[Owasp-Cluj] Fwd: NeRD Watch - 13/3/15

Lucian Corlan Lucian.Corlan at betfair.com
Fri Mar 13 16:21:11 UTC 2015



Here is the NeRD Watch

Begin forwarded message:

From: NeRD Watch <NeRDWatch at contextis.co.uk<mailto:NeRDWatch at contextis.co.uk>>
To: Context <Context at contextis.co.uk<mailto:Context at contextis.co.uk>>
Date: 13 March 2015 16:13:48 GMT
Subject: NeRD Watch - 13/3/15

If you don't stand for something you will fall for anything. NeRD Watch.

Security News

http://krebsonsecurity.com/2015/03/feds-indict-three-in-2011-epsilon-hack  - Feds Indict Three in 2011 Epsilon Hack
http://krebsonsecurity.com/2015/03/point-of-sale-vendor-nextep-probes-breach  - Point-of-Sale Vendor NEXTEP Probes Breach
http://news.netcraft.com/archives/2015/03/11/web-security-company-inadvertently-aids-hmrc-phishing-attack.html  - Web security company inadvertently aids HMRC phishing attack
https://blogs.cisco.com/security/talos/whoisdisclosure  - Hundreds of Thousands of Google Apps Domains' Private WHOIS Information Disclosed
http://www.world-nuclear-news.org/C-KHNP-hacker-demands-money-to-withhold-documents-1203155.html  - Korea Hydro and Nuclear Power hacker demands money to withhold documents
http://www.hotforsecurity.com/blog/a-bad-week-for-uk-cybercriminals-11533.html  - 'Strike Week' - a bad week for UK cybercriminals
https://www.defenseone.com/technology/2015/03/pentagon-gets-authority-hire-3000-cyber-pros/106848  - Pentagon Gets Authority To Hire 3,000 Cyber Pros
https://citizenlab.org/2015/03/hacking-team-reloaded-us-based-ethiopian-journalists-targeted-spyware  - US-Based Ethiopian Journalists Again Targeted with Spyware
https://www.hackread.com/university-of-chicago-hacked-social-security-numbers-stolen  - University of Chicago Computers Hacked, Social Security Numbers Stolen
https://krebsonsecurity.com/2015/03/point-of-sale-vendor-nextep-probes-breach  - Point-of-Sale Vendor NEXTEP Probes Breach
http://news.softpedia.com/news/Two-Arrested-in-the-Largest-Data-Breach-in-the-US-475156.shtml  - Two Arrested in the Largest Data Breach in the US
http://securityaffairs.co/wordpress/34595/intelligence/new-zealand-surveillance-waihopai-base.html  - Snowden reveals New Zealand surveillance Waihopai Base
http://www.v3.co.uk/v3-uk/news/2398938/cia-created-apple-mac-os-x-iphone-and-ipad-attack-tools  - CIA created Apple Mac OS X, iPhone and iPad attack tools
http://abcnews.go.com/US/wireStory/government-drop-charges-federal-employee-hacking-case-29542745  - Government to Drop Charges in Federal Employee Hacking Case
https://krebsonsecurity.com/2015/03/microsoft-fixes-stuxnet-bug-again  - Microsoft Fixes Stuxnet Bug, Again (see Vulnerability & Exploit section for details)
http://www.justice.gov/usao-ma/pr/russian-national-known-joga-pleads-guilty-online-fraud-scheme  - Russian national known as 'Joga' pleads guilty to online fraud scheme
http://www.bbc.co.uk/news/world-asia-31741564  - New Zealand spying on Pacific islands, Snowden leaks say
http://www.kemmannu.com/index.php?action=highlights&type=11621  - VPN use is a crime in Dubai
http://www.infosecurity-magazine.com/news/panda-labs-detects-itself-as? - Panda Labs Detects Itself as Malware

