Hackin9
Elefant CMS v1.3.9 - Persistent Name Update Vulnerability
 
[security bulletin] HPSBMU03221 rev.1 - HP Connect-IT running SSLv3, Remote Disclosure of Information
 
RelateIQ Bug Bounty #1 - Persistent Signup Vulnerability
 
Konakart v7.3.0.1 CMS - CS Cross Site Web Vulnerability
 
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 

eSentire Releases Cybersecurity Documentation Framework Featuring Infosec ...
Marketwired (press release)
NEW YORK, NY--(Marketwired - Dec 16, 2014) - eSentire, Inc., the leader in Active Threat Protection cyber-solutions and managed information security services, today announced general availability of its information security policy guidance and incident ...

and more »
 

eSentire Releases Cybersecurity Documentation Framework Featuring Infosec ...
SYS-CON Media (press release)
NEW YORK, NY -- (Marketwired) -- 12/16/14 -- eSentire, Inc., the leader in Active Threat Protection cyber-solutions and managed information security services, today announced general availability of its information security policy guidance and incident ...

and more »
 

A little more than 16 months ago, word emerged that the FBI exploited a recently patched Firefox vulnerability to unmask Tor users visiting a notorious child pornography site. It turns out that the feds had waged an even broader uncloaking campaign a year earlier by using a long-abandoned part of the open source Metasploit exploit framework to identify Tor-using suspects.

According to Wired, "Operation Torpedo," as the FBI sting operation was dubbed, targeted users of three darknet child porn sites. It came to light only after Omaha defense attorney Joseph Gross challenged the accuracy of evidence it uncovered against a Rochester, New York-based IT worker who claims he was falsely implicated in the campaign. Operation Torpedo used the Metasploit Decloaking Engine to identify careless suspects who were hiding behind Tor, a free service used by good and bad guys alike to shield their point of entry to the Internet.

The Decloaking Engine went live in 2006 and used five separate methods to break anonymization systems. One method was an Adobe Flash application that initiated a direct connection with the end user, bypassing Tor protections and giving up the user's IP address. Tor Project officials have long been aware of the vulnerability and strenuously advise against installing Flash. According to Wired:

Read 1 remaining paragraphs | Comments

 

The group that attacked Sony Pictures Entertainment’s network posted the first entry of what it's calling its “Christmas presents” on Tuesday, along with a warning to anyone who plans on going to see the Sony Pictures film The Interview—the movie that appears to be at the root of the group’s motives for its attack and dissemination of the company’s data. The "present" is apparently the personal e-mail box of Sony Pictures CEO Michael Lynton.

In a message posted to Pastebin and other text-sharing sites, someone claiming to be affiliated with the "Guardians of Peace" wrote:

We will clearly show it to you at the very time and places “The Interview” be shown, including the premiere, how bitter fate those who seek fun in terror should be doomed to. Soon all the world will see what an awful movie Sony Pictures Entertainment has made.

The world will be full of fear.

Remember the 11th of September 2001.

We recommend you to keep yourself distant from the places at that time.

(If your house is nearby, you’d better leave.)

Whatever comes in the coming days is called by the greed of Sony Pictures Entertainment.

All the world will denounce the SONY.

The torrent file for the leak has already been removed from a number of file sharing sites after legal demands from Sony. Meanwhile, Sony has retained attorney David Bois to fight the spread of the data stolen by the Guardians of Peace by confronting media companies over publication of the data. Bois has sent letters to a number of media companies insisting that they not publish material from the leaks. "We are writing to ensure that you are aware that SPE does not consent to your possession, review, copying, dissemination, publication, uploading, downloading, or making any use of the Stolen Information, and to request your cooperation in destroying the Stolen Information," the letter stated.

Read 1 remaining paragraphs | Comments

 
[SECURITY] [DSA 3105-1] heirloom-mailx security update
 
[SECURITY] [DSA 3104-1] bsd-mailx security update
 
The National Institute of Standards and Technology (NIST) has released the final version of the 2014 update to its core guide to assessing the security and privacy safeguards for federal information systems and organizations. The revised ...
 
W3TotalFail: W3 Total Cache v 0.9.4 CSRF Vulnerability that Leads to Full Deface
 

In previous diaries we have talked about memory forensics and how important it is.

In this diary I will talk about a new volatility plugins called Forensic Suite written by Dave Lasalle.

The suite has 14 plugins and they cover different area of memory forensics

The Forensics Suite can be obtain from: http://downloads.volatilityfoundation.org/contest/2014/DaveLasalle_ForensicSuite.zip .

In this diary I will talk about some of the plugins

Firefox history:

To test this plugin first I browsed the internet using Firefox then I closed it to see how much data firefoxhistory plugin can obtain from the memory image that I acquired after closing firefox .

