Older news, but a good example
I get asked all the time about what security researches do. This is a blog page from f-secure from December of last year that talks about, among other things, the IE WMF exploit that has been widely taken advantage of over the past several months. The page does a good job of describing a variety of combinations of things a researcher must look for and notice about an exploit. These examples are not low level assembly type things but stuff security pros at any level should be prepared to understand.
Take a look ...
F-Secure: News From the Lab
Take a look ...
F-Secure: News From the Lab
New IE Exploit
Websites that take advantage of a flaw in the dll that draws VML (Vector Markup Language) mostly seem to include pr0n and serialz (pirate software) sites. However, a Russian company is selling a Web Attack kit for about $15, (that includes technical support!) for installing this and other IE exploits. It won't be long before other sites follow suit; the free clip-art, screensavers, downloads, and fake search engine pages we get all the time. There is money to be made in turning over compromised machine to those who have a need for them.
If you use Firefox, no worries. Well...sooner or later you will open IE; in Outlook, Windows Explorer, or an applications help link. IE is unavoidable unless you simply don't use windows at all.
The easiest fix is to unregister the vml dll (vgx.dll). Go to your start -> run command window and type:
Visit this test page to see if it worked:
Zeroday Emergency Response Team
Read more about it:
Securiteam's description
F-Secure Description
If you use Firefox, no worries. Well...sooner or later you will open IE; in Outlook, Windows Explorer, or an applications help link. IE is unavoidable unless you simply don't use windows at all.
The easiest fix is to unregister the vml dll (vgx.dll). Go to your start -> run command window and type:
regsvr32 /u "%CommonProgramFiles%\Microsoft Shared\VGX\vgx.dll
Visit this test page to see if it worked:
Zeroday Emergency Response Team
Read more about it:
Securiteam's description
F-Secure Description
Preconfigured Snort VM
Snort is a Network Intrusion Detection System (NIDS) sign and that is passive, meaning it does not engage the target, and it is uses a rules based signature analysis technique. The rules are easy to learn to write, but a community of users has already created a large default collection that is actively developed and regularly updated.
In my classes I highly encourage students to use: Snort, Hping2, Nmap, Wireshark, and IPTables, as tools for learning the intricacies of network traffic, design and protocols. I also encourage the everyone setup a snort system at home to monitor internet noise.
Theere is now a VMWare virutal machine preconfigured (to a point) offered by the snort team. You can run this in VMWare player and have a NIDS free of cost and of minimal hassle. Check it out...
Snort VM download page
In my classes I highly encourage students to use: Snort, Hping2, Nmap, Wireshark, and IPTables, as tools for learning the intricacies of network traffic, design and protocols. I also encourage the everyone setup a snort system at home to monitor internet noise.
Theere is now a VMWare virutal machine preconfigured (to a point) offered by the snort team. You can run this in VMWare player and have a NIDS free of cost and of minimal hassle. Check it out...
Snort VM download page
FIRST: Best Practices Whitepapers
A two hour seminar is not going to cut it....but its a start.
Information security is a wide broad and large subject. Some may claim its just snake oil and that claim is occassionally true. The bottom line is risk management and attaching the need to secure your assets to their value. Security breaches are as much a fact of life in business as any other risk catagory; some problems aren't worth solving, but other would close your doors in a day.
FIRST (Forum of Incident Response Security Teams) has a collection of best practices and recommendations for securing various products including Cisco IOS, Windows (several genrealtions) and setting up CSIRTS (Computer Security Incident Response Teams). Take a moment to look it over.
first.org security library
Information security is a wide broad and large subject. Some may claim its just snake oil and that claim is occassionally true. The bottom line is risk management and attaching the need to secure your assets to their value. Security breaches are as much a fact of life in business as any other risk catagory; some problems aren't worth solving, but other would close your doors in a day.
