Home > Uncategorized > Security News #0x7D

Security News #0x7D

With my class starting in just a few weeks, I am going to try to catch up on all of the cyber security news that has started to fill my inbox to bursting.

  • Did you know that John Troony has a page full of PHP webshells available for analysis? Just don’t trust them- remember the story about the C99/C99.PHP shells.
  • Raphael Mudge has developed and released a virtual machine named Morning Catch configured to be used as a sample system for phishing attacks. Similar in spirit to Metasploitable, students can use the system as a target in phishing and other types of attacks.
  • If you spend a lot of time working in Virtual Box, you might want to know about a Metasploit module that attacks VirtualBox up to 4.3.6 running on Windows 7 SP1 (x64). The underlying problem is in 3D acceleration on the virtual machines; it is designatedCVE 2014-0983.
  • Firefox 15-22 is exploitable via a Metasploit module. There are two underlying problems, CVE 2013- 1710 and 2013-1670.
  • Various NTP server implementations are vulnerable to DoS Amplification. In an amplification attack, the attacker sends x bytes of traffic to a server that responds by sending n times x bytes of traffic at a different system. In one of the vulnerabilities, the amplification factor n is 46, so an attacker can flood the target with 46 times the traffic they themselves can send out.
Learning More
  • One new topic in the upcoming book (and not in these notes) is the DNS amplification attack. if you want to know if your DNS server might be contributing to DNS amplification attacks, check out the Open Resolver Project.
  • Brad Antoniewicz has developed an an ActiveX control and tutorial for Internet Explorer to help students learn the basics of browser exploitation. Most cool.
For Students
Hacking the World
  • The Nest thermostat is vulnerable to attack, at least by folks close enough to gain physical access to the device.
Categories: Uncategorized
  1. No comments yet.
  1. January 11, 2015 at 8:07 am

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: