PREVIOUS GNEWS
Patch                                                  Tuesday
•   New Format
•   13 Patches originally expected
     –   ...
Books
•   March
•   Zen and the Art of Information Security
     – by Ira Winkler

•   Cross Site Scripting Attacks: XSS E...
Holes
•   “Month of…” ActiveX Wrap-up
     – 35 bugs – LeadTools got beat up, Barcode Apps, Office Viewers

•   June is Mo...
DATA LOSS


• 40+ Reported Cases
   –   TX Law Enforcement, stolen laptops
   –   Waco ISD, system compromise
   –   IBM, ...
Holes 2
•   Botnet Mgt GUI, „Zunker‟ reported by Panda Software

•   Gozi variant now has keylogger and improved signature...
Games

• Xbox Live bans hacked Xbox 360 consoles

• Miami attorney Jack Thompson declares he will sue Microsoft if they
  ...
Holes 3
• Windows Updater Hi-Jack
    – Background Intelligent Transfer Service (BITS)


• Vista Team re-launches Vista Se...
Corp. Hell

•   PacketFocus to provide RFID audits
•   eEye enters service market
•   Google buys FeedBurner (rss content ...
Holes 4
• Apple Releases Patch Set addressing 17 vulns
     – BIND, crontabs, fetchmail, ichat, ruby, vpn, and more


• Ap...
• Latest fix in AACS saga, hacked before it was officially launched
• Yet another follow-up fix hacked a day after launch
...
Papers
• HP performance evaluation of Xen and OpenVZ

• David Litchfield 4 part Oarcle Forensics on milw0rm

• Mark Russin...
WTF!?
• DRM = Digital Consumer Enablement
   – HBO‟s Bob Zitter calls for a re-definition of DRM to show just how
     pos...
Updates
•   (April) WhiteDust launches hackspace.net
•   The a5 cracking project (gsm a5/1 algorithm)
•   Domain keys Iden...
Legal
•   MySpace Refuses to share data of known sex offenders
•   Myspace recants and gives data to authorities
•   MySpa...
CON Results
• Microsoft BlueHat Security Briefings
   – Felix Domke, demonstrated his hypervisor hack of the Xbox 360


• ...
CON Events
• Completed Cons
  – BlueHat, 10 May 2007 - Redmond, WA
  – AusCERT2007, 20 – 25 May - Australia
  – Interop, 2...
All images scavenged without permission




All images scavenged without permission
Upcoming SlideShare
Loading in …5
×

May/June News (PPT) - DC214

478 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
478
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
1
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

