SlideShare a Scribd company logo

News Bytes - January 2013

n|u - The Open Security Community
n|u - The Open Security Community

null Bangalore Chapter, January 2013 Meet

1 of 10
Download to read offline
Information security news News Bytes
Cisco VoIP vulnerability allows eavesdropping remotely The lack of input validation at the syscall interface allows arbitrary modification of kernel memory from userland, as well as arbitrary code execution within the kernel. This, in turn, allows the attacker to become root, gain control over the DSP , buttons, and LEDs on the phone
And the saga continues New java 0-day vulnerability discovered that allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Oracle delivers an unusual emergency patch to Java's critical 0-Day vulnerability. Two days later, a Java exploit is advertised for $5,000 a piece in an underground Internet forum is apparently already in at least one attacker's hands.
Operation Red October Large scale and complex cyber- espionage operation has been discovered, named Red October. Started in 2007 and mainly targeting international diplomatic service agencies. The attackers had evaded detection for over five years, giving them access to victims' passwords, network configurations and sensitive information on workstations and mobile devices.
Malware Infects US power Plants through USB Drives Some unknown malware infected two power plants control systems using unprotected USB drives as an attack vector. Reports that current antivirus softwares would have found the malware.
Child porn on Indian Govt websites 'entegramam.gov.in' forums hosting Child Porn content from last four months and authorities or the moderators of the website were not aware about the issue even after Google giving notification "This site may be compromised" for few websites.
Internet explorer vulnerable to remote code execution Remote code execution vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.
Hacking facebook password like changing your own password Flaw allows anyone to reset the password of any Facebook user without knowing his last password. The Vulnerability was very simple to execute, but now patched by Facebook Security Team. https://www.facebook.com/hacked https://www.facebook.com/checkpoint/checkpointme?f=[userid]&r=web_hacked
Facebook Hacker cup 2013 • Jan 7 — Jan 27 — Registration • Jan 25 — Jan 27 — Online Qualification Round • Feb 2 — Online Elimination Round 1 • Feb 9 — Online Elimination Round 2 • Feb 16 — Online Elimination Round 3 • March 22 -23 — Onsite Finals at Facebook Registration : https://www.facebook.com/hack ercup/register
RIP Aaron Swartz

Recommended

News Bytes - December 2012
News Bytes - December 2012News Bytes - December 2012
News Bytes - December 2012n|u - The Open Security Community
 
Malware
MalwareMalware
MalwareNikola Milosevic
 
Youtube videos might hijack your phone
Youtube videos might hijack your phoneYoutube videos might hijack your phone
Youtube videos might hijack your phoneniraj joshi
 
Social and Mobile and Cloud - OH MY!
Social and Mobile and Cloud - OH MY!Social and Mobile and Cloud - OH MY!
Social and Mobile and Cloud - OH MY!Tyler Shields
 
iPhone forensics on iOS5
iPhone forensics on iOS5iPhone forensics on iOS5
iPhone forensics on iOS5Satish b
 
Big Talk From Small Libraries: Technology classes sequence
Big Talk From Small Libraries: Technology classes sequenceBig Talk From Small Libraries: Technology classes sequence
Big Talk From Small Libraries: Technology classes sequenceNebraska Library Commission
 
Technology of computer
Technology of computerTechnology of computer
Technology of computerAakashkumar9307
 
Ratzan2
Ratzan2Ratzan2
Ratzan2haneefvf1
 

Recommended

News Bytes - December 2012
News Bytes - December 2012News Bytes - December 2012
News Bytes - December 2012n|u - The Open Security Community
 
Malware
MalwareMalware
MalwareNikola Milosevic
 
Youtube videos might hijack your phone
Youtube videos might hijack your phoneYoutube videos might hijack your phone
Youtube videos might hijack your phoneniraj joshi
 