FIRST (Forum of Incident Response Security Teams) has a collection of best practices and recommendations for securing various products including Cisco IOS, Windows (several genrealtions) and setting up CSIRTS (Computer Security Incident Response Teams). Take a moment to look it over.
first.org security library
Having fun with those stealing your unsecured bandwidth
In our classes we debate the legal challenges that surround securing wireless networks. I don't think we can legally hold non-computer experts accountable to misconfigured networks, I would prefer to ley this problem get solved in the marketplace by letting more secure WiFi products compete to solve these issues. We don't talk much about the other side; What rights do you have to a computer that has logged into your unsecured network but doesn't belong there?
While I don't advocate retaliation on any level in security, but I have to admit this example is pretty clever.
While I don't advocate retaliation on any level in security, but I have to admit this example is pretty clever.
Hey! Would it be OK with you if I upload this picture of you to my blog?
The link below leads to an excellent article about the pipeline worm, It offers a step by step description of how an infection can occur through using an instant messanger program, as well as some of the research techniques used to discover the source and workings of this malware. Screenshots are provided for a visual too. Great stuff!
Pipeline Worm Floods AIM with Botnet Drones
Pipeline Worm Floods AIM with Botnet Drones
Off the beaten path: Zero Knock's DEN
There are possibly thousands of these sites. Just like this very blog as a matter of fact, that deal with security issues and provide access to whitepapers and other packages for knowledge.
infoSecond is run by a whitehat instructor and does does not often disclose 0-day or "underground" class information. I find stuff at the many websites I read and post what I think may be of interest to former and future students as examples. Every now and then I post something more personal or opinionated.
But what about the real good underground Russian or Chinese juicy stuff? Where are the sites that post exploits and sell botnets? As the saying goes "When the student is ready the teacher will appear" so if you haven't found these sites yet its either because: You haven't really been looking, you aren't ready, you haven't contributed original thought in the form of a malicious process, or you aren't interested in actually doing harm; you just want to protect and earn your keep honestly.
This post points you to a collection of links to whitepapers that can go either way. You can use them, and if so please avoid association and references to my training, or you can read them out of fascination and curiosity.
Zero Knock's Den
infoSecond is run by a whitehat instructor and does does not often disclose 0-day or "underground" class information. I find stuff at the many websites I read and post what I think may be of interest to former and future students as examples. Every now and then I post something more personal or opinionated.
But what about the real good underground Russian or Chinese juicy stuff? Where are the sites that post exploits and sell botnets? As the saying goes "When the student is ready the teacher will appear" so if you haven't found these sites yet its either because: You haven't really been looking, you aren't ready, you haven't contributed original thought in the form of a malicious process, or you aren't interested in actually doing harm; you just want to protect and earn your keep honestly.
This post points you to a collection of links to whitepapers that can go either way. You can use them, and if so please avoid association and references to my training, or you can read them out of fascination and curiosity.
Zero Knock's Den
VMWare virtual appliances
This link points to a page where you can download pre-built virtual machines to test products, operating systems, and other technologies. There is so much cool stuff here that if you are not yet convinced to learn about virutalization, maybe this will convince you to take the plunge.
VMWare virtual appliances
VMWare virtual appliances
Security Podcast List
Provided by PaulDotCom, one of my favorites, this is a good list ot get started on listening to security podcasts.
Security podcast roundup
Security podcast roundup
Creative Commons Record Label
In my view, the thieves of the music industry are the .... well ... the music industry. How can an industry steal from itself? Artists who create the music, write and perform it often have to sign away their souls, stay in debt for years, and even get to a point where everything they do will be placed on a shelf and made illegal to distribute. All to keep up and coming bands from competing with the top 40 pablum.
Of course, a band can always choose not to sign an oppressive deal. And the internet offers new avenues and opportunities for artistic distribution, but the thieves in the middle of the process are fighting hard to protect their advantages. That's what the RIAA lawsuits are about. Nothing more.
