Security News #0x83
- The blog Jump ESP, jump! has a nice piece on the different ways an attacker can backdoor a Windows domain. Definitely worth a read!
- In a similar vein, Harmj0y talks about how an attacker can exploit domain trusts as part of a compromise of a complex network.
- Matthew Green has an excellent summary of the FREAK attack against SSL, and how it can be considered a consequence of poor decisions about the export control of cryptography from the 1990s.
- There is proof of concept exploit for CVE 2014-7911, a local root exploit for Android.
- A new version of PuTTY (0.64) has been released to patch a recently discovered security hole.
- Are you interested in learning the technical details behind CVE 2015-0311, a recent vulnerability in Adobe Flash? Take a look at what Core Security has to say.
- It may turn out that the recent vulnerability in Samba (CVE 2015-0240) may not be exploitable. See also a PoC from worawit.
- We all know the importance of using salt in password hashing algorithms. For an overview of salts, how they work and how bad salting methods can be less secure, head over to CrackStation.
- Kahu Security has a nice walk through that shows how to find malware embedded in a Microsoft Word document, using tools like OfficeMalScanner and OleDump.
- There is a PowerShell script which tried to replicate many of the features of netcat.
- Moonpig is a company that sells personalized greeting cards in Britain. To say that their web security is sub-optimal, well, decide for yourself.
- Alternate data streams are an old way to hide data in on Windows systems. Now there is PowerShell script to inject code into an alternate data stream and execute it.
- I had never considered the idea of doing LDAP injection along the same lines as SQL injection. Neat.
- Did you know that 85% of the average tech workers wardrobe is free tech t-shirts?