Episode35

From Paul's Security Weekly
Jump to: navigation, search

Exploit Of The Week

WinRaR Exploit - This one was kinda fun, and worked the first time.

Stories For Discussion

Month Of Browser Bugs - July 2006 has been labeled the month of browser bugs. Also see the Browser Fun web site/blog.

Glue up your USB ports - Okay, but don't forget there are usually two more USB ports on the motherboard, so if you don't keep the person/employee out of the case its pointless. Looks like a good post about disabling USB ports can also be found here.

Web Vulnerabilities in Internet.com, Amazon, MSN

Cool SSH Tips & Tricks - I like the use of SSH to mount file systems, just have to try that out.

Schneier on Cell Phone Security - Ever call up your ex-girlfriend/boyfriend when you were drunk? Need something to stop yourself from doing that?

1998 was a good year for Win98/ME - But come on, its 2006! Got old hardware, try Linux...

Hackers attack LexisNexis and Paris Hilton's Phone - I am pretty sure her password hint is still "tinkerbell". Also, one of the hackers in this case is from Rhode Island! Wicked Awesome! (One from New Bedford too...)

Great Firewall of China = Pwn3d - Looks like China needs to go bigger and badder to do statefull inspection.

POC Windows and Unix virus - From the "Two great tastes that taste great together" Department - one PoC virus can infect ELF and PE files. How soon before this is standard practice?

Adobe reader multiple vulnerabilities - ...for just about every OS. Go update, or find an alternative. (Note: more client software research as opposed to OS)

HP starts pentest division - So, what happens when they test one a vulnerable HP printer?

Credit Card RFID Skimming not a risk - So how long before it is? Be careful what you say isn't a risk!

FBI password file cracked - Consultant for the FBI cracks password db in an attempt to make his job easier. Really.

Other Stories Of Interest

Linux Security Alerts Database - Cool to see which distros patch the quickest.

Crack WEP under windows - ...with Aircrack-ng. Nice writeup.

HOPE Speakers posted - Looks like some HOTT stuff.

PLA Video - Phone Losers of America take over a Taco Bell drive thru.