Creative Commons might be helpful to artists of many disciplines, and the link below references a record label that signs bands under this legal device. Please look into it, I would never ask people to like stuff just for a cause, in other words, if the music is bad don't listen. What I am encouraging is that we find ways to open the channels and support at the very least in principle, any method which encourages new opportunities without the having to wear the handcuffs of the old guard.
DiSfish
Of course, a band can always choose not to sign an oppressive deal. And the internet offers new avenues and opportunities for artistic distribution, but the thieves in the middle of the process are fighting hard to protect their advantages. That's what the RIAA lawsuits are about. Nothing more.
Creative Commons might be helpful to artists of many disciplines, and the link below references a record label that signs bands under this legal device. Please look into it, I would never ask people to like stuff just for a cause, in other words, if the music is bad don't listen. What I am encouraging is that we find ways to open the channels and support at the very least in principle, any method which encourages new opportunities without the having to wear the handcuffs of the old guard.
DiSfish
Cell phone spyware
Install this software on a cell phone and it will record text messages, conversations, and it can even turn on the microphone and record background noise.
This is horrible, yet it is sold as a commercial product even there is almost no legal way this software could be used. The founder of this company argues that it helps people in dire stress find cheating spouses and so on. This kind of thing isn't at all new, in the sense that spyware has been sold as "family protection" for years in regards to home computers. What concerns me is that at this point many people have a false sense of the security in cell phones. Since cell phones are more ubiquitous than PCs, the problem of spyware is only growing.
The site also says that after April (what year isn't clear) the software will work of Blackberries, the um er um most secure communications device out there. You may have a blackberry specifically becuase it does not have a camera or mp3 player, meaning it isn't fun its just business, but now it can also be your personal tracking device as well.
Flexispy
This is horrible, yet it is sold as a commercial product even there is almost no legal way this software could be used. The founder of this company argues that it helps people in dire stress find cheating spouses and so on. This kind of thing isn't at all new, in the sense that spyware has been sold as "family protection" for years in regards to home computers. What concerns me is that at this point many people have a false sense of the security in cell phones. Since cell phones are more ubiquitous than PCs, the problem of spyware is only growing.
The site also says that after April (what year isn't clear) the software will work of Blackberries, the um er um most secure communications device out there. You may have a blackberry specifically becuase it does not have a camera or mp3 player, meaning it isn't fun its just business, but now it can also be your personal tracking device as well.
Flexispy
Hacking Videos
How long before we end up with a YouTube version of something like this? Its insane but for some reason I love it.
Hacking Videos
More Hacking Videos
Hacking Videos
More Hacking Videos
Net Neutrality
This subject has come up in classes many times. Although we do not attempt to solve political issues in a technical training class, I believe ANY training class is subject to what I call "general awareness issues". These are current events in the news that may affect our lives, careers, and other choices, that are relevant to the topic at hand.
The doublespeak is starting. A website called "Hands off the Internet" created by a PR firm that represents companies that spend millions in goverment lobbies and other gifts says "Say no to government regulation". ?!?!
Net neutrality is of huge importance. Please take a few moments to see how you see it. In addition to the link below, do a google search on the subject. Try to read both sides of the argument. As with many other polital debates, this one feels as if the two sides are having entirely different converstations.
Net Neutrality - Wiki
The doublespeak is starting. A website called "Hands off the Internet" created by a PR firm that represents companies that spend millions in goverment lobbies and other gifts says "Say no to government regulation". ?!?!
Net neutrality is of huge importance. Please take a few moments to see how you see it. In addition to the link below, do a google search on the subject. Try to read both sides of the argument. As with many other polital debates, this one feels as if the two sides are having entirely different converstations.
Net Neutrality - Wiki
Downloading a recent Windows security patch may also get you....a free iPod !!!
The phishing emails are amazing in how arrogant, and how affective they can be. Read about it at the link below...and btw. there is no free iPod in the deal.
Windows patch, Ipod exploited
Windows patch, Ipod exploited
