|
|
|||
 |
 |
|||
We recommend: Video Library
Skimming for ID theft
Views: 174 Comments: 1 11-01-2008 00:18 Latest version of ATM skimmer hidden behind a speaker looking device
Views: 187 Comments: 0 11-01-2008 00:11 ATM Scam, do check your ATM machine before using it
Views: 176 Comments: 1 10-31-2008 23:59 Forums Posts Environment for testing tools help Jersey City, NJ, United States Welcome to the GCIA Certification from SANS/GIAC Study material besides the official SANS books How to prepare effectively for an exam Which is batter for my friend's carrier Magazines For SEO Security+ Study Mailing list Study material for SEC+ Smart cards and certsMethodologiesRecommended PodCastsRecommended SitesSecurity BlogsAJAX Blog LEGAL INFO BLOGS Security ForumsBest Downloads· 1: Web Application Testing Cheat Sheet
· 2: Reconnaissance CheatSheet · 3: Sample Get out of Jail Card by Clement · 4: NMAP and Nessus Cheatsheet from Skillz · 5: Tool Matrix for CEH Exam V1 · 6: Advanced/Other Techniques for ByPassing Firewalls · 7: NIST Guidelines on Network Security Testing · 8: The ISSAF Framework · 9: The beginner guide to Wardriving · 10: Brute Force Exploitation of Web Application Session ID Best Web Links· 1: Binary Revolution Hack TV
· 2: Iron Geek Hacking Tutorial · 3: Root Secure Videos Links · 4: UnderGround Film · 5: Domain 1 - System Security - Flash Based Tutorial · 6: AEROSOL · 7: Hack this site! · 8: ExitFrame · 9: PacketSniffers.Org · 10: Moloch TV SurveyWho's OnlineThere are currently, 84 guest(s) and 0 member(s) that are online. You are Anonymous user. You can register for free by clicking here |  |
WebCruiser - Web Vulnerability Scanner V2.4.1
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 |
WebCruiser - Web Vulnerability Scanner, a compact but powerful web security scanning tool that will aid you in auditing your site! It has a Vulnerability Scanner and a series of security tools. It can support scanning website as well as POC (Proof of concept) for web vulnerabilities: SQL Injection, Cross Site Scripting, XPath Injection etc. So, WebCruiser is also an automatic SQL injection tool, an XPath injection tool, and a Cross Site Scripting tool! |
Key Features:
* Crawler(Site Directories And Files);
* Vulnerability Scanner: SQL Injection, Cross Site Scripting, XPath Injection etc.;
* SQL Injection Scanner;
* SQL Injection Tool: GET/Post/Cookie Injection POC(Proof of Concept);
* SQL Injection for SQL Server: PlainText/Union/Blind Injection;
* SQL Injection for MySQL: PlainText/Union/Blind Injection;
* SQL Injection for Oracle: PlainText/Union/Blind/CrossSite Injection;
* SQL Injection for DB2: Union/Blind Injection;
* SQL Injection for Access: Union/Blind Injection;
* Post Data Resend;
* Cross Site Scripting Scanner and POC;
* XPath Injection Scanner and POC;
* Auto Get Cookie From Web Browser For Authentication;
* Report Output.
System Requirement: Windows with .Net Framework 2.0 or higher
Download WebCruiser - Web Vulnerability Scanner
(Read More... | Score: 0)
WATOBO Open Source Web Vulnerability Scanner
Posted by cdupuis on Friday, 23 July 2010 @ 17:01:21 EDT (241 reads)
Topic Web Applications Security
As seen on the fantastic:
WATOBO is intended to enable security professionals to perform highly efficient (semi-automated) web application security audits. I am convinced that the semi-automated approach is the best way to perform an accurate audit and to identify most of the vulnerabilities.
WATOBO has no attack capabilities and is provided for legal vulnerability audit purposes only. It works like a local proxy, similar to Webscarab, Paros or BurpSuite
Additionally, WATOBO supports passive and active checks. Passive checks are more like filter functions. They are used to collect useful information, e.g. email or IP addresses. Passive checks will be performed during normal browsing activities. No additional requests are sent to the (web) application.
Active checks instead will produce a high number of requests (depending on the check module) because they do the automatic part of vulnerability identification, e.g. during a scan.
The functions of WATOBO:
- Supports session management.
- Detects logout and automatically takes a re-login.
- Supports filter functions
- Inline-Encoder/Decoder
- Includes vulnerability scanner
- Quick-scan for targeted scanning a URL
- Full-scan to scan a whole session
- Manual request editor with special functions
- Session information is updated
- Login can be done automatically
- Transcoder
- URL, Base64, MD5, SHA-1
- Interceptor
- Fuzzer
- Free, Stable and Open source!
- Script code easy to understand
- Easy to extend / adapt
- In real-world scenarios tested and developed
- Speed / usability
- Active and Passive checks
- Runs under Windows, Linux, BackTrack, MacOS
All these great features and functions make WATOBO one of the top free web assessment tools.
You can download WATOBO here
As reported by peterve the original post at http://www.corelan.be:8800/index.php/2010/07/23/watobo-the-unofficial-manual/ [www.corelan.be:8800] contains a pdf file that explains how to set up and use watobo.
"(Read More... | 1 comment | Score: 0)
Metasploit Framework 3.4.1 Released
Posted by cdupuis on Thursday, 15 July 2010 @ 16:04:41 EDT (219 reads)
Topic Metasploit
Downloads and more information at http://www.metasploit.com/
The Metasploit Project is proud to announce the release of the Metasploit Framework version 3.4.1. As always, you can get it from our downloads page, for Windows, Linux or as an OS-independent tarball.
