Category: featured

Enterprise security policy around BYOD

New York Event: Bring Your Own…[Security] Problem?

Cross posted from 451 Information Security Every day thousands of users are bringing their own problems to work in the form of personally owned smart phones and laptops being used to access company system resources. When the bells, whistles, design, and applications on consumer phones started to outpace the stately Blackberries the senior executives carried, […]

The “Aurora” IE Exploit Used Against Google in Action

The “Aurora” IE Exploit Used Against Google in Action

The big news hit earlier this week, the attack vector that allowed bad actors presumably from China into the networks of Google, Juniper, Adobe, and some 30 other firms was an Internet Explorer zero day, a use after free vulnerability on an invalid pointer reference affecting IE 6, 7, and 8 but only used in IE 6 according to Microsoft.

Baidu.com the Latest Victim of Iranian CyberArmy

Baidu.com the Latest Victim of Iranian CyberArmy

A group called the Iranian Cyber Army has, fresh off the heels of their DNS attack on Twitter last month, hijacked the domain of Chinese search engine Baidu.com.

JUNOS (Juniper) Flaw Exposes Core Routers to Kernel Crash

JUNOS (Juniper) Flaw Exposes Core Routers to Kernel Crash

A report has been received from Juniper at 4:25pm under bulletin PSN-2010-01-623 that a crafted malformed TCP field option in the TCP header of a packet will cause the JUNOS kernel to core (crash).

Forensics: Beverages Aside, A Look at Incident Response Tools

Forensics: Beverages Aside, A Look at Incident Response Tools

In November, Microsoft’s forensics tool called COFEE (Computer Online Forensic Evidence Extractor) was leaked on torrents for download. The news coverage was much hype about nothing, as many free tools already out there exceed COFEE in features and functionality.

Pentagon Web Site Vulnerabilities Identified

Pentagon Web Site Vulnerabilities Identified

A Romanian hacker has on December 6th identified input validation deficiencies in URL parameter handling leading to security vulnerabilities on a section of the official site of the Pentagon, http://pentagon.afis.osd.mil, the headquarters of the U.S. Department of Defense. The hacker who identifies himself as Ne0h has posted images of the vulnerabilities, which are still active at the time of this blog post, on his blog.

The Perfect Crime, the perfect alibi: My Facebook Status

The Perfect Crime, the perfect alibi: My Facebook Status

The NY Times brings us the story of Rodney Bradford. He’s the 19 year old Brooklyn man whose lawyer, Robert Reuland, invoked one of the first known “Facebook alibis” in his defense of the 19 year old Bradford on what were a second set of robbery charges he was facing. Since the Facebook defense is […]

More COFEE Please, on Second Thought…

The forensics tool provided to law enforcement officials created by Microsoft called COFEE  (Computer Online Forensic Evidence Extractor) has been leaked on torrents last week, and this has caused quite a bit of excitement.  Let’s see if the big deal is warranted.

OSSEC: Agentless…It’s good, but not good enough

In working with OSSEC agentless for some time now I have come across some limitations in the implementation that I felt needed to be addressed. As OSSEC agentless is designed to preform syscheck functions on remote hosts, more general features are hard (if not impossible) to write into a script. This post will demonstrate an alternative for adding additional features to the OSSEC standard build.

Pangolin screenshot supposedly demonstrating SQL Injection of Obama web site.

The Barack Obama Donations Site was Hacked…err, no it wasn’t.

This morning a security researcher identified that he was able to carry out a successful SQL Injection attack against donate.barackobama.com, the official campaign donation site of current President Barack Obama, and gain access to credentials such as user names and passwords for persons who have donated to the Obama campaign, as well as administrative user credentials. On his blog he goes on to postulate the further attack possibilities with admin access such as web site defacement, uploading phpshells, and so forth. The problem is that the researcher Unu didn’t find an SQL injection site on donate.barackobama.com, he found one on a calendar application at Roosevelt University. In the process of finding out how that would be possible, a real web site vulnerability on the Obama web site reveals itself.

Page 1 of 212