MorningStar Security

News ≈ Packet Storm

• Congressional Report: U.S. Companies Should Hack China Back
• 40 Years Of Ethernet
• Twitter Touts Two-Factor Authentication
• U.S. Power Grid Under Attack
• Amazon Gains Government Clearance
• Apache Darkleech Attacks Increasing
• Gitmo Wifi Disabled Due To Threat From Anonymous
• Google Dorking Reporters Branded As Hackers
• Hack Attack On CNN
• NYPD Detective Caught Hacking Fellow Officers
• India Gets Into Commercialized Cyber-Espionage
• Microsoft Word Implicated In Targetted Attack
• Future Firefox Takes Tougher Stance On Mixed Content
• Chinese Hackers Resume Attacks On U.S. Targets
• 22 Million Hit By Yahoo! Japan Hack Attack
• EMC Vuln Gives Mere Sysadmins The Power Of Storage Admins

The Register – Security

• Tipsters exposed after South Africa’s national police force hacked
• New York cop in alleged love-polyhedron email hack spree
• Brit spooks bugged Edward VIII’s phones, records reveal
• China’s exposed crack cyberspy crew dumps ‘most’ of its kit
• Aha, I see you switched on your mobile Wi-Fi. YOU FOOL!
• Spam and the Byzantine Empire: How Bitcoin tech REALLY works
• Footy lovers hit in Wembley playoff card snatch scam
• SCADA security is better and worse than we think
• Report: China IP theft now equal in value to US exports to Asia
• US power grid the target of ‘numerous and daily’ cyber-attacks
• Twitter locks down logins by adding two-factor authentication
• Press exposure of Federal data security hole leads to legal threats
• Big Brother security tech gets $20m
• Blue Coat gobbles CCTV-for-network-traffic maker Solera
• Camby cash crypto-coders Cronto chomped on pronto by Vasco
• Facebook teens’ kimonos – basically never closed

Security Bloggers Network

• Skyhigh Networks Launches With $20M From Sequoia
• CESG And Cellcrypt To Develop MIKEY-SAKKE Technology
• Fight Against Cyber-Crime Is On The Right Track, According To PandaLabs Q1 Report
• A Reading List on Fostering Strong Company Culture
• Cloud Computing Trends Report : Maturity of IT Departments
• Interview With A Blackhat (Part 3)
• Cyber security in US power system suffering from reactive, self-policed rules
• Making Cloud Security Simpler with the latest Threat Manager release
• NYPD detective charged with hiring email hackers to break into colleagues’ personal accounts
• The Data Breach Surveys-Part 3
• Why Twitter’s two-factor authentication isn’t going to stop media organisations from being hacked
• Controlling The Risks Of Vulnerable Application Libraries
• One-Shot vs. Iterated Prisoner’s Dilemma
• New Focus On Risk, Threat Intelligence Breathes New Life Into GRC Strategies
• Why Twitter’s two-factor authentication isn’t going to stop media organisations from being hacked
• PayPal: Chargebacks and Dispute Resolution

SANS Internet Storm Center, InfoCON: green

• Infocon: green
• MoVP II, (Thu, May 23rd)
• Wireshark 1.10.0rc2 is now available http://www.wireshark.org/download.html, (Thu, May 23rd)
• Chrome 24.0.1312.52 has been updated for Windows, Mac, Linux, and Chrome Frame, (Wed, May 22nd)
• Apple QuickTime 7.7.4 for Windows updated, MANY security vulnerabilities: http://support.apple.com/kb/HT1222, (Wed, May 22nd)
• Wireshark 1.8.7 and 1.6.15 Released http://www.wireshark.org/news/20130517.html, (Wed, May 22nd)
• Privilege escalation, why should I care?, (Wed, May 22nd)
• ISC StormCast for Wednesday, May 22nd 2013 http://isc.sans.edu/podcastdetail.html?id=3323, (Wed, May 22nd)
• Moore, Oklahoma tornado charitable organization scams, malware, and phishing, (Tue, May 21st)
• Chrome 27 stable released http://googlechromereleases.blogspot.ca/ some security fixes, (Tue, May 21st)
• ISC StormCast for Tuesday, May 21st 2013 http://isc.sans.edu/podcastdetail.html?id=3320, (Tue, May 21st)

The H Security

• Symantec putting an end to PC Tools security products
• Apple closes QuickTime vulnerabilities on Windows
• Twitter implements two-factor authentication
• Chrome 27 comes with better load speeds and security fixes
• Report: DDoS service as a legitimate, FBI-approved business
• Bitdefender Clueful exposes Android spies
• Google: US counterintelligence service was targeted by Chinese hackers
• Chinese APT1 hacker group ends its spring break
• Yahoo Japan suspects 22 million user IDs exposed
• Tails 0.18 can install packages on the fly
• NetBSD 6.1 and 6.0.2 released
• Search engine available for Internet Census 2012 data
• The H Roundup – Skype surveillance, Linux exploit & Android Studio
• Lost+Found: Hacking Smart TVs, scammer hotlines and Vaccination
• Skype’s ominous link checking: Facts and speculation
• Skype’s ominous link checking: facts and speculation

E Hacking News [ EHN ] – The Best IT Security News | Hacker News

• Twitter finally introduces Two-step authentication to prevent account hacks
• @1923Turkz hits Jharkhand police website
• Reckz0r identified POST SQL Injection vulnerability in Twitter
• Hacker @Reckz0r breached CNN website and posted fake articles
• Facebook page of Mancera,Mayor of Mexico City hacked
• Hacker @1923Turkz breached Federal University of Bahia website
• 8 Telegraph Twitter accounts and Facebook hacked by Syrian Electronic Army
• Bangladesh Air Force Career website’s database hacked by @1923Turkz
• Four Anonymous hacktivists arrested in Italy
• Globo.com hacked and sub-domains redirect to spam ads
• Lomonosov Moscow State University and Imperial College London hacked by @1923Turkz
• South African Police Service website breached by #Anonymous
• Saudi Arabia Ministry of Defense Mail System compromised by Syrian Electronic Army
• Bose.cn hacked and database leaked by Ag3nt47
• Hackers stole ₹2.4 crore from Mumbai Bank in 3 hours
• ATM Hacker Boanta invents "Secure Revolving System(SRS)" to prevent ATM thefts

CNET News – Security & Privacy

• Help protect yourself from signed malware in OS X
• The wide world of hacking in China
• Kim Dotcom threatens to sue Twitter, others over patent
• SAP touts service that sells customer data from phone firms
• Power utilities claim ‘daily’ and ‘constant’ cyberattacks, says report
• Guantanamo Wi-Fi shuttered after Anonymous hacking threat
• Google breach may have led to sensitive data leaks
• Future Firefox takes tougher stance on mixed content
• Google security: You (still) are the weakest link
• Google Glass spurs privacy questions from Congress

IT Security Blog | TechRepublic

• Keeping your corporate social media accounts secure
• Aaron Swartz legacy lives on with New Yorker’s Strongbox: How it works
• Mission impossible: Data identification and prioritization
• Security lessons from the 2013 Verizon Data Breach Report
• Cloud-service contracts and data protection: Unintended consequences
• Google’s Inactive Account Manager heightens enterprise awareness for securing data
• Hackers: From innocent curiosity to illegal activity
• New McAfee patent hints at a more walled-off online world
• The future of IT security compliance: 201 CMR 17.00
• BoxCryptor vs. DropSmack: The battle to secure Dropbox
• Surveys: Aid security research by sharing your experience
• Running the gauntlet: Tips for achieving your CISSP
• Understanding what motivates Chinese hackers
• How to test Firefox 23 change on unsecured content before it happens
• DropSmack: Using Dropbox to steal files and deliver malware
• Securing Bitcoins: Barrage of attacks undermines value

hacking – Google News

• NYPD Cop Accused of Hacking Many, Many of His Colleagues’ Emails – Betabeat
• Cameron condemns brutal hacking death, says Britain stands firm – CNN
• London Knife-Hacking Attack Called Possible Terror – ABC News
• ‘Hacking back’ may stop cyberattacks, US group says – New Europe
• Boot up: Metro apps usage, Pirate Bay hacking case, iOS 7 + Flickr?, and more – The Guardian (blog)
• Hackers Find China Is Land of Opportunity – New York Times
• ‘Hacking Back’ Could Deter Chinese Cyberattacks, Report Says – Huffington Post
• Twitter fights hacking with two-factor authentication – CNET (blog)
• Smart charging stations for electronic cars are extremely vulnerable to hacking – Quartz
• BREAKING NEWS Fears two people have been shot during incident in south … – Daily Mail

computer security – Google News

• New Canaan Library offers computer security tips – New Canaan Advertiser
• County beefs up computer security – The Rushville Republican
• NIST issues major revision of Core Computer Security Guide: SP 800-53 – SecurityInfoWatch
• Security experts warn government is making the Internet unsafe – Daily Caller
• Computer security experts show you how to safeguard your personal accounts … – NewsNet5.com
• Audit report cites weaknesses in computer security at state agencies – al.com (blog)
• How the FBI’s online wiretapping plan could get your computer hacked – Washington Post (blog)
• Local dentist office faced with computer security breach – South Bend Tribune
• Worried About Computer Security? McAfee Is Launching A New All-In-One … – iDigitalTimes.com
• NIST Revises Federal Computer Security Guide – Signal Magazine

Threat Level

• Obama Stops Championing Treaty That Gives the Blind Better Access to E-Books
• Hackers Who Breached Google in 2010 Accessed Company’s Surveillance Database
• Feds Tracked Reporter’s Movements, Personal E-Mail in Criminal Conspiracy Investigation
• The Strange Story of Marie Antoinette’s Watch
• Lawmakers Introduce Bill Requiring Court Order to Seize Phone Records
• LulzSec Hackers Sentenced to Prison by London Court
• Cops Should Get Warrants to Read Your E-Mail, Attorney General Says
• Meet the Woman Behind Pakistan’s First Hackathon
• Saudi Telecom Sought U.S. Researcher’s Help in Spying on Mobile Users
• How a Career Con Man Led a Federal Sting That Cost Google $500 Million

/r/netsec – Information Security News & Discussion

• h34dCTF binary and web write-ups
• Would you knowingly trust an irrevocable SSL certificate?
• CTF repository since 2011. Lots of great challenges.
• Dissecting Blackberry 10 – An initial analysis
• Duplicating house keys using a 3D Printer
• CVE-2013-2094 perf event exploit ported to x86
• New MinimaLT network protocol by Petullo, Zhang, Solworth, DJB, Lange: "Connects faster than TCP, higher security than TLS" [PDF]
• Goading Around Firewalls
• CAPTCHA Solving Botnet, How Hackers Can Use Their Victims for More Than Just Computing Power [ Self Blog Post ]
• WordPress under attack … again.
• VUPEN Vulnerability Research Blog – Advanced Exploitation of Internet Explorer 10 on Windows 8 (CVE-2013-2551 / MS13-037 / Pwn2Own 2013)
• A closer look at a recent privilege escalation bug in Linux (CVE-2013-2094)
• Analysis of nginx 1.3.9/1.4.0 stack buffer overflow and x64 exploitation (CVE-2013-2028)
• PHDays Hash Runner password cracking competition starts Thursday
• Pwn2Own 2013: Java 7 SE Memory Corruption
• OWASP is looking for data to pull together for Mobile Top 10 Risks for 2013. If you’ve got some, submit it.

Delicious/tag/security

• total-home-security.com
• How secure is your WordPress site? | Webdesigner Depot
• 20 common WordPress mistakes, myths and misgivings | Feature | .net magazine
• From API key to user with ASP.NET Web API
• Building Windows Store Applications With jQuery 2.0 | Nettuts+
• Basic Password Security
• www.securityweek.com
• rss.computerworld.com
• Dissidents Fight Back as Governments Step Up Spyware Attacks – Olga Khazan – The Atlantic
• ESET Latinoamérica – Laboratorio » Blog Archive » Arachni, una alternativa para auditar aplicaciones web
• The Easy, Any-Browser, Any-OS Password Solution – Security – Lifehacker
• www.mi5.gov.uk
• hawk
• EDS Lite – Aplicativos para Android no Google Play
• Where Do You Keep Important Family Documents?

Delicious/tag/hacking

• YouTube
• ssc.pdf
• Shop gehackt – xt:Commerce Webshop Shop Support
• Chinese Hackers Resume Attacks on U.S. Targets – NYTimes.com
• PHDays — Positive Hack Days. Contests
• Hackers Who Breached Google in 2010 Accessed Company’s Surveillance Database | Threat Level | Wired.com
• The Definitive Story of Steve Wozniak, Steve Jobs, and Phone Phreaking – Phil Lapsley – The Atlantic
• China wants cyber security communication with US
• The Reality Hacker Official Webpage
• Hacked Pacemakers Could Send Deadly Shocks | TechCrunch
• twitpic.com
• Hackito Ergo Sum 2013
• NoSuchCon
• The+man+who+’nearly+broke+the+internet’+|+Technology+|+guardian.co.uk
• The Scrap Value of a Hacked PC, Revisited — Krebs on Security

Delicious/tag/encryption

• IBM’s homomorphic encryption library [LWN.net]
• How to disable PCT 1.0, SSL 2.0, SSL 3.0, or TLS 1.0 in Internet Information Services
• How can I decrypt SAML with PHP?
• Digest Authentication with ASP.NET Web API
• www.vldb.org/pvldb/vol6/p289-tu.pdf
• siberean – AES encryption of files (and strings) in java with randomization of IV (initialization vector)
• ssl – How to get the java.security.PrivateKey object from RSA Privatekey.pem (from a file)? – Stack Overflow
• Ruby rsa encrypt – Stack Overflow
• Decrypting RSA with Java « Try, Catch… Finally.
• JAVA RSA decrypt string with private key using bouncy castle Crypto APIs
• openssl – How to encrypt decrypt with RSA keys in java – Stack Overflow
• java – RSA decryption with a public key – Stack Overflow
• Android: decrypt RSA text using a Public key stored in a file – Stack Overflow
• Convert PHP RSA PublicKey into Android PublicKey – Stack Overflow
• RSA Encryption Decryption in Android – Stack Overflow

Slashdot: Your Rights Online

• Kim Dotcom Wants Money From Google, Twitter For 2-Factor Authentication
• Terrorist Murder In London Could Revive Snooper’s Charter
• One-Time Pad From Caltech Offers Uncrackable Cryptography
• First Government Lawsuit Against a Patent Troll
• Why We Should Celebrate Snapchat and Encourage Ephemeral Communication
• Teens, Social Media, and Privacy
• Tesla Motors Repays $465M Government Loan 9 Years Early
• NYPD Detective Accused of Hiring Email Hackers
• OSI President Questions WebM Patent License Compatibility with Open Source
• Thousands of Whistle Blowers Vulnerable After Anonymous Hacks SAPS
• Special Ops Takes Its Manhunts Into Space
• EPA Makes a Rad Decision
• House Bill Would Mandate Smart Gun Tech By U.S. Manufacturers
• Hollywood Studios Use DMCA To Censor Pirate Bay Documentary
• Inside the Microsoft Digital Crimes Unit
• Working Handgun Printed On a Sub-$2,000 3D Printer

