Home > Uncategorized > Security News #0x22

Security News #0x22

Let me give a shout out to the Bowie State Cyber Club and thank them for their hospitality on my visit last week. Don’t forget out discussion of hacking tools!

  • Always be aware of security- and this means being careful with shortened URLs. Threatpost describes a study from Web of Trust that shows a significant fraction of shortened URLs point to potentially hostile locations.
  • Metasploit has added a module for CVE 2012-1182, a vulnerability in Samba 3.6.3 that allows for remote code execution as root. The Metasploit module targets include Ubuntu 10.04, 11.04, and 11.10.
  • IEEE lost 100,000 plain text passwords thanks to a misconfigured FTP server. Some simple analysis of the resulting password has been performed. Naked Security provides some context.
  • Even more Java vulnerabilities have been reported to Oracle. Ars Technica provides some context.
  • Gal Badishi provides some insight to how CVE 2011-0611, a vulnerability in Adobe Flash, can be exploited.
  • One of the servers for Sourceforge distributed for a short time a version of phpMyAdmin that contained a backdoor (CVE 2012-5159). Once again, Ars Technica provides some valuable context.
  • The Illinios CCDC has a new proposed competition topology.
  • The CSAW CTF is ongoing, with 576 teams on the scoreboard.
  • Here is a nice page that describes how someone qualified for DefCon 2004. What is especially nice is that the author provided a link to the original executables as well.
  • Mark Adams demonstrates how to include Javascript in a .pdf document using Scribus.
  • I have not tried ExploitShield, but from the article is seems to be worth a look. Perhaps when I find some time….
Categories: Uncategorized
  1. Charles H.
    September 30, 2012 at 7:49 pm

    Thank you for taking time out of your busy schedule to come to Bowie and share your wealth of knowledge and experience with us. We welcome you back any time your schedule allows. We are looking forward to a friendly CTF with you school. Best wishes to you and your team moving forward in the MDC3.
    Charles H.
    Bowie State Cyber Club

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: