T1SP: Episode 25

January 19, 2016

take1

[ Subscribe to the Podcast: iTunes | Android]

News

  • [ ] TrendMicro node.js server listening on localhost can execute commands; exposed to the internet

  • [ ] SSH backdoor found in Fortinet firewalls

  • [ ] SSH client vulnerability

  • [ ] Australia’s Cybercrime Online Reporting Network (ACORN) received over 39K reports of criminal activity in 2015

  • [ ] Hyatt names 250 hotels hit by malware, includes the one for DerbyCon

  • [ ] Web sense rebranding as Forepoint, acquires Intel’s firewall business

  • [ ] Twitter might be ending its 140 character limit

  • [ ] Major vulns still being found in Health and Fitness mobile apps

  • [ ] Angler exploit kit continues to evade detection

  • [ ] LostPass attack is a phishing email attack that works against LastPass (showed at Shmoocon this weekend)

  • [ ] Virus just took down the Melbourne Health computer system

  • [ ] Lastpass has found a workaround for the LostPass attack

  • [ ] A bit match fixing problem has been found in Tennis

  • [ ] Trustwave is being sued by Affinity for supposedly missing an second hack that was going on while they were there to fix an initial hack

Ideas, updates, and discussion

  • [ ] IR is messy and dangerous; assume compromise; assume continued compromise; be extremely careful saying that things were contained; if you’re not Mandiant you’re probably not doing a great job

  • [ ] Smartphone encryption and the gun debate: same coin? ISIS supposedly has its own encryption app. What next, make murder illegal?

Tools, talks, and projects

  • [ ] FIR – Fast Incident Response Management Platform

  • [ ] DIVA damn insecure and vulnerable Android app

  • [ ] Kill Chain for Kali Linux 2.0 : recon, weaponization, delivery, exploit, installation, c2, actions

  • [ ] EZ-Wave: exploiting Z-Wave networks using SDR

  • [ ] GoPhish: open source phishing framework

  • [ ] V3n0m SQLi scanner

  • [ ] VScan : uses NSE scripts to find vulns

  • [ ] SleepyPuppy Burp Extension

  • [ ] DBDAT — Database Assessment Tool — https://github.com/foospidy/DbDat

Announcements

  • [ ] Speaking at AppSec Cali next week (Tuesday) on ATM

  • [ ] Shmoocon hiring list: http://www.room362.com/2016/01/2016-shmoocon-hiring-list.html

Miscellaneous

  • [ ] Great security news source: https://security.didici.cc/news

  • [ ] Thanks to Tripwire for giving a shoutout to the podcast on Twitter

[ Subscribe to the Podcast: iTunes | Android ]

Notes

  1. The intro track is from one of my favorite EDM artists: Zomby. The song is ‘Orion’, and it’s from the ‘With Love’ album. Highly recommended if you like chill EDM.

Related posts: