Has Enigma Group Helped You? Then Help Us By Advertising For Us. Place One Of The Following Images On Your Site.
Mission Statement
“ Since 2004, Enigma Group has been providing its members a legal and safe security resource where they can develop their pen-testing skills on various challenges provided by this site. These challenges teach members the many types of exploits that are found in today's code; thus, helping them to become better programmers in the mean time. By knowing your enemy, you can defeat your enemy. ”
Open Source Software - Rational or Risky Business?
I received quite a few comments this past week following the publishing of California IT Policy Letter 10-01 which formally establishes "the use of Open Source Software (OSS) in California state government as an acceptable practice." While many of my security colleagues offered words of caution following the announcement (and...
Howard Schmidt gets the nod from President Obama
It's official, we finally have national cybersecurity leadership. Fulfilling the commitment he made in May of this year, it was announced on The Whitehouse Blog this morning that President Obama has selected Howard Schmidt as the White House Cybersecurity Coordinator. Rumors have been swirling for months now of...
Sabotaging The System
Did you happen to see the CBS 60 Minutes episode this past Sunday titled "Sabotaging The System?" It seems like every time there's a TV story or newspaper article about cyber security, I spend the next few days answering questions from people who either want to know if it...
New Social Media "Guidelines"
The Federal CIO Council's Information Security and Identity Management Committee (ISIMC), Web 2.0 Security Working Group just released a document that will come as a boon to government security folks struggling to develop social media policy. The "Guidelines for Secure Use of Social Media by Federal Departments and Agencies" "Guidelines"...
Cyber Confusion
What the heck is going on? Melissa Hathaway resigns as the White House's acting cybersecurity czar on Monday and today, only four days later, Mischel Kwon resigns as Director of US-CERT. As I noted in SANS NewsBites today, http://www.sans.org/newsletters/newsbites/newsbites.php?vol=11&issue=62 this new resignation is regrettable because it appears that the...
Leaving Las Vegas ... and DefCon
One thing those of us who've spent any time in the security business know is that you either learn to deal with a flexible schedule or you change professions. Dilbert called them "unplanned emergencies" but whatever you call them, they are a fact of our life. So here I am,...
Another Year @ Black Hat
So, another year at Black Hat in Las Vegas has come and gone. While attendance may have been down a little and there wasn't any legal gunslinging' like in past years when talks were pulled or moderated as a result of legal threats from the vendor community, there were...
Does a DDOS Equal a Cyber-War?
It's been a pretty interesting week on the cybersecurity front with the DDOS attacks on South Korea and the United States making the most headlines. I've been trying to keep up with all of the regular media and blogs and quite frankly, it's a bit overwhelming. There's a lot...
When the Walls, Come Tumblin' Down
John Mellencamp sang about the walls tumbling down and this week's press release by the U.S. Army telling bases to stop blocking Twitter, Facebook, and Flickr Army Allows Access To Social Media Websites should be proof enough for anyone. Following the US Navy US Navy Web 2.0: Utilizing New...
President Obama and Cybersecurity, A New Comprehensive Approach
Last Friday, President Obama followed up on a promise he made last July during a speech at Purdue University when, as then-candidate Obama, he said "As President, I'll make cybersecurity the top priority that it should be in the 21st century. I'll declare our cyber-infrastructure a strategic asset, and...
Cyber Dollars in the ARRA
$787B. $787,000,000,000.00. Seven hundred and eighty seven billion dollars. However you say it or write it, that's a lot of dough. That's the amount of the federal stimulus package called the American Recovery and Reinvestment Act (ARRA) of 2009.The mission of the ARRA has several components but one of them...
Vulnerabilities in the U.S. Power Grid
The article released by the Wall Street Journal on Wednesday has created quite a stir and I've spent a considerable amount of time the past two days asking and answering questions about it. I think I can say without stepping too far out on a limb that the details in...