Security Tool Files ≈ Packet Storm

• Obeseus Distributed Denial Of Service Detector 7.1a Obeseus is a light-weight, high-speed ip DDOS detector that has been designed to run on an Intel probe running an advanced 10 Gb/s FPGA card. It detects TCP floods, Fragment Floods, raw ICMP/TCP/UDP, reflected (DNS / SMURF) and BOGON misuse. It also detects application misuse in HTTP and UDP.
• 360-FAAR Firewall Analysis Audit And Repair 0.4.4 360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
• CodeCrypt 1.1 codecrypt is a GnuPG-like program for encryption and signing that uses only quantum-computer-resistant algorithms.
• Sanewall 1.0.2 Sanewall is a firewall builder for Linux which uses an elegant language abstracted to just the right level. This makes it powerful and easy to use, audit, and understand. It allows you to create very readable configurations even for complex stateful firewalls. Sanewall can be used for almost any pur. […]
• ipset 6.19 ipset allows administration of sets of IP addresses/networks, ports, MAC addresses, and interfaces, which are stored in hash or bitmap data structures. These can then be used in conjunction with iptables to do fast presence lookups.
• Packet Fence 4.0.0 PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration. […]
• Bing LFI / RFI Scanner This is a python script for searching Bing for sites that may have local and remote file inclusion vulnerabilities.
• Sanewall 1.1.1 Sanewall is a firewall builder for Linux which uses an elegant language abstracted to just the right level. This makes it powerful and easy to use, audit, and understand. It allows you to create very readable configurations even for complex stateful firewalls. Sanewall can be used for almost any pur. […]
• NTDS Hash Decoder 01.b This application dumps LM and NTLM hashes from active accounts stored in an Active Directory database.
• CodeCrypt 1.0 codecrypt is a GnuPG-like program for encryption and signing that uses only quantum-computer-resistant algorithms.
• Sanewall 1.1.0 Sanewall is a firewall builder for Linux which uses an elegant language abstracted to just the right level. This makes it powerful and easy to use, audit, and understand. It allows you to create very readable configurations even for complex stateful firewalls. Sanewall can be used for almost any pur. […]
• Multithreaded SQL Injector This is a SQL injection tool similar to havij but is super fast per the author.
• ClamWin 0.97.8 ClamWin is a free antivirus solution for Windows that uses the well-respected ClamAV scanning engine. It includes a virus scanner, scheduler, virus database updates, context menu integration to MS Windows Explorer and Add-in to MS Outlook. Also features easy setup program.
• WAF-FLE ModSecurity Console 0.6.0 WAF-FLE is a console for ModSecurity. It allows modsec administrators to view and search events logged by mlogc or mlog2waffle. The dashboard shows a graphical view of events, and when combined with the powerful drill-down filter allows quick searching for relevant events. Events can be viewed in de. […]
• Internet Explorer 7/8/9 Password Dumper 1.0 This tool demonstrates how to decode Internet Explorer 7, 8 and 9 passwords. Win32 binary and source code included.
• Sanewall 1.0.0 Sanewall is a firewall builder for Linux which uses an elegant language abstracted to just the right level. This makes it powerful and easy to use, audit, and understand. It allows you to create very readable configurations even for complex stateful firewalls. Sanewall can be used for almost any pur. […]

CNET Download.com Security Software New Releases

• McAfee Deep Defender 05/23/13 – Protect your PC from all kinds of virus threats.
• IObit Malware Fighter 05/23/13 – Protect your PC in real time from malware & spyware.
• Protector Plus Internet Security 64 Bit 05/23/13 – Protect your PC against various kinds of threats.
• Company Guard Security Software 05/23/13 – Protect your PC against malicious files, viruses, and hacker attacks.
• McAfee Labs Stinger 05/23/13 – Find and remove specific viruses from your PC.
• McAfee Labs Stinger (64-Bit) 05/23/13 – Find and remove specific viruses from your PC.
• My Lockbox 05/23/13 – Hide, lock, and password protect any files.
• Antivirus Live CD 05/23/13 – Check your system for viruses with a lightweight antivirus on a CD.
• Kruptos 2 Professional 05/23/13 – Password protect your photos, movies, documents, or any other files with 256-bit encryption.
• USB Disk Security 05/23/13 – Protect against any threats via USB drive and protect offline computer.

Exploit Files ≈ Packet Storm

• Nginx HTTP Server 1.3.9-1.4.0 Chuncked Encoding Stack Buffer Overflow This Metasploit module exploits a stack buffer overflow in versions 1.3.9 to 1.4.0 of nginx. The exploit first triggers an integer overflow in the ngx_http_parse_chunked() by supplying an overly long hex value as chunked block size. This value is later used when determining the number of bytes to re. […]
• AdobeCollabSync Buffer Overflow Adobe Reader X Sandbox Bypass This Metasploit module exploits a vulnerability on Adobe Reader X Sandbox. The vulnerability is due to a sandbox rule allowing a Low Integrity AcroRd32.exe process to write register values which can be used to trigger a buffer overflow on the AdobeCollabSync component, allowing to achieve Medium Int. […]
• Weyal CMS SQL Injection Weyal CMS suffers from a remote SQL injection vulnerability. Note that this finding has site-specific information.
• Spider Event Calendar 1.3.0 Cross Site Scripting / Path Disclosure / SQL Injection Spider Event Calendar version 1.3.0 is a WordPress plugin that suffers from multiple cross site scripting, path disclosure, and remote SQL injection vulnerabilities.
• Spider Catalog 1.4.6 Cross Site Scripting / Path Disclosure / SQL Injection Spider Catalog version 1.4.6 is a WordPress plugin that suffers from multiple cross site scripting, path disclosure, and remote SQL injection vulnerabilities.
• WordPress Flagallery-Skins SQL Injection WordPress Flagallery-skins plugin suffers from an SQL Injection vulnerability. Note that this advisory has site-specific information.
• Kimai 0.9.2.1306-3 SQL Injection Kimai version 0.9.2.1306-3 suffers from a remote SQL injection vulnerability.
• Ophcrack 3.50 Buffer Overflow / Code Execution Ophcrack version 3.5.0 suffers from stack based buffer overflow vulnerability that leads to local code execution.
• Linksys WRT160n apply.cgi Remote Command Injection Some Linksys Routers are vulnerable to an authenticated OS command injection on their web interface where default credentials are admin/admin or admin/password. Since it is a blind OS command injection vulnerability, there is no output for the executed command when using the cmd generic payload. Thi. […]
• Sony PS3 Firmware 4.31 Code Execution A local code execution vulnerability is detected in the official PlayStation 3 v4.31 Firmware. The vulnerability allows local attackers to inject and execute code out of vulnerable PlayStation 3 menu main web context.
• Trend Micro DirectPass 1.5.0.1060 Command Injection / Denial Of Service Trend Micro DirectPass 1.5.0.1060 suffers from local command/path injection, persistent code injection, and a denial of service vulnerability.
• WordPress ProPlayer Plugin SQL Injection WordPress ProPlayer Plugin version 4.7.9.1 suffers from a remote SQL injection vulnerability. Note that this advisory has site-specific information.
• D-Link DIR615h OS Command Injection Some D-Link Routers are vulnerable to an authenticated OS command injection on their web interface, where default credentials are admin/admin or admin/password. Since it is a blind os command injection vulnerability, there is no output for the executed command when using the cmd generic payload. Thi. […]
• Moxiecode Image Manager 3.1.5 Shell Upload Moxiecode Image Manager (MCImageManager) versions 3.1.5 and below suffer from a remote shell upload vulnerability. Moxiecode is a commercial plugin for TinyMCE.
• Glibc 2.11.3 / 2.12.x LD_AUDIT libmemusage.so Local Root Local root exploit for Glibc versions 2.11.3 and 2.12.x utilizing LD_AUDIT libmemusage.so.

Exploit-DB updates

• [remote] – Linksys WRT160nv2 apply.cgi Remote Command Injection Linksys WRT160nv2 apply.cgi Remote Command Injection
• [papers] – GAME ENGINES: A 0-DAY’S TALE GAME ENGINES: A 0-DAY’S TALE
• [webapps] – Kimai 0.9.2.1306-3 – SQL Injection Vulnerability Kimai 0.9.2.1306-3 – SQL Injection Vulnerability
• [remote] – D-Link DIR615h OS Command Injection D-Link DIR615h OS Command Injection
• [dos] – win32k!EPATHOBJ::pprFlattenRec Uninitialized Next Pointer Testcase win32k!EPATHOBJ::pprFlattenRec Uninitialized Next Pointer Testcase
• [local] – Ophcrack 3.5.0 – Local Code Execution BOF Ophcrack 3.5.0 – Local Code Execution BOF
• [remote] – Mutiny 5 Arbitrary File Upload Mutiny 5 Arbitrary File Upload
• [webapps] – ZPanel templateparser.class.php Crafted Template Remote Command Execution ZPanel templateparser.class.php Crafted Template Remote Command Execution
• [webapps] – Exponent CMS 2.2.0 beta 3 – Multiple Vulnerabilities Exponent CMS 2.2.0 beta 3 – Multiple Vulnerabilities
• [dos] – nginx 1.3.9-1.4.0 DoS PoC nginx 1.3.9-1.4.0 DoS PoC