Social and Mobile and Cloud - OH MY!
Social and Mobile and Cloud - OH MY!Social and Mobile and Cloud - OH MY!
Social and Mobile and Cloud - OH MY!Tyler Shields
 
iPhone forensics on iOS5
iPhone forensics on iOS5iPhone forensics on iOS5
iPhone forensics on iOS5Satish b
 
Big Talk From Small Libraries: Technology classes sequence
Big Talk From Small Libraries: Technology classes sequenceBig Talk From Small Libraries: Technology classes sequence
Big Talk From Small Libraries: Technology classes sequenceNebraska Library Commission
 
Technology of computer
Technology of computerTechnology of computer
Technology of computerAakashkumar9307
 
Ratzan2
Ratzan2Ratzan2
Ratzan2haneefvf1
 
Mobile Security: How Secure Is Your Basement?
Mobile Security: How Secure Is Your Basement?Mobile Security: How Secure Is Your Basement?
Mobile Security: How Secure Is Your Basement?Samsung Business USA
 
identity theft
identity theftidentity theft
identity theftHARICHANDRA MANDREKAR
 
Ratzan2
Ratzan2Ratzan2
Ratzan2MAFANTIRI SELLO
 
Thane Barnier MACE 2016 presentation
Thane Barnier MACE 2016 presentationThane Barnier MACE 2016 presentation
Thane Barnier MACE 2016 presentationJeff Zahn
 
IOS security
IOS securityIOS security
IOS securitybakhti rahman
 
Mobile Malware
Mobile MalwareMobile Malware
Mobile MalwareMartin Holovský
 
Historyofviruses
HistoryofvirusesHistoryofviruses
HistoryofvirusesFathoni Mahardika II
 
CNIT 128 5: Mobile malware
CNIT 128 5: Mobile malwareCNIT 128 5: Mobile malware
CNIT 128 5: Mobile malwareSam Bowne
 
ZR_Datasheet_v141121a-prepress2
ZR_Datasheet_v141121a-prepress2ZR_Datasheet_v141121a-prepress2
ZR_Datasheet_v141121a-prepress2Kevin Diglio
 
CNIT 128 Ch 3: iOS
CNIT 128 Ch 3: iOSCNIT 128 Ch 3: iOS
CNIT 128 Ch 3: iOSSam Bowne
 
Avoid the Hack
Avoid the HackAvoid the Hack
Avoid the HackJason Jakus
 
Spice Stellar Virtuoso Pro
Spice Stellar Virtuoso ProSpice Stellar Virtuoso Pro
Spice Stellar Virtuoso ProSpice Mobility
 
u2f fido security key
u2f fido security keyu2f fido security key
u2f fido security keyGoTrust ID
 
Technology and language acquisition
Technology and language acquisitionTechnology and language acquisition
Technology and language acquisitionshawncal
 
Spy Software
Spy SoftwareSpy Software
Spy Softwarespyindia01
 
Smart Bombs: Mobile Vulnerability and Exploitation
Smart Bombs: Mobile Vulnerability and ExploitationSmart Bombs: Mobile Vulnerability and Exploitation
Smart Bombs: Mobile Vulnerability and ExploitationSecureState
 
Facebook hacking software
Facebook hacking softwareFacebook hacking software
Facebook hacking softwareSuzie_0159
 
Smart n' Secure - SnS
Smart n' Secure - SnS Smart n' Secure - SnS
Smart n' Secure - SnS Charlie Tai
 
Viruses ppt finale
Viruses ppt finaleViruses ppt finale
Viruses ppt finalemishrasb4
 
Ransomware: Emergence of the Cyber-Extortion Menace
Ransomware: Emergence of the Cyber-Extortion MenaceRansomware: Emergence of the Cyber-Extortion Menace
Ransomware: Emergence of the Cyber-Extortion MenaceZubair Baig
 
6 fare options gn final
6 fare options gn final6 fare options gn final
6 fare options gn finalIndonesia Infrastructure Initiative
 