Commentary

https://medium.com/@sailorhg/coding-like-a-girl-595b90791cce  - Coding Like a Girl
http://medillonthehill.net/2015/03/cybersecurity-has-a-talent-shortage  - Cybersecurity has a talent shortage
https://www.schneier.com/blog/archives/2015/03/attack_attribut_1.html  - Attack Attribution and Cyber Conflict
http://blog.lumension.com/9876/youre-still-using-clear-text-passwords  - You’re Still Using Clear Text Passwords!?
http://blog.erratasec.com/2015/03/github-won-because-its-social-media.html  - GitHub won because it's social-media
http://hackmageddon.com/2015/03/09/february-2015-cyber-attacks-statistics  - February 2015 Cyber Attacks Statistics
http://electrospaces.blogspot.co.uk/2015/03/us-military-and-intelligence-computer.html  - US military and intelligence computer networks
http://www.theverge.com/a/anatomy-of-a-hack  - 'Anatomy of a hack': Story of a trail of account hacking leading to Bitcoin stealage
http://www.scmagazineuk.com/uk-parliament-body-keen-to-explore-tor-partnership/article/402536  - UK Parliament body keen to explore Tor partnership
https://zeltser.com/prescreening-tech-support-scam  - Scammers Prescreen Victims for Tech Support Scams via Twitter and Phone
http://www.homelandsecuritynewswire.com/dr20150313-weighing-the-pros-cons-of-blocking-isis-s-access-to-social-media  - Weighing the pros, cons of blocking ISIS?s access to social media
http://www.darkreading.com/partner-perspectives/intel/raising-the-stakes-when-software-attacks-hardware/a/d-id/1319423  - Raising the Stakes: When Software Attacks Hardware
http://blog.vormetric.com/2015/03/11/better_balance_required_-_cia_apple_hacking  - Better Balance Required – CIA Apple Hacking
http://blog.trendmicro.com/trendlabs-security-intelligence/investigating-and-detecting-command-and-control-servers  -  Investigating and Detecting Command and Control Servers
https://isc.sans.edu/diary/Should+it+be+Mandatory+to+have+an+Independent+Security+Audit+after+a+Breach%3F/19431  - Should it be Mandatory to have an Independent Security Audit after a Breach?
http://arstechnica.com/tech-policy/2015/03/uk-parliament-says-its-technologically-infeasible-to-block-tor-online-anonymity-systems  - UK Parliament says it’s “technologically infeasible” to block Tor
http://www.csoonline.com/article/2894193/infosec-staffing/six-entry-level-cybersecurity-job-seeker-failings.html  - Six entry-level cybersecurity job seeker failings
http://www.infosecurity-magazine.com/news/pci-compliance-doubles-most-fail  - PCI Compliance Doubles But Most Fail After One Year
http://www.darkreading.com/risk/6-ways-the-sony-hack-changes-everything-/a/d-id/1319415? - 6 Ways The Sony Hack Changes Everything
http://google-opensource.blogspot.it/2015/03/farewell-to-google-code.html  - Bidding farewell to Google Code

Web

http://releases.portswigger.net/2015/03/v1612.html  - Burp Suite Professional v1.6.12
http://www.kitploit.com/2015/03/rawr-rapid-assessment-of-web-resources.html  - RAWR: Rapid Assessment of Web Resources
http://www.macobserver.com/tmo/article/apples-os-x-gatekeeper-leaves-hole-open-for-malware-heres-how-to-protect-yo  - OS X Gatekeeper allows malware and adware: How to Protect Your Mac
http://techcrunch.com/2015/03/07/the-evolution-of-the-browser  - The Evolution Of The Browser
http://www.christian-schneider.net/GenericXxeDetection.html  - Generic XXE Detection

Infrastructure

https://blog.anitian.com/pci-dss-to-ban-ssl  - PCI Set to Ban SSL Protocol
http://resources.infosecinstitute.com/ddos-upnp-devices  - DDoS on UPNP Devices
https://github.com/FastVPSEestiOu/fastnetmon  - FastNetMon - high performance DoS/DDoS analyzer with sflow/netflow/mirror support
https://www.offensive-security.com/kali-linux/raspberry-pi-luks-disk-encryption  - Kali Linux on a Raspberry Pi (A/B+/2) with LUKS
https://threatpost.com/cloudflare-aims-to-defeat-massive-ddos-attacks-with-virtual-dns/111555  - CloudFlare Aims to Defeat Massive DDoS Attacks with Virtual DNS
http://blog.ircmaxell.com/2015/03/security-issue-combining-bcrypt-with.html  - Security Issue: Combining Bcrypt With Other Hash Functions
http://www.kitploit.com/2015/03/netoolsh-mitm-pentesting-opensource.html  - netool.sh - MitM pentesting opensource toolkit
http://www.darknet.org.uk/2015/03/messenpass-recover-msn-yahoo-messenger-icq-trillian-passwords  - MessenPass – Recover MSN, Yahoo Messenger, ICQ, Trillian Passwords
http://arstechnica.com/information-technology/2015/03/ars-tests-exonet-the-personal-vpn-that-takes-you-home  - Ars tests ExoNet, the personal VPN that takes you home
http://www.darkoperator.com/blog/2015/3/11/patching-with-wsus-offline  - Patching with WSUS Offline Open Source Project
https://newsletter.dnsimple.com/lets-learn-dnssec-together  - Let's Learn DNSSEC Together
https://newsletter.dnsimple.com/dnssec-record-types  - DNSSEC Record Types
http://xonsh.org/tutorial.html  - xonsh 0.1.1