Securityvulns exploits channel

• huaweisnmpex.py Huawei SNMPv3 service buffer overflow PoC
• dlinkcamab.py D-Link RTSP Authentication Bypass
• pfsboex.pl Personal File Share HTTP Server Remote Overflow Vulnerability Exploit
• http://forums.comodo.com/10551086108810911089108910821080-russian/eth%20ethplusmnn%20ethfrac34ethacute-ethmiddotethdegn%20ethcediln%20n%20-cis-v-602607392674-t89574.0.html Обход защиты CIS
• centrifyex.c Local root exploit for Centrify Deployment Manager
• ibmdirectorex.pl IBM System Director Remote System Level Exploit (CVE-2009-0880 extended zeroday)
• FreeFTPD_0day_src.zip FreeFTPD all versions Remote System Level Exploit Zero-Day
• FreeSSHD_0day.zip FreeSSHD all version Remote Authentication Bypass ZERODAY
• mysql_win_remote_stuxnet_technique.zip MySQL Scanner & MySQL Server for Windows Remote SYSTEM Level Exploit
• mysql_userenum.pl MySQL Remote Preauth User Enumeration Zeroday
• mysql-dos.txt MySQL Denial of Service Zeroday PoC
• mysql_privilege_elevation.pl MySQL (Linux) Database Privilege Elevation Zeroday Exploit
• mysql_heapoverrun.pl MySQL (Linux) Heap Based Overrun PoC Zeroday
• mysql_bufferoverrun.pl MySQL (Linux) Stack based buffer overrun PoC Zeroday
• hardcoreviewex.pl Hardcoreview WriteAV Arbitrary Code Execution
• vlcreadavex.pl VLC Player 2.0.3

1337day.com

• [local exploits] – Ophcrack v3.5.0 – Local Code Execution BOF
• [remote exploits] – MS Internet Explorer & MSN Explorer Arbitrary File Overwrite
• [dos / poc] – win32k!EPATHOBJ::pprFlattenRec Uninitialized Next Pointer Testcase
• [remote exploits] – Linksys WRT160nv2 apply.cgi Remote Command Injection
• [remote exploits] – D-Link DIR615h OS Command Injection Vulnerability
• [web applications] – iOS < 5.0 Free Apps/Music Bug
• [web applications] – Haraj Script Stored XSS and File Upload Vulnerability
• [web applications] – Dsl Router D-link BZ_1.06 Multiple Vulnerabilities
• [local exploits] – Glibc 2.11.3 / 2.12.x LD_AUDIT libmemusage.so Local Root Exploit
• [web applications] – Moa Gallery 1.2.6 Multiple Vulnerabilities
• [web applications] – ZPanel Crafted Template Remote Command Execution Vulnerability
• [dos / poc] – nginx 1.3.9-1.4.0 DoS PoC
• [web applications] – CKEditor < 4.1 Drupal 6.x & 7.x – Persistent XSS Vulnerability
• [web applications] – WordPress hd-player 0day Exploit
• [web applications] – Exponent CMS 2.2.0 Beta 3 LFI / SQL Injection Vulnerabilities
• [remote exploits] – SSH User Code Execution Vulnerability

Advisory Files ≈ Packet Storm

• CAREL pCOWeb 1.5.0 Default Credential Shell Access
• Microsoft Internet Explorer 10-9 Object Confusion Sandbox Bypass
• Microsoft Internet Explorer 10-9-8-7-6 VML Remote Integer Overflow
• Debian Security Advisory 2672-1
• Debian Security Advisory 2671-1
• Red Hat Security Advisory 2013-0856-01
• Red Hat Security Advisory 2013-0855-01
• Infotecs ViPNet Products Privilege Escalation
• Slackware Security Advisory – kernel Updates
• Red Hat Security Advisory 2013-0847-01
• Red Hat Security Advisory 2013-0848-01
• Ubuntu Security Notice USN-1832-1
• Mandriva Linux Security Advisory 2013-166
• Red Hat Security Advisory 2013-0834-02
• Red Hat Security Advisory 2013-0829-01
• Red Hat Security Advisory 2013-0833-01

Bugtraq

• APPLE-SA-2013-05-22-1 QuickTime 7.7.4
• [SECURITY] [DSA 2672-1] kfreebsd-9 security update
• [waraxe-2013-SA#105] – Multiple Vulnerabilities in Spider Catalog WordPress Plugin
• [waraxe-2013-SA#104] – Multiple Vulnerabilities in Spider Event Calendar WordPress Plugin
• Trend Micro DirectPass 1.5.0.1060 – Multiple Vulnerabilities
• VUPEN Security Research – Microsoft Internet Explorer 10-9 Object Confusion Sandbox Bypass (MS13-037 / Pwn2Own)
• VUPEN Security Research – Microsoft Internet Explorer 10-9-8-7-6 VML Remote Integer Overflow (MS13-037 / Pwn2Own)
• [ MDVSA-2013:166 ] krb5
• [slackware-security] kernel (SSA:2013-140-01)
• Sony PS3 Firmware v4.31 – Code Execution Vulnerability
• CVE-2013-3496. Local privilege escalation vulnerability in Infotecs products (ViPNet Client\Coordinator, SafeDisk, Personal Firewall)
• Revision of "IPv6 Stable Privacy Addresses" (Fwd: I-D Action: draft-ietf-6man-stable-privacy-addresses-07.txt)
• Defense in depth — the Microsoft way
• Static analysis tool exposition (SATE) V Call for participation
• CONFidence – May, 28-29, Krakow, Poland – a conference adventure that never stops!

SecurityFocus Vulnerabilities

• Vuln: Oracle Java SE CVE-2013-0401 Remote Code Execution Vulnerability
• Vuln: Python pip CVE-2013-1888 Insecure Temporary File Creation Vulnerability
• Vuln: MIT Kerberos 5 kadmind CVE-2002-2443 Remote Denial of Service Vulnerability
• Vuln: Nginx CVE-2013-2070 Remote Security Vulnerability
• Bugtraq: APPLE-SA-2013-05-22-1 QuickTime 7.7.4
• Bugtraq: [SECURITY] [DSA 2672-1] kfreebsd-9 security update
• Bugtraq: [waraxe-2013-SA#105] – Multiple Vulnerabilities in Spider Catalog WordPress Plugin
• Bugtraq: [waraxe-2013-SA#104] – Multiple Vulnerabilities in Spider Event Calendar WordPress Plugin
• More rss feeds from SecurityFocus

A feed could not be found at http://secunia.tumblr.com/rss

Unofficial Secunia Security Advisories

• [4/5] Red Hat update for java-1.7.0-oracle
• [2/5] Wireshark DRDA Dissector Denial of Service Vulnerability
• [2/5] Group-Office "sort" SQL Injection Vulnerability
• [3/5] Sciretech Multimedia Manager Multiple SQL Injection Vulnerabilities
• [2/5] MoinMoin Virtual Group ACL Evaluation Security Issue
• [3/5] Atlassian GreenHopper Cross-Site Scripting and Script Insertion Vulnerabilities
• [4/5] Red Hat update for java-1.7.0-openjdk
• [2/5] Ubuntu update for keystone
• [4/5] Ubuntu update for openjdk-6
• [4/5] Red Hat update for java-1.6.0-openjdk
• [4/5] CyberLink PowerProducer Insecure Library Loading Vulnerability
• [4/5] CyberLink KoanBox ActiveX Control Buffer Overflow Vulnerability
• [4/5] CyberLink StreamAuthor Insecure Library Loading Vulnerability
• [4/5] CyberLink LabelPrint Insecure Library Loading and Buffer Overflow Vulnerabilities
• [2/5] Sitecom MD-253 / MD-254 Directory Traversal Vulnerability
• [4/5] SUSE update for gimp

SecurityTube.Net

• Android Forensics: Pulling Android Memory Using Lime
• Advanced Phishing on the Wi-Fi Pineapple IV
• PhotoShop Steganography Tutorial – Hide an Image Within an Image
• Dynamic Malware Analysis
• SCDGB – Shellcode Analysis
• Advanced Cryptography
• Android Forensics: Beating Keepsafe
• SecuraTip Episode 5: Footprinting with SpiderFoot
• Simple Shellcoding: Shellcoding 101
• Writing ‘uname -a’ Shellcode under Linux/x86 .
• Security and Privacy Concerns with Patient Portals
• SecuraTip Episode 2: Automater
• Hacking the gogoc IPv6 tunnel broker for multiple networks
• Mike Willis – Warsploit: Gaming and Hacking
• Ari Elias-Bachrach – A better way of measuring password complexity
• Joshua Pitts – Backdooring Win32 Portable Executables

