Episode48

From Paul's Security Weekly
Jump to: navigation, search

Episode Media

mp3

Music

Music in this weeks new sweeper from Vast. Thanks Bernie!

Stories for discussion

Fabulous Article From Kapersky On Mobile Malware - Goes into the history of mobile malware, major mobile malware codebases (Cabir, Comwar, and Skuller.gen) and details the behavior of each. A MUST read.

Telecommuting: Security Nightmare - [PaulDotCom] - "Teleworkers' neighbours are also being exploited with a global average of 11 per cent of respondents getting their internet access by connecting to a neighbour's wireless network." Nice! [Larry] - They sure are. Don't be sloppy with configuration, educate your users, and implment the same requirments that you would for computers directly on your own LAN.

HOWTO video- hacking common ATM machines - [Joe] - change the message on common ATM machines. [PaulDotCom] - Video was removed from You Tube :(

Cyber Kamikaze!!! - [PaulDotCom] - Short article about hackers that may decide to not care if they get caught. Interesting...

Interesting Read-Between-The-Lines Vulnerability Release From Core - [PaulDotCom] - The log of interaction with the vendor, AOL, is just facinating. My favorite part, "Core response vendor: proof-of-concept can not be made available as standalone program without incurring in a substantial development effort." Basically, sounds like Core was saying, look here's the bug, and no we are not going to spend a week coding something just to prove its a bug. My other favorite part, "Attacks that leverage this vulnerability would be difficult to identify and isolate as exploit traffic does not present any features that makes it easily distinguishable from normal IM communications. " Translate: We found some scary shit. Additional comments from Core:

"Regarding AOL bug, what I could add to whats in the advisory is that the underlying protocol is quite convoluted and complex with several layers of encapsulation and a broad range of functionality so it wasnt really that easy to determine what the hell was going on and why or how to exploit the problem. The concern however, is that given that the vuln is so deeply within the app. protocol it could be quite complicated to detect or prevent attacks that exploit it (same concepts apply to the MSN bug that Core found some years ago)."

Software protecting from USB Slurpers - [Larry] - Sure, not a new problem, but many upiquitus devices for USB exist. Disabling ALL USB may not be practicval in all environments, so why not controll exactly what can be used...anc develop corporate standards. [PaulDotCom] - Most solutions will allow you to plug in certain devices, so why couldn't you still http://toorcon.org/2005/slides/dmaynor-youarethetrojan.pdf#search=%22you%20are%20the%20trojan%22 exploit the USB subsystem] with a trojanized USB token?

Intel Snooping - [PaulDotCom] - This one came from a listener that goes by the name of "verizon".

WifiTap - [PaulDotCom] - Cool tool that allows for hosts to communicate over wireless without being associated.

WRT54GXv2 UPnP insecurity - [Larry] - I'm still trying to figure out who thought UPnP was a good idea. I'm not comfortable with some device automatically deciding what my security policy should be. Shut off UPnP. [PaulDotCom] - nvram set upnp_enable=0 ; nvram commit

Hackers Crack Googles Blogger - [PaulDotCom, Larry] - Someone figured out that a bug in blogger.com would allow them to modify the official Google blog, and they made a post. THis is dangerous, do you trust the web sites you read? Also, the hole was fixed and post removed immediately. I wish all vulnerabilities could be handled this quickly.

IRS needs some privacy help - [Larry] - To quote the article: "The IRS needs to conduct privacy assessments for the 54 percent of its computer systems that have not been assessed already in order to protect taxpayer or employee data they collect and process. The agency also has not adequately monitored its compliance with privacy laws, said the Office of Treasury Inspector General for Tax Administration". 54%? And I have to give all of my financial information and SSN to these guys one a year. Ok, I'm frigtened.

Importance of passive exploit patching - [Larry] - Airpwn etc,and why passive exploits are a risk. More wireless, more mobile workers on more untrusted networks, in location that you don't want to think about. Now geographically tied attacks, well, I think we need to think on the future on this one....

Spamhaus in trouble, still - [Nick, Larry] - Black lists suck, don't use them. [Larry] - alternatives? Why do blacklists suck? (leave story in - good discussion!) [PaulDotCom] - Blacklists suck because they block email servers accordning to their own rules. Its hard to get off a blacklist. Its an ass backwards approach, they need to do better at detecting "bad" email servers if they are to continue.

Fully anonymous presentation - [Larry] - Wow, what a cool concept. Deliver a talk completely anonymously. Still a few bugs to work out...

Google Office released - [Nick] - If you are stupid enough to upload your docs and edit them online and think that nothing will happen, then you most likely as a person who uses black lists.

Filtering IM for kids - IMsafer - [Larry] - Hmmm, interesting concepts. IM monitoring for kids (which is important BTW), but only notifies parents on possibly bad conversations, thus allowing some privacy (also important). I'd love to see more on the analytical engine and the research behind it. To quote the article: "The company says it worked with law enforcement specialists to develop its filtering rules and some of them are quite interesting - the phrase “you’re a good girl” is believed to be common language for building a dominance/submission based relationship, for example." How many perverts did it take to come up with the metrics for that one?

Google Code used for evil - [Nick, Joe, Larry] - DOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOM Passivemode security blog article on code search for passive code analysis

Hacking Web 2.0 Applications with Firefox - [Joe] - Awesome article on how to use some firefox plugins like Firebug and Chickenfoot for hacking web 2.0 apps

WARNING: Do not click this link! Top 10 Reasons Why IE is Better Than Firefox - [PaulDotCom, Larry] - This appeared on dig, and many people clicked it. Its an IE exploit (DoS?) of some sort. This is truly scary... [Larry] - I figued I'd need a laugh so I would read it. Funny, my Mac wasn't vulnerable. I'm wondering if we will see MORE of these type of things on "social networking" sites.

Tool of the Week?

wicrawl wireless auditing framework - [Joe] - Twitchy and I met the MRL team who worked on this and thought we should plug them. Haven't tried it personally, but it sounded cool, providing enough people write plugins