Global Spam Levels Drop
Global spam levels dropped dramatically after McColo, a northern California hosting company, was cut off on November 11. Some experts estimated that McColo hosted the machines responsible for 75% of the global junk email traffic sent. The relief is expected to be temporary for those trying to stop the unwanted email, since other servers...
The Internet, Politics, and Security all Take Center Stage
The historic political events of the past week have brought the importance of Internet security back to a front and center story. As Newsweek and Government Technology Magazine reported, both the Obama and McCain campaigns were hacked by a foreign party. Here's an excerpt from the Newsweek article Hackers and Spending Sprees: At...
Australia's Internet Filtering: Is it Protecting Families or Censorship?
The government of Australia, long known as leaders in digital government, has announced an ambitious project that is getting plenty of global attention. Arguing that the porn problem has reached epidemic levels in society and hurting families, a "Family First" government program is being initiated which has mandatory new filtering guidelines...
Urgent Security Update for Windows
Government technology teams and contractors were scrambling late Thursday and Friday to apply an urgent Microsoft security patch which was released "out-of-band" (or outside the normal "patch Tuesday" schedule). The Microsoft website offered details of how to get the updates. Computerworld offered two stories related to the critical new vulnerability. The first...
New Internet Poll Results: We're Networked at Home and Work
Over the past month, the Pew Internet & American Life Project has released the results of several new polls on how Americans use their technology. The latest report, Networked families, describes the central role now played by the Internet and cell phones: "The survey shows that these high rates of...
Authorities Shut Down International Spam Operation
USA Today and other media outlets are reporting that the Federal Authorities have shut down a massive international spam operation. The Federal Trade Commisiion (FTC) website listed details of the story this afternoon: "According to papers filed with the court, the defendants recruited spammers around the world to send billions...
Testing Sobriety Online: Google adds a Virtual Breathalyzer
Google has announced a new feature in Gmail that is getting an amazing amount of media coverage world-wide. ABC News called it a breathalyzer to stop drunken emails with math in an article called Think Before You Drink and Draft. Here's an excerpt: "You know you shouldn't do it, but that liquid courage convinces...
More on Governor Palin's eMail Hack: Man Indicted
USA Today is reporting that the Justice Department will charge David Kernell, a 20-year old Tennesee man, with hacking into Alaska Governor Sarah Palin's personal email account. The indictment is also available at USA Today's blog site. According to the Knoxville News Sentinel: "Kernell is the the son of state Rep....
Move Over Web: Here Comes "The Grid"
When I go online, I often check out the headlines and key stories in the United Kingdom (UK). Typically, I visit The London Times. There are many reasons for this such as: - Our English friends provide a different voice and perspective on world events and on happenings in the USA. - They are often a few days or...
Security Checklist: NIST Offers Updated Guidance
The National Institute of Standards and Technology (NIST) has issued newly updated security checklists for government regarding best practices in configuring IT products. Sponsored by the Department of Homeland Security (DHS), the NIST Special Publication 800-70 is entitled: "National Checklist Program for IT Products - Guidelines for Checklist Users and Developers (Draft)." After the executive...
NASCIO 2008 Annual Conference Wrap-Up
The 2008 NASCIO Annual Conference ended today. Government Technology Magazine did a nice job of summing up a few of the items I intended to write about, so I won't dwell on the 2008 NASCIO Award winners or Teri Takai's well-deserved selection for the annual NASCIO Meritorious Service Award. The ceremony last...
NASCIO 2008 Annual Conference - Day 2
This morning began with a keynote address from Dr. Kathleen Hall Jamieson, Director of the Annenburg School of Public Policy at the University of Pennsylvania. Dr. Hall's main message was that our language matters much more than we realize, and we need to reexamine our vocabulary to more clearly articulate important...
NASCIO 2008 Annual Conference - Day 1
The National Association of State Chief Information Officers (NASCIO) is holding it's annual meeting this week in Milwaukee, Wisconsin. I am blogging some of the highlights (from my perspective) each day. This morning's keynote address featured the Honorable Tom Ridge, former Governor, Commonwealth of Pennsylvania and first Secretary, U.S. Department...
Suggestions Anyone? Can VA's Idea Box Help IT Security?
Recently, Virginia's Governor Tim Kaine announced a new Online Suggestion Box. This new online community is much more than just a place to input ideas. Rather, the site allows users to: "Submit ideas so that others can comment and vote on them; Vote on other ideas to promote them; and Discuss ideas in...
Is Government Cyber Security Improving? What's Your Opinion?
There is a growing debate about the state of cyber security within state and local governments around the country. Despite huge investments by many over the past few years, many argue that the situation is getting worse. A recent article in the LA Times pointed to different points of view. Meanwhile,...
Malicious Code Spreading Through USB Flash Drive Devices
US-CERT is aware of public reports of an increase in malicious code propagating via USB flash drive devices. Currently, there are two popular methods by which USB flash drives are being infected with malicious code. Please note that these are not the only two methods available.
