Sunday, March 29, 2009

Shotgun Blast for 29 March 2009

Couple of articles/blog posts worth taking a look at

Info on Ghostnet
http://www.f-secure.com/weblog/archives/00001637.html
*mirrors of the two papers are available above
http://news.bbc.co.uk/2/hi/americas/7970471.stm

I am personally glad when i see people getting pwned via client-sides make the news. Hear me and Vince talk about it a Notacon and DojoSec this month!

It's also interesting, at least to me, to see real cyber warfare in action. cyber warfare doesnt have to be about stuff going boom, but having another nation state all in your network for god knows how long certainly makes you wonder how much of your "secret" activity isnt secret anymore.

Application Operation System Fingerprinting From Dan Crowley
whitepaper: http://x10security.org/appOSfingerprint.rar
his blog: http://x10security.org/blog

Sweet new updates to metasploit!

no link...just svn up your trunk and enjoy! the snmp community scanner is nice.

Weaponized Malware ??
http://preachsecurity.blogspot.com/2009/03/weaponized-malware-your-protection.html

while the question of what the home user is to do is tougher, in the enterprise keeping up with what is egressing your network may help with catching that malware calling home. It probably time to start looking at the problem as its going to happen how do I detect and respond instead of just "hoping" it doesnt happen.

What is conficker going to do on April 1st?
http://lastwatchdog.com/debate-significance-conficker-phoning-hom-april-fools/
http://lastwatchdog.com/countdown-conficker-worms-april-fools-day-climax/

do we worry or not? do you deserve what you get if you still have it in your network after this long?

If you allow gaming systems on your network without authentication can an attacker abuse that?
http://s148954166.onlinehome.us/2009/01/26/on-the-network-of-a-certain-university/

definitely something to keep in mind if a network requires authentication, can you change your MAC to that of a wii or xbox360 and gain access?

Exploiting Unicode Enabled Software by Chris Weber
http://www.lookout.net/2009/03/26/exploiting-unicode-enabled-software-slides-from-cansecwest-and-source-boston/

No comments: