Home > Uncategorized > Security News #0x5A

Security News #0x5A

  • Metasploit has a new privilege escalation module to allow elevation to system. The module exploits CVE 2010-0232, which was patched back in the day by MS 10-015. The module works only on 32 bit systems, but apparently works on Win 2000 SP4 through Win 7.
Learning More
  • The Infosec institute has a nice piece on how to analyze malicious PDFs. They start by showing how to generate them with Metasploit, and summarize some of the common tools that can be used to analyze them.
  • The folks at GreyHatHacker.NET have a fantastic piece on elevating permission by exploiting folder permissions. In their post, they take a service that tries to load a .dll that does not exist by default. This means that an attacker could put an appropriately named .dll anywhere in the search tree (which is quite large) for which they have write access and use it to try to elevate privileges. The post gives an example, and provides some mitigation techniques.
Industry News
  • It appears that LG Televisions may be sending all sorts of information, from viewing habits to the names of files on other networked devices in the home- back to central LG servers. Yikes.
  • Renesys announced that they have detected man-in-the-middle BGP route hijacking in the wild. The piece is definitely worth a read.
  • Have you ever wondered why you should be careful with Wi-Fi at airports and Hotels? Ask Anthony Freed.
  • If you haven’t read the story about Charlotte Laws (and her daughter), then you should.
Categories: Uncategorized
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: