“ Enigma Group provides its members a legal and safe security resource where they can develop their pen-testing skills on various challenges provided by this site. These challenges teach members the many types of exploits that are found in today's code; thus, helping them to become better programmers in the mean time. By knowing your enemy, you can defeat your enemy. ”
When the Walls, Come Tumblin' Down
John Mellencamp sang about the walls tumbling down and this week's press release by the U.S. Army telling bases to stop blocking Twitter, Facebook, and Flickr Army Allows Access To Social Media Websites should be proof enough for anyone. Following the US Navy US Navy Web 2.0: Utilizing New...
President Obama and Cybersecurity, A New Comprehensive Approach
Last Friday, President Obama followed up on a promise he made last July during a speech at Purdue University when, as then-candidate Obama, he said "As President, I'll make cybersecurity the top priority that it should be in the 21st century. I'll declare our cyber-infrastructure a strategic asset, and...
Cyber Dollars in the ARRA
$787B. $787,000,000,000.00. Seven hundred and eighty seven billion dollars. However you say it or write it, that's a lot of dough. That's the amount of the federal stimulus package called the American Recovery and Reinvestment Act (ARRA) of 2009.The mission of the ARRA has several components but one of them...
Vulnerabilities in the U.S. Power Grid
The article released by the Wall Street Journal on Wednesday has created quite a stir and I've spent a considerable amount of time the past two days asking and answering questions about it. I think I can say without stepping too far out on a limb that the details in...
Escape from Conficker-geddon
So here we are again, a couple of days post-Conficker Armageddon and some people are feeling like they missed the party. No one has said it yet but I can already see it in some eyes, "Looks like another over-blown security event, hyped by the media and exploited by...
Have a Conficker-Free Week
I got a call from a reporter this week asking me about the Conficker virus. "Are you prepared?" "What do you think is going to happen?" "How widespread is the virus?" "Why is April Fool's Day important?"I went through all of the mechanics of how we get A/V signature updates...
Technical Innovation in America
I attended the IT Security Entrepreneurs' Forum III http://publicprivatepartnerships.org/itsef/ at Stanford University yesterday where I was part of a panel discussing the current and future cybersecurity threat environment. Moderated by the always popular and entertaining Bob Bragdon of CSO Magazine, the forum was both insightful as well as informative.The purpose of...
A Cyber Sense of Urgency
I recently read an article written by Lt. Gen. Harry D. Raduege, Jr., USAF (Ret.) in SIGNAL Magazine titled "Evolving Cybersecurity Faces a New Dawn" that outlined what he calls the four-stage journey of cybersecurity. The article is located at http://www.afcea.org/signal/articles/templates/Signal_Article_Template.asp?articleid=1784&zoneid=245 While the General approaches the issue from a DoD...
Uncertainty at the Top (of Cybersecurity)
Rod Beckstrom resigned last Friday from his post as Director of the National Cyber Security Center (NCSC) at the Department of Homeland Security after less than one year in the role. Citing a lack of resources and support, it's reported that Beckstrom's NCSC, which is responsible for coordinating the government's response...
Transition on the Securing GovSpace Blog
As some of you have undoubtedly heard, Dan Lohrmann has moved on to bigger things and accepted the position as Chief Technology Officer and Director of the Infrastructure Services Administration for the state of Michigan. My Herculean task is to try and fill Dan's very large shoes in blogging about the...
Napolitano Priority: State and Local Partnerships + Tech
Secretary Janet Napolitano testified before the House Committee on Homeland Security today, and her priorities provide good news for state and local government partnerships. The Department of Homeland Security (DHS) website posted the text of today's testimony. Here is one important excerpt: "State and Local Partnerships - First among these areas is...
Phishing for Stimulus
Get ready for a flood of offers, spam and phishing attempts with the word "stimulus" in the headlines. Some messages and websites will no doubt be legit, others will not, but I suspect that computer security staff will not like this word very much a few months from now. Allow me to illustrate... I...
Cyber Security Review Points to Growing Market for Contractors
On Monday, President Obama ordered a 60-day review of federal cyber security programs. The review will be led by Melissa Hathaway, a top cyber security advisor to Mike McConnell, the former director of national intelligence. The Washington Post described the growth in cyber security efforts and how the sector will continue...
Scams Rise as Stocks Fall
As the financial markets fall, cybercriminals are increasing their Internet attacks to steal personal information. USA Today ran a featured article describing the new surge in online scams. Here's an excerpt: "The schemes -- often involving online promotions touting fake computer virus protection, get-rich scams and funny or lurid videos -- already...