Dick Ng'ambis Podcasting workshop
Dick Ng'ambis Podcasting workshop Dick Ng'ambis Podcasting workshop
Dick Ng'ambis Podcasting workshop Daniela Gachago
 

More Related Content

What's hot

Mobile Security: How Secure Is Your Basement?
Mobile Security: How Secure Is Your Basement?Mobile Security: How Secure Is Your Basement?
Mobile Security: How Secure Is Your Basement?Samsung Business USA
 
Thane Barnier MACE 2016 presentation
Thane Barnier MACE 2016 presentationThane Barnier MACE 2016 presentation
Thane Barnier MACE 2016 presentationJeff Zahn
 
CNIT 128 5: Mobile malware
CNIT 128 5: Mobile malwareCNIT 128 5: Mobile malware
CNIT 128 5: Mobile malwareSam Bowne
 
ZR_Datasheet_v141121a-prepress2
ZR_Datasheet_v141121a-prepress2ZR_Datasheet_v141121a-prepress2
ZR_Datasheet_v141121a-prepress2Kevin Diglio
 
CNIT 128 Ch 3: iOS
CNIT 128 Ch 3: iOSCNIT 128 Ch 3: iOS
CNIT 128 Ch 3: iOSSam Bowne
 
Spice Stellar Virtuoso Pro
Spice Stellar Virtuoso ProSpice Stellar Virtuoso Pro
Spice Stellar Virtuoso ProSpice Mobility
 
u2f fido security key
u2f fido security keyu2f fido security key
u2f fido security keyGoTrust ID
 
Technology and language acquisition
Technology and language acquisitionTechnology and language acquisition
Technology and language acquisitionshawncal
 
Smart Bombs: Mobile Vulnerability and Exploitation
Smart Bombs: Mobile Vulnerability and ExploitationSmart Bombs: Mobile Vulnerability and Exploitation
Smart Bombs: Mobile Vulnerability and ExploitationSecureState
 
Facebook hacking software
Facebook hacking softwareFacebook hacking software
Facebook hacking softwareSuzie_0159
 
Smart n' Secure - SnS
Smart n' Secure - SnS Smart n' Secure - SnS
Smart n' Secure - SnS Charlie Tai
 
Viruses ppt finale
Viruses ppt finaleViruses ppt finale
Viruses ppt finalemishrasb4
 
Ransomware: Emergence of the Cyber-Extortion Menace
Ransomware: Emergence of the Cyber-Extortion MenaceRansomware: Emergence of the Cyber-Extortion Menace
Ransomware: Emergence of the Cyber-Extortion MenaceZubair Baig
 

What's hot (20)

Mobile Security: How Secure Is Your Basement?
Mobile Security: How Secure Is Your Basement?Mobile Security: How Secure Is Your Basement?
Mobile Security: How Secure Is Your Basement?
 
identity theft
identity theftidentity theft
identity theft
 
Ratzan2
Ratzan2Ratzan2
Ratzan2
 
Thane Barnier MACE 2016 presentation
Thane Barnier MACE 2016 presentationThane Barnier MACE 2016 presentation
Thane Barnier MACE 2016 presentation
 
IOS security
IOS securityIOS security
IOS security
 
Mobile Malware
Mobile MalwareMobile Malware
Mobile Malware
 
Historyofviruses
HistoryofvirusesHistoryofviruses
Historyofviruses
 
CNIT 128 5: Mobile malware
CNIT 128 5: Mobile malwareCNIT 128 5: Mobile malware
CNIT 128 5: Mobile malware
 
ZR_Datasheet_v141121a-prepress2
ZR_Datasheet_v141121a-prepress2ZR_Datasheet_v141121a-prepress2
ZR_Datasheet_v141121a-prepress2
 