This release sees the first official non-Windows Meterpreter payload, in PHP as discussed last month (http://blog.metasploit.com/2010/06/meterpreter-for-pwned-home-pages.html).
Rest assured that more is in store for Meterpreter on other platforms. A new extension called Railgun is now integrated into Meterpreter courtesy of Patrick HVE, giving you scriptable access to Windows APIs and an unprecedented amount of control over post-exploitation.
For those of you wishing to contribute to the framework, a new file called HACKING has been introduced that lays out a few guidelines for making it easier.
This release has 16 new exploits, 22 new auxiliary modules and 11 new Meterpreter scripts for your pwning enjoyment.
For more in-depth information about this release, see the 3.4.1 release notes at:
https://www.metasploit.com/redmine/projects/framework/wiki/Release_Notes_341
- The Metasploit Team
(comments? | Score: 0)
Call for Papers - Black Hat Abu Dhabi 2010
Posted by cdupuis on Thursday, 15 July 2010 @ 15:41:28 EDT (190 reads)
Topic Black Hat
WHERE and WHEN:
Launched under the Patronage of His Highness Sheikh Mohammed bin Zayed Al Nahyan, Black Hat Abu Dhabi will take place on 8th to 11th November 2010 at Emirates Palace.
Black Hat has partnered with the UAE Telecoms Regulatory Authority to hold a three track, two day Briefings in Abu
Dhabi, the Middle East's first edition of the Las Vegas-based security summit.
WHAT:
The Call for Papers is now open at: https://cfp.blackhat.com/
Current number of speaking slots and the topics for them are:
2 talks on Physical Security
3 talks on Forensics
5 talks on Infrastructure
5 talks on Web Application Security
2 talks on Root Kits
3 talks on Hardware Hacking
2 talks on Cyber War and Legal Issues
3 talks on Cloud Security
2 talks on Attack Techniques
3 talks on Reverse Engineering
It should be a great time, we are trying to work out some cool things for the speakers to do. We have a lot of interest, from the top on down as you can see by the organizations supporting our first conference in the GCC countries.
We will go in with a full Black Hat experience, with all the tech and none of the vendor fluff. Let's see if the UAE market
can handle it! Black Hat Abu Dhabi will offer a full range of sessions,including ten training classes running on 8th and 9th November, followed by three briefing tracks running simultaneously on 10th and 11th alongside the exhibition.
We are going to make early selections of about a third is the session in the next couple weeks so we have something to market with. Interested? Submit!
Jeff Moss
(Read More... | Score: 0)
Haking 9 SECURING VOIP July edition available for FREE download
Posted by cdupuis on Thursday, 15 July 2010 @ 15:37:51 EDT (273 reads)
Topic Hakin9
Securing VoIP -- New ONLINE issue
DOWNLOAD FOR FREE CLICK HERE
See the full list of articles at
hakin9 website
Download 2009/2010 archives of Hakin9 magazine
(Read More... | Score: 0)
1st Open Backdoor Hiding & Finding Contest to be held at DEFCON 0x12
Posted by cdupuis on Saturday, 03 July 2010 @ 09:23:16 EDT (400 reads)
Topic CORE IMPACT
The CoreTex Team from Core Security is happy to announce the *1st Open Backdoor Hiding & Finding Contest* to be held at DEFCON 0x12 this year!
Hiding a backdoor in open source code that will be subjected to the scrutiny of security auditors by the hundredths may not be an easy task. Positively and unequivocally identifying a cleverly hidden backdoor may be extremely difficult as well.
But doing both things at DEFCON 0x12 could be a lot of fun!
If you liked to read about the exploits of C. Auguste Dupin, the devious Minister D. or even the n00b Prefect Monsieur G. [*] here's a chance to role-play all of them at DEFCON using your favorite coding and code auditing techniques.
Registration is now open at http://www.backdoorhiding.com
Questions, feedback, comments and general discussion at: https://forum.defcon.org/forumdisplay.php?f=520
Here are the details:
Quick intro
Two in one Backdoor Hiding/Finding Contest (participate in either or both): In the first stage, hiding participants provide a source code hiding a backdoor, in the second stage organizers mix the source codes with non-backdoored (placebos), and then ask finding participants to spot the placebos. Hiding participants get hiding points for being voted as a placebo and finding participants get points for spotting the placebos and negative points for false positives.
Contest Description
The contest includes two games: a backdoor hiding and a backdoor finding contest which are played simultaneously. The contest will be played in two rounds: a qualification round that starts before the conference and ends during the conference, and a second (smaller and shorter) round during the conference. Each round is a multi-player game, which is played in two stages. The timeline is included below.
Prizes will be announced shortly. We will give prizes for all those that get to the qualification round and special prizes for the winners of each contest.
Qualification round
Stage 1 (hiding): All participants registered for the backdoor hiding game are given a set of requirements for a software program. Before the deadline, they must submit the source code for a program that fulfills these requirements plus includes a backdoor. They must also send a description explaining how to exploit the backdoor.
Stage 2 (finding): There is new time to register for the backdoor finding game. All players registered are given a bundle with the different pieces of source code. To each bundle the organizers will add a few placebos (source codes that fulfill the requirements but should not include a backdoor). Before a deadline, the players must answer for each source code if they believe it includes a backdoor or not.