PaulDotCom

• Post Exploitation OS X Style!
• Smartphone Attacks Over Dramatized? I dont think so.
• PaulDotCom – Security Weekly – Episode 232 – February 24th – 2011
• Bind DNS – The new Internet Kill Switch
• Episode 232 tonight with Murray & Murr: The keys to phishing success
• 7 ways to not get hacked by Anonymous
• PaulDotCom – Security Weekly – Episode 231 part 2 – February 17th 2011
• EXACTLY Why Your Network Needs to be Resilient Against the 0Day Threat
• Brute Forcing Passwords Part 2 (with JTR, CeWL and the US Census)
• Mcafee and VXWorks Partner for Secure Embedded Systems
• PaulDotCom – Security Weekly – Episode 231 Part 1 – February 17th 2011
• Cisco Security Agent Web Management Interface Bug Lets Remote Users Execute Arbitrary Code
• Quantum Computer Research: Where Penthouse and Physics Collide
• Antivirus Policies For Specific Types Of Hosts
• Users reuse the same passwords… Ric Romero is proud

Risky Business

• Risky Business #281 — Eyes on DPRK
• Risky Business #280 — South Africa edition
• Risky Business #279 — Retarded Persistent Threat
• Risky Business #278 — Pentest revenue figures puzzling
• Risky Business #277 — Vuln research trends with Mark Dowd
• Risky Business #276 — Cold and flu edition
• Risky Business #275 — Patch Tuesday, Indicator Wednesday?
• Risky Business #274 — Is "active defence" legal?
• Risky Business #273 — The birth of the online Pinkertons?
• Risky Business #272 — Jon Callas talks Silent Circle
• Risky Business #271 — All your funnycats R belong 2 APT1
• Risky Business #270 — Red teaming your law firm for fun and profit
• Risky Business #269 — Dave Aitel on the end of clientsides
• Risky Business #268 — Outsource your bug bounty program?
• Risky Business #267 — 2012 in review
• Risky Business #266 — ToR, BitCoin, crooks and quantum key distribution

Hack a Day

• Tracking cicadas with Radiolab and an Arduino
• LED Etch-a-Sketch built without a microcontroller
• Ask Hackaday: What are we going to do with the new Kinect?
• Anti-Tetris project is a study in hand tracking
• Hackaday Newsletter: Now including “This day in Hackaday History”
• Submersible camera snaps pics of ocean going predators
• Adding stereo to monophonic audio

Files ≈ Packet Storm

• CAREL pCOWeb 1.5.0 Default Credential Shell Access The CAREL pCOWeb firmware version 1.5.0 and lower has two passwordless default accounts that allow direct shell access via telnet. These accounts are not exposed in the associated Web UI. CAREL pCOWeb is an embedded device used primarily for HVAC systems.
• Microsoft Internet Explorer 10-9 Object Confusion Sandbox Bypass VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by an object confusion error in the IE broker process when processing unexpected variant objects, which could allow an attacker to execute arbitrary code within the conte. […]
• Microsoft Internet Explorer 10-9-8-7-6 VML Remote Integer Overflow VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by an integer overflow error in the “vml.dll” component when processing certain undocumented vector graphic properties, which could be exploited by remote attackers to le. […]
• Nginx HTTP Server 1.3.9-1.4.0 Chuncked Encoding Stack Buffer Overflow This Metasploit module exploits a stack buffer overflow in versions 1.3.9 to 1.4.0 of nginx. The exploit first triggers an integer overflow in the ngx_http_parse_chunked() by supplying an overly long hex value as chunked block size. This value is later used when determining the number of bytes to re. […]
• AdobeCollabSync Buffer Overflow Adobe Reader X Sandbox Bypass This Metasploit module exploits a vulnerability on Adobe Reader X Sandbox. The vulnerability is due to a sandbox rule allowing a Low Integrity AcroRd32.exe process to write register values which can be used to trigger a buffer overflow on the AdobeCollabSync component, allowing to achieve Medium Int. […]
• Weyal CMS SQL Injection Weyal CMS suffers from a remote SQL injection vulnerability. Note that this finding has site-specific information.
• Fuzzing: An Introduction To Sully Framework This paper is an introduction to the world of fuzzing by exploring the Sulley Fuzzing Framework.
• Debian Security Advisory 2672-1 Debian Linux Security Advisory 2672-1 – Adam Nowacki discovered that the new FreeBSD NFS implementation processes a crafted READDIR request which instructs to operate a file system on a file node as if it were a directory node, leading to a kernel crash or potentially arbitrary code execution.
• Debian Security Advisory 2671-1 Debian Linux Security Advisory 2671-1 – Multiple vulnerabilities have been discovered in Request Tracker, an extensible trouble-ticket tracking system.
• Red Hat Security Advisory 2013-0856-01 Red Hat Security Advisory 2013-0856-01 – Red Hat Certificate System is an enterprise software system designed to manage enterprise Public Key Infrastructure deployments. The Token Processing System is a PKI subsystem that acts as a Registration Authority for authenticating and processing enrollment. […]
• Red Hat Security Advisory 2013-0855-01 Red Hat Security Advisory 2013-0855-01 – IBM J2SE version 5.0 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.
• Spider Event Calendar 1.3.0 Cross Site Scripting / Path Disclosure / SQL Injection Spider Event Calendar version 1.3.0 is a WordPress plugin that suffers from multiple cross site scripting, path disclosure, and remote SQL injection vulnerabilities.
• Spider Catalog 1.4.6 Cross Site Scripting / Path Disclosure / SQL Injection Spider Catalog version 1.4.6 is a WordPress plugin that suffers from multiple cross site scripting, path disclosure, and remote SQL injection vulnerabilities.
• Obeseus Distributed Denial Of Service Detector 7.1a Obeseus is a light-weight, high-speed ip DDOS detector that has been designed to run on an Intel probe running an advanced 10 Gb/s FPGA card. It detects TCP floods, Fragment Floods, raw ICMP/TCP/UDP, reflected (DNS / SMURF) and BOGON misuse. It also detects application misuse in HTTP and UDP.
• WordPress Flagallery-Skins SQL Injection WordPress Flagallery-skins plugin suffers from an SQL Injection vulnerability. Note that this advisory has site-specific information.
• Infotecs ViPNet Products Privilege Escalation A common local privilege escalation vulnerability has been discovered in multiple Infotecs ViPNet products. The affected versions include ViPNet Client version 3.2.10 (15632), ViPNet Coordinator version 3.2.10 (15632), ViPNet SafeDisk version 4.1 (0.5643), and ViPNet Personal Firewall version 3.1. P. […]

Files ≈ Packet Storm

• CAREL pCOWeb 1.5.0 Default Credential Shell Access The CAREL pCOWeb firmware version 1.5.0 and lower has two passwordless default accounts that allow direct shell access via telnet. These accounts are not exposed in the associated Web UI. CAREL pCOWeb is an embedded device used primarily for HVAC systems.
• Microsoft Internet Explorer 10-9 Object Confusion Sandbox Bypass VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by an object confusion error in the IE broker process when processing unexpected variant objects, which could allow an attacker to execute arbitrary code within the conte. […]
• Microsoft Internet Explorer 10-9-8-7-6 VML Remote Integer Overflow VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by an integer overflow error in the “vml.dll” component when processing certain undocumented vector graphic properties, which could be exploited by remote attackers to le. […]
• Nginx HTTP Server 1.3.9-1.4.0 Chuncked Encoding Stack Buffer Overflow This Metasploit module exploits a stack buffer overflow in versions 1.3.9 to 1.4.0 of nginx. The exploit first triggers an integer overflow in the ngx_http_parse_chunked() by supplying an overly long hex value as chunked block size. This value is later used when determining the number of bytes to re. […]
• AdobeCollabSync Buffer Overflow Adobe Reader X Sandbox Bypass This Metasploit module exploits a vulnerability on Adobe Reader X Sandbox. The vulnerability is due to a sandbox rule allowing a Low Integrity AcroRd32.exe process to write register values which can be used to trigger a buffer overflow on the AdobeCollabSync component, allowing to achieve Medium Int. […]
• Weyal CMS SQL Injection Weyal CMS suffers from a remote SQL injection vulnerability. Note that this finding has site-specific information.
• Fuzzing: An Introduction To Sully Framework This paper is an introduction to the world of fuzzing by exploring the Sulley Fuzzing Framework.
• Debian Security Advisory 2672-1 Debian Linux Security Advisory 2672-1 – Adam Nowacki discovered that the new FreeBSD NFS implementation processes a crafted READDIR request which instructs to operate a file system on a file node as if it were a directory node, leading to a kernel crash or potentially arbitrary code execution.
• Debian Security Advisory 2671-1 Debian Linux Security Advisory 2671-1 – Multiple vulnerabilities have been discovered in Request Tracker, an extensible trouble-ticket tracking system.
• Red Hat Security Advisory 2013-0856-01 Red Hat Security Advisory 2013-0856-01 – Red Hat Certificate System is an enterprise software system designed to manage enterprise Public Key Infrastructure deployments. The Token Processing System is a PKI subsystem that acts as a Registration Authority for authenticating and processing enrollment. […]
• Red Hat Security Advisory 2013-0855-01 Red Hat Security Advisory 2013-0855-01 – IBM J2SE version 5.0 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.
• Spider Event Calendar 1.3.0 Cross Site Scripting / Path Disclosure / SQL Injection Spider Event Calendar version 1.3.0 is a WordPress plugin that suffers from multiple cross site scripting, path disclosure, and remote SQL injection vulnerabilities.
• Spider Catalog 1.4.6 Cross Site Scripting / Path Disclosure / SQL Injection Spider Catalog version 1.4.6 is a WordPress plugin that suffers from multiple cross site scripting, path disclosure, and remote SQL injection vulnerabilities.
• Obeseus Distributed Denial Of Service Detector 7.1a Obeseus is a light-weight, high-speed ip DDOS detector that has been designed to run on an Intel probe running an advanced 10 Gb/s FPGA card. It detects TCP floods, Fragment Floods, raw ICMP/TCP/UDP, reflected (DNS / SMURF) and BOGON misuse. It also detects application misuse in HTTP and UDP.
• WordPress Flagallery-Skins SQL Injection WordPress Flagallery-skins plugin suffers from an SQL Injection vulnerability. Note that this advisory has site-specific information.
• Infotecs ViPNet Products Privilege Escalation A common local privilege escalation vulnerability has been discovered in multiple Infotecs ViPNet products. The affected versions include ViPNet Client version 3.2.10 (15632), ViPNet Coordinator version 3.2.10 (15632), ViPNet SafeDisk version 4.1 (0.5643), and ViPNet Personal Firewall version 3.1. P. […]