CNIT 128 Ch 3: iOS
CNIT 128 Ch 3: iOSCNIT 128 Ch 3: iOS
CNIT 128 Ch 3: iOS
 
Avoid the Hack
Avoid the HackAvoid the Hack
Avoid the Hack
 
Spice Stellar Virtuoso Pro
Spice Stellar Virtuoso ProSpice Stellar Virtuoso Pro
Spice Stellar Virtuoso Pro
 
u2f fido security key
u2f fido security keyu2f fido security key
u2f fido security key
 
Technology and language acquisition
Technology and language acquisitionTechnology and language acquisition
Technology and language acquisition
 
Spy Software
Spy SoftwareSpy Software
Spy Software
 
Smart Bombs: Mobile Vulnerability and Exploitation
Smart Bombs: Mobile Vulnerability and ExploitationSmart Bombs: Mobile Vulnerability and Exploitation
Smart Bombs: Mobile Vulnerability and Exploitation
 
Facebook hacking software
Facebook hacking softwareFacebook hacking software
Facebook hacking software
 
Smart n' Secure - SnS
Smart n' Secure - SnS Smart n' Secure - SnS
Smart n' Secure - SnS
 
Viruses ppt finale
Viruses ppt finaleViruses ppt finale
Viruses ppt finale
 
Ransomware: Emergence of the Cyber-Extortion Menace
Ransomware: Emergence of the Cyber-Extortion MenaceRansomware: Emergence of the Cyber-Extortion Menace
Ransomware: Emergence of the Cyber-Extortion Menace
 

Viewers also liked

Dick Ng'ambis Podcasting workshop
Dick Ng'ambis Podcasting workshop Dick Ng'ambis Podcasting workshop
Dick Ng'ambis Podcasting workshop Daniela Gachago
 
Personal research environment presentation
Personal research environment presentationPersonal research environment presentation
Personal research environment presentationDaniela Gachago
 
Number 2 2016 - Rising Stars in MarCom
Number 2 2016 - Rising Stars in MarComNumber 2 2016 - Rising Stars in MarCom
Number 2 2016 - Rising Stars in MarComNicole (Laster) Vasile
 
Landscape of U.S. Financial Professionals & Firms, in terms of direct marketing
Landscape of U.S. Financial Professionals & Firms, in terms of direct marketingLandscape of U.S. Financial Professionals & Firms, in terms of direct marketing
Landscape of U.S. Financial Professionals & Firms, in terms of direct marketingDC Campbell
 
Strategische Neupositionierung und Re-Branding einer Universität
Strategische Neupositionierung und Re-Branding einer UniversitätStrategische Neupositionierung und Re-Branding einer Universität
Strategische Neupositionierung und Re-Branding einer UniversitätDr. Christian Fels
 
Cput mobile learning workshop10 march2011
Cput mobile learning workshop10 march2011Cput mobile learning workshop10 march2011
Cput mobile learning workshop10 march2011Daniela Gachago
 
All About CCIE Certification
All About CCIE CertificationAll About CCIE Certification
All About CCIE CertificationIPexpert
 
Meu primeiro prototipo_axure
Meu primeiro prototipo_axureMeu primeiro prototipo_axure
Meu primeiro prototipo_axureDaniela Carvalho
 
Schulerhof Wellness-Brochure 2015
Schulerhof Wellness-Brochure 2015Schulerhof Wellness-Brochure 2015
Schulerhof Wellness-Brochure 2015Hotel Schulerhof
 
Facebook and blogs for student engagement
Facebook and blogs for student engagementFacebook and blogs for student engagement
Facebook and blogs for student engagementDaniela Gachago
 

Viewers also liked (20)

6 fare options gn final
6 fare options gn final6 fare options gn final
6 fare options gn final
 
Dick Ng'ambis Podcasting workshop
Dick Ng'ambis Podcasting workshop Dick Ng'ambis Podcasting workshop
Dick Ng'ambis Podcasting workshop
 
Personal research environment presentation
Personal research environment presentationPersonal research environment presentation
Personal research environment presentation
 