Escape from Conficker-geddon
So here we are again, a couple of days post-Conficker Armageddon and some people are feeling like they missed the party. No one has said it yet but I can already see it in some eyes, "Looks like another over-blown security event, hyped by the media and exploited by...
Have a Conficker-Free Week
I got a call from a reporter this week asking me about the Conficker virus. "Are you prepared?" "What do you think is going to happen?" "How widespread is the virus?" "Why is April Fool's Day important?"I went through all of the mechanics of how we get A/V signature updates...
Technical Innovation in America
I attended the IT Security Entrepreneurs' Forum III http://publicprivatepartnerships.org/itsef/ at Stanford University yesterday where I was part of a panel discussing the current and future cybersecurity threat environment. Moderated by the always popular and entertaining Bob Bragdon of CSO Magazine, the forum was both insightful as well as informative.The purpose of...
Microsoft Windows .LNK Vulnerability
US-CERT is aware of a vulnerability affecting Microsoft Windows. This vulnerability is due to the failure of Microsoft Windows to properly obtain icons for .LNK files. Microsoft uses .LNK files, commonly referred to as "shortcuts," as references to files or applications.
By convincing a user to display a specially crafted .LNK file, an attacker may be able to execute arbitrary code that would give the attacker the privileges of the user. Viewing the location of an .LNK file with Windows Explorer is sufficient to trigger the vulnerability. By default, Microsoft Windows has AutoRun/AutoPlay features enabled. These features can cause Windows to automatically open Windows Explorer when a removable drive is connected, thus opening the location of the .LNK and triggering the vulnerability. Other applications that display file icons can be used as an attack vector for this vulnerability as well. Depending on the operating system and AutoRun/AutoPlay configuration, exploitation can occur without any interaction from the user. This vulnerability can also be exploited remotely through a malicious website, or through a malicious file or WebDAV share.
Microsoft has released Microsoft Security Advisory 2286198 in response to this issue. Users are
encouraged to review the advisory and consider implementing the workarounds
listed to reduce the threat of known attack vectors. Please note that
implementing these workarounds may affect functionality. The workarounds include
disabling the display of icons for shortcuts
disabling the WebClient service
blocking the download of .LNK and .PIF files from the internet
Microsoft has released a tool, Microsoft Fix it 50486, to assist users in disabling .LNK and .PIF file functionality. Users and administrators are encouraged to review Microsoft Knowledgebase article 2286198 and use the tool or the interactive method provided in the article to disable .LNK and .PIF functionality until a security update is provided by the vendor.
Update: Microsoft has issued a Security Bulletin Advance Notification indicating that it will be releasing an out-of-band security bulletin to address this vulnerability. Release of the security bulletin is scheduled for August 2, 2010.
In addition to implementing the workarounds listed in Microsoft Security Advisory 2286198, US-CERT encourages users and administrators to consider implementing the following best practice security measures to help further reduce the risks of this and other vulnerabilities:
Disable AutoRun as described in Microsoft Support article 967715.
Additional information can be found in the US-CERT Vulnerability Note VU#940193.
US-CERT will provide additional information as it becomes available.
Apple Releases Safari 5.0.1 and Safari 4.1.1
Apple has released Safari 5.0.1 and Safari 4.1.1 for Windows and Mac OS X to address multiple vulnerabilities in Safari and WebKit. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or obtain sensitive information.
US-CERT encourages users and administrators to review Apple article HT4276 and apply any necessary updates to help mitigate the risks.
Google Releases Chrome 5.0.375.125
Google has released Chrome 5.0.375.125 for Linux, Mac, and Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or obtain sensitive information.
US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and apply any necessary updates to help mitigate the risks.
Firefox Releases Firefox 3.6.8
The Mozilla Foundation has released Firefox 3.6.8 to address a critical vulnerability. This vulnerability may allow an attacker to execute arbitrary code.
US-CERT encourages users and administrators to review the Mozilla Foundation security advisory MFSA 2010-48 and update to Firefox 3.6.8 to help mitigate the risks.