The winners of each game are the ones that accumulate the most points. There is a table for computing points (which can be positive or negative) for the finding contest (X points if it was voted as backdoor and had a backdoor, Y points if it was voted as backdoor and hadn’t a backdoor, etc.).
For the hiding contest, it’s simpler: each time one player’s source code was voted as non-backdoored, the player is given 1 point. The first participants of the backdoor hiding contest with the most points qualify for the second round.
Same with the finding contest.
Final Round
Stage 1: We provide a source code in C/C++ and describe the requirements it fulfills to all the players. We then describe an additional requirement, and players must write a patch to this source code such that all of the requirements are fulfilled and a backdoor is hidden in the code. They must also provide an explanation on how to use the backdoor.
Stage 2: Again, the organizers will add a few patches/source codes that fulfill the requirements but do not have backdoors. A jury composed of the winners of the hiding contest (1st stage), a small set of well-known security experts and the players of stage 1 (round 2) have 3 hours to cast their votes for each source code if it hides or does not hide a backdoor. Points are computed according to the same strategy as in the first round.
The contest is not restricted to any particular programming language. However, it is part of the instructions that the “work” was commissioned by a government that needs this software and will audit it. Hence, most players will stay away from non-mainstream programming languages since the non-backdoored programs will most probably be developed in C, C++, etc.
Timeline
-July 1, we open registration.
-July 19th, we open the 1st stage of the qualification round. Participants are allowed to register until before the July 29 deadline.
-Thursday July 29, 0hs, we stop receiving source codes. Registration for 2nd stage of the first round continues.
-Friday July 30th, 0hs, we open the 2nd stage of the qualification round: users are allowed to download the source code bundles; the site accepts votes (YES/NO)
-Saturday July 31st, 12hs, Registration and voting are closed. Shortly, we announce first round winners of the backdoor-hiding and backdoor-finding contests.
-Saturday July 31st, 16hs, we start the second (and final) round which will last less than two hours. Players have some time to write a patch for a given source code and include a backdoor.
-Saturday July 31st, 17:30hs, The eminence jury members (3-5 members, TBD), winners of the backdoor-hiding qualification round and the winners of the backdoor-finding qualification round are allowed to vote for the final round winner. They have 30 minutes.
-Sunday 1, 14hs. Winners are announced and prizes delivered in the DefCon Awards Ceremony.
Register now, have fun and see you at DEFCON-0x12 !
[*] C. Auguste Dupin, Minister D. and Monsieur G. are characters from the 1845 tale "The Purloined Letter" by Edgar Allan Poe
--
ariel, andres, Damian Saura, futo, ivan & pedro
The CoreTex team at Core Security Technologies
(Read More... | Score: 0)
Protect yourself against ARP Poisoning attacks
Posted by cdupuis on Tuesday, 08 June 2010 @ 14:39:20 EDT (692 reads)
Topic In the News
Hi!
ArpON (Arp handler inspectiON) is a portable handler daemon that make Arp secure in order to avoid Arp Spoofing/Poisoning & co.
This is possible using two kinds of anti Arp Poisoning tecniques, the first is based on SARPI or "Static Arp Inspection", the second on DARPI or"Dynamic Arp Inspection" approach.
Features:
- It replaces Arpwatch & co; ArpON blocks;
- It detects and blocks Arp Poisoning/Spoofing attacks in statically configured networks;
- It detects and blocks Arp Poisoning/Spoofing attacks in dinamically configured (DHCP) networks;
- It detects and blocks unidirectional and bidirectional attacks;
- It manages the network interface into unplug, boot, hibernation and suspension OS features;
- Easily configurable via command line switches, provided that you have root permissions;
- It works in userspace for OS portability reasons;
- Tested against Ettercap, Cain & Abel, dsniff and other tools.
Links:
http://arpon.sourceforge.net
http://arpon.sourceforge.net/documentation.html
http://arpon.sourceforge.net/manpage.html
http://arpon.sourceforge.net/download.html
Thank you,
Andrea Di Pasqual
(Read More... | Score: 0)
iPhone leak is getting bigger - Latest Update
Posted by cdupuis on Monday, 07 June 2010 @ 07:50:00 EDT (686 reads)
Topic VOIP
As seen on the amazing web site of The H Security at:
http://www.h-online.com/security/news/item/iPhone-leak-is-getting-bigger-Update-1012575.html
Connecting an iPhone with Windows and iTunes allows a full backup of the device to be made.
The iPhone's data leak is even more extensive than initially assumed. In initial tests, encrypted and locked devices essentially only disclosed music and images. However, The H's associates at heise Security have now managed to connect an iPhone with iTunes under Windows and created a full backup, including such sensitive data as passwords in clear text.
The problem was initially discovered by Bernd Marienfeldt on an Ubuntu system. In that case the Ubuntu system displayed the various folders of a freshly booted iPhone although the phone was locked and had never had any contact with this Linux system before. A locked iPhone is supposed to refuse any communication with devices it doesn't know. However, if the iPhone is accessed while booting, this can frequently result in the phone pairing with unknown devices regardless of those protections. It appears that some system component hasn't finished booting when the connection request is made and, as a consequence, the iPhone's "lockdownd" daemon allows device pairing:
17:21:46 lockdown.c:818 lockdownd_do_pair(): ValidatePair successThe problem, though, is not with Linux or Windows, but with the iPhone. Using the same technique, heise Security also managed to pair a Windows Vista system with an iPhone. While with Linux only a few selected folders on the iPhone were displayed, Windows allowed full system access. For instance, it was no problem to create a complete backup using iTunes, including items such as notes, text messages and even plain text passwords.
