7.17.2009
The Curse of Cheddar Bay - RHEL5 2.6.18 local kernel exploit in /dev/net/tun - "A vulnerability which, when viewed at the source level, is unexploitable! But which, thanks to gcc optimizations, becomes exploitable. Also, bypass of mmap_min_addr via SELinux vulnerability! (where having SELinux enabled actually increases your risk against a large class of kernel vulnerabilities)" [from DailyDave]
Jobs - Looking for A) Code reviewers B) People with Novell and SGI IRIX skills - Email if interested
7.16.2009
Top five improvements in the new version of Nmap, available today.
7.15.2009
datalossdb.org - The Open Security Foundation's DataLossDB gathers information about events involving the loss, theft, or exposure of personally identifiable information (PII). DataLossDB's dataset, in current and previous forms, has been used in research by numerous educational, governmental, and commercial entities, which often have been able to provide statistical analysis with graphical presentations. The Open Security Foundation and their volunteers feel that there is a distinct need for tools that provide unbiased, high quality data regarding data loss.
Security Maxims - Galileo’s Maxim: The more important the assets being guarded, or the more vulnerable the security program, the less willing its security managers will be to hear about vulnerabilities.
Bruce Schneier on the North Korean "Cyberattacks"
Related-key Cryptanalysis of the Full AES-192 and AES-256 - Potentially brings the effort needed to attack AES256 down to 2^119
Differential Path for SHA-1 with complexity O(2^52)
7.10.2009
It's Nikola Tesla's Birthday - Build your own rail gun to commemorate the occasion
7.09.2009
Fall 2009 - Network Security, Virtualization, and Linux Courses
Network Security
ITN260 Network Security Basics – Face-to-Face Course #48924 Section #N01C Tuesdays 6-9:30pm - Online Course#48926 Section# O02C - This course lays the foundation for further study in the network security program. Content domains include cryptography, communications security, infrastructure security, operating system security, wireless security, intrusion detection, malicious software, common attacks, and countermeasures. This course, among others, has helped hundreds of students to comply with DOD 8570.01m. Prerequisite: ITN 101 or sufficient networking experience.
ITN 262 Network Communication, Security, and Authentication - Wednesdays 6-9:30pm Course#48940 Section#N01C Students in ITN 262 learn how to analyze network traffic, reveal malicious attacks, configure intrusion detection systems, andwrite signatures to both detect and react to the latest threats. Prerequisite: ITN 260 Network Security Basics
ITN 267 Legal Topics in Network Security (Cyberlaw) – Online - Course Course#48944 Section#O01C – Find out how to protect your organization’s legal interests when managing security. In this course, students learn about the numerous laws affecting intellectual property, computer crime, privacy, and technology. This course thoroughly covers the Law, Investigations and Ethics domain of the CISSP certification. Coreq: ITN 260
VMware Academic Program
(NEW!) ITN 293 VMware Virtual Infrastructure: Install and Configure – Course# 72645 Section# N01C – Thursdays from 6pm to 9:30pm - Explore virtual network design and implementation, storage area networks, virtual switching, virtual system management, engineering for high availability, and virtualization security. This special academic partnership with VMware allows students to earn the VMware Certified Professional (VCP) credential for about 15% of what it would normally cost! Prerequisites: ITN 171 and ITN 260
(NEW!) ITN 293 Information Storage and Management – Course 72646 Section# N01C Mondays from 6pm to 9:30pm. Focuses on advanced storage systems, protocols, and architectures, including Storage Area Networks (SAN), Network-Attached Storage (NAS), Fibre Channel Networks, Internet Protocol SANs (IPSAN), iSCSI, and Content-Addressable Storage (CAS). Prepares students for the EMC Proven Professional Associate Certification exam.
Linux Courses
Due to a change in the Red Hat Academy program, qualifying students now get to take the RHCT ($399) and RHCE (4799) exams for FREE! For further information about the academy, please email rguess@tcc.edu or rking@tcc.edu.
ITN 171 Unix I - Online 4 credits – Course #48922 Section #O01C Provides an introduction to UNIX-like operating systems (using Linux). Teaches login procedures, file creation, UNIX file structure, input/output control, and the UNIX shells.
ITN 170 Linux System Administration - Course#48920 Section#N01C Tuesdays 6:00pm – 9:30pm 4Cr Focuses on the installation, configuration and administration of the Linux operating system. Emphasis is placed upon use of Linux as a network client and workstation. Leads to Red Hat Certified Technician (RHCT) Certification Exam. Prerequisite: ITN 171
ITN 270 Advanced Linux Network Administration – Next Spring 2010 - Focuses on the configuration and administration of the Linux operating system as a network server. Emphasis is placed upon the configuration of common network services and security. Leads to Red Hat Certified Engineer (RHCE) Certification Exam. Prerequisite: ITN170
The ATM Vulnerability You Won't Hear About
7.01.2009
It's not just their voting machines. Diebold ATMS suck too. And they shut up a reseacher to prove it.
6.30.2009
Wireshark 1.2 Includes 64-Bit Support, Mapping Integration from Jonathan
6.25.2009
Hackers hit web host in UK with suspected zero day. 100K sites data wiped.