Cisco Releases Security Advisory for CDS Internet Streamer
Cisco has released a security advisory to address a vulnerability in the Cisco Internet Streamer application that is part of the Cisco Content Delivery System. Exploitation of this vulnerability may allow a remote, unauthenticated attacker to obtain sensitive information, including password files and system logs. This information could be used to leverage subsequent attacks.
US-CERT encourages users and administrators to review Cisco security advisory cisco-sa-20100721 and apply any necessary updates to help mitigate the risks.
June 2010 Free Giveaway Winner - Black Hat USA
We Have a Winner... and a Hero!!
Black Hat 2010 Briefings (http://www.blackhat.com) worth almost $2K!!
And now for an extra special shoutout for someone who exemplifies the exact type of member we cherish here on EH-Net. When building a community, one can only hope for active members to possess a positive attitude, willingness to help others and give back to the community that gave so much to all of us. EH-Net member, rvs, in simply trying to spread the word, retweeted an offer for SensePost training at BH (http://www.sensepost.com/services/training/blackhat). He won and was offered to attend any of their courses at... Interview: Lenny Zeltser of Savvis and SANS Institute
By Jamy Klein, MSIA, CISSP
According to Panda Labs over 25 million new pieces of malware were released into the wild in 2009. 2010 is expected to be even worse. In addition to sheer volume, malware is becoming more sophisticated and targeted as a result of the influx of organized crime and state sponsors into the realm of malware authoring. Due to this unsavory trend, the SANS Institute has developed a course, Reverse-Engineering Malware: Malware Analysis Tools and Techniques AKA FORENSICS 610 (http://www.sans.org/info/61123), to help white hats that need essential malware analysis skills and also to prepare security professionals for...
The Guide to Neuroscience for Social Engineers
As a social engineer, you spend all of your time manipulating people’s brains. Yet most of the social engineers I meet don’t know the difference between the amygdala and the cerebral cortex.
And you need to.
So this article is going to give you a quick trip through the human brain.
The brain isn’t just a single organism – it’s truly a three-part entity known as the triune brain. The idea of the triune brain was first proposed by Paul MacLean (http://en.wikipedia.org/wiki/Paul_D._MacLean). He proposed that the brain that you and your caveman ancestors shared is not a... July 2010 Free Giveaway Sponsor - SANS vLive
Win SANS Security Training Worth $3500!!SANS vLive! (http://www.sans.org/info/61178) leverages webcast flexibility and the latest online technology to enhance students' learning experience. SANS vLive! live Webcasts are scheduled once or twice a week for 3 hours, depending on course requirements, and feature Elluminate Live!™, a collaboration of realtime, interactive online tools to bring quality security education direct to your desktop. So what does that mean? There's not just a flashy online version of PPT decks... you get real interaction with the instructors live on your own desktop from the comfort of your own home. Up for grabs this month to...
June 2010 Free Giveaway Sponsor - Black Hat USA
Win Ticket to Black Hat USA = $1995!!
Registration Is FREE! (index.php?option=com_smf Itemid=35 action=register)
May 2010 Free Giveaway Winners - eLearnSecurity
We Have Winners!
early look in our forums (component/option,com_smf/Itemid,54/topic,5222.0/), to an great review (content/view/307/24/) by our newest columnists, Jason Haddix, it just seemed obvious to ask them for a few seats to give away to EH-Net readers. As I often say, Just ask. I did and they said yes!! Then it was your turn, and you responded. So...
1. EH-Net Members Equix3n-, What90 and xXxKrisxXx have won the 3 seats in PTP with a value of €449 / $599 each.
2. Don't forget that the 5% Discount is back on. This EXCLUSIVE Offer for EH-Netters has been extended indefinitely!! So...