Some text messages shouldn't be accessible by third parties
Pairing wasn't possible with all devices. What exactly it is that determines whether the iPhone accepts a connection request remains unclear. It certainly isn't determined by the device type, because heise Security managed to trick 3G systems as well as 3GS systems. At least in one case, unwanted pairing became impossible after the iPhone's information about already paired devices was deleted. Apple has not yet answered heise Security's questions about whether and when this problem will be solved.
Update: Hector Martin and a couple of developers of the Linux packages usbmuxd and libimobiledevice have done some further research on this issue. Martin has come to the conclusion that the problem only occurs if the iPhone was shut down from an unlocked state. During the wake up this state is restored and the device is "open" for a short period of time before the Springboard application wakes up and locks it down. This short period is sufficient for a pairing to occur that ensures permanent access. An iPhone that was shut down in a locked state does not accept the pairing – which corresponds to heise Security's observations. This reduces the risk somewhat, because a lost iPhone in a locked state cannot be tricked into pairing.
(comments? | Score: 5)
US authorities file charges against three scareware authors
Posted by cdupuis on Monday, 07 June 2010 @ 07:42:28 EDT (612 reads)
Topic Social Engineering
The FBI has filed charges against three men[1] accused of raking in some $100 million from Internet users misled into buying scareware in more than 60 countries. Such software scares visitors into thinking their computers are infected with viruses or malware. These unfounded warnings are displayed when victims visit particular websites and they are then urged to purchase dubious anti-spyware and antivirus products; but the software does not usually have any actual function, and on installation merely reports successful disinfection of the PC – regardless of whether or not it was actually infected.
Such fraud[2] was essentially outlawed at the end of 2008, when the Federal Trade Commission (FTC) got a US court to prevent two manufacturers of scareware from continuing to sell their products. The three men now facing charges did business from the US and the Ukraine via such companies as "Byte Hosting Internet Services" and "Innovative Marketing"; the applications had such names as "Malware Alarm", "Antivirus 2008" and "VirusRemover 2008".
In its written statement on the charges, the FBI says that scareware is one of the fastest-growing types of fraud on the internet. Google also recently drew attention to the issue when it found[3] that some 15 percent of all malware is now scareware and that this percentage is still rising. Information on recognising scareware, protecting yourself from it and removing it can be found in the article "Thieves and charlatans[4]" on The H.
URL of this Article:
http://www.h-online.com/security/news/item/US-authorities-file-charges-against-three-scareware-authors-1011679.html
Links in this Article:
[1] http://chicago.fbi.gov/dojpressrel/pressrel10/cg052710.htm
[2] http://www.h-online.com/news/item/US-court-halts-the-sale-of-scareware-739313.html
[3] http://www.h-online.com/news/item/Scareware-Nocebo-instead-of-placebo-979608.html
[4] http://www.h-online.com/security/features/Rogue-anti-virus-products-746219.html
(Read More... | 1 comment | Score: 0)
New Open-Source OS Will Feature 'Disposable' Virtual Machines
Posted by cdupuis on Friday, 04 June 2010 @ 09:14:32 EDT (628 reads)
Topic In the News
As seen on the great darkreading web site at:
http://www.darkreading.com/insiderthreat/security/app-security/showArticle.jhtml?articleID=225300299
New Open-Source OS Will Feature 'Disposable' Virtual Machines
Invisible Things Lab building secure OS that better locks down the VM environment
By Kelly Jackson Higgins, DarkReading
June 3, 2010
URL:http://www.darkreading.com/story/showArticle.jhtml?articleID=225300299
A new open-source operating system will come with the option of creating one-time, disposable virtual machines on the fly as a way to protect against malicious files.
Invisible Things Lab is creating these lightweight, throwaway VMs that work with traditional virtual machines in Qubes, the open-source, Xen-based OS it plans to release in beta later this summer. Qubes was architected to minimize the attack surface in the VM environment.
Disposable VMs don't provide persistent storage and are launched on a per-document basis to open a PDF, PowerPoint, or music or video file, for instance, according to Joanna Rutkowska, founder and CEO of Invisible Things Lab. They provide a safe sandbox for opening a file or attachment: If a file opened by a disposable VM is infected, the only thing it can hurt is the throwaway VM itself, not any other applications or files.
The disposable VM is clean, and its only purpose is for viewing the file, for instance; then it gets tossed away. "You still run your email client in a 'work' AppVM -- which is not disposable [because] you need to store your email client configuration, archived emails, your documents, etc. -- but you open attachments in disposable VMs," Rutkowska says.
Invisible Things Lab also plans to ultimately release a commercial version of the OS, Qubes Pro, that can run Windows applications using Windows-based application VMs.
"Our goal with Qubes is to make it usable not only by Linux geeks, but also by people like lawyers, doctors, businesspeople, and anybody who is concerned about potential compromise of their data," Rutkowska says. Making Qubes easy to use is one of our two main goals -- the other being exceptional security."
Rutkowska, who announced the disposable VM feature in a blog post this week, says the temporary VMs run under the Xen hypervisor in Qubes. Qubes' architecture helps prevent attacks where malware escapes from a VM and infects other applications or data.
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.
Copyright © 2007 CMP Media LLC
(Read More... | Score: 0)
Which Vulnerabilty to exploit first?
