A chunk of the code that would run through a list of phone numbers and pull out the Snapchat accounts that match them.

Exploits of Snapchat’s API allow for a script to associate phone numbers with Snapchat users’ display names, user names, and account privacy level, according to a report from ZDNet citing a collective called Gibson Security. Users of the exploit could take that data and resell it for cash, as well as scam or stalk the Snapchat accounts they’ve identified.

Gibson Security claims it’s known about this exploit, as well as one that would let a hacker bulk-register thousands of accounts on the service, since August. Snapchat failed to acknowledge Gibson Security’s attempts to contact it about these exploits, Gibson Security writes, so it published the API and exploits on Tuesday.

The phone numbers and names can be connected even if the Snapchat user’s account is set to private. The information could be scraped together into a database like that of ssndob.cc, according to ZDNet, which allows site-goers to “pay a few dollars and obtain the phone number and social media profiles of a person, just by their username.”

Read 1 remaining paragraphs | Comments

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

This time of the year is pretty good in companies. Many people are enjoying the holidays, there's not that many problems in day-to-day job and everything is quiet. Perfect time of the year to perform some default configuration check that might be used by an attacker to compromise windows servers, data and any other information asset within the domain.

There's a pretty old extended stored procedure available in Microsoft SQL Server called xp_cmdshell. This procedure allows to execute commands in the operating system with the same rights as the Microsoft SQL Server service account. The procedure is pretty insecure and as of today is disable by default. It is used by many developers as a shortcut to easily develop distributed applications by invoking external applications and passing arguments as plain-text files.

So, what's the vulnerability? If you instruct your developers to always place a password to the SA user on their machines and tell them not to use xp_cmdshell, you are fine. Otherwise, people could connect to the Microsoft SQL Server instance using utilities like sqlcmd and execute commands like user creation and user group modification to add it to the administrators group.

How can you tell if there are Microsoft SQL Instances with a blank password for the SA user? You can take advantage of the ms-sql-empty-password nmap script. This script allows to perform a quick check in your network for that vulnerability. For example, if you want to check the empty password for the network, you only need to execute the following command: nmap -p 1433 --script ms-sql-empty-password --script-args mssql.instance-all

If you get any outputs like the following:

Nmap scan report for
Host is up (0.00s latency).
1433/tcp open ms-sql-s

Host script results:
| ms-sql-empty-password:
|_    sa:<empty> => Login Success


That means the computer has the vulnerability. If you can execute the following command successfully without any errors, you might be prone to other nasty vulnerabilities like windows local user creation, adding users to the windows Administrators group, changing windows user passwords, among many others:

sqlcmd -q "exec xp_cmdshell 'dir c:\'"

So, what do we need to enforce to prevent this problems? First, ensure that the SA user has a password by placing it. Second, disable the xp_cmdshell if you don't need it.

Manuel Humberto Santander Peláez
SANS Internet Storm Center - Handler
Twitter: @manuelsantander
e-mail: msantand at isc dot sans dot org

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
A new website launched by mobile trade group CTIA shows smartphone and tablet users how much data is used by popular apps.
Desktop computer users in the U.S. spent 10 percent more during the holiday shopping season in 2013 than they did in 2012, but spending fell short of expectations from digital analytics firm comScore.
LinuxSecurity.com: Updated pixman package fixes security vulnerability: Bryan Quigley discovered an integer underflow in pixman. If a user were tricked into opening a specially crafted file, an attacker could cause a denial of service via application crash (CVE-2013-6425). [More...]
The European Union antitrust chief's threat that Google significantly sweeten its proposal or face formal charges of discriminating against rivals in its search results is largely a bluff, a legal expert said.

2013: The Year Of Security Certification Bashing
What can we do to help ourselves? First, we have to act as a community. There definitely are charlatans out there, and maybe places like attrition.org are useful in bringing them to light. But is a public flogging truly the solution? The InfoSec ...

Cross-Site Scripting (XSS) in Ad-minister Wordpress plugin
Xen IOMMU TLB Flushing Suppress Flag Privilege Escalation Vulnerability
Google Chrome CVE-2013-6625 Use After Free Remote Code Execution Vulnerability

Подведены итоги соревнований Infosec CTF
Intelligent Enterprise
Победителем соревнований по информационной безопасности Infosec CTF стал Алексей Удовенко (ник-нейм — hellman). Организатором мероприятия выступила компания «Информзащита», техническим партнером — Check Point Software ...

Google has asked a court in California to rule that it does not directly or indirectly infringe seven patents of Rockstar Consortium, after the Microsoft, Apple, BlackBerry, Ericsson and Sony backed patent firm sued seven of Google's Android partners in a court in Texas.
"A child born today will grow up with no conception of privacy at all," Edward Snowden warned Wednesday in a message broadcast to U.K. television viewers.
[ MDVSA-2013:302 ] pixman
Cross-Site Scripting (XSS) in WP-Cron Dashboard Wordpress plugin
Adobe Flash Player and AIR Type Confusion Remote Code Execution Vulnerability
Сross-Site Request Forgery (CSRF) in AskApache Firefox Adsense Wordpress plugin
Bio-printing companies and academics are finally having success keeping 3D printed human tissue alive long enough to use it for drug development and testing. It could be used for human implants someday.
A leaked email from Apple CEO Tim Cook touting "big plans" for 2014 renewed speculation that the company could soon make good on expectations by launching new product lines.
Cisco IOS XE Software Telnet Remote Authentication Bypass Vulnerability

Dataguise Positioned in "Visionaries" Quadrant of the Gartner Magic Quadrant ...
@Gartner_Inc calls @Dataguise #Visionary in 2013 Data Masking #MQ (LINK) #infosec #datasecurity. Gartner analysts Joseph Feiman and Brian Lowans wrote in the Data Masking Technology report that, "Data masking has emerged to address relational ...

Internet Storm Center Infocon Status