The firefoxhistory will parse the places.sqlite from the memory and show the output either on the screen or you can direct to csv file using output=csv option. If you use the output=csv option you will be able to play with your data using a spreadsheet software such as MS Excel">

vol.py --plugin=plugins/ --profile=Win7SP1x86 --output=csv -f sampleimage.raw firefoxhistory ">

vol.py --plugin=plugins/ --profile=Win7SP1x86 --output=csv -f sampleimage.raw firefoxcookies ">

vol.py --plugin=plugins/ --profile=Win7SP1x86 -f sampleimage.raw idxparser

">

Volatility Foundation Volatility Framework 2.4

Scanning for IDX files, this can take a while.............

--------------------------------------------------------------------------------

[*] Section 1 (Metadata) found:

Content length: 1624

Last modified date: Tue, 01 Feb 2005 18:28:24 GMT (epoch: 1107282504)

Section 2 length: 270

[*] Section 2 (Download History) found:

URL: http://java.com/jsp_utils/jreCheck.class

IP: 137.254.16.66

: HTTP/1.1 200 OK

content-length: 1624

last-modified: Tue, 01 Feb 2005 18:28:24 GMT

content-type: application/java-vm

date: Mon, 13 Feb 2012 04:21:28 GMT

server: Sun-Java-System-Web-Server/7.0

--------------------------------------------------------------------------------

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

 
JBoss Enterprise Application Platform Plain Text Password Local Information Disclosure Vulnerability
 
JBoss Enterprise Application Platform Java Security Manager Policy Security Bypass Vulnerability
 
Multiple Red Hat JBoss Products Local Security Bypass Vulnerability
 
[Onapsis Security Advisory 2014-034] SAP Business Objects Search Token Privilege Escalation via CORBA
 

eSentire Releases Cybersecurity Documentation Framework Featuring Infosec ...
Virtual-Strategy Magazine (press release)
NEW YORK, NY -- (Marketwired) -- 12/16/14 -- eSentire, Inc., the leader in Active Threat Protection cyber-solutions and managed information security services, today announced general availability of its information security policy guidance and incident ...

and more »
 
JQuery 'ui/jquery.ui.dialog.js' Cross Site Scripting Vulnerability
 
WordPress Download Manager Plugin Remote Code Execution and Remote File Include Vulnerabilities
 
"Ettercap 8.0 - 8.1" multiple vulnerabilities
 
Antiword 'wordole.c' Buffer Overflow Vulnerability
 
Xen MMU_MACHPHYS_UPDATE Handling Memory Leak Denial of Service Vulnerability
 
[SE-2014-02] Google App Engine Java security sandbox bypasses (status update)
 
Ruby on Rails XML Parsing CVE-2013-1856 Denial of Service Vulnerability
 

Posted by InfoSec News on Dec 16

http://www.businessinsider.com/sony-hack-should-be-considered-an-act-of-war-2014-12

By MICHAEL B KELLEY AND ARMIN ROSEN
Business Insider
DEC. 15, 2014

The most devastating cyberattack ever on a US-based company wasn't an act
of war, according to established guidelines of cyberwarfare.

NATO's Tallinn Manual defines an act of cyberwar that permits a military
response as "a cyber operation, whether offensive or defensive, that is...
 
EMC Documentum Content Server CVE-2014-4622 Remote Privilege Escalation Vulnerability
 
slock 'XRaiseWindow()' Local Security Bypass Vulnerability
 

Posted by InfoSec News on Dec 16

http://news.techworld.com/security/3591027/is-iran-is-the-new-china-fbi-warning-suggests-its-not-far-off/

By John E Dunn
Techworld
15 December 2014

The FBI has sent a formal warning to US energy, defence and education
organisations to be on the lookout for targeted Iranian cyberattacks,
Reuters has reported.

Flagged as confidential, probably because it goes into detail about the
techniques used, the ‘Flash’ document offers advice on...
 

Posted by InfoSec News on Dec 16

http://www.darkreading.com/operations/careers-and-people/ekoparty-isnt-the-next-defcon-%28and-it-doesnt-want-to-be%29-/a/d-id/1318080

By Andrew Ford
Dark Reading
12/15/2014

Unlike American security conferences that offer a buffet of merchandise,
meals, and drinks, Ekoparty, in Buenos Aires, is every bit as functional
-- with a little less fluff.

For some reason, the competitiveness of startups in Silicon Valley can
regularly put competitors...
 

Posted by InfoSec News on Dec 16

http://www.theregister.co.uk/2014/12/15/roll_up_come_see_the_booming_hacker_bazaar/

By John Leyden
The Register
15 Dec 2014

Underground hacker markets are booming with counterfeit documents,
premiere credit cards, hacker tutorials, and "complete satisfaction
guarantees", according to a new report from Dell SecureWorks.

The means to create a false identity are easily purchased through the
cracker bazaars. A fake social security...
 

Posted by InfoSec News on Dec 16

http://boisestatepublicradio.org/post/cyber-security-audit-washington-agencies-not-full-compliance

By AUSTIN JENKINS
NPR Radio
December 15, 2015

The state of Washington has good cyber security standards, but state
agencies don’t always adhere to those standards.

That’s the finding of a performance audit released Monday.

Cyber security has emerged as a leading threat to the U.S government and
corporate America. Sony Pictures is the...
 
Internet Storm Center Infocon Status