Fewer Policies, But More Tech Etiquette Please
A flurry of articles have appeared recently regarding "tech etiquette," also described as "email etiquette," "computer etiquette," and a bunch of related names. Author Virginia Shea even took the concept a step further and created a new word "Netquette," and offers 10 Core Rules of Netquette." Many of the articles offering tips are even more specific, such as "Blackberry...
Mozilla Foundation Releases Firefox 3.5
Mozilla Foundation has released Firefox 3.5. The Mozilla Foundation lists multiple security enhancements including improved anti-phishing, anti-malware, and privacy protection.
US-CERT encourages users and administrators to review the Firefox 3.5 release notes and features and upgrade to Firefox 3.5 as necessary.
Spam, Phishing, and Malicious Code Related to Recent Celebrity Deaths
US-CERT is aware of public reports of an increased number of spam campaigns, phishing attacks, and malicious code targeting the recent deaths of Michael Jackson and Farrah Fawcett. These email messages may attempt to gain user information through phishing attacks or by recording email addresses if the user replies to the message. Additionally, email messages may contain malicious code or may contain a link to a seemingly legitimate website containing malicious code.
US-CERT would like to remind users to remain cautious when
receiving unsolicited email. Users are encouraged to take the following measures to protect themselves from these types of attacks:
Do not follow unsolicited web links received in email messages.
Install and maintain up-to-date antivirus software.
Adobe Releases Update for Shockwave Player
Adobe has released Shockwave Player 11.5.0.600 to address a vulnerability. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system.
US-CERT encourages users and administrators to review Adobe security bulletin APSB09-08 and update to Shockwave Player 11.5.0.600 to help mitigate the risks.
Foxit Reader Contains Multiple Vulnerabilities
Foxit Reader has released updates for multiple vulnerabilities. By convincing a user to open a malicious PDF file, an attacker may be able to execute code or cause a vulnerable PDF viewer to crash. The PDF could be emailed as an attachment or hosted on a website.
US-CERT encourages users to review the Foxit Security Bulletin and Vulnerability Note VU#251793 and apply any necessary updates.
Apple Releases iPhone OS 3.0
Apple has released iPhone OS 3.0 to address multiple vulnerabilities across many packages. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, obtain sensitive information, bypass security restrictions, or conduct cross-site scripting attacks.
US-CERT encourages users to review Apple article HT3639 and upgrade to iPhone OS 3.0 to help mitigate the risks.
Book Review: Gray Hat Python
Review by Ryan Linn, CISSP, MCSE, GPEN
“Gray Hat Python” by Justin Seitz, one of the latest releases from publisher, Python programming language (http://www.python.org) for reverse engineering. This book is subtitled “Python Programming for Hackers and Reverse Engineers” which is fitting as Justin is a member of Immunity Security (http://www.immunitysec.com), makers of the Canvas penetration testing platform and the Immunity Debugger. The foreword by Dave Aitel, Immunity's CEO, is an excellent introduction to why the content of this book is important. It focuses on the short time span that is required from discovery of a bug to... July 2009 Free Giveaway Sponsor - EC-Council's iClass
Win Your Choice of iClass Worth $2895!
Certified Ethical Hacker seat delivered via its iClass format (http://iclass.eccouncil.org/index.php?option=com_content view=article id=69 Itemid=102), both concerns have been taken care of for you. iClass is EC-Council’s live, online, instructor-led training modality! There are two delivery formats: 1. FlexClass: This schedule is designed to spread the learning out over a period of time and avoid missing a full week’s worth of work. The times are 4pm – 8pm, MST twice a week for 5 weeks. 2. iWeek: This schedule is similar to the standard 5 day format found at the majority of training centers. The times...
Review: SANS SEC 617 - Surely You're Joking, Mr. Wright!
This review is long overdue. My apologies to EH-Net readers, SANS and especially Joshua Wright, developer and instructor of SEC 617 - Wireless Ethical Hacking, Penetration Testing, and Defenses (http://www.sans.org/info/34528). Its lateness is more due to my inability to comprehend exactly what I experienced than to a lack of desire to complete the task. I honestly sat down at the keyboard multiple times, but each time I felt I wasn’t doing the course or Mr. Wright justice. OK… so like every other SANS course, it had quality courseware, the instructor was top-notch, and I walked away with much more knowledge... Review: Pen Tester Sets Sights on the IronKey
IronKey Personal (https://www.ironkey.com/personal), I knew I was going to rip it apart. I was going to write a scathing review of how terrible their product is and why these “gimmicky” pieces of hardware don’t work. Because they usually don’t.
del.icio.us
Discuss in Forums
June 2009 Free Giveaway Sponsor - Black Hat USA
Win Ticket to Black Hat USA = $1595!!
