Home
> Uncategorized > Security News #0x88
Security News #0x88
So, where have I been for the last month? Lots of grading! However, that is now done, and my students have graduated into the wide wide world (Good luck all!).
The book is moving along smartly. The first draft is finished- 750 pages of hacking goodness. Technical reviews is about half finished, and we are looking at publication in a few more months.
In the meantime though, there has been a lot of news….
- For years I relied on Sourceforge as a location to find high quality open source tools. Well it seems that they have gone over to the dark side, and are now adding adware to Windows installers for projects on their site. This became big news when GIMP announced this had happened to them. For some details, see Ars Technica.
- There is a new local privilege escalation exploit for Windows 8 that has appeared at Exploit-db. This is a Python based exploit that attacks CVE 2014-4113 and was patched in MS 14-058. I tried the exploit on a couple of virtual machines though, and could not make it work.
- There is a new local privilege escalation exploit for Windows 7 (x86) that has appeared at Exploit-db. This one appears to attack CVE 2015-0003 and was patched in MS 15-010.
- There is also a new local privilege escalation exploit available for recent Ubuntu systems using apport; this one also appeared at Exploit-db. This exploits
CVE 2015-1325, though this has not yet made it into the official MITRE database. - There is a new Metasploit module that exploits Flash 17.0.0.134 on Windows 7 SP1. The underlying vulnerability is CVE 2015-0359.
- Don’t forget about the latest name brand vulnerability, VENOM (CVE 2015-3456). This affects QEMU and Citrix Xen.
- Talking about exploits, have you read about the proposed arms control restrictions on exploits?
- Raphael Mudge has another nice post on how to use Mimikatz to pass the hash.
- There is a trojaned version of PuTTY in the wild. Be sure to check those hashes folks! FCIV is your friend here.
- There is a nice summary of NCCDC from the Red Team point of view on Lockboxx.
- Have you considered writing your own Snort rule to detect Meterpreter reverse HTTP shells?
Categories: Uncategorized
Comments (0)
Trackbacks (1)
Leave a comment
Trackback
-
June 21, 2015 at 4:58 pmBrèves S22, 23, 24 et 25 | La Mare du Gof
Darknet
- Best EDR Of The Market (BEOTM) – Endpoint Detection and Response Testing Tool
- AgentSmith HIDS – Host Based Intrusion Detection
- padre – Padding Oracle Attack Exploiter Tool
- Privacy Implications of Web 3.0 and Darknets
- DataSurgeon – Extract Sensitive Information (PII) From Logs
- Pwnagotchi – Maximize Crackable WPA Key Material For Bettercap
- HardCIDR – Network CIDR and Range Discovery Tool
- Socialscan – Command-Line Tool To Check For Email And Social Media Username Usage
- CFRipper – CloudFormation Security Scanning & Audit Tool
- CredNinja – Test Credential Validity of Dumped Credentials or Hashes
Windows Security
- An error has occurred; the feed is probably down. Try again later.
Security Focus Vulnerabilities
- An error has occurred; the feed is probably down. Try again later.
Security Bloggers Network
- An error has occurred; the feed is probably down. Try again later.
Krebs on Security
- FCC Fines Major U.S. Wireless Carriers for Selling Customer Location Data
- Russian FSB Counterintelligence Chief Gets 9 Years in Cybercrime Bribery Scheme
- Who Stole 3.6M Tax Records from South Carolina?
- Crickets from Chirp Systems in Smart Lock Key Leak
- Why CISA is Warning CISOs About a Breach at Sisense
- Twitter’s Clumsy Pivot to X.com Is a Gift to Phishers
- April’s Patch Tuesday Brings Record Number of Fixes
- Fake Lawsuit Threat Exposes Privnote Phishing Sites
- ‘The Manipulaters’ Improve Phishing, Still Fail at Opsec
- Thread Hijacking: Phishes That Prey on Your Curiosity
CyberOperations 