carnal0wnage [Shared Reader]

Saturday, October 15, 2011

Weekly "That's Interesting" Wrap-Up 21 Oct 2011

TEDxRotterdam - Mikko Hypponen - safe internet will lead the future


http://youtu.be/WQgeUHlTThc

Similar to his other TED talk but worth the 20min. Its good up to "fixing things". Not sure I agree with his "fixes". I do agree with a more unified way to fight/arrest/ cyber criminals, but bottom line its still way too easy to break into stuff and still to easy to conduct Credit Card fraud. We need to adress some of that as well.

Also, I think plenty of people would disagree that anything Mac is "safe" because of market share.


OMG OMG OMG Stuxnet Part 2 or the parent of stuxnet or whatever
http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/w32_duqu_the_precursor_to_the_next_stuxnet.pdf



Samples:
http://contagiodump.blogspot.com/2011/10/duqu-rat-trojan-precursor-to-next.html



Volatility Memory Forensics Federal Trojan aka R2D2

http://www.evild3ad.com/?p=1136

Friday, October 7, 2011

Weekly "That's Interesting" Wrap-Up 14 Oct 2011

Bios Rootkits (mebromi)
http://blog.webroot.com/2011/09/13/mebromi-the-first-bios-rootkit-in-the-wild/

Apache reverse proxy (mod-rewrite) bypass vuln details
http://www.contextis.com/research/blog/reverseproxybypass/

CCC Analyzes government malware (In German, go go gadget google translate)
http://www.ccc.de/system/uploads/76/original/staatstrojaner-report23.pdf

http://m.zdnet.com/blog/hardware/can-you-trust-your-antivirus-solution-to-protect-you-against-governmental-backdoors-and-lawful-interception-police-trojans/15280

Tips for evading AV during Pentests
http://pen-testing.sans.org/blog/2011/10/13/tips-for-evading-anti-virus-during-pen-testing

Check out the conversation between Dave Kennedy and Rafal Los on CSOs, popping shells, #secBiz from 13 Oct
https://twitter.com/#!/dave_rel1k
https://twitter.com/#!/Wh1t3Rabbit

Lastly, from the "no more free bugs" and "hey companies, this is NOT how you behave to people that report vulns" categories

"Security researcher threatened with vulnerability repair bill"
http://www.scmagazine.com.au/News/276780,security-researcher-threatened-with-vulnerability-repair-bill.aspx

Thursday, October 6, 2011

Weekly "That's Interesting" Wrap-Up 7 Oct 2011

i'm probably gonna fail miserably at regularly posting anything but F it, im motivated right now and that's what matters.

So interesting stuff this week.

DerbyCon videos are slowly being posted. they're here:
http://www.irongeek.com/i.php?page=videos/derbycon1/mainlist

Specifically, watch Chris Nickerson's talk. Its funny and has a point.
http://www.irongeek.com/i.php?page=videos/derbycon1/chris-nickerson-compliance-an-assault-on-reason

So far i've watched Carlos Perez's and Rick Redman's, both were good. Caught most of jadedsecurity's on track2, also good.

SK Hack by an Advanced Persistent Threat
http://www.commandfive.com/papers/C5_APT_SKHack.pdf

Coldfusion is interesting to me, specially with the tight java intergration. You can do alot with it. The future of coldfusion from ColdFusionJedi
http://www.coldfusionjedi.com/index.cfm/2011/10/4/My-MAX-Preso--the-future-of-ColdFusion


The rest of the stuff that was interesting is shared via google reader:
http://www.google.com/reader/shared/carnal0wnage