm not sure that's a complete sentence, but it sums up the article on Newsoft's Tech Blog rightfully. For a run down of examples on the differences in the three concepts hit up the link.
[Unique is Not Random is Not Secure]
The Consumerist ran a story this morning with video from LiveLeak on a man installing a skimmer. I'd have to say that I'm definitely more cognizant when using ATMs that are non-bank affiliated and portable. At one point in time I really didn't like ATMs that sucked the card into the machine, however today it makes sense as less risk to me.
[Guy Installing Skimmer on ATM]
I can honestly say I really didn't know much about 'RNS' before I read this article today, but the Fed seems to have cracked down a few of the key members. I'm not sure why the title references RNS as an '0Day' group however.
[Fed Crackdown on 'RNS' Signals Death to Oldest 0Day Group Online]
Don't have the cash or time to go to one of the big name cons? ChrisJohnRiley posted an article about the first online hacker con entitled SecurityTubeCon. There's a call for papers (& vid) out until October 20th, so get your talk ready to go!
[First Online Hacker Conference]
That's all the time we have for comments tonight, but we'll leave you with some other links to ponder. Thanks for stopping by!
[Windows Autoplay Behavior Updated]
[Gustav, the Hackerspace Twitter Bot]
[Loan Officer Indicted for Fraud and ID Theft]
[Dradis 2.4 Released]
[PhoneCrypt is Available for the iPhone (and entirely overpriced)]
[20 Temporary / Disposable Email Services]
[Hacker's Hideaway ARP Attack Tool Released]
[SourceFire's Vulnerability Report for September Screencast]
[Practical Intrusion Analysis Book Review]
Daily Digs – 08.19.2009
Good Wednesday-evening everyone! We're over the hump on on our way to the weekend so let's get right to the digs...
First up is a little bit of interesting research from our friends over in Redmond on de-anonymizing the Internet. The paper is all about a newly dubbed system called HostTracker. The basis of this particular system is to "...track bindings between hosts and IP addresses by leveraging application-level data with unreliable IDs." But, before I muddle the topic anymore head on over to check out the PDF.
[De-Anonymizing the Internet Using Unreliable IDs]
Everyone's heard of the IronKey but today there was some buzz around some new functionality and that's with specific regard to malware protection on the new product. The new functionality is by a company called Tresys and called FiST (File Sanitization Tool).
[Malware Protection on USBs from IronKey]
The SANS network forensics puzzle is still on like Donkey Kong! Submissions need to be in by September 10th, so get a move on.
[Network Forensics Puzzle Contest]
Network World today is telling us that managed security services are all the rage. Yeah, just like blink-tastic security boxes. And firewalls. The real question is what managed security services don't suck? Hit the link for some statistics you, could very well have, lived without.
[Managed Security Services All the Rage]
Well thankfully you don't need to give up your SSN to get a room from Radisson or you might be in more hurt than you already are. News out today that Radisson is disclosing a breach and to "review your account statements and credit report". Thanks Captain Obvious!
[Radisson Hotels Suffer Data Breach]
Gunnar Peterson, representing the 6-1-2, has a fabulous story of - firewalls! OK, not really, but read the article, it's been the most entertaining thing so far for me today.
[There Are No Firewalls]
Symantec identify your site as "dirty"? They've got the worst-of for the summer of 2009 up and CNET has an article all about it.
[Dirtiest Websites of Summer]
There seems to be an inadvertent feature in version 3.0 of iPhone and iPod Touch software - the fact that deleted emails can be recovered! Although reports say it's been fixed in 3.1 beta be wary of anything you think you may have deleted.
[iPhone Bug Keeps Deleted E-mails on Tap]
Rich and Co. over at Securosis have some new details up about the root cause of the Heartland breach. Although the recommendations are high level it's obvious there are many who are struggling to even implement the bare minimum.
[New Details, and Lessons, on Heartland Breach]
Indictments indictments everywhere! 8 more were charged today for obtaining $22 million dollars worth of wireless devices from AT&T and T-Mobile without payment. Ummm, say what? Quite the little scam to abuse the dealer network systems.
[8 Indicted in $22m Fraud Against AT&T Wireless, T-Mobile]
Oh yay, a couple of cloud standardization efforts were made public this week. If I had to shoot from the hip I'd say the OpenGroup initiative will probably be the end winner as it was entirely odd to see mention of "RESTful" in the first sentence of the A6 draft. Honestly, I think more effort went into a coining descriptor and buzzwords than anything else (and even that doesn't make total sense to me - call me slow). But anyway, CNET has the run down.
[Two Cloud Standardization Efforts Made Public]
We'll leave you tonight with some information around a very common tool most of us use on a daily basis. Considering most people run a stock configuration digging through this rundown of 20 (quick) best practices might serve you well.
[Top 20 OpenSSH Server Best Practices]
That'll do it for tonight folks! Take care and feel free to comment if you find the digs at all useful.
-windexh8er
Daily Digs – 08.10.2009
Monday, bloody Monday. At least we're in the clear! Some interesting news as of today so with no further announcements let's dig right in.
Our first link is for a tool distributed, for free, from Sophos: Anti-Rootkit software. It's recently been updated to support 64-bit versions of Windows and the upcoming Windows 7 (which, let's hope, brings the majority of Windows users into the 64-bit world). No black-tie release event for this version, but at least Sophos is still putting it out there for "free".