April 2010 Free Giveaway Winners - CBT Nuggets
CBT Nuggets (http://www.cbtnuggets.com/CSPCOM) fit the bill perfectly. For those of you who don't know, CBT stands for computer based training. CBT Nuggets are series of 30 - 60 minute chunks... or nuggets... of videos each covering a given topic on the certification of your choosing. It makes it easy and engaging to study for your certs without the need to travel or complete your studies on someone else's time frame. CBT Nuggets are also very cost effective without flashy productions. They simply concentrate on providing the info you need at prices anyone can afford, and they succeed. Topics include CISSP,... Tutorial: SEH Based Exploits and the Development Process
Tutorial by Mark Nicholls AKA n1p
The intent of this exploit tutorial is to educate the reader on the use and understanding of vulnerabilities and exploit development. This will hopefully enable readers to gain a better understanding of the use of exploitation tools and what goes on underneath to more accurately assess the risk of discovered vulnerabilities in a computer environment. It is important for security consultants and ethical hackers to understand how buffer overflows actually work, as having such knowledge will improve penetration testing capabilities. It will also give you the tools to more accurately assess the risk of...
Review: eLearnSecuritys Penetration Testing Pro (PTP)
eLearnSecurity’s Penetration Testing Pro - What CEH Should Have Been
eLearnSecurity, Penetration Testing Pro (PTP) (http://www.elearnsecurity.com/eh.php).
PTP is a three section presentation and video course authored by Armando Romeo (admin of hackerscenter.com), Brett D. Arion, Nitin Kumar, and Vipin Kumar. It has an optional certification component called the Certified Professional Penetration Tester or eCPPT for short. The target audience for the course is security engineers or penetration testers in the 0-3 year experience range. The course divides penetration testing into three categories: System Security, Network Security, and Web Application Security. Let’s take a look at each.
del.icio.us
Discuss in... March 2010 Free Giveaway Winners - Offensive Security
We Have 5 Winners of OffSec Online Training!
Offensive Security has carved out a place in the pen testing field that is quite rare. They offer not only high quality training but also at some of the lowest price points in the industry. For an insider's look at Pentesting With BackTrack (PWB), check out Ryan Linn's review of PWB and the associated exam, OSCP (content/view/299/24/). But as well know as PWB is becoming, let's not forget they also have 3 other courses. For you wireless pen testers, there's OffSec Wireless Attacks AKA WiFu (http://www.offensive-security.com/backtrack-wifu-online-training.php), for Windows environments there's Advanced Windows Exploitationand...
Miracle on Thirty-Hack Street - Answers and Winners
Greetings, challenge fans! It’s time (at long last) to announce the WINNERS for our holiday-themed challenge, Miracle on Thirty-Hack Street (content/view/285/2/). I’ve gotta say, we received a huge number of high-quality responses. KJ0 (one of my nicknames for my challenge co-author, Kevin “Frickin’” Johnson) and I felt kinda like we were in the scene from the movie where they dump all the mail on the judge. I apologize for not getting these answers done sooner, but a family medical emergency in January and February consumed much of my attention those months. But, we’re back... Review: CEH iClass by EC-Council
EC-Council's own training named iClass (http://iclass.eccouncil.org/iclassaffiliate/idevaffiliate.php?id=643). As they describe it:
iClass is EC Council’s live, online, instructor-led training platform. iClass makes our entire catalog of vendor neutral certifications available to you in multiple schedule formats, dates, and times.
Let's jump right in and take a look.
del.icio.us
Discuss in Forums
Book Review: Hacking for Dummies 3rd Ed
Review by Chris Jenks
Hacking for Dummies (http://www.amazon.com/gp/product/0470550937?ie=UTF8 tag=thedigitalcon-20 linkCode=as2 camp=1789 creative=9325 creativeASIN=0470550937), an introduction to Ethical Hacking, is shallow enough for anyone first stepping into the field, but with tricks, tips and real-world experiences even the veteran penetration tester will find enlightening.