Posted by cdupuis on Thursday, 03 June 2010 @ 00:00:00 EDT (709 reads)
Topic Vulnerabilities Database
As seen on the http://infosecevents.net/ mailing list:
During April and May 2010, two interesting vulnerability-related developments occurred.
First, the National Institute of Standards and Technology (NIST) published the list of vulnerabilities that it cares about in terms of its USGv6 testing[1]. Second, a helpful new web site, "Useable" CVE Security Vulnerability Data, was launched. This site correlates National Vulnerability Database (NVD) data, as well as links to other sources (such as Metasploit), facilitates quite useful vulnerability searches, and presents detailed views of NVD data.
These announcements started me thinking about one of the distinguishing features of the ICSA Labs network IPS certification testing program. In that testing program we regularly do our own research to determine which vulnerabilities to test. In doing that we have learned some things that have helped streamline our processes and procedures, and it makes sense to pass on some of that knowledge to folks like yourself.
Based on our experience, below are five of the most important tips when it comes to choosing vulnerabilities. Hopefully you will find them useful - whether you are regularly part of an organization’s red/tiger team trying to ferret out weaknesses in network systems, evaluating an IPS (or similar security device) for your organization, conducting penetration testing, or just interested in the kinds of things that ICSA Labs does as a test lab.
1) Begin with high-severity vulnerabilities in your organization’s software. NVD rates anything with a CVSS score of a 7 or higher as high severity. If you want to add medium- and lower-severity vulnerabilities, come back to those later.
2) Choose vulnerabilities that can be exploited without the benefit of access credentials. There are a whole slew of vulnerabilities where an attacker first needs account credentials or other system privileges. Vulnerabilities that can only be exploited if the attacker possesses credentials on a system are less interesting, as the would-be bad guy already has permissions and access to the network without having to exploit anything.
3) Do some digging to make sure the vulnerability is likely to be exploited. Even if the vulnerable software ranks somewhere between common and pervasive, the configuration in which it is vulnerable may be so uncommonly used to make testing for the vulnerability pointless. You may have to dig a little harder to find information about the vulnerable configuration. A tool like the Intellishield Alert Manager service helps ICSA Labs in this regard when we are determining our network IPS test set.
4) Check to see if the vulnerability description contains words like, “unspecified”, “insufficient details,” and the like. After all, if there is not enough available information about the vulnerability, then attacking it is going to prove markedly more difficult -- if not impossible. While finding such terms in the vulnerability description isn’t a fail safe, it should send up a red flag that you need to investigate further. Once again, you’ll need to dig to find the right information.
5) Finally, find out whether there is publicly available exploit or proof-of-concept code with which an attacker could exploit the vulnerability. It’s much more difficult and time consuming if you have to develop an attack from scratch.
Bonus tip: Unlike the previous five, this tip does not apply in all circumstances where you are choosing vulnerabilities. In this case it is especially useful when evaluating a network IPS.
The tip is that you should carefully review remotely exploitable vulnerabilities that have met your other requirements, and then make sure a network IPS can actually block them. Even if the vulnerability is high in severity and remotely exploitable, that does not mean a network IPS can—or even should—block them. For example, there may be vulnerabilities that result from perfectly normal, legitimate traffic that when received just happen to wreak havoc on certain destination systems. Another example might be a vulnerability in software that encrypts traffic before it goes on the network. Most IPS devices do not perform the on-the-fly decryption required to prevent attacks against such a vulnerability.
Do you have tips that you want to share when it comes to choosing vulnerabilities? What’s worked and not worked for you?
[1] ICSA Labs is approved by NIST to test hosts, routers, and network protection devices like firewalls and intrusion prevention systems. In fact, ICSA Labs assisted NIST in developing the methodology to test firewalls and intrusion prevention systems against NIST’s USGv6 profile of requirements
(Read More... | Score: 0)
Bizploit -- ERP Penetration Testing Framework
Posted by cdupuis on Tuesday, 01 June 2010 @ 21:35:56 EDT (1140 reads)
Topic SQL Security
Dear colleague,
We are proud to announce the release of Onapsis Bizploit, the first opensource ERP Penetration Testing framework.
Presented at the renowned HITB Dubai security conference, Bizploit is expected to provide the security community with a basic framework to support the discovery, exploration, vulnerability assessment and exploitation of ERP systems.
The term "ERP Security" has been so far understood by most of the IT Security and Auditing industries as a synonym of “Segregation of Duties”. While this aspect is absolutely important for the overall security of the Organization's core business platforms, there are many other threats that are still overlooked and imply much higher levels of risk.
Onapsis Bizploit is designed as an academic proof-of-concept that will help the general community to illustrate and understand this kind of risks.
Currently Onapsis Bizploit provides all the features available in the sapyto GPL project, plus several new plugins and connectors focused in the security of SAP business platforms. Updates for other popular ERPs are to be released in the short term.
Your can download the software freely from http://www.onapsis.com
Best regards,
Onapsis S.R.L
Email: research@onapsis.com
Web: www.onapsis.com
PGP: http://www.onapsis.com/pgp/research.asc
(comments? | Score: 0)
Hackin9 June Edition FREE Download -- Get it now
Posted by cdupuis on Tuesday, 01 June 2010 @ 07:36:29 EDT (700 reads)
Topic Hakin9
Hakin9 Hakin9 magazine JUNE Edition:
Is DDOS Still a Threat? New issue of Hakin9 magazine already available!
Inside:
* Is DDOS Still a Threat?