[Sophos Anti-Rootkit Updated]
If you're in the Minneapolis / St. Paul area and you're in, well, pretty much any field you've probably heard horror-stories stories of United Health Group. If we haven't had enough reasons to hate on UHG they're giving us a new one apparently! Let's see here - they're not only selling the marketing data but also mapping risk ratings for health and life insurance purposes. Way to go UHG! You get my swift-kick-in-the-ass award for today. If you can, do business elsewhere, UHG seems to treat their employees badly on top of the shady business practices.
[Your Prescription Data Has Been Sold For Profit]
Next up is some new functionality that will probably find it's way into Metasploit. Max's Remote-Exploit blog has all the details on 'psnuffle' including a screencast of the functionality. Jam out to the techno beats while you watch the module in action!
[Psnuffle Password Sniffer]
I'm all about the Verizon Business Data-Breach Report. That being said I think big vendors / carriers generally have over-hyped and under-performing security services in general. Hopefully the security service doesn't share any of the service provisioning speeds that generally are, shall we say, not break-neck? Anyway, if you're into hiring a big firm to do your due diligence for you Verizon can offer it on a silver-platter with a bill to match I'm sure.
[Verizon Business to Offer Risk-Based Security Service]
I happened to post this one earlier in the day and it got quite a bit more attention than I had expected. The RedTeam blog has some Gimp pwnage fun that shows you how to embed some sneaky PHP in a GIF. That and @hdmoore pointed out to me some extra fun to go along with the 'sploit. Double whammy!
[0wning with Gimp]
All your base are belong to... Committers? Sure. Or just go patch Subversion if you haven't already!
[Holes Closed in Subversion]
One of the more prominent elite when it comes to OS X hacking: Dino Dai Zovi has posted to his blog a new article all about, you guessed it, rootkits! This goes with his recent Black Hat talk and includes the preso, paper and code.
[Advanced OS X Rootkits]
So you want to speak at RSA in 2010? Well, you better get in gear because the call for proposals is quickly coming to a close.
[RSA Call for Speaking Proposals Due August 14th]
SANS has a rockstar intro up to memory forensics today. The write up includes looking at Mantech MDD and Volatility (which we've linked previously). If you're just getting your feet wet in forensics this quick run through definitely won't hurt!
[Memory Forensics: A Practical Example]
I asked myself a couple weeks ago this very question: "Why in the **** is the .NET Framework Extension installed in Firefox?" and now I have a fabulous answer. Wladimir Palant, of Adblock Plus fame, has a very thorough write up with linkage to other articles in the press. If you use Adblock, you'll want to read this. Microsoft up to their shady shenanigans - again.
[The Return of .NET Framework Assistant]
Tsk tsk, reinventing the wheel is BAD. Especially when dealing with crypto. And doing crypto in JS! Don't believe me? Well, you don't have to take my word for it, but how about going back to the link to Nate Lawson's "Crypto Strikes Back!" Google Tech Talk and you'll understand why. The devs themselves even say it's only a "base level of security" (uhhh, there's no auth), so why not just save yourself the trouble and avoid it?
[jCryption 1.0 Released]
Fortinet is, apparently, going for the gold. And in this case "gold" being public shares. El Reg has a story up regarding the rare happening.
[Fortinet IPO]
Put this link out in mainstream C-Level inboxes and you'll have all kinds of heads rolling on Tuesday afternoon. SANS has a post up about the consideration of renewing your A/V solution. If you're not a complete security n00b you probably already knew that A/V is a waste of CPU cycles and whitelisting, not signature based blacklisting, is the only way to really go forward in today's shikata ga nai world. Duh.
[Don't Renew that Antivirus Contract]
Looks like DHS is in the tubes these days. Obama has another catastrophic fail on his hands with the latest being Mischel Kwon putting in her resignation to (shocker) go work in the, much higher paying, private sector. Maybe if I tweet The Prez he'll mention me on Facebook and we can talk about it over Skype later. Or how about this: maybe stop trying so hard with the communications outlets and focus on doing and not talking for a few months. Because, we all know, Cash for Clunkers is really helping out!
[Mischel Kwon Resigns]
We end todays string of ranty-posts with the exclusive in-depth that Tom's Hardware has posted of Charlie Miller on the iPhone SMS exploit. Check it out, I was slightly tickled when I saw reference on the first page to AT commands. GO GO GADGET MODEM!
[Exclusive Interview with Charlie Miller]
We commented all the good articles today so, don't hold your breath, no grab bag for today!
-windexh8er
Tags
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Feb | ||||||
| 1 | 2 | 3 | 4 | |||
| 5 | 6 | 7 | 8 | 9 | 10 | 11 |
| 12 | 13 | 14 | 15 | 16 | 17 | 18 |
| 19 | 20 | 21 | 22 | 23 | 24 | 25 |
| 26 | 27 | 28 | 29 | 30 | 31 | |
Random Musings
Twitter: windexh8er
- Zoom whitening - more painful than expected but white white teeth!
- Inception in VIP at Showplace Icon FTW to celebrate resignation! Wooo hooo!
- Coke has hybrid electric delivery trucks, interesting. http://twitpic.com/27usw6
- Mog vs Rdio, the battle for my $10/month... (Mog is now on Android)
- Wow... TrueCrypt 7 benchmarks at 1GB/sec encrypt and decrypt on the i7 in the MBP. Too bad FileVault doesn't use AES-NI. :(