Security Bloggers Network

• Skyhigh Networks Launches With $20M From Sequoia
• CESG And Cellcrypt To Develop MIKEY-SAKKE Technology
• Fight Against Cyber-Crime Is On The Right Track, According To PandaLabs Q1 Report
• A Reading List on Fostering Strong Company Culture
• Cloud Computing Trends Report : Maturity of IT Departments
• Interview With A Blackhat (Part 3)
• Cyber security in US power system suffering from reactive, self-policed rules
• Making Cloud Security Simpler with the latest Threat Manager release
• NYPD detective charged with hiring email hackers to break into colleagues’ personal accounts
• The Data Breach Surveys-Part 3
• Why Twitter’s two-factor authentication isn’t going to stop media organisations from being hacked
• Controlling The Risks Of Vulnerable Application Libraries
• One-Shot vs. Iterated Prisoner’s Dilemma
• New Focus On Risk, Threat Intelligence Breathes New Life Into GRC Strategies
• Why Twitter’s two-factor authentication isn’t going to stop media organisations from being hacked
• PayPal: Chargebacks and Dispute Resolution

Schneier on Security

• One-Shot vs. Iterated Prisoner’s Dilemma
• "The Global Cyber Game"
• DDOS as Civil Disobedience
• Surveillance and the Internet of Things
• Security Risks of Too Much Security
• Friday Squid Blogging: Striped Pyjama Squid Pet Sculpture
• Applied Cryptography on Elementary
• Bluetooth-Controlled Door Lock
• Transparency and Accountability
• 2007 NSA Manual on Internet Hacking
• Friday Squid Blogging: Squid Festival in Monterey
• The Onion on Browser Security

LinuxSecurity.com – Latest News

• Watch out for waterhole attacks — hackers’ latest stealth weapon
• Reporters sued as ‘hackers’ for finding a security hole with Google
• Bitdefender Clueful exposes Android spies
• Guantanamo Wi-Fi shuttered after Anonymous hacking threat
• Critical Linux vulnerability imperils users, even after "silent" fix
• Exploit for local Linux kernel bug in circulation – Update
• Hackers From China Resume Attacks on U.S. Targets
• Pressure mounts for building in security during application development
• Large Attacks Hide More Subtle Threats In DDoS Data
• How to hack an electric car-charging station
• LulzSec Hackers Sentenced In London
• How a Career Con Man Led a Federal Sting That Cost Google $500 Million

TaoSecurity

• Practice of Network Security Monitoring Table of Contents
• Bejtlich Teaching New Class at Black Hat in July
• Mandiant APT1 Report: 25 Best Commentaries of the Last 12 Days
• Recovering from Suricata Gone Wild
• Using Bro to Log SSL Certificates
• Practical Network Security Monitoring Book on Schedule
• On Thought Leadership and Non-Technical Relevance
• How to Win This TCP/IP Book
• Bejtlich’s New Book: Planned for Summer Publication
• Happy 10th Birthday TaoSecurity Blog
• Welcome to Network Security Monitoring in the Cloud
• Security Onion + (ELSA or Snorby) + CapMe = Awesome
• Best Book Bejtlich Read in 2012
• 2012: The Year I Changed What I Read
• Five No Starch Books for Kids, Reviewed by Kids
• The Value of Branding and Simplicity to Certifications

XML error: Invalid character at line 112, column 35

SecuriTeam Blogs

• Password reset questions
• “New” ideas about distributed computing?
• S. Korea Cyber Attack Crashes Navigation Devices. Time to fuzz your GPS?
• The Users are smarter than we give them credit for
• Western society is WEIRD [1]
• Read this book. If you have anything to do with security, read this book.
• REVIEW: Identity Theft Manual: Practical Tips, Legal Hints, and Other Secrets Revealed, Jack Nuern
• Memory lane …
• Online forum rule haikus
• Secure Awareness mottoes and one-liners
• Official (ISC)2 Guide to the CISSP CBK
• The death of AV. Yet again.
• Comparison Review: AVAST! antiviral
• Beware! The “Metavirus”!
• 10 Skills Needed to be a Successful Pentester
• Bell bull

Open Malware – Community Malicious code research and analysis

• New Search System, No More Accounts Needed [1]
• State of Offensive Computing
• VizSec 2012 Call for Papers Out
• Scalable, Automated Baremetal Malware Analysis
• BHO Reversing
• Practical Malware Analysis – A Book Review and Curmudgeonly Rant on the State of Reverse Engineering
• CAST Slides: Hunting malware with Volatility v2.0
• The WOW-Effect: Imho something the IT-Security community should be aware of …
• Introduction to IDA Python
• CSI:Internet series – Spyeye detection with Volatility v2 and kernel debugging the TDL4 rootkit

Darknet – The Darkside

• PentesterLab.com – Excercises To Learn Penetration Testing
• New eLearnSecurity Course – WAPT – Web Application Penetration Testing
• Large Scale Botnet Brute Force Password Cracking Against WordPress Sites
• HoneyDrive Desktop v0.2 Released – Honeypot LiveCD
• Andrew Auernheimer AKA Weev Gets 41 Months Jail Time For GET Requests
• SSLyze v0.6 Available For Download – SSL Server Configuration Scanning Tool
• Evernote Hacked – ALL Users Required To Reset Passwords
• ARPwner – ARP & DNS Poisoning Attack Tool
• Apple, Facebook & Hundreds More Hacked By 0-Day Java Exploit
• Weevely – PHP Stealth Tiny Web Shell

The Dark Visitor

• Unnatural Selection by Mara Hvistendahl
• Unemployed PRC prick hacks TV contestants’ webcams (RSA tokens probably not involved)
• Word cloud and Word document for 2011 White Paper on National Defense
• FBI: $11 million worth of unauthorized wire transfers to China
• The online “Water Army”
• Chinese hackers bringing the world together
• Shock: Chinese hackers not supporting the Jasmine Revolution
• China’s White Paper on National Defense 2010
• Chinese hackers suspected in compromise of Australian PM’s computer
• South Korean firms paying Chinese hackers