The book is considered to be a good introduction to the world of Ethical Hacking. Like all “for Dummies” books, the subject matter is explained in plain English instead of being filled with jargon and buzz words. That doesn't mean a reader can walk in cold and learn to be an Ethical Hacker (a hacker who is... Feb 2010 Free Giveaway Winners - Syngress Publishing
We Have Our Winners!
Registration Is FREE! (index.php?option=com_smf Itemid=35 action=register)
Final Course and Exam Review: Pen Testing with BackTrack
Ryan Linn's Column Page (content/category/7/40/24/) for Parts 1 - 4 as well as several other contributions to The Ethical Hacker Network and our community of security professionals.
del.icio.us
Discuss in Forums
Interview: Joe McCray of LearnSecurityOnline
Review by Jason Haddix
Have you ever seen Man on Fire? If you haven’t and you like watching kick-ass, kick-you-in-the-teeth, relentless, Denzel-Washington-type of-action-flicks… you might want to Netflix that one. Our interview this week is kind of like Denzel in Man on Fire but with less guns and more SQLi strings meticulously crafted to pwn your databases.
Enter Joe (j0e) McCray of LearnSecurityOnline… Joe is a long standing friend of both Security Aegis and The Ethical Hacker Network, and, after wanting to keep the limelight off of himself and his teaching projects, we have finally pestered him enough to agree...
SSHliders - Answers
Hello challenge fans. Sorry for the long delay, but better late than never, right? Actually this one caused a little debate, because we did not have anyone that gave a completely accurate answer on either the technical or creative sides. But in considering that these challenges are not just contests but also great ways to learn, we decided to release the answers without any winners. So although there are no signed copies of Ed Skoudis' book, Counter Hack Reloaded (http://www.amazon.com/exec/obidos/ASIN/0131481045/thedigitalcon-20?creative=327641 camp=14573 adid=0W0TMYWJ6BXR5RPTG9N8 link_code=as1), a couple of you still get your name in lights as we mention some of your good... Jan 2010 Free Giveaway Winner - Black Hat DC
We Have a Winner!!
Black Hat DC (http://www.blackhat.com) on us. The Washington, DC version of the world's premier technical event for security experts is being held January 31 - February 3, 2010. One Passport Admission Ticket worth $1995 allows our winner entry into the 2-Day Briefings portion of the event. The event is described as, Understanding the increasingly complex threats posed to an enterprise can be a daunting task for today’s security professional. Knowing how to secure an enterprise against those threats can be overwhelming. Black Hat is the premier information security event for senior-level professionals to learn the latest...
EH-Net January 2010 Newsletter
As a courtesy to our members, we try to keep you informed of some of the more interesting items that have been published in our online magazine by sending out an electronic newsletter by email. But not everyone interested in our content is a member. For that reason, we have decided to also publish the newsletter in article format for all to see. Each EH-Net newsletter features the major articles of the past month such as our Free Monthly Giveaways, reviews of books, courses and products as well as other newsworthy items. The newsletters also includes updates on our Hacking... Interview: Ferruh Mavituna on Netsparker
Review by Jason Haddix
Today we showcase a new web application scanner called Netsparker (http://www.mavitunasecurity.com/), and believe us when we say that we put this app through the ringer.
There's a big distinction between testing a tool against dummy apps in a lab and using it first hand against a large environment. Luckily for us we got to do both.
Over the course of a month we ran several engagements and specifically watched Netsparker’s performance compared to other tools we normally use in the assessment process (w3af (http://w3af.sourceforge.net/), Grendel Scan (http://www.grendel-scan.com/), Nikto (http://cirt.net/nikto2), Wikto (http://www.sensepost.com/research/wikto/), Websecurify (http://www.websecurify.com/), Paros (http://www.parosproxy.org/index.shtml), Burp...
can anyone help me my VB6 pro always crash...when i Load my Previous Projects...it crashes when i view the object interface of the form....
could anyone knows how to fix it...Please Mail me
t_t2k7@yahoo.com or myne17@gmail.com
hope for you help g...