* Jailbreaking and Penetrating with the Iphone 3G & 3GS
* Flash Memory Forensic Tools - part two
* Beginner’s Guide to Cybercrime -Understanding Attack Methodologies and a More Proactive Approach to Defense
* Pulling Kernel Forensic with Python
* More Secure PHP Server Side Source Encryption
* Securing Public Services Using Tariq
* Expert Says: Don't let the zombies take you down!
Download you copy now
Is DDOS Still a Threat?
Matt Jonkman Is DDOS, or Distributed Denial of Service, still a credible threat? Do we lay awake at night scared of when the next one might hit us? An obvious question perhaps, they are still a threat to most online enterprises. But they’re not the top of the news issues they once were. Expert Says...: Don’t let the zombies take you down! Ian Kilpatrick
Over the last year, the incidence of botnet (or zombie) attacks has been growing rapidly. Some service providers around the world have already begun to take action against botnets and there is increased interest from other service providers, and from companies, in dealing with this serious security threat.
Beginner’s Guide to Cybercrime – Understanding Attack Methodologies and a More Proactive Approach to Defense Gary Miliefsky How about why nothing with an IP address is secure and why traditional countermeasures such as firewalls, anti-virus and intrusion detection fail? Would you like to learn new methods to proactively defend against attacks? If so, you’ve come to the right place.
Jailbreaking and Penetrating with the Iphone 3G & 3GS Wardell Motley Today Smart phones are getting smarter and smarter. They are a far cry away from the Walkie-Talkie like devices from the the early 90's. Now a smart phone in the hands of skilled attacker can be used to help penetrate networks on the fly. No longer do you need to walk around with a bulky laptop to get the job done.
Flash Memory Forensic Tools - part two This second part is focused on advanced tests done on flash memory embedded in a Nokia mobile phone. Tests presented in this article are not for all as they require a well furbished lab; even that what we try to demonstrate here is that – when flash mobile forensic will leave its infancy – there are some issues forensic officers should take in consideration.
Contacts Us
editors@hakin9.org
Editor-in-Chief Karolina Lesińska
karolina.lesinska@hakin9.org
(comments? | Score: 0)
DataLossDB Weekly Summary -- Data losses are not slowing down
Posted by cdupuis on Tuesday, 01 June 2010 @ 07:14:41 EDT (578 reads)
Topic Data Loss DB
Open Security Foundation - DataLossDB Weekly Summary
Week of Sunday, May 23, 2010
26 Incidents Added.
=============
DataLossDB is a research project aimed at documenting known and reported data loss incidents world-wide. The Open Security Foundation asks for contributions of new incidents and new data for existing incidents. For any questions about the project or the data contained within this email or the website (http://www.datalossdb.org), please contact us at curators@datalossdb.org.
Incidents Added
Reported Date: 2010-05-31
Summary: Bank details relating to a significant number of companies sent to rival suppliers by email
Organizations: Tralee Town Council
http://datalossdb.org/incidents/2841
---------------------
Reported Date: 2010-05-28
Summary: 61,000 medical records stolen from laptop in employee's parked car
Organizations: Cincinnati Children's Hospital Medical Center
http://datalossdb.org/incidents/2840
---------------------
Reported Date: 2010-05-27
Summary: HMRC mails wrong private info to 50,000 taxpayers
Organizations: HM Revenue and Customs
http://datalossdb.org/incidents/2825
---------------------
Reported Date: 2010-05-26
Summary: Employee steals unknown numberof customers credit card details
Organizations: Payless Travel & Cruises
http://datalossdb.org/incidents/2824
---------------------
Reported Date: 2010-05-26
Summary: DVD media lost in mail exposes Social Security numbers for 5,220 workers
Organizations: City of Charlotte
http://datalossdb.org/incidents/2817
---------------------
Reported Date: 2010-05-25
Summary: Stolen computer exposes personal information of more than 500 surgical patient
Organizations: Loma Linda University Medical Center
http://datalossdb.org/incidents/2814
---------------------
Reported Date: 2010-05-25
Summary: Files dumped by defunct business contained AT&T wireless contracts, exposing customers names, addresses, Social Security numbers, and credit card details
Organizations: AT&T, Ferrell Communication
http://datalossdb.org/incidents/2818
---------------------
Reported Date: 2010-05-21
Summary: 1,250 bills mailed to the patients, exposing names, addresses, medical numbers and details
Organizations: Strong Memorial Hospital
http://datalossdb.org/incidents/2828
---------------------
Reported Date: 2010-05-21
Summary: Stolen USB key exposes personal information including students names, addresses, student ID number, guardian names and phone numbers
Organizations: Lake Ridge Middle School
http://datalossdb.org/incidents/2816
---------------------
Reported Date: 2009-09-22
Summary: Inadvertant access given to 2 individuals to access the mortgage account information of another couple
Organizations: GMAC Mortgage
http://datalossdb.org/incidents/2823
---------------------
Reported Date: 2009-08-31
Summary: Over 1,500 users possibly exposed through 8 stolen laptops
Organizations: GroupM
http://datalossdb.org/incidents/2830
---------------------
Reported Date: 2009-08-25
Summary: Theft of multiple desktop computers containing Social Security numbers of customers
Organizations: DaVita Inc.