Black Hat USA (http://www.blackhat.com) on us, EH-Net. The world's premier technical event for ICT security experts is being held July 27 - 28, 2009. Featuring hands-on training courses and Briefings presentations with lots of new content. Network with thousands of delegates and review products from leading vendors in a relaxed setting, including Sustaining Sponsors Core Security, IOActive, Microsoft, Norman, Qualys and SAINT. At stake is a Passport Admission Ticket worth $1595 ($1995 at the door) that allows entry into the Briefings portion of the event. This year's venue is again Caesars Palace in... Interview: Kevin Johnson of SANS, InGuardians
Review by Jason Haddix, Security Aegis (http://www.securityaegis.com/)
Anyone who knows training (or InfoSec for that matter) knows SANS is probably THE most recognized name in InfoSec training. While the foundation of SANS is Stephen Northcutt and Alan Paller, his superstars are the InGuardian’s crew. Call them security divas, we don’t care. We know that Ed Skoudis, Kevin Johnson, Mike Poor, and Joshua Wright are instructors with whom we’d give the whole of our security budget to train. We can’t decide what we like best: their stellar tool development, their helpful whitepapers, their nifty cheat sheets, their open source projects, or...
April 2009 Free Giveaway Winners - CBT Nuggets
CBT Nuggets (http://www.cbtnuggets.com/CSPCOM) fit the bill perfectly. For those of you who don't know, CBT stands for computer based training. CBT Nuggets are series of 30 - 60 minute chunks... or nuggets... of videos each covering a given topic on the certification of your choosing. It makes it easy and engaging to study for your certs without the need to travel or complete your studies on someone else's time frame. CBT Nuggets are also very cost effective without flashy productions. They concentrate on just providing the info you need at prices anyone can afford. Topics include CISSP, CEH, CISA, Microsoft,... Applied Security Visualization
Review by JP Bourget, CISSP, MCSE, MS
Having a process to better understand your logs, be it firewall, packet captures, IDS, web server, or proxy logs, is something that many security professionals strive for. We have seen some interesting software over the past few years, such as OSSIM (http://www.ossim.net/) and Splunk (http://www.splunk.com). Some vendor’s provide excellent log visualization for their products, some don’t do enough, or aren’t flexible enough. That brings along Applied Security Visualization (ASV) by Raffael Marty. Marty’s book gives some valuable insight on how to bridge the fields of IT Security and Data Visualization all in one...
Review: SANS SEC542 - Web App Penetration Testing and Ethical Hacking
SEC542 Web App Penetration Testing and Ethical Hacking (http://www.sans.org/info/34523) as a 6-day course with stronger hands-on exercises and culminating with a final day where students perform a penetration test on the classroom network. The original course was a 4-day version, but Kevin Johnson of InGuardians (http://www.inguardians.com/) has updated and enhanced the content to contain many of the cutting-edge web application hacking techniques seen in the field today.
I recently had the opportunity to take the re-born SEC542 course in Orlando, Florida as part of the SANS 2009. SANS 2009 was one of the larger yearly conferences that SANS... Webcast: Modern Social Engineering Part II - Top 5 Ways to Manipulate Humans Over the Wire
In Part I, Modern Social Engineering - A Vital Component of Pen Testing (content/view/242/2/), Chris Nickerson Mike Murray adeptly covered the generalities of Social Engineering, and how it is a repeatable process perfect for inclusion in penetration testing. So let’s go a little deeper into crafting these attacks. What are some of the tricks of the verbal trade that make people far more likely to fall prey to those phishing attacks or that fraudulent web site? What tools can I use to test and eventually utilize to attack… er… audit my target organization? This 1-hour webcast dives deeper...
Secrets of Network Cartography: A Comprehensive Guide to Nmap
Review by Jason Haddix, Security Aegis (http://www.securityaegis.com/)
Nmap is indispensable.
OK, that was obvious. There is no doubt that Fyodor and contributors have made the de-facto standard of network scanners, but when it comes down to learning the ins and outs and the power of Nmap (http://www.nmap.org), where should you put your hard earned cash?
Let’s neglect the support documentation (man pages) for a second, and assume you don’t really use Nmap on a day-to-day basis. Why? Over at http://www.professormesser.com/ (http://www.professormesser.com/), James “Professor” Messer has put together a 232-page eBook proving that one doesn’t have to be a networking guru... Maltego Part II - Infrastructure Enumeration
Maltego Part I (content/view/202/24/) we performed Personal Reconnaissance with Maltego to see what we could find out on the net about our Editor-in-Chief, Don. With the personal details tucked safely away in our notebook, lets see what we can gather in regards to his network infrastructure.
Any organization that has an Internet presence needs to have some form of infrastructure to support their presence. During Infrastructure Enumeration you attempt to discover how much of it exists, what type of infrastructure is used, where it is located, what technology is used and how it is structured. This type of information...