1/3 of companies say they will adopt cloud computing within two years
Gates Creates Cyber-Defense Command (to be located at Ft. Meade and placed under the authority of the NSA) - It was to be suspected that this would be the outcome when AFCyber was suddenly suspended last year (the cyber-pecking order had been violated). It remains to be seen what AFCyber will eventually look like.
6.19.2009
Jammie Thomas case goes south on appeal - Ordered to pay $1.92 Million for file sharing - from Clyde
A group of researchers from MIT, Stanford, and Syracuse has developed a new program, named 'Ardilla,' which can analyze PHP code for cross-site scripting (XSS) and SQL injection attack vulnerabilities. (Here is the paper, in PDF, and a table of results from scanning six PHP applications.)
6.16.2009
Iranian Site DoS to Protest Ahadinejad Reelection has Disrupted Service
Thankfully, voting fraud is unheard of in the United States.
Scalability - you're doing it wrong! (Or why Ants don't talk) - An excellent bit of postulation from Dave Aitel
6.10.2009
Sean’s Blog - Program analysis, verification and security
New DOS attacks threaten wireless data networks
Microsoft, Adobe warn of critical security flaws - from Joe
Yet another critical Adobe flaw - When will people learn that Adobe Acrobat is a meta-vunerability.
6.09.2009
The web's most dangerous search terms from Mcafee. (PDF)
6.08.2009
Microsoft may be Firefox's worst vulnerability - from Joe
6.05.2009
This is a bit old but Nathan drew my attention to it and I thought it humorous - "Adobe plans quarterly Patch Day for Reader/Acrobat fixes" - How can Adobe go to quarterly updates when they already have to patch it monthly to fix all of the 0-days in their buggy code?
FTC cuts criminal ISP off of Internet. "The FTC alleges that Pricewert was paid to host 'child pornography, botnet command and control servers, spyware, viruses, trojans, phishing-related sites, illegal online pharmacies, investment and other web-based scams'."
StrongWebmail CEO's mail account hacked via XSS
6.01.2009
Whitehouse Blog: Melissa Hathaway, Cybersecurity Chief at the National Security Council, discusses securing our nation's digital future
1B Intel Processor-Based Motherboards Shipped Worldwide
5.29.2009
Gumblar attack worse than Conficker, experts warn from Joe
Direct-X 0-day in the wild from Joe
Pentagon Plans New Arm to Wage Wars in Cyberspace
5.26.2009
Generic Unpacking of Self-modifying, Aggressive, Packed Binary Programs by Piotr Bania
5.22.2009
Intel chip flaw gets double exposure
Russians offer hackintosh netbook
5.21.2009
Missing: 1TB of Clinton White House data
Dave Aitel's Recap of Syscan - Palladium, Memory Forensics, Clouds
5.20.2009
A Blueprint to Stop Browser Attacks
Microsoft warns of IIS zero-day vulnerability - From SgtJoe
Write Once, Own everyone, Java deserialization issues
5.19.2009
Researchers Release Bootkit Code Targeting Windows 7
OpenSSH chink bares encrypted data packets
5.18.2009
Dynamic Data Flow Analysis via Virtual Code Integration (aka The SpiderPig case)
5.14.2009
Kylin reports unsubstantiated - Who's afraid of FreeBSD?
State v. Chun - Summary of Findings - Source Code Review of the Draeger Alcotest 7110 MKIII-C - It looks like a lot of DUI convicts may eventually have their records expunged due to the failure of Draeger to adhere to standard acceptable best practices for coding, review, and testing
5.13.2009
China Develops Hardened OS for Cyberwar.
(Congratulations to NetSec on its 5,000th post!)
5.12.2009
TrueCrypt ver 6.2 released yesterday. "TrueCrypt is a software system for establishing and maintaining an on-the-fly-encrypted volume (data storage device). On-the-fly encryption means that data is automatically encrypted or decrypted right before it is loaded or saved, without any user intervention. No data stored on an encrypted volume can be read (decrypted) without using the correct password/keyfile(s) or correct encryption keys. Entire file system is encrypted (e.g., file names, folder names, contents of every file, free space, meta data, etc"
5.08.2009
Hacking Wall Street: Attacks and Countermeasures
5.07.2009
FAA Report on Web Services Security and Intrusion Detection Systems in Air Traffic Control.
Analysist says says the report, "identified 763 vulnerabilities rated 'high-risk,' meaning they could provide attackers with 'immediate access into a computer systems, such as allowing execution of remote commands.' They also found weak passwords and unprotected critical file folders. [...] The report went on to fault the FAA for employing woefully inadequate IDS."
Missile data found on hard drive from eBay, among other things. Do you have tools to properly wipe a hard drive?
5.06.2009
North Carolina home-schooler raided for VOIP'ed bomb threats, and stripped of due process under the PATRIOT Act. Mother claims, "someone hacked my IP". [video]
5.04.2009
PoC for Acrobat getIcon() Stack Overflow Vulnerability, via Milw0rm.
Virginia's Prescription Monitoring Program pwn3d with NSFW ransom message.
Feds are watching you twit.
/dev/not-so-random? Gather entropy from a microphone, a webcam, or alpha radiation.
M$ sells a secure version of XP - only for the USAF
4.29.2009
DojoSec Adobe JBIG 0-Day Briefing
4.23.2009
Flaws in 'Internet SAFETY' bill
Criminals getting smarter