http://datalossdb.org/incidents/2837
---------------------
Reported Date: 2009-08-10
Summary: 8 laptops stolen exposing as many as 1,600 individuals personal information
Organizations: Chart Industries, Inc
http://datalossdb.org/incidents/2836
---------------------
Reported Date: 2009-06-11
Summary: Identity theft of employee leads to discovery of unauthorized acquisition of personal files
Organizations: Touchstone Community School
http://datalossdb.org/incidents/2835
---------------------
Reported Date: 2009-06-08
Summary: Hacker gains access to system and exposes credit cards through FTP
Organizations: Pennant Foods
http://datalossdb.org/incidents/2838
---------------------
Reported Date: 2009-05-20
Summary: Client inadvertantely sent report of other client; containing personal information
Organizations: MassMutual Financial Group
http://datalossdb.org/incidents/2832
---------------------
Reported Date: 2009-04-22
Summary: Stolen laptop contained Social Security numbers, names, phone, address and other personal information
Organizations: Partners Home Care Inc
http://datalossdb.org/incidents/2839
---------------------
Reported Date: 2009-03-25
Summary: Stolen bag containing a flash drive exposes employee Social Security numbers
Organizations: Wheel Pros LLC
http://datalossdb.org/incidents/2822
---------------------
Reported Date: 2008-08-21
Summary: 50 accounts stolen by fraudsters using social engineering techniques through call centers
Organizations: Best Buy, HSBC Bank Nevada, Bon Ton, Office Max, Helzberg, Costco
http://datalossdb.org/incidents/2821
---------------------
Reported Date: 2008-08-05
Summary: About 2300 possibly affected from stolen computer containing personal information
Organizations: Affiliated Mortgage, North State Bank Mortgage
http://datalossdb.org/incidents/2834
---------------------
Reported Date: 2008-07-28
Summary: Hacker uses SQL injection attack to steal credit cards along with names of merchant
Organizations: Symmetrex
http://datalossdb.org/incidents/2827
---------------------
Reported Date: 2008-07-14
Summary: Employee steals names, account numbers, and credit card information from company
Organizations: Advantage Plus Credit Reporting
http://datalossdb.org/incidents/2833
---------------------
Reported Date: 2008-06-06
Summary: Account(s) inadvertantly linked to third-party advisor; exposing personal information to unauthorized personal
Organizations: Fidelity Investments
http://datalossdb.org/incidents/2831
---------------------
Reported Date: 2008-04-21
Summary: Package lost in mail containing accounts of 66 individuals; possibly exposing names, Social Security numbers, and account information
Organizations: Massachusetts Division of Professional Licensure, Promissor Inc
http://datalossdb.org/incidents/2820
---------------------
Reported Date: 2008-02-28
Summary: Envelope sent to one client was empty - personal information may have been compromised
Organizations: Boston Private Bank and Trust
http://datalossdb.org/incidents/2819
---------------------
Reported Date: 2006-02-15
Summary: Pages from main website were cached improperly and potentially left customers information vulnerable to others
Organizations: Macy's
http://datalossdb.org/incidents/2829
---------------------
Blotter Posts
Added: 2010-05-29
Title: Calif. Senate bill protects jobseekers' identity
http://www.signonsandiego.com/news/2010/may/28/calif-senate-bill-protects-jobseekers-identity/
---------------------
Added: 2010-05-29
Title: Congress once again delays ID theft protections for consumers
http://feeds.baltimoresun.com/~r/baltimoresun/business/rss2/~3/04L6EGYNvIQ/bal-ci-identity-0529,0,1648689.storylink
---------------------
Added: 2010-05-28
Title: UK begins process to scrap ID cards
http://www.ddinews.gov.in/International/International+-+Headlines/UK+begins+process+to+scrap+ID+cards.htm
---------------------
Added: 2010-05-28
Title: Nearly 200,000 Are Potential ID Theft Victims
http://cbs2chicago.com/local/ID.theft.2.2.1719905.html
---------------------
Added: 2010-05-27
Title: Guarding Against Identity Theft
http://Johnston.mync.com/site/Johnston/news/story/52012/Guarding_Against_Identity_Theft/
---------------------
Added: 2010-05-26
Title: Information theft? Keep a watch on disgruntled, low-paid staffers
http://www.dnaindia.com/lifestyle/report_information-theft-keep-a-watch-on-disgruntled-low-paid-staffers_1388311
---------------------
Added: 2010-05-26
Title: Don't let Facebook make you vulnerable to identity theft
http://www.thevalleydispatch.com/ci_15133164?source=rss_viewed
---------------------
Added: 2010-05-26
Title: Medical groups challenge 'red flags' rule in U.S. court
http://feedproxy.google.com/~r/McKnights/~3/RHSTahH0Ing/
---------------------
Added: 2010-05-26
Title: A Feeble Swipe at Identity Theft
http://motherjones.com/kevin-drum/2010/05/feeble-swipe-identity-theft
---------------------
Added: 2010-05-26
Title: How to avoid vacation identity theft
http://feeds.chicagotribune.com/~r/chicagotribune/travel/~3/PgaDgELUKfE/ct-problem-id-theft-vacation-sl,0,555732.storylink
---------------------
Added: 2010-05-26
Title: Identity Theft Will Increase As Department of Labor Posts Signatures and Tax IDs On-line
http://www.mmdnewswire.com/department-of-labor-8588.html
---------------------
Added: 2010-05-26
Title: Lifelock worries after employee data leaked to Web
http://www.networkworld.com/news/2010/052610-lifelock-worries-after-employee-data.html?source=nww_rss
---------------------
_______________________________________________
Dataloss Mailing List (dataloss@datalossdb.org)
CREDANT Technologies, a leader in data security, offers advanced data encryption solutions. Protect sensitive data on desktops, laptops, smartphones and USB sticks transparently across your enterprise to ensure regulatory compliance.