May/June News (PPT) - DC214

  1. 1. PREVIOUS GNEWS
  2. 2. Patch Tuesday • New Format • 13 Patches originally expected – 6 Security • Affects Windows OS, Outlook / Mail, IE, Office, Visio – 7 Non-Security related updates, Malicious Tool Update • 6 Security Patches, 15 bugs addressed (eye reports 19 bugs) – MS07-030 - Microsoft Visio - Remote Code Execution – MS07-031 - Schannel Security Package • XP - Remote Code Execution / 2003 - DoS – MS07-032 - Vista - Information Disclosure – MS07-033 – IE Cummulative 6 vulns, 5 Code Execution / 1 spoofing – MS07-034 – Outlook Express / Mail Cumulative Code Execution, 3 via IE – MS07-035 – An unnamed win32 API - Remote Code Execution (vector for IE, maybe more)
  3. 3. Books • March • Zen and the Art of Information Security – by Ira Winkler • Cross Site Scripting Attacks: XSS Exploits and Defense – by Seth Fogie, Robert Hansen, Jeremiah Grossman, Anton Rager • April • Mastering Windows Network Forensics and Investigation – by Steven Anson, Steven James Anson • May • How to Cheat at Configuring Open Source Security Tools – by Michael Gregg, Eric Seagren, Angela Orebaugh, Matt Jonkman, Raffael Marty • Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems – by Chris Sanders
  4. 4. Holes • “Month of…” ActiveX Wrap-up – 35 bugs – LeadTools got beat up, Barcode Apps, Office Viewers • June is Month of Search Engine Bugs – Hotbot, msn, yahoo, rambler, ask.com, others • IE and Firefox bugs – cookie-stealing, keystroke-snooping, malicious downloading and site-spoofing • Opera Right-Click Overflow (patched in 9.21) – Transfer Item Pop-up Menu Stack Overflow Vulnerability – Malicious torrents in the wild • Cisco 3rd party cypto library, ANS.1 DoS • Veritas Storage Foundation DoS, input validation • Packeteer Web Interface DoS, URL request via read-only user
  5. 5. DATA LOSS • 40+ Reported Cases – TX Law Enforcement, stolen laptops – Waco ISD, system compromise – IBM, missing tapes – JP Morgan Chase, missing tape – TSA, lost hard drive
  6. 6. Holes 2 • Botnet Mgt GUI, „Zunker‟ reported by Panda Software • Gozi variant now has keylogger and improved signature evasion • PoC BadBunny virus for OpenOffice, (Win – Mirc / xchat, Mac – Ruby, Linux Perl / Python) • 3 variants of Trojan-SMS.SymbOS.Viver, Smart Phone virus generates text messages to premium rate numbers • Norton Personal Firewall and Internet Security 2004 – Buffer Overflow in ActiveX (ISLALERT.DLL, SET(), GET()) • Unicode Encoding Flaw (rather decoding) – Improper handling of Full-width and Half-width encoding can allow the bypass of some security devices, IIS, Cisco IPS, 3Com, McAffee
  7. 7. Games • Xbox Live bans hacked Xbox 360 consoles • Miami attorney Jack Thompson declares he will sue Microsoft if they perform any sale of „Halo 3‟ to any persons under 17 • DCEmu announce Wii and GameCube coding contest
  8. 8. Holes 3 • Windows Updater Hi-Jack – Background Intelligent Transfer Service (BITS) • Vista Team re-launches Vista Security Blog – Apparently their job wasn‟t done ; ) • 4 out of cycle MS patches, 2 related to security – Windows installer (above) – Microsoft Office Isolated Conversion Environment (MOICE) • iDefense announce bounty for 0-days in Apache httpd, BIND, Sendmail, Open SSH, MS IIS, or MS Exchange Server • Activex buffer Overflow in Ksign SWAT (pki and id mgt)
  9. 9. Corp. Hell • PacketFocus to provide RFID audits • eEye enters service market • Google buys FeedBurner (rss content vendor) • Verizon buys Cybertrust (managed service provider) • Symantec enters mobile 5 market • intel encroaches on one laptop per child • Time Warner implements packet shaping • MS claims patent infringement on 235 patents • FCC approves Apple iPhone (will use arm processors) • Apple sues over Ann Summers „iGasm‟ iPod accessory ads
  10. 10. Holes 4 • Apple Releases Patch Set addressing 17 vulns – BIND, crontabs, fetchmail, ichat, ruby, vpn, and more • Apple Releases 2 Quick Time patches – Both for malicious java applets delivered via website • Safari for Windows hits the street an immediately vulnerable • David Maynor releases 4 DoS and 2 remote execution • Thor Larholm finds URL protocol handler command injection • Yahoo Messenger 0-day, buffer overflow in Activex for WebCam
  11. 11. • Latest fix in AACS saga, hacked before it was officially launched • Yet another follow-up fix hacked a day after launch • NXP Semiconductors (philips) is developing an RFID activated DVD • Ritek Corp. is developing re-writable BD-RE and HD DVD-RE with sales this year • 6 Months after submissions close ReasearchChannel.org announces winners of the ‟06 Educause Cyber Security Awareness Month Video Contest • Terminator “franchise” sold, Halcyon Co. shooting for 2009 release of „The Terminator 4‟
  12. 12. Papers • HP performance evaluation of Xen and OpenVZ • David Litchfield 4 part Oarcle Forensics on milw0rm • Mark Russinovich TechNet article on Windows UAC • Rob Paveza 2 stage UAC bypass Proof-of-Concept • DHS Cyber Security Paper (BotNets) BAA07-09
  13. 13. WTF!? • DRM = Digital Consumer Enablement – HBO‟s Bob Zitter calls for a re-definition of DRM to show just how positive it really is • PirateBay hacked and DB copied, blog server blamed for the vuln • National Payment Card links Drivers License and Debit Card via MagStripe in select locations, 24 states including TX • Cell Phones wipe Nissan smart keys, Altima and G35 • Apple DRM free tunes contain user info, name and email – Music purchased on itunes has always contained identifiable info however previously those tunes were “non-transferable”
  14. 14. Updates • (April) WhiteDust launches hackspace.net • The a5 cracking project (gsm a5/1 algorithm) • Domain keys Identified Mail Signaures DKIM • Spyware Process Detector v2.02 • Samba 3.0.25 • aircrack ng 0.9 • nipper 0.9.5 • rfidiot 0.1m and rfidiot 0.1n • Sysinternals - SigCheck v1.4, PsExec v1.83, DiskExt v1.1 • honey trap 0.7.0 • FireGPG (encrypt web based mail) • tor-0.1.2.14.tar.gz • Parallel (intel mac) • Symantec 11 • clamav-0.90.3.tar.gz • fwknop 1.8.1
  15. 15. Legal • MySpace Refuses to share data of known sex offenders • Myspace recants and gives data to authorities • MySpace data pops it‟s first false positive • US Military networks block MySpace, YouTube, and other social networks • San Francisco court rules Google‟s “thumbnail-porn” is protected by fair-use • US Anti-Spyware bill passed Congress, waiting on Senate vote • TX bill, HB 2714, requires computer companies to provide free recycling services • Robert Soloway (reported „spam king‟) was arrested in Seattle • Fourth and Final Draft of GPLv3 released • Mods to German law makes “hacker tools” illegal • Belgium urged to withdrawal gen1 RFID enabled passports
  16. 16. CON Results • Microsoft BlueHat Security Briefings – Felix Domke, demonstrated his hypervisor hack of the Xbox 360 • Interop – NAC Panel – NAC TCG and Microsoft compatibility • Interop – 7 Habits of Hackers (or exploit methodology)
  17. 17. CON Events • Completed Cons – BlueHat, 10 May 2007 - Redmond, WA – AusCERT2007, 20 – 25 May - Australia – Interop, 20 – 25 May - Las Vegas, NV • Future Cons – REcon Party, 13 - 16 June 2007 - Montreal – BlackHat, 28 July thru 2 Aug 2007 – Las Vegas, NV – DefCon, 3 – 5 August 2007 – Las Vegas, NV – Chaos Communications Camp, 8 - 12 August - Berlin – Hack In The Box, 3 – 6 Sept. – Kuala Lumpur – DefCon, 3 – 5 August 2007 – Las Vegas, NV – Hack In The Box, 3 – 6 Sept. – Kuala Lumpur – WhiteDust Black and White Ball, 18 - 23 Sept – London – ToorCon, 29 Sept - 1 Oct 2007 - San Diego CA – Phreaknic, 20 - 22 Oct 2007 - Nashville TN
  18. 18. All images scavenged without permission All images scavenged without permission

×