Number 2 2016 - Rising Stars in MarCom
Number 2 2016 - Rising Stars in MarComNumber 2 2016 - Rising Stars in MarCom
Number 2 2016 - Rising Stars in MarCom
 
Landscape of U.S. Financial Professionals & Firms, in terms of direct marketing
Landscape of U.S. Financial Professionals & Firms, in terms of direct marketingLandscape of U.S. Financial Professionals & Firms, in terms of direct marketing
Landscape of U.S. Financial Professionals & Firms, in terms of direct marketing
 
Este é Apenas
Este é ApenasEste é Apenas
Este é Apenas
 
Html5 for Security Folks
Html5 for Security FolksHtml5 for Security Folks
Html5 for Security Folks
 
471 1816-1-pb (1)
471 1816-1-pb (1)471 1816-1-pb (1)
471 1816-1-pb (1)
 
Strategische Neupositionierung und Re-Branding einer Universität
Strategische Neupositionierung und Re-Branding einer UniversitätStrategische Neupositionierung und Re-Branding einer Universität
Strategische Neupositionierung und Re-Branding einer Universität
 
NewsBytes - May 2011
NewsBytes - May 2011NewsBytes - May 2011
NewsBytes - May 2011
 
Cput mobile learning workshop10 march2011
Cput mobile learning workshop10 march2011Cput mobile learning workshop10 march2011
Cput mobile learning workshop10 march2011
 
2 service standards gn final
2 service standards gn final2 service standards gn final
2 service standards gn final
 
All About CCIE Certification
All About CCIE CertificationAll About CCIE Certification
All About CCIE Certification
 
Meeting wamen renstra 301013 (1)
Meeting wamen renstra 301013 (1)Meeting wamen renstra 301013 (1)
Meeting wamen renstra 301013 (1)
 
Meu primeiro prototipo_axure
Meu primeiro prototipo_axureMeu primeiro prototipo_axure
Meu primeiro prototipo_axure
 
Blackspot 8 citrun
Blackspot 8 citrunBlackspot 8 citrun
Blackspot 8 citrun
 
Vwde dglt presentation r10w o eqx may 2011
Vwde dglt presentation r10w o eqx may 2011Vwde dglt presentation r10w o eqx may 2011
Vwde dglt presentation r10w o eqx may 2011
 
Schulerhof Wellness-Brochure 2015
Schulerhof Wellness-Brochure 2015Schulerhof Wellness-Brochure 2015
Schulerhof Wellness-Brochure 2015
 
3 vulnerable road users
3 vulnerable road users3 vulnerable road users
3 vulnerable road users
 
Facebook and blogs for student engagement
Facebook and blogs for student engagementFacebook and blogs for student engagement
Facebook and blogs for student engagement
 

Similar to News Bytes - January 2013

How Secure is Your Home Network Poster
How Secure is Your Home Network PosterHow Secure is Your Home Network Poster
How Secure is Your Home Network PosterBobby Sibiya
 
What is Spyware?
What is Spyware?What is Spyware?
What is Spyware?cnbweg45
 
3.2.1 computer security risks
3.2.1 computer security risks3.2.1 computer security risks
3.2.1 computer security riskshazirma
 
Cyber crime trends in 2013
Cyber crime trends in 2013 Cyber crime trends in 2013
Cyber crime trends in 2013 The eCore Group
 
13th Symposium of Association of Anti Virus Asia Researchers (AAVAR 2010) con...
13th Symposium of Association of Anti Virus Asia Researchers (AAVAR 2010) con...13th Symposium of Association of Anti Virus Asia Researchers (AAVAR 2010) con...
13th Symposium of Association of Anti Virus Asia Researchers (AAVAR 2010) con...Aditya K Sood
 
Developer is an attack vector
Developer is an attack vectorDeveloper is an attack vector
Developer is an attack vectorlokori
 
Kurt baumgartner lan_deskse2012
Kurt baumgartner lan_deskse2012Kurt baumgartner lan_deskse2012
Kurt baumgartner lan_deskse2012Kurt Baumgartner
 