Vulnerability & Exploit

https://wpvulndb.com/vulnerabilities/7841  - WordPress SEO Plugin SQL Injection vuln
http://www.theregister.co.uk/2015/03/10/rowhammer  - Ouch! Google crocks capacitors and deviates DRAM to root Linux
http://www.theregister.co.uk/2015/03/10/elastic_search_vuln  - Attackers targeting Elasticsearch remote code execution hole
http://lcamtuf.blogspot.co.uk/2015/03/another-round-of-image-bugs-png-and.html  - Another round of image bugs: PNG and JPEG XR
http://googleprojectzero.blogspot.co.uk/2015/03/exploiting-dram-rowhammer-bug-to-gain.html  - Exploiting the DRAM rowhammer bug to gain kernel privileges
http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Full-details-on-CVE-2015-0096-and-the-failed-MS10-046-Stuxnet/ba-p/6718459  - CVE-2015-0096 and the failed MS10-046 Stuxnet fix
http://blog.trendmicro.com/trendlabs-security-intelligence/samba-remote-code-execution-vulnerability-cve-2015-0240  - : Samba Remote Code Execution Vulnerability - CVE-2015-0240
http://securityintelligence.com/droppedin-remotely-exploitable-vulnerability-in-the-dropbox-sdk-for-android  - Remotely Exploitable Vulnerability in the Dropbox SDK for Android
http://www.welivesecurity.com/2015/03/10/operating-system-vulnerabilities-exploits-insecurity  - Operating System Vulnerabilities, Exploits and Insecurity

Malware

http://resources.infosecinstitute.com/equation-group-apt-tao-nsa-two-hacking-arsenals-similar  - Equation Group APT and TAO NSA: Two Hacking Arsenals Too Similar
http://securelist.com/blog/research/69203/inside-the-equationdrug-espionage-platform  - Inside the EquationDrug Espionage Platform
https://www.f-secure.com/weblog/archives/00002791.html  - The Equation Group Equals NSA / IRATEMONK
http://blog.trendmicro.com/trendlabs-security-intelligence/malware-snoops-through-your-home-network  - Malware Snoops Through Your Home Network
https://threatpost.com/new-technique-complicates-mutex-malware-analysis/111517  - 'New Technique' complicates mutex correlation in malware analysis
https://nakedsecurity.sophos.com/2015/03/06/from-the-labs-new-developments-in-microsoft-office-malware  - New developments in Microsoft Office malware
http://securityintelligence.com/mazeltov-more-android-malware-coming-to-a-mobile-device-near-you  - MazelTov: Android malware toolkit
http://blog.sucuri.net/2015/03/inverted-wordpress-trojan.html  - 'Inverted' WordPress Trojan
http://blog.didierstevens.com/2015/03/11/vba-maldoc-we-dont-want-no-stinkin-sandboxvirtual-pc  - VBA Maldoc: We Don’t Want No Stinkin Sandbox/Virtual PC
http://hackaday.com/2015/03/06/decoding-zeus-malware-disguised-as-a-doc  - Decoding ZeuS Malware Disguised as a .doc
https://nakedsecurity.sophos.com/2015/03/06/from-the-labs-new-developments-in-microsoft-office-malware  - From the Labs: New developments in Microsoft Office malware
https://www.f-secure.com/weblog/archives/00002795.html  - Ransomware Report: The Rise of BandarChor
https://isc.sans.edu/diary/How+Malware+Generates+Mutex+Names+to+Evade+Detection/19429  - How Malware Generates Mutex Names to Evade Detection
https://isc.sans.edu/diary/What+Happened+to+You%2C+Asprox+Botnet%3F/19435  - What Happened to You, Asprox Botnet?
http://blog.trendmicro.com/trendlabs-security-intelligence/bedep-backdoors-brought-into-the-light-by-flash-zero-days  - BEDEP: Backdoors Brought Into The Light By Flash Zero-Days
http://www.theregister.co.uk/2015/03/11/malware_mutex  - Malware uses Windows product IDs to mix mutex
http://blog.didierstevens.com/2015/03/11/vba-maldoc-we-dont-want-no-stinkin-sandboxvirtual-pc  - VBA Maldoc: We Don’t Want No Stinkin Sandbox/Virtual PC