The first of these methods is referred to as simple file copy. This means that the malicious code initially resides on an infected computer and copies itself to all the storage devices connected to the affected computer. This method requires the user to access the USB flash drive and execute the malicious code.
The second method is referred to as AutoRun.inf modification. This means that the malicious code alters or creates an autorun.inf file on targeted storage devices connected to the affected computer. When an infected USB flash drive is connected to another computer, the malicious code can be automatically executed with no additional user interaction.
US-CERT encourages users to do the following to help mitigate the risks:
Install antivirus software and keep the virus signatures up to date.
Do not connect an unknown or untrusted USB drive to your computer.
Disable AutoRun or AutoPlay features for removable media.
Review the Using Caution with USB Drives Cyber Security Tip for more information on protecting your USB flash drive.
Adobe Releases Update for AIR
Adobe has released a security bulletin to address a vulnerability in Adobe AIR. This vulnerability can be triggered if an Adobe AIR application loads data from an untrusted source. Exploitation of this vulnerability may allow a remote attacker to execute JavaScript code with elevated privileges.
Apple Releases Security Updates for Safari
Apple has released Safari 3.2 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or obtain sensitive information.
US-CERT encourages users to review Apple Article HT3298 and apply any necessary updates.
U.S. Federal Reserve Fraudulent Email Scam
US-CERT is aware of public reports of a fraudulent email scam circulating via messages that falsely appear to be from the U.S. Federal Reserve. These email messages contain information about a phishing scam and links for users to follow to obtain additional information about the scam. If a user follows the links, they will be redirected to a malicious website where a PDF exploit is used to install malicious code on the affected system.
US-CERT encourages users to do the following to help mitigate the risks:
Do not follow unsolicited links.
Use caution when visiting untrusted websites.
Install antivirus software and keep the virus signatures up to date.
Mozilla Releases Updates to Address Vulnerabilities in Multiple Products
Mozilla has released Firefox 2.0.0.18, Firefox 3.0.4, and SeaMonkey 1.1.13 to address multiple vulnerabilities. The impacts of these vulnerabilities include arbitrary code execution, privilege escalation, security bypass, cross-site scripting, denial of service, and information disclosure. As described in the Mozilla Foundation security advisories, some of these vulnerabilities may also affect Thunderbird.
Nov 2008 Free Giveaway Sponsor - CWNP
Win CWNP Backpack Kits x4!
Wireless continues to be a hot topic, and the CWNA® (Certified Wireless Network Administrator) certification (http://www.cwnp.com/cwna/index.html) is a foundation level wireless LAN certification for the CWNP Program. Your CWNA certification will get you started in your wireless career by ensuring you have the skills to successfully administer enterprise-class wireless LANs. This month we have procured 4 prizes for 4 top contributors to EH-Net. Each CWNP Backpack Kit includes: Registration Is FREE! (index.php?option=com_smf Itemid=35 action=register)
Daemon - A Contest Begins Now
Win Signed, Pre-Release Copies of Daemon, Hard Cover Edition
Read the EH-Net review (content/view/125/2/) and the first four chapters in their entirety. Due to the success of this electronic grassroots movement, Daemon has been acquired by the Dutton imprint of Penguin books. Dutton plans on publishing a new edition of Daemon in hard cover that will be highly promoted and includes new material. Part of that marketing agreement means that Verdugo Press can no longer sell the first edition. As luck may have it, EH-Net had 20 copies which went to 20 lucky attendees of ChicagoCon 2008f (http://www.chicagocon.com/) who received...
It Happened One Friday - Answers and Winners
At long last, we’ve completed final judging on the It Happened One Friday (content/view/186/2/) challenge. I apologize for the delay, but things have been very hectic here. We received a huge number of really top-notch entries in this challenge, and reading through every one of them and whittling them down to our final winners was fun but incredibly time-consuming. However, I’m really happy with the final results – the technical and creative winners did some awesome work, as did many others worthy of an honorable mention.
Given the unusual nature of this challenge, before I announce... Scooby Doo and the Crypto Caper
Ruh-Roh, challenge fans...
Ed Skoudis here to introduce a new infosec- themed challenge for you to solve. In this one, challenge writer- extraordinaire Kevin Bong has brewed up a real doozy for you all based on a Scooby Doo theme. Grab a Scooby-Snack, hop in the Mystery Machine, and help the gang solve one of their toughest capers yet. Along the way, you'll contend with some fascinating forensics puzzles and develop your skills. Answers are due back by November 15, 2008. As always, we'll award the fine prize of a book to the best technical answer, the most creative technical answer...
The Pen Testing Perfect Storm Webcast Series with Skoudis, Wright, Johnson
If Ed Skoudis' webcast series entitled Penetration Testing Ninjitsu (component/option,com_smf/Itemid,54/topic,2120.0/) got your blood pumping, then this series will make your brain explode. EH-Net is proud to join forces with SANS (http://www.sans.org/) and Core Security (http://www.coresecurity.com/) to bring you an exciting, new webcast series. This idea has been floating around for some time, so I can't tell you how jazzed I am with the final result.
