Home
> Uncategorized > Security News #0x87
Security News #0x87
- As someone who has coached three different teams to the finals of the National Collegiate Cyber Defense Competition, let me say that Raphael Mudge’s analysis is spot on and hugely helpful. Mind you, there is a difference between knowing what Red Team wants to do, and being able to meaningfully stop them…..
- If you are looking for a nice write-up on MS 14-068, head over to Veris Group and read what one of my ace former students has to say.
- There is a new denial of service attack against Minecraft servers.
- If you want to see a technical analysis of MS 15-034, the recently announced vulnerability in HTTP.sys, you might want to head over to Security Swift and a recent piece by Mike Czumak.
- Metasploit is developing a DoS exploit to attack MS15-034. I wonder how long it will be before this becomes remote code execution.
- If you want to see some of the technical details behind the recent Chinese attack against GitHub, check out Netresec.
- There is a (post-authentication) backdoor available for pfSense firewalls. This backdoor was used extensively during the 2015 SECCDC. Sam Cappella talks about his experience on Red Team at the SECCDC, including the development of the backdoor.
- One interesting area of research over the last few years has been looking at statistical patterns of people’s passwords. Take a look at the recent blog post of Julian Dunning to get a better handle on the question.
- CVE 2015-1862 is a vulnerability in Linux systems that can potentially result in privilege escalation. Tavis Ormandy has proof of concept exploits.
- The New York Times has a piece on how car thieves might be able to break into cars using a power amplifier.
- There is a new Metasploit privilege escalation exploit for Mac OS X, named “Rootpipe”. The underlying vulnerability is CVE 2015-1130.
- An older way to attack Windows systems is to pass a URL like file://a.b.c.d to Internet Explorer; then Windows attempts to authenticate via SMB and so credentials can be harvested. It turns out that HTTP redirects (302) can be used to accomplish the same task.
- There is a proof-of-concept exploit for CVE 2015-0240, which is a vulnerability in Samba.
- Have you seen this interesting approach to attacking Gnome screensavers?
- Here is a neat piece on detecting debuggers. Not my area of expertise at all, but an interesting read nevertheless.
Categories: Uncategorized
Comments (0)
Trackbacks (0)
Leave a comment
Trackback
Darknet
- Best EDR Of The Market (BEOTM) – Endpoint Detection and Response Testing Tool
- AgentSmith HIDS – Host Based Intrusion Detection
- padre – Padding Oracle Attack Exploiter Tool
- Privacy Implications of Web 3.0 and Darknets
- DataSurgeon – Extract Sensitive Information (PII) From Logs
- Pwnagotchi – Maximize Crackable WPA Key Material For Bettercap
- HardCIDR – Network CIDR and Range Discovery Tool
- Socialscan – Command-Line Tool To Check For Email And Social Media Username Usage
- CFRipper – CloudFormation Security Scanning & Audit Tool
- CredNinja – Test Credential Validity of Dumped Credentials or Hashes
Windows Security
- An error has occurred; the feed is probably down. Try again later.
Security Focus Vulnerabilities
- An error has occurred; the feed is probably down. Try again later.
Security Bloggers Network
- An error has occurred; the feed is probably down. Try again later.
Krebs on Security
- Patch Tuesday, May 2024 Edition
- How Did Authorities Identify the Alleged Lockbit Boss?
- U.S. Charges Russian Man as Boss of LockBit Ransomware Group
- Why Your VPN May Not Be As Secure As It Claims
- Man Who Mass-Extorted Psychotherapy Patients Gets Six Years
- FCC Fines Major U.S. Wireless Carriers for Selling Customer Location Data
- Russian FSB Counterintelligence Chief Gets 9 Years in Cybercrime Bribery Scheme
- Who Stole 3.6M Tax Records from South Carolina?
- Crickets from Chirp Systems in Smart Lock Key Leak
- Why CISA is Warning CISOs About a Breach at Sisense
CyberOperations 