Video Tutorial: Pass-The-Hash Toolkit
Pass-The-Hash Toolkit by Core Security (http://oss.coresecurity.com/projects/pshtoolkit.htm). Core describes it as, The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions mantained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH on Windows!).
So what does all that mean? As with his other videos, Ryan tackles this topic in a very easy to follow process. So watch along as he integrates... April 2009 Free Giveaway Sponsor - CBT Nuggets
CBT Nuggets (http://www.cbtnuggets.com/CSPCOM) fit the bill perfectly. For those of you who don't know, CBT stands for computer based training. CBT Nuggets are series of 30 - 60 minute chunks... or nuggets... of videos each covering a given topic on the certification of your choosing. It makes it easy and engaging to study for your certs without the need to travel or complete your studies on someone else's time frame. CBT Nuggets are also very cost effective without flashy productions. They concentrate on just providing the info you need at prices anyone can afford. Topics include CISSP, CEH, CISA, Microsoft,...
Pen Testing Perfect Storm Pt. III: Network Reconstructive Surgery
InGuardians (http://www.inguardians.com/) during discussions hosted by The Ethical Hacker Network (EH-Net), a free online magazine for security professionals. For at least one week after each webcast, the crew will make themselves available to answer your questions directly and candidly in EH-Net’s Community Forums. All discussions will remain freely available on EH-Net for your continued reference.
del.icio.us
Discuss in Forums
Me Talk Good: Language and Social Engineering
It's a fact, Jack. Nearly 100% of social engineering engagements will involve the use of language.
Yes, that was trite and obvious. But it's also true. Which means that if you want to engage an organization or individual as a target for a social engineering attack, your ability to use language will be a significant factor in the success or failure of your attack. Even more precisely, you have to know the different ways that language can be used, and the differences in the language patterns and formats for each of those uses. Only then will you be empowered to...
Feb 2009 Free Giveaway Winner - Offensive Security
Offensive Security (http://www.offensive-security.com/training.php), the people behind OSCP (content/view/119/3/)) as well as the BackTrack WiFu Package Deal (Course and cert try for OSWP). Remember to Cracking the Perimiter (http://www.offensive-security.com/ctp.php) (previously known as BackTrack to the Max ) in an online version coming to screens near you later in 2009!!
del.icio.us
Discuss in Forums
Participation is the ONLY way to win. Start a thread that sparks lots of interest; share thoughts and experiences; help a newbie... quality is more important than quantity.
Only members are eligible!
Registration Is FREE!
Nmap Network Scanning
Review by JP Bourget, CISSP, MCSE, MS
Once again, my company had acquired some new networks for us to take over, and of course, the documentation was from 3 years ago. As part of our due diligence, I had to quickly and accurately figure out everything on the network. How did I accomplish this? With a network mapping utility; and the de facto standard in this area is Nmap! Nmap by Gordon Lyon AKA Fyodor not only saves you time, but, if you really know how to unleash it’s power, it can be your friend for network audit’s, discovering new...
Understanding Heap Overflow Exploits
Shellcoder's Handbook (http://www.amazon.com/gp/redirect.html?ie=UTF8 location=http%3A%2F%2Fwww.amazon.com%2FShellcoders-Handbook-Discovering-Exploiting-Security%2Fdp%2F0764544683%3Fie%3DUTF8%26s%3Dbooks%26qid%3D1178082795%26sr%3D1-6 tag=thedigitalcon-20 linkCode=ur2 camp=1789 creative=9325) fame spoke at ChicagoCon last year on heap overflow exploitation, so we thought we'd share the entire audio recording and slide deck with you as an example of the type of talks you'll see at the next ChicagoCon in May 2009 (http://www.chicagocon.com).
As defined by Wikipedia (http://en.wikipedia.org/wiki/Heap_overflow), A heap overflow is a type of buffer overflow that occurs in the heap data area. Like all buffer overflows, a heap overflow may be introduced accidentally by an application programmer, or it may result from a deliberate exploit. In either case, the... Video: Modern Social Engineering - A Vital Component of Pen Testing
In the very first webcast produced by The Ethical Hacker Network, world-renowned social engineers, Chris Nickerson of TruTV's Tiger Team and noted expert and international speaker, Mike Murray, prepared you for the future of pen testing. For those of you who couldn't attend the live event, here's the webcast in its entirety. Don't forget to look for the coupon code special pricing announcement for Chris Mike's Social Engineering Master Class (http://www.chicagocon.com/2009s/semasterclass.html) to be held for the very first time at ChicagoCon 2009s May 4 - 8 (http://www.chicagocon.com). The webcast took place on March 10 and was...
Japan is epic, the romin is the BEST thing ever... The the romin is the BEST thing ever... The kyboards SUCK though, they are all screwed up and not how they should be hahaha. later