Hackin9

Techworm

Six Bulldozers Battle Each Other on the Streets of China in the Craziest Fight Ever
Techworm
In one of the wildest demolition derbies ever witnessed, six bulldozers that looked apparently pissed were battling with each other on a public road in northern China. In China, construction workers settle their differences with heavy machinery. In a ...

and more »
 
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 

Oracle has released their critical updates list. Looking through it there is a very wide range of products, including java that require a fix. Oracle">stronglyrecommends that customers remain on actively-supported versions and apply Critical Patch Update fixes">withoutdelay.">There are quite a few remotely exploitable, no auth required issues that are addressed by these patches. You may want to peruse the list to see if some of your products are affected. ">More info here --http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html

Mark H
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

 

Softpedia News

Security Firm Discovers Secret Plan to Hack Numerous Websites and Forums
Softpedia News
Advertised as a MaaS (Malware-as-a-Service) rentable platform, to be attractive to its customers, Thanatos had to run on a very large number of infected hosts. In the infosec community this structure is called a botnet, and the bigger it is, the easier ...

and more »
 

Robo-Advisor Exams Will Look Closely At Client Info, SEC Official Says
Financial Advisor Magazine (registration)
The key for SEC examiners with robo-advisors is whether they are collecting enough information on customers, an SEC enforcement official said Tuesday. “Some can do it,” said Jane Jarcho, deputy director of the Security and Exchange Commission's Office ...

and more »
 

In this diary I will talk about how to configure kippo honeypot and how to submit your kippos log to SANS Dshield">

auto eth0

iface eth0 inet static

address 10.0.1.10

netmask 255.255.255.0

gateway 10.0.1.1

">

vi /etc/ssh/sshd_config

">

# What ports, IPs and protocols we listen for

port 22

">

# What ports, IPs and protocols we listen for

port 2222

Now install kippo">

useradd -d /home/kippo -s /bin/bash -m kippo -g sudo

Now we will install authbind to allow kippo to listen on port 22 (if it">

apt-get install authbind

">

touch /etc/authbind/byport/22

">

chown kippo /etc/authbind/byport/22

">

chmod 755 /etc/authbind/byport/22

">

svn checkout http://kippo.googlecode.com/svn/trunk/ ./kippo

Now cd to kippo directory

Copy kippo.cfg.dist to kippo.cfg ">

twistd -y kippo.tac -l log/kippo.log --pidfile kippo.pid

">

authbind --deep twistd -y kippo.tac -l log/kippo.log --pidfile kippo.pid

If you are planning to expose your honeypot to the internet ,don">

perl kippodshield.pl

You can use crontab to schedule kipposhield.pl to run every day and submit your logs to dshield .

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

 
[security bulletin] HPSBMU03575 rev.1 - HP Smart Update Manager (SUM), Remote Denial of Service (DoS), Disclosure of Information
 
ESA-2016-039: EMC ViPR SRM Multiple Cross-Site Request Forgery Vulnerabilities
 
Multiple Reflected XSS vulnerabilities in Oliver (formerly Webshare) v1.3.1
 
[ERPSCAN-16-005] SAP HANA hdbxsengine JSON â?? DoS vulnerability
 
Executable installers are vulnerable^WEVIL (case 33): GData's installers allow escalation of privilege
 

(credit: Brian Klug)

On Friday, the self-described black hat hacker who claimed responsibility for the Hacking Team dump last year, and who goes by the handle "Phineas Phisher," published the technical details of how he pulled off the caper—and encouraged others to follow his example.

The apparently bilingual hacker originally published the details in Spanish—"just having some fun trolling the English speaking internet," he posted on Reddit—but subsequently translated the document into English.

Private intelligence contractor Hacking Team develops and sells hacking tools to governments around the world, a practice many have questioned as enabling human rights violations.

Read 19 remaining paragraphs | Comments

 

SANS to Host CISO Hot Topic Series at the SANSFIRE Event in Washington, D.C.
SYS-CON Media (press release)
BETHESDA, Md., April 19, 2016 /PRNewswire-USNewswire/ -- SANS Institute, the global leader in information security training, today announced its next CISO Hot Topic series discussion which will take place at the SANSFIRE 2016 training event in ...

and more »
 
Internet Storm Center Infocon Status