The first webcast in this series, InGuardians (http://www.inguardians.com/) during discussions hosted by The Ethical Hacker Network (EH-Net), a free online magazine for security professionals. For at least one week after each webcast, the crew will... The IDA Pro Book
Review by Ryan Linn, CISSP, MCSE, GPEN
After attending DEFCON (http://www.defcon.org/) in August and seeing the overwhelming interest in this book, I was eager to dive into The IDA Pro Book by Chris Eagle. Chris Eagle's team, School of Root, won the “Capture the Flag” event at DEFCON this year and Chris gave a presentation on CollabREate (http://sourceforge.net/projects/collabreate/), a tool that integrates with IDA Pro to allow collaboration in reverse engineering (RE). All of that together - with the fact that the book sold out – screamed that this book should quickly make it to the top of...
Column 0: Human Exploitation 101
So, this is my first column for EthicalHacker.net. I'm quite excited, as I have spent a whole lot of years exploring penetration testing, vulnerability research and exploit writing, and most of the past couple of years working on exploiting people.
When I use that term, I'm not talking about how to open a third-world sweat shop. While human exploitation tends to fall under the traditional heading of social engineering, that term has been beaten to death of late. For example, the top five articles in my social engineering Google News RSS feed... Intercepted! Windows Hacking via DLL Redirection
By Craig Heffner
In Windows, all applications must communicate with the kernel through API functions; as such, these functions are critical to even the simplest Windows application. Thus, the ability to intercept, monitor, and modify a program's API calls, commonly called API hooking, effectively gives one full control over that process. This can be useful for a multitude of reasons including debugging, reverse engineering, and hacking (in all interpretations of the word).
While there are several methods which can be used to achieve our goal, this tutorial will examine only DLL redirection. This approach was chosen for several reasons:...
What the Splunk?
By Bill Varhol, Security+, CEH, LPT
demonstration video (http://www.splunk.com/article/205) of ‘Search IT’ available from the Splunk Website. This is a great example of how powerful Splunk can be.
del.icio.us
Discuss in Forums
Spiceworks Redux: Review of v3
Last year I wrote up a review of Spiceworks v2. There were a few minor issues that I had with this application billed as Free IT Management Software, but overall I felt it was a solid product. Recently, I received an email notifying me that the latest iteration of Spiceworks was released. I thought it might be interesting to look over version 3, highlight the newest and best features, and see if the cons have been improved.
Disclaimer: I am not nor have I ever been affiliated with or otherwise compensated by Spiceworks.
Basic Install
As with...
Maltego Part I - Intro and Personal Recon
By Chris Gates, CISSP, GCIH, C|EH, CPTS
According to their web site, Paterva invents and sells unique data manipulation software. Paterva is headed by Roelof Temmingh who is leading a light and lethal team of talented software developers. On May 6 2008, they released a new version of a very kewl tool named Maltego.
Maltego (http://www.paterva.com/maltego/), is an open source intelligence and forensics application. It allows for the mining and gathering of information as well as the representation of this information in a meaningful way. Coupled with its graphing libraries, Maltego, allows you to identify key relationships... June 2008 Free Giveaway - Winner
We Have A Winner!!
Black Hat (http://www.blackhat.com) on us. Black Hat USA, August 2-7 in Las Vegas, is the world's premier technical event for ICT security experts. Featuring 40 hands-on training courses and 80 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 50 nations. Visit product displays by 30 top sponsors in a relaxed setting including industry leaders Microsoft, Cisco, Google and new startups. Briefings tracks include many updated topics plus the always popular ones including Zero Day Attacks/Defenses, Bots, Application Security, Deep Knowledge and Turbo Talks. g00d_4sh wins a Passport Admission Ticket worth...
DIY Career in Ethical Hacking
The sub-title to my recent presentation at the SANS WhatWorks in Pen Testing Summit is Remodeling your career for little to no money down. Inside you'll find practical exercises in finding out who you are and what gets your blood flowing. And, although I do offer some advice on pushing your career in this growing field of ethical hacking with some inexpensive (and sometimes free) actions one can take, none of that seemed to be what struck a chord with the crowd.
One of the bullet points paraphrases a quote from the movie, Risky Business (http://www.imdb.com/title/tt0086200/), when Joel's father says... LAN Switch Security: What Hackers Know About Your Switches
Review by Chris Gates (content/category/7/32/24/), CISSP, GCIH, C|EH, CPTS
In addition to his regular column, Chris Gates does some great work on EH-Net including participating in our growing forums as well as doing various book reviews. He is back with a quick look at a recently released security title by Cisco Press that Chris describes as, Should be required reading for Pentesters.” So let's begin his review...
LAN Switch Security: What Hackers Know About Your Switches provides enough information to leverage the most common