When developer's api simplify user mode rootkits developing.
When developer's api simplify user mode rootkits developing.When developer's api simplify user mode rootkits developing.
When developer's api simplify user mode rootkits developing.Yury Chemerkin
 
Malware program by mohsin ali dahar khairpur
Malware program by mohsin ali dahar khairpurMalware program by mohsin ali dahar khairpur
Malware program by mohsin ali dahar khairpurMohsin Dahar
 
Trojans and backdoors
Trojans and backdoorsTrojans and backdoors
Trojans and backdoorsGaurav Dalvi
 
RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5CAS
 
CH11-Managing Computing Securely, Safely and Ethically
CH11-Managing Computing Securely, Safely and EthicallyCH11-Managing Computing Securely, Safely and Ethically
CH11-Managing Computing Securely, Safely and EthicallySukanya Ben
 
Ethical hacking : Beginner to advanced
Ethical hacking : Beginner to advancedEthical hacking : Beginner to advanced
Ethical hacking : Beginner to advancedKavin K
 

Similar to News Bytes - January 2013 (20)

It ppt new
It ppt newIt ppt new
It ppt new
 
How Secure is Your Home Network Poster
How Secure is Your Home Network PosterHow Secure is Your Home Network Poster
How Secure is Your Home Network Poster
 
Code protection
Code protectionCode protection
Code protection
 
What is Spyware?
What is Spyware?What is Spyware?
What is Spyware?
 
Security presentation
Security presentationSecurity presentation
Security presentation
 
Chapter 11
Chapter 11Chapter 11
Chapter 11
 
News Bytes - May 2015
News Bytes - May 2015News Bytes - May 2015
News Bytes - May 2015
 
News Bytes - December 2015
News Bytes - December 2015News Bytes - December 2015
News Bytes - December 2015
 
3.2.1 computer security risks
3.2.1 computer security risks3.2.1 computer security risks
3.2.1 computer security risks
 
Cyber crime trends in 2013
Cyber crime trends in 2013 Cyber crime trends in 2013
Cyber crime trends in 2013
 
13th Symposium of Association of Anti Virus Asia Researchers (AAVAR 2010) con...
13th Symposium of Association of Anti Virus Asia Researchers (AAVAR 2010) con...13th Symposium of Association of Anti Virus Asia Researchers (AAVAR 2010) con...
13th Symposium of Association of Anti Virus Asia Researchers (AAVAR 2010) con...
 
Developer is an attack vector
Developer is an attack vectorDeveloper is an attack vector
Developer is an attack vector
 
Kurt baumgartner lan_deskse2012
Kurt baumgartner lan_deskse2012Kurt baumgartner lan_deskse2012
Kurt baumgartner lan_deskse2012
 
When developer's api simplify user mode rootkits developing.
When developer's api simplify user mode rootkits developing.When developer's api simplify user mode rootkits developing.
When developer's api simplify user mode rootkits developing.
 
Malware program by mohsin ali dahar khairpur
Malware program by mohsin ali dahar khairpurMalware program by mohsin ali dahar khairpur
Malware program by mohsin ali dahar khairpur
 
Trojans and backdoors
Trojans and backdoorsTrojans and backdoors
Trojans and backdoors
 
RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5
 
CH11-Managing Computing Securely, Safely and Ethically
CH11-Managing Computing Securely, Safely and EthicallyCH11-Managing Computing Securely, Safely and Ethically
CH11-Managing Computing Securely, Safely and Ethically
 
Ethical hacking : Beginner to advanced
Ethical hacking : Beginner to advancedEthical hacking : Beginner to advanced
Ethical hacking : Beginner to advanced
 
BYOD and Your Business
BYOD and Your BusinessBYOD and Your Business
BYOD and Your Business
 

More from n|u - The Open Security Community

Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...n|u - The Open Security Community
 

More from n|u - The Open Security Community (20)

Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)
 
Osint primer
Osint primerOsint primer
Osint primer
 
SSRF exploit the trust relationship
SSRF exploit the trust relationshipSSRF exploit the trust relationship
SSRF exploit the trust relationship
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
 
Metasploit primary
Metasploit primaryMetasploit primary
Metasploit primary
 
Api security-testing
Api security-testingApi security-testing
Api security-testing
 
Introduction to TLS 1.3
Introduction to TLS 1.3Introduction to TLS 1.3
Introduction to TLS 1.3
 
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
 
Talking About SSRF,CRLF
Talking About SSRF,CRLFTalking About SSRF,CRLF
Talking About SSRF,CRLF
 
Building active directory lab for red teaming
Building active directory lab for red teamingBuilding active directory lab for red teaming
Building active directory lab for red teaming
 
Owning a company through their logs
Owning a company through their logsOwning a company through their logs
Owning a company through their logs
 
Introduction to shodan
Introduction to shodanIntroduction to shodan
Introduction to shodan
 
Cloud security
Cloud security Cloud security
Cloud security
 
Detecting persistence in windows
Detecting persistence in windowsDetecting persistence in windows
Detecting persistence in windows
 
Frida - Objection Tool Usage
Frida - Objection Tool UsageFrida - Objection Tool Usage
Frida - Objection Tool Usage
 
OSQuery - Monitoring System Process
OSQuery - Monitoring System ProcessOSQuery - Monitoring System Process
OSQuery - Monitoring System Process
 
DevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -SecurityDevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -Security
 
Extensible markup language attacks
Extensible markup language attacksExtensible markup language attacks
Extensible markup language attacks
 
Linux for hackers
Linux for hackersLinux for hackers
Linux for hackers
 
Android Pentesting
Android PentestingAndroid Pentesting
Android Pentesting
 

News Bytes - January 2013

  • 2. Cisco VoIP vulnerability allows eavesdropping remotely The lack of input validation at the syscall interface allows arbitrary modification of kernel memory from userland, as well as arbitrary code execution within the kernel. This, in turn, allows the attacker to become root, gain control over the DSP , buttons, and LEDs on the phone
  • 3. And the saga continues New java 0-day vulnerability discovered that allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Oracle delivers an unusual emergency patch to Java's critical 0-Day vulnerability. Two days later, a Java exploit is advertised for $5,000 a piece in an underground Internet forum is apparently already in at least one attacker's hands.
  • 4. Operation Red October Large scale and complex cyber- espionage operation has been discovered, named Red October. Started in 2007 and mainly targeting international diplomatic service agencies. The attackers had evaded detection for over five years, giving them access to victims' passwords, network configurations and sensitive information on workstations and mobile devices.
  • 5. Malware Infects US power Plants through USB Drives Some unknown malware infected two power plants control systems using unprotected USB drives as an attack vector. Reports that current antivirus softwares would have found the malware.
  • 6. Child porn on Indian Govt websites 'entegramam.gov.in' forums hosting Child Porn content from last four months and authorities or the moderators of the website were not aware about the issue even after Google giving notification "This site may be compromised" for few websites.
  • 7. Internet explorer vulnerable to remote code execution Remote code execution vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.
  • 8. Hacking facebook password like changing your own password Flaw allows anyone to reset the password of any Facebook user without knowing his last password. The Vulnerability was very simple to execute, but now patched by Facebook Security Team. https://www.facebook.com/hacked https://www.facebook.com/checkpoint/checkpointme?f=[userid]&r=web_hacked
  • 9. Facebook Hacker cup 2013 • Jan 7 — Jan 27 — Registration • Jan 25 — Jan 27 — Online Qualification Round • Feb 2 — Online Elimination Round 1 • Feb 9 — Online Elimination Round 2 • Feb 16 — Online Elimination Round 3 • March 22 -23 — Onsite Finals at Facebook Registration : https://www.facebook.com/hack ercup/register