Hackin9
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 

We saw in part 1 how useful dshell can be. Let">PacketDecoder: This type of decoder is able to look for specific packet information in a live capture or PCAPfile and then show it to the user in a customized way.">Blob.">httpdecoder:Dshell">printableText">printableUnicode">URLDataToParameterDict">xorStringDecode">Lets see an example of a simple decoder, which uses dpkt">This looks like a packet decoder, using the base definition of IPDecoder contained in the Dshell class.">If not, ifRST/ACK flags are set,">Pel">">msantand at isc dot sans dot org

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
[SECURITY] [DSA 3592-1] nginx security update
 
[security bulletin] HPSBOV03615 rev.1 - HPE OpenVMS CSWS running the Apache Tomcat 7 Servlet Engine, Multiple Remote Vulnerabilities
 
Cisco Security Advisory: Cisco Prime Network Analysis Module IPv6 Denial of Service Vulnerability
 
Cisco Security Advisory: Cisco Prime Network Analysis Module Unauthenticated Remote Code Execution Vulnerability
 

Endpoint Security Leader Issues Bring-Your-Own-Malware Challenge
ResponseSource (press release)
To participate, stop by the Bromium stand at InfoSec Europe (B220) with malware of your choosing or participate remotely by uploading the malware to our servers. The PCs in our booth are unpatched Windows machines and vulnerable to Flash, Java and ...

 

(credit: Duo Security)

The next time you're in the market for a new Windows computer, consider this: if it comes from one of the top five manufacturers, it's vulnerable to man-in-the-middle attacks that allow hackers to install malware.

That's the take-away from a report published Tuesday by researchers from two-factor authentication service Duo Security. It found third-party updating tools installed by default threatened customers of Dell, HP, Lenovo, Acer, and Asus. The updaters frequently expose their programming interfaces, making them easy to reverse engineer. Even worse, the updaters frequently fail to use transport layer security encryption properly, if at all. As a result, PCs from all five makers are vulnerable to exploits that allow attackers to install malware.

"Hacking in practice means taking the path of least resistance, and OEM software is often a weak link in the chain," the Duo Security report stated. "All of the sexy exploit mitigations, desktop firewalls, and safe browsing enhancements can't protect you when an OEM vendor cripples them with pre-installed software."

Read 2 remaining paragraphs | Comments

 
 
[security bulletin] HPSBGN03609 rev.1 - HPE LoadRunner and Performance Center, Remote Code Execution, Denial of Service (DoS)
 

Healthcare IT News

CIOs, CISOs share advice on selling cybersecurity to the C-suite
Healthcare IT News
Ronald Ross, a fellow and computer scientist at the National Institute of Standards and Technology offered advice that infosec professionals can take to the boardroom: It's always less expensive to invest in security than it is to clean up after data ...

 

SANS Boston InfoSec Training to Provide Insight into How to Advance an IT Career
PR Newswire (press release)
BETHESDA, Md., June 1, 2016 /PRNewswire-USNewswire/ -- SANS Institute, the global leader in information security training, today announced the agenda for SANS Boston 2016 taking place August 1 - 6. Courses will cover ethical hacking, mobile device ...

and more »
 

iT News

PC makers blasted for bad bloatware security
iT News
A study of software bundled by large PC vendors on their machines has found that the bloatware apps leave users exposed to easily exploitable vulnerabilities while being of little use to customers. The research arm of infosec firm Duo Security, Duo ...
Most Laptop Vendors Distribute Bloatware Full of Critical Security BugsSoftpedia News

all 40 news articles »
 

SANS Boston InfoSec Training to Provide Insight into How to Advance an IT Career
IT News Online
BETHESDA, Md., June 1, 2016 /PRNewswire-USNewswire/ -- SANS Institute, the global leader in information security training, today announced the agenda for SANS Boston 2016 taking place August 1 - 6. Courses will cover ethical hacking, mobile device ...

and more »
 

LockPath Included as a Visionary in Gartner's 2016 Magic Quadrant for IT Risk Management Solutions
SYS-CON Media (press release)
LockPath is a market leader in corporate governance, risk management, regulatory compliance (GRC) and information security (InfoSec) software. The company's flexible, scalable and fully integrated suite of applications is used by organizations to ...

and more »
 

At the local cafe, hackers can get a cup of coffee and rogue access to the network. Who needs a VPN; what could go wrong? (credit: Ken Hawkins)

For the security minded, one of the scariest revelations from the now three-year-old Snowden leaks had nothing to do with accommodating ISPs (shocking) or overreaching and often vague anti-terrorism practices and policy (an even bigger shock, right?). Instead, when news trickled out about matters like the National Security Agency’s Vulcan data repository or its Diffie-Hellman strategy, online privacy advocates found themselves quaking. Suddenly, seemingly everyone had to re-evaluate one of the most often used tools for maintaining a shred of anonymity online—the VPN.

VPNs, or virtual private networks, are typically used to obfuscate users’ IP addresses and to add a layer of security to Web browsing. They work by routing traffic through a secure, encrypted connection to the VPN’s server. The reasons for using VPNs vary. Some people use VPNs to change their IP address so they can access location-specific media content in a different geographic location or download things on torrent that are less likely to be traced back to them. Others hope to minimize online tracking from advertisers, prevent the negative effects of rogue access to Wi-Fi networks, or even just obfuscate their IP address to specific sites they visit.

Not all VPNs are alike, however. In fact, poorly configured VPNs can make users more vulnerable in various ways. Some ban torrenting altogether. Others log information, either for maintenance reasons, to track abuse, or in accordance with their local data retention laws.

Read 41 remaining paragraphs | Comments

 
[SECURITY] [DSA 3591-1] imagemagick security update
 

A new chapter in password cracking is about to begin. (credit: Laurie Harker, Minneapolis Star Tribune / Getty Images)

Jeremi M Gosney (@jmgosney) is a world-renowned password cracker and security expert. He is the Founder & CEO of the password-cracking firm Sagitta HPC, and a member of the Hashcat development team. Jeremi also helps run the Security BSides Las Vegas, Hushcon, and PasswordsCon conferences.

Me: "The full dump from the 2012 LinkedIn breach just dropped, so you're probably not going to see much of me over the next week."

Wife: "Again?"

Read 28 remaining paragraphs | Comments

 

iT News (blog)

Respect my Certificate Authority!
iT News (blog)
When infosec equipment vendor Blue Coat was issued an intermediate Certificate Authority (CA) signed by Symantec, not only did it create an uproar in the security industry, but it also (again) raised the question of why we're still using CAs. Blue Coat ...

 
[SECURITY] [DSA 3590-1] chromium-browser security update
 
AjaxExplorer v1.10.3.2 Remote CMD Execution / CSRF / Persistent XSS
 
Internet Storm Center Infocon Status