Hackin9

Infosec 15: How cybersecurity fought back as the industry fractured
Computer Business Review
The retreat from the perimeter hailed by the likes of Brian Dye of Symantec (he of "antivirus is dead" fame), is still being sounded by vendors who confidently claim that the outer wall of security is dead, and has been for some time. Falling back to ...

 


Fyodor has announced the release of Nmap 6.49BETA1.This version will have hundreds of improvement, including:

  • Integrated all of the latest OS detection and version/service detection submissions (including IPv6)
  • Infrastructure improvements: an official bug tracker
  • ">"> ">obacnet-info gets device information from SCADA/ICS devices via BACnet"> o docker-version detects and fingerprints Docker
    o enip-info gets device information from SCADA/ICS devices via EtherNet/IP
    o fcrdns performs a Forward-confirmed Reverse DNS lookup and reportsanomalous results
    o http-avaya-ipoffice-users enumerates users in Avaya IP Office 7.xsystems.
    o http-cisco-anyconnect gets version and tunnel information from Cisco SSL VPNs
    o http-crossdomainxml detects overly permissive crossdomain policies andfinds trusted domain names available for purchase
    o http-shellshock detects web applications vulnerable to Shellshock(CVE-2014-6271).
    o http-vuln-cve2006-3392 exploits a file disclosure vulnerability in Webmin.
    o http-vuln-cve2014-2126, http-vuln-cve2014-2127, http-vuln-cve2014-2128and http-vuln-cve2014-2129 detect specific vulnerabilities in CiscoAnyConnect SSL VPNs
    o http-vuln-cve2015-1427 detects Elasticsearch servers vulnerable to remote code execution.
    o http-vuln-cve2015-1635 detects Microsoft Windows systems vulnerable to MS15-034
    o http-vuln-misfortune-cookie detects the Misfortune Cookie vulnerability in Allegro RomPager 4.07, commonly used in SOHO routers for TR-069 access.
    o http-wordpress-plugins was renamed http-wordpress-enum and extended to enumerate both plugins and themes of Wordpress installationsand their versions. http-wordpress-enum is now http-wordpress-users.
    o mikrotik-routeros-brute performs password auditing attacks against Mikrotiks RouterOS API.
    o omron-info gets device information from Omron PLCs via the FINS service.
    o s7-info gets device information from Siemens PLCs via the S7 service, tunneled over ISO-TSAP on TCP port 102.
    o snmp-info gets the enterprise number and other information from thesnmpEngineID in an SNMPv3 response packet.
    o ssl-ccs-injection detects whether a server is vulnerable to the SSL/TLS CCS Injection vulnerability (CVE-2014-0224)
    o ssl-poodle detects the POODLE bug in SSLv3 (CVE-2014-3566)
    o supermicro-ipmi-conf exploits Supermicro IPMI/BMC controllers.
    o targets-ipv6-map4to6 generates target IPv6 addresses which correspond to IPv4 addresses mapped within a particular IPv6 subnet.
    o targets-ipv6-wordlist generates target IPv6 addresses from a wordlistmade of hexadecimal characters

    =======================================================================================

    http://seclists.org/nmap-announce/2015/2






    (c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
CVE-2015-4109 - WordPress Users Ultra Plugin [SQL injection]
 
The National Institute of Standards and Technology (NIST) has issued the second revision to its Guide to Industrial Control Systems (ICS) Security. It includes new guidance on how to tailor traditional IT security controls to accommodate ...
 
1 Click Extract Audio v2.3.6 - Activex Buffer Overflow
 
1 Click Audio Converter v2.3.6 - Activex Buffer Overflow
 
1 Click Audio Converter v2.3.6 - Activex Buffer Overflow
 
LinuxSecurity.com: Security fix for CVE-2015-0250
 
LinuxSecurity.com: Security fix for CVE-2015-0250
 
LinuxSecurity.com: Fix for CVE-2015-1848, CVE-2015-3983 (sessions not signed)
 
LinuxSecurity.com: Fix for CVE-2015-1848, CVE-2015-3983 (sessions not signed)
 
LinuxSecurity.com: Security fix for CVE-2015-2156
 
LinuxSecurity.com: Fix for CVE-2015-1848, CVE-2015-3983 (sessions not signed)
 
LinuxSecurity.com: Security fix for CVE-2015-0250
 
LinuxSecurity.com: Updated openssl packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security [More...]
 
[CVE-2015-4108] Wing FTP Server Cross-site Request Forgery vulnerabilities
 
[CVE-2015-4107] Wing FTP Server Remote Code Execution vulnerability
 
CA20150604-01: Security Notice for CA Common Services
 
[security bulletin] HPSBGN03343 rev.1 - HP WebInspect, Remote Unauthorized Access
 

V3.co.uk

Encryption, Sony cyber wars and GCHQ staff shortages: Top 10 Infosec 2015 ...
V3.co.uk
Infosec Europe is always a big affair that sees all the movers and shakers from the white hat community come together under one roof. The 2015 show was no different and included big names from numerous industries and government departments, including ...

