Hackin9

InfoSec News

Over the past 24hrs s3rverexe has been attacking government websites for serveral anonymous based operations and one of the latest ones is for #OpSyria and is pointed at the chinese government.


 
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Many security professionals tend to use OS X systems. Maybe for the nice and shiny looks, or the Unix under pinnings that make it a great platform to run current tools. However, the operating system itself isn't exactly secure out of the box and like all operating systems can profit from some additional hardening tricks.
I have recently looked over a number of OS X hardening guides, and found that not many specifically address the latest version of OS X (Lion, 10.7), nor are they necessarily well maintained. Instead of coming up with another (soon to be outdated) guide, I am trying to come up with a meta guide. If you know of a good hardening guide for OS X: Please let me know. Also, if there are any tricks that you find useful (or things that fired back and didn't work at all): Let me know too.
Most notably: Apple released a guide for each version of OS X up to Snow Leopard, but I can't find one for Lion. Does it exist?
Here are some of the guides that I have sound so far:
Apple: http://www.apple.com/support/security/guides/

NSA Guide:http://www.nsa.gov/ia/_files/factsheets/macosx_hardening_tips.pdf

Mac Shadows:http://www.macshadows.com/kb/index.php?title=Hardening_Mac_OS_X

Univ. Texas:https://wikis.utexas.edu/display/ISO/Mac+OS+X+Server+Hardening+Checklist

Center for Internet Security:http://benchmarks.cisecurity.org/en-us/?route=downloads.browse.category.benchmarks.os.unix.osx


------

Johannes B. Ullrich, Ph.D.

SANS Technology Institute

Twitter (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
xdev @b4lc4nh4ck has successfully hacked one of Washington largest university's. The hack has resulted in main server logins being dumped on pastebin, All accounts have encrypted passwords.


 
Intel is expected to share details this week about its effort to work wireless capabilities into chips, which could make mobile devices and PCs smaller, cheaper and more power-efficient.
 
Intel's experimental solar-powered processor may have started off as a fun project, but the chip maker is now looking to extend the technology to hardware such as graphics processors, memory and floating point units.
 
An anonymous hacker that's known by the name @s3rverexe has started the attacks on the new #OpBahrain operation by anonymous. The website that was attacked is the The ICT Specific Council.


 
Internet Storm Center Infocon Status