http://www.credant.com/stopdataloss
(comments? | Score: 0)
Android apps for encrypting calls and texts
Posted by cdupuis on Monday, 31 May 2010 @ 10:39:57 EDT (691 reads)
Topic Cryptography
NOTE FROM CLEMENT:
As seen on the H Security website at:
http://www.h-online.com/security/news/item/Android-apps-for-encrypting-calls-and-texts-1009593.html?view=print
US company Whisper Systems has released RedPhone and TextSecure[1], two free applications for Android smartphones that enable secure communication. RedPhone encrypts VoIP calls using the ZRTP[2] open standard. In contrast to many other SIP programs, RedPhone does not use a SIP gateway for communication, but establishes a direct connection to the other (RedPhone) user via WLAN or UMTS. A switch operated by Whisper Systems, which sends a text to the receiving caller to initiate the connection, is required to set-up the connection.
TextSecure encrypts texts using the Off-the-Record-Messaging[3] protocol and elliptic curve-based cryptography. In contrast to standard protocols, this means that it's not subsequently possible to determine who has used which key, therefore facilitating deniability. An FAQ[4] describing how the two programs work is available on the company's web site.
The applications are currently available as compiled beta versions only, but the company is intending to publish the source code shortly. Calls can currently only be made to and from US numbers, but support for international numbers is also in the pipeline.
Whisper Systems is the brainchild of Moxie Marlinspike, whose main interest is developing software for cracking encrypted connections and who is well known for his talks at security conferences.
See also:
- SSL flaw revealed at Black Hat[5], a report from The H.
URL of this Article:
http://www.h-online.com/security/news/item/Android-apps-for-encrypting-calls-and-texts-1009593.html
Links in this Article:
[1] http://whispersys.com/index.html
[2] http://en.wikipedia.org/wiki/ZRTP
[3] http://en.wikipedia.org/wiki/Off-the-Record_Messaging
[4] http://www.whispersys.com/support.html
[5] http://www.h-online.com/news/item/SSL-flaw-revealed-at-Black-Hat-742713.html
(comments? | Score: 0)
Our Sponsors
Login
Latest Windows Tools
Latest Linux Tools
Virtual Machines VM's
IBM Virtualization
MS Virtual Server
Parallels Software
Virtual Box
Virtual Iron Inc.
Virtuozzo
VMWare Server
VMWare Player
VMWare Appliances
XEN
------------------------
Download VM's
------------------------
Enspeed Collection
Linhost VM Collection
VirtualAppliances.Net
VMPlanet.Net
VMWare.Com
ThoughtPolice
Hacker's Magazine
Web & Apps Security
Scanning Service
AlertSite
Counterpane
Critical Watch
Qualys
SecureWorks
SecuritySpace
VSS
OFFLINE SCANNERS
Acunetix
ISS/IBM Scanner
Nessus
Retina
Saint
Advisories
Big Story of Today
Old Articles
| Thursday, May 20 | |
| · | Want to pass the CISSP(R) and save $630? |
| · | Call for Papers for HITB Security Conference 2010 Malaysia |
| Wednesday, May 19 | |
| · | The New ISO Hacking Standard based on the OSSTMM |
| · | RENEWAL Information for CEH! |
| · | Metasploit Framework 3.4.0 Released |
| Sunday, May 16 | |
| · | Hakin9 Magazine is now FREE -- Get your copy NOW! |
| Friday, May 14 | |
| · | Twitter-controlled botnets come to the unwashed masses |
| Sunday, May 09 | |
| · | sqlninja 0.2.5 released! |
| Monday, April 26 | |
| · | Bruter 1.0 Parallell Password brute forcer has been released |
| Sunday, April 25 | |
| · | New Cybersecurity Orders -- Stop writing report and do something instead |
| Saturday, April 24 | |
| · | Hakin9 Magazine now FREE in Digital Format |
| · | Presentation Materials from HITB Dubai is available for Download |
| · | Hack In The Box HITB eZine Issue 2 has been released |
| Monday, April 19 | |
| · | Taking Penetration testing In-House |
| Thursday, April 08 | |
| · | HITB Amsterdam final call for Paper |
Older Articles
You can syndicate our news using the file backend.php or ultramode.txt
All logos and trademarks in this site are property of their respective owner. The comments are property of their posters, all the rest © 2003-2008 by Clement Dupuis and Nathalie Lambert (Site Maintainers).
- Home Page
- TRAINING
- Network Penetration Testing and Ethical Hacking (GPEN)
- Network Penetration Testing: Maximizing the Effectiveness of Reports, Exploits, and Command Shells
- Hacker Techniques, Exploits & Incident Handling (GCIH)
- Defending Web Applications Security Essentials
- Security Essentials Course (GSEC) Bootcamp Style
- Wireless Ethical Hacking, Penetration Testing, and Defenses (GAWN)
- Reverse-Engineering Malware: Malware Analysis Tools and Techniques (GREM)
- Computer Forensic Essentials
- Computer Forensics, Investigation, and Response (GCFA)
- Essential Secure Coding in Java/JEE
- Start Here First
- GSEC
- FOR MEMBERS
- GPEN
- CONTRIBUTE
- GCIH
- CONFERENCES
- CEH Certification
- TOOLS
- QEH Certification
- CONTACT US
- Security+ CompTIA
Page Generation: 0.65 Seconds