WhiteHat Security Blog

• Interview With A Blackhat (Part 3)
• Interview With A Blackhat (Part 2)
• Interview With A Blackhat (Part 1)
• InfoSec Europe Wrapup
• The State of Web Security
• Why You Should Overload WebSite Errors
• “How does WhiteHat Security approach BYOD?”
• Tor Hidden-Service Passive De-Cloaking
• Simple Vulnerabilities Aren’t Always Simple
• Checklist To Prepare Yourself In Advance of a DDoS Attack

cr0 blog

• Introducing Chrome’s next-generation Linux sandbox
• Javocalypse
• There’s a party at Ring0, and you’re invited
• CVE-2010-0232: Microsoft Windows NT #GP Trap Handler Allows Users to Switch Kernel Stack
• Virtualization security and the Intel privilege model
• CVE-2009-2267: Mishandled exception on page fault in VMware
• Security in Depth for Linux Software
• CVE-2009-2793: Iret #GP on pre-commit handling failure: the NetBSD case
• CVE-2009-2698: udp_sendmsg() vulnerability
• Linux NULL pointer dereference due to incorrect proto_ops initializations (CVE-2009-2692)
• Old school local root vulnerability in pulseaudio (CVE-2009-1894)
• Bypassing Linux’ NULL pointer dereference exploit prevention (mmap_min_addr)
• Time-stamp counter disabling oddities in the Linux kernel
• Write once, own everyone, Java deserialization issues
• Local bypass of Linux ASLR through /proc information leaks
• Interesting vulnerability in udevd

HITBSecNews – Keeping Knowledge Free for Over a Decade

• Spam and the Byzantine Empire: How Bitcoin tech REALLY works
• Tavis Ormandy bashes Microsoft’s handling of security researchers, drops Windows zero-day
• 5 Steps To Implementing A Mobile Data Security Policy
• Next-generation firewalls provide protection but add to workload
• Hackers Find China Is Land of Opportunity
• Teenager creates device that could charge your phone in under 30 seconds
• U.S. urged to ban foreign firms that steal intellectual property
• String theory may limit space brain threat
• Wi-Fi chip pushes 1.7Gbps over four streams using 802.11ac standard
• Twitter finally launched two-factor authentication – Here’s how to enable it
• Reporters use Google, find breach, get branded as "hackers"
• Google’s Chrome team developing app launcher for Mac
• Chinese hackers said to have accessed law enforcement targets
• The true root causes of software security failures
• Practice Makes Perfect? Not So Much, New Research Finds
• Hacker claims successful attack on CNN

Krebs on Security

• NC Fuel Distributor Hit by $800,000 Cyberheist
• Krebs, KrebsOnSecurity, As Malware Memes
• Conversations with a Bulletproof Hoster
• Ragebooter: ‘Legit’ DDoS Service, or Fed Backdoor?
• Microsoft, Adobe Push Critical Security Updates
• DDoS Services Advertise Openly, Take PayPal
• A Stopgap Fix for the IE8 Zero-Day Flaw
• Trade Sanctions Cited in Hundreds of Syrian Domain Seizures
• Zero-Day Exploit Published for IE8
• Alleged SpyEye Seller ‘Bx1′ Extradited to U.S.

The Ethical Hacker Network RSS News Feed

• April 2013 Free Giveaway Sponsor – eLearnSecurity
• Human Intelligence to Navigate the Security Data Deluge
• February 2013 Free Giveaway Winner of SANS CyberCon Training
• Interview: Bugcrowd Founders on Herding Ninjas for Crowdsourced Bug Bounties
• Network Forensics: The Tree in the Forest
• March 2013 Free Giveaway Sponsor – Mile2
• Book Review: Violent Python
• Holiday 2012 Free Giveaway Winner of Metasploit Pro by Rapid7
• Course Review: SANS FOR408 Computer Forensic Investigations – Windows In-Depth
• The Security Consulting Sugar High
• Tutorial: Fun with SMB on the Command Line
• Interview: Ilia Kolochenko, CEO of High-Tech Bridge
• October 2012 Free Giveaway Winner of LearningGate Training
• The Broken: Assessing Corporate Security in 2012 to Make a Better 2013
• Video: Abusing Windows Remote Management (WinRM) with Metasploit
• Interview: Daniel Martin of Dradisframework.org

Carnal0wnage & Attack Research Blog

• Rails – Guard, Brakeman, and Bundler-Audit
• Bundler-Audit -> Auditing your RubyGems
• Quick way to view ruby gems
• Next Level Testing
• APT PDFs and metadata extraction
• Attack Research Training Schedule
• Training Opportunities
• MSSQL Brute forcing with Resource Scripts
• Basics of Rails Part 5
• Your Soldiers are Untrained
• On Sophistication
• Windows 7 and SMB Relay
• Attack Research Training Release
• Geo-stalking with Bing Maps and the Twitter Maps App
• Attack Research and Trail Of Bits Partnership
• The Biggest Problem in Computer Security

Daily Dave

• Starters.
• WhiteHat Security report,or what use is SCA for web apps?
• D2Sec’s Elliot
• SyScan 2013
• Yet Another Java Security Warning Bypass
• Answering Lurene’s Question
• Students teaching trainers
• Re: Linux Hangman Rules
• Linux Hangman Rules
• Re: Recent experiences with ZDI?
• Recent experiences with ZDI?
• Android Application (Dalvik) Memory Analysis & theChuli Malware
• top game
• Gifts
• Re: RSA

ha.ckers.org web application security lab

• And Beyond…
• FAQ
• What’s Left?
• Mod_Security and Slowloris
• Minimalistic UI Decisions in Browsers
• Cheating Part 2
• Cheating Part 1
• FireSheep
• Detecting Malice With ModSecurity
• Performance Primitives

Security4all – Dedicated to digital security, enterprise 2.0 and presentation skills

• New PGP key
• The unofficial BruCON party guide (plz RT)
• Help improve the CISSP community. Support Wim.
• How to follow #Blackhat / #Defcon / #BsidesLV without being there (2011 edition)
• Are you a pentester? Then read this!
• The Dutch National Cyber Security Strategy
• When a CERT has to break the law
• Threat Whitepapers of the week to read
• #blackhat day 1: my small collection of articles, pics, video, tools and quotes
• How to follow #Blackhat / #Defcon / #BsidesLV without being there (updated x4)
• Wikileaks needs YOUR help!!
• Hacking = Innovation
• Three strike law threatening Belgium and "The Internet is freedom"
• The media spinwheel on the word Hacker. My rant of the day.
• International day against censorship
• Internet-able touchscreens for Belgian Hospitalbeds: a dataloss incident waiting to happen?

Metasploit

• Weekly Update: 4.6.1, ColdFusion Exploit, and SVN Lockdown
• Git Clone Metasploit; Don’t SVN Checkout
• New 1day Exploits: Mutiny Vulnerabilities
• Department of Labor IE 0-day Exploit (CVE-2013-1347) Now Available at Metasploit
• Metasploit’s 10th Anniversary: Laptop Decal Design Competition
• Weekly Update: WordPress Total Cache and Mimikatz
• Webcast Q&A: OWASP Top 10 and Web App Scanning Webcast
• Abusing Safari’s webarchive file format
• Weekly Update: Pull Request Wrangling
• Serial Offenders: Widespread Flaws in Serial Port Servers
• Weekly Update: Sport Fishing for Exploits and Improved Java Hackery
• How To Do Internal Security Audits Remotely To Reduce Travel Costs
• Metasploit Pro 4.6 Adds OWASP Top 10 2013 and Security Auditing Wizards
• Metasploit 4.6.0 Released!
• Compromising Embedded Linux Routers with Metasploit

DVLabs: Blogs

• Pwn2Own 2013
• 2012: Year in Review
• EUSecWest Mobile Pwn2Own 2012 Recap
• Mobile Pwn2Own 2012
• ZDI Update – June 2012
• Thank you Aaron
• Announcing the IDA Toolbag
• MindshaRE: Another Approach To Tracking ReadFile
• Pwn2Own Challenges: Heapsprays are for the 99%
• Pwn2Own 2012 and Google Pwnium
• MindshaRE: Python Syntax Coloring in IDA
• MindshaRE: Yo Dawg, I heard you like reversing…
• MindshaRE: Adding Cross References via IDAPython
• MindshaRE: IDAception
• Pwn2Own Pre-Game
• 2011: The Year in Review

The RISKS Digest

• Re: LAX sign story just gets better and better…
• Re: LAX sign story just gets better and better…
• Re: Economic policy decisions may be affected by spreadsheet errors
• Re: McAfee spots Adobe Reader PDF-tracking flaw
• Re: Economic policy decisions may be affected by spreadsheet errors
• Re: Economic policy decisions may be affected by spreadsheet errors
• Google Glass Picks Up Early Signal: Keep Out
• "Exploiting a Bug in Google’s Glass"
• Name.com security breach: passwords reset; e-mail, credit info …
• More info about that recent bank/ATM international scam
• How unique are you?
• "Microsoft admits zero-day bug in IE8, pledges patch"
• Schnucks supermarkets credit card data hacked & exposed
• Woman uses Facebook to `stalk’ herself and try frame ex-boyfriend
• Man Messages Entire Internet
• "Android threats growing in number and complexity, report says"