Mobile

http://blog.mdsec.co.uk/2015/03/bruteforcing-ios-screenlock.html?m=1  - Apple iOS Hardware Assisted Screenlock Bruteforce
http://www.darkreading.com/droppedin-vuln-links-victims-androids-to-attackers-dropboxes  - DroppedIn Vuln Links Victims' Androids To Attackers' DropBoxes

Hardware & Forensics

http://hackaday.com/2015/03/11/killer-usb-drive-is-designed-to-fry-laptops  - Killer USB Drive is Designed to Fry Laptops
http://blog.trendmicro.com/trendlabs-security-intelligence/defending-against-pos-ram-scrapers  - Defending Against PoS RAM Scrapers
http://www.sectechno.com/osxcollector-forensic-collection-analysis-toolkit  - OSXCollector- Forensic collection & analysis toolkit
https://blog.mozilla.org/security/2015/03/12/introducing-masche-memory-scanning-for-server-security  - Masche: forensic memory scanner

Misc

http://packetstormsecurity.com/files/130697/H2H-CFP-2015.txt  - Hackers 2 Hackers Conference 12 Edition Call For Papers
http://www.ares-conference.eu/conference/ares-eu-symposium/fcct-2015  - First International Workshop on Future Scenarios for Cyber Crime and Cyber Terrorism

# # ########### # # ################################## # # # ######################## ## ###
# ## ########### # ################################## # # # ######################## ## ###
## # ########## # # # ################################# # # # ######################## ## ###
## # ## # ####### # # # ###### #### ##### #### # ### # # # # ## ### # # # # ## # ### #### ### # ###### # # # # ## ###
## # ## # # # ##### # # # ##### # ##### # ## ##### # # ## # # # #### ## ###### # # # ###### # # # # #### # # # # ######
##### # # # # #### # # # #### ## # ## # # # # # # # ## # ## ## # ## # # # # # # # # # # ## # # ## # ## # ## # # ## # # # # # # # # ## ###
###### # # # # ### # # # #### ## # ### # ## # # # ### ## ## # # # ## # # # ## # # # #### ## # ## # # # ## # ## # # # #### ## ###
# # # ####### ### # # # #### ## # ###### # # # ### ## ## # # # ## # # # ## # # # #### ####### # ### # ## # ##### ## ###
# ## ### # ### ### # # # #### ## # ###### # # # ### ## ## # # # ## # # # ## # # # #### # # # #### # ### # ## # ##### ## ###
## # ### # # # #### # # # #### ## # ### # ## # # # ### ## ## # # # ## # # # ## # # # #### ## #### # ### # # # # # # #### ## ###
## # ## # ## ##### # # # #### # # # #### # # # ####### ## # # # ## # # # ## # #### # # ##### # ## # # # # ## # # # ### # ## ##
## # ## # # ###### # # # ##### # ### # # ### # #### # ### # # # ## # # # ### # # ## # ## # #### # ## # # #### # # ### # # ###
## # ########## # # # #################################################################
# # # ######### # # # # #################################################################
# ############## ##################################################################

 _   _  _________________   _    _  ___ _____ _____  _   _
| | ||  ___| ___   _  | |  | |/ _ _   _/  __ | | | |
|  | || |__ | |_/ / | | | | |  | / /_ | | | /  /| |_| |
| . ` ||  __||    /| | | | | |/| |  _  || | | |    |  _  |
| |  || |___| | | |/ /    /  / | | || | | __/| | | |
_| _/____/_| _|___/    /  /_| |_/_/  ____/_| |_/

|| 3 r |) ^/@tc|¬
All Seeing, All Knowing InfoSec Knowledge Evaluator and Wisdom Aggregator

[cid:image001.png at 01D05D97.D4D94CC0]<http://www.contextis.com/>
www.contextis.com<http://www.contextis.com/> | 30 Marsh Wall, London, E14 9TP, UK<x-apple-data-detectors://1> | Tel: +44 (0)207 537 7515<tel:+44%20(0)207%20537%207515>
Registered no:  3574635<tel:3574635> | Certified to ISO/IEC 27001:2005 (BSI Certificate IS 553326) and ISO 9001:2008 (BSI Certificate FS 581360)
________________________________
The information contained in this email and any attachments may be legally privileged and confidential. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited. If you are not the intended recipient please contact us immediately. Any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company.




________________________________________________________________________
In order to protect our email recipients, Betfair Group use SkyScan from 
MessageLabs to scan all Incoming and Outgoing mail for viruses.

________________________________________________________________________
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-cluj/attachments/20150313/0f563d55/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 4370 bytes
Desc: image001.png
URL: <http://lists.owasp.org/pipermail/owasp-cluj/attachments/20150313/0f563d55/attachment-0001.png>


More information about the Owasp-Cluj mailing list