 

The Register

Mad John McAfee: 'Can you live in a society that is more paranoid than I'm ...
The Register
Infosec 2015 John McAfee delivered a surprisingly non-controversial keynote speech to the London Infosec Conference on Wednesday afternoon, lauding the value of privacy, doing so – to the concern of his bewildered audience – whilst seemingly tickling ...
'No hope for security unless we separate work and personal devices' - John ...PCR-online.biz
McAfee: "fearful" government will make security weakerIT PRO

all 4 news articles »
 

CRN - UK

Infosec 2015: A place in the sun
CRN - UK
As always, securing a prime location was key to coming away with a successful Infosec experience, and cloud security vendor Elastica managed to bag a very profitable spot on the second floor as the masses came and went from the week's keynote ...
Large numbers of UK security breaches never reported to anyone, PwC report ...ComputerworldUK
90% Of UK Organisations Suffered Security Breaches In Past 12 MonthsMisco (blog)
PwC: 90% of large companies suffer data breachKroll Ontrack UK (press release)

all 4 news articles »
 

Posted by InfoSec News on Jun 05

http://www.darkreading.com/vulnerabilities---threats/web-app-developers-putting-millions-at-risk/d/d-id/1320720

By Jai Vijayan
Dark Reading
June 4, 2015

A troubling failure by many web application developers to properly secure
how their apps connect to mobile backend-as-a-service systems like
Facebook’s Parse and Amazon’s AWS could be leaving sensitive information
on millions of Internet users vulnerable to compromise.

Researchers at...
 

Posted by InfoSec News on Jun 05

http://www.zdnet.com/article/islamic-state-has-best-cyber-offence-of-any-terrorist-group/

By Stilgherrian
ZDNet News
June 5, 2015

"ISIS [also known as Islamic State] came onto the scene very quickly, but
they already have arguably the best cyber offensive capability of any
extremist movement out there, and it's still early days," Mikko Hypponen,
chief research officer at F-Secure said.

"We still haven't seen real...
 

Posted by InfoSec News on Jun 05

http://www.nytimes.com/2015/06/05/us/hunting-for-hackers-nsa-secretly-expands-internet-spying-at-us-border.html

By CHARLIE SAVAGE, JULIA ANGWIN, JEFF LARSON and HENRIK MOLTKE
The New York Times
JUNE 4, 2015

WASHINGTON — Without public notice or debate, the Obama administration has
expanded the National Security Agency‘s warrantless surveillance of
Americans’ international Internet traffic to search for evidence of
malicious computer...
 

Posted by InfoSec News on Jun 05

http://www.csoonline.com/article/2931474/data-breach/attackers-targeting-medical-devices-to-bypass-hospital-security.html

By Steve Ragan
Salted Hash
CSO Online
June 4, 2015

A preview copy of a report from TrapX Labs, which will be released later
this month, highlights three successful attacks against healthcare
organizations.

The incidents prove that defending assets in a healthcare environment
isn't as easy as some would have you...
 

Posted by InfoSec News on Jun 05

http://arstechnica.com/security/2015/06/evil-wifi-captive-portal-could-fool-users-into-giving-up-apple-pay-data/

By Sean Gallagher
Ars Technica
June 4, 2015

Researchers at Wandera, a mobile security company, have alerted Apple to a
potential security vulnerability in iOS that could be used by attackers to
fool users into giving up their credit card data and personal information.
The vulnerability, based on the default behavior of iOS devices...
 

Posted by InfoSec News on Jun 05

http://www.wsj.com/articles/u-s-suspects-hackers-in-china-behind-government-data-breach-sources-say-1433451888

By DEVLIN BARRETT, DANNY YADRON and DAMIAN PALETTA
The Wall Street Journal
June 4, 2015

U.S. officials suspect that hackers in China stole the personal records of
as many as four million people in one of the most far-reaching breaches of
government computers.

The Federal Bureau of Investigation is probing the breach, detected in...
 

Posted by InfoSec News on Jun 05

http://www.theregister.co.uk/2015/06/04/mad_mcafee/

By Alexander J Martin
The Register
4 June 2015

Infosec 2015 - John McAfee delivered a surprisingly non-controversial
keynote speech to the London Infosec Conference on Wednesday afternoon,
lauding the value of privacy, doing so – to the concern of his bewildered
audience – whilst seemingly tickling himself through the cloth of his
pocket.

McAfee's talk was essentially a rant...
 
Internet Storm Center Infocon Status