A feed could not be found at http://feeds.voices.washingtonpost.com/wp/securityfix/index

Post Politics: Breaking Politics News, Political Analysis & More – The Washington Post

• Post polls: Obama has lead in Ohio, edge in Fla., hampering Romney path to victory
• Obama’s briefings are showing
• Hatch Act permits range of feds’ political action
• Obama showering Ohio with attention and money
• Claire McCaskill criticizes Todd Akin’s ‘legitimate rape’ remark in new TV ad
• Obama tells U.N.: Attacks on U.S. missions and diplomats violated ideals
• Scott Brown responds to war cry video
• Mitt Romney, back in battleground Ohio, tries to make up lost ground
• Shorthand
• Romney says Obama never raised taxes
• Romney camp: Dems ‘spiking the football’ too early
• The best political ads of 2012, so far (VIDEO)
• Romney calls for foreign aid overhaul at Clinton Global Initiative event
• #5in5: In Pennsylvania, ‘Daytime for Obama’ woos senior citizens
• Growing up in the White House: The Obamas talk about their girls on ‘The View’
• Obama’s policy on Iran bears some fruit, but nuclear program still advances

MSRC

• May 2013 Security Bulletin Webcast, Q&A, and Slide Deck For those who couldn’t attend the live webcast, today we’re publishing the May 2013 Security Bulletin Webcast Questions & Answers page.  We fielded 13 questions on various topics during the webcast, with specific bulletin questions focusing primarily on Internet Explorer (MS13-037 and MS13-038). […]
• Microsoft Customer Protections for May 2013 Today, we are releasing 10 bulletins, addressing 33 vulnerabilities in Microsoft products. Before we get into the details, we wanted to first let our enterprise customers know about a change in how we’re communicating technical details within our security advisories. Starting today, customers will. […]
• Advance Notification Service for the May 2013 Security Bulletin Release Today we’re providing Advance Notification of 10 bulletins for release on Tuesday, May 14, 2013. This release brings two Critical and eight Important-class bulletins, which address 33 unique vulnerabilities. The Critical-rated bulletins address issues in Microsoft Windows and Internet Explorer. Of. […]
• Fix it for Security Advisory 2847140 is available We have updated Security Advisory 2847140 to include an easy, one-click Fix it to address the known attack vectors. The Fix it is available to all customers and helps prevent known attacks that leverage the vulnerability to execute code and should not affect your ability to browse the Web. Additiona. […]
• Microsoft Releases Security Advisory 2847140 Today, we released Security Advisory 2847140 regarding an issue that impacts Internet Explorer 8. Internet Explorer 6, 7, 9 and 10 are not affected by the vulnerability. This issue allows remote code execution if users browse to a malicious website with an affected browser. This would typically occu. […]
• New update available for MS13-036  Portuguese (Brazil), Русский Today we released a new update to replace KB2823324, which was originally made available through MS13-036. As we previously discussed, we stopped distributing this update when we learned some customers were having issues. The new update, KB2840149, still addres. […]
• April 2013 Security Bulletin Webcast, Q&A, and Slide Deck Today we’re publishing the April 2013 Security Bulletin Webcast Questions & Answers page.  We fielded nine questions during the webcast, with almost half of those focused on the Remote Desktop Client bulletin (MS13-024).  One question that was not answered on air has been included on the Q&A pag. […]
• KB2839011 Released to Address Security Bulletin Update Issue Portuguese (Brazil), Русский  We are aware that some of our customers may be experiencing difficulties after applying security update 2823324, which we provided in security bulletin MS13-036 on Tuesday, April 9. We’ve determined that the update, when paired with certain third-party softwar. […]
• Out with the old, in with the April 2013 security updates Windows XP was originally released on August 24, 2001. Since that time, high-speed Internet connections and wireless networking have gone from being a rarity to the norm, and Internet usage has grown from 360 million to almost two-and-a-half billion users. Thanks to programs like Skype, we now make. […]
• Advance Notification Service for the April 2013 Security Bulletin Release In celebration of spring’s onset, today we’re providing advance notification for the April 2013 release of nine bulletins; two Critical and seven Important. The Critical bulletins address vulnerabilities in Microsoft Windows and Internet Explorer, and the seven Important-rated bulletins will add. […]

Microsoft Sec Notification

• Microsoft Security Bulletin Minor Revisions Posted by Microsoft on May 22******************************************************************** Title: Microsoft Security Bulletin Minor Revisions Issued: May 22, 2013 ******************************************************************** Summary ======= The following bulletins have undergone minor. […]
• Microsoft Security Bulletin Minor Revisions Posted by Microsoft on May 16******************************************************************** Title: Microsoft Security Bulletin Minor Revisions Issued: May 15, 2013 ******************************************************************** Summary ======= The following bulletins have undergone minor. […]
• Microsoft Security Advisory Notification Posted by Microsoft on May 14******************************************************************** Title: Microsoft Security Advisory Notification Issued: May 14, 2013 ******************************************************************** Security Advisories Updated or Released Today ==================. […]
• Microsoft Security Bulletin Minor Revisions Posted by Microsoft on May 14******************************************************************** Title: Microsoft Security Bulletin Minor Revisions Issued: May 14, 2013 ******************************************************************** Summary ======= The following bulletins have undergone minor. […]
• Microsoft Security Bulletin Summary for May 2013 Posted by Microsoft on May 14******************************************************************** Microsoft Security Bulletin Summary for May 2013 Issued: May 14, 2013 ******************************************************************** This bulletin summary lists security bulletins released for May. […]
• Microsoft Security Bulletin Advance Notification for May 2013 Posted by Microsoft on May 09******************************************************************** Microsoft Security Bulletin Advance Notification for May 2013 Issued: May 9, 2013 ******************************************************************** This is an advance notification of security bulleti. […]
• Microsoft Security Advisory Notification Posted by Microsoft on May 08******************************************************************** Title: Microsoft Security Advisory Notification Issued: May 8, 2013 ******************************************************************** Security Advisories Updated or Released Today ===================. […]
• Microsoft Security Advisory Notification Posted by Microsoft on May 04******************************************************************** Title: Microsoft Security Advisory Notification Issued: May 3, 2013 ******************************************************************** Security Advisories Updated or Released Today ===================. […]
• Microsoft Security Bulletin Minor Revisions Posted by Microsoft on Apr 26******************************************************************** Title: Microsoft Security Bulletin Minor Revisions Issued: April 26, 2013 ******************************************************************** Summary ======= The following bulletins have undergone mino. […]
• Microsoft Security Bulletin Minor Revisions Posted by Microsoft on Apr 24******************************************************************** Title: Microsoft Security Bulletin Minor Revisions Issued: April 24, 2013 ******************************************************************** Summary ======= The following bulletins have undergone mino. […]
• Microsoft Security Bulletin Re-Releases Posted by Microsoft on Apr 23******************************************************************** Title: Microsoft Security Bulletin Re-Releases Issued: April 23, 2013 ******************************************************************** Summary ======= The following bulletins have undergone a major. […]
• Microsoft Security Bulletin Minor Revisions Posted by Microsoft on Apr 18******************************************************************** Title: Microsoft Security Bulletin Minor Revisions Issued: April 17, 2013 ******************************************************************** Summary ======= The following bulletins have undergone mino. […]
• Microsoft Security Bulletin Minor Revisions Posted by Microsoft on Apr 16******************************************************************** Title: Microsoft Security Bulletin Minor Revisions Issued: April 16, 2013 ******************************************************************** Summary ======= The following bulletins have undergone mino. […]
• Microsoft Security Bulletin Summary for April 2013 Posted by Microsoft on Apr 09******************************************************************** Microsoft Security Bulletin Summary for April 2013 Issued: April 9, 2013 ******************************************************************** This bulletin summary lists security bulletins released for. […]
• Microsoft Security Bulletin Advance Notification for April 2013 Posted by Microsoft on Apr 04******************************************************************** Microsoft Security Bulletin Advance Notification for April 2013 Issued: April 4, 2013 ******************************************************************** This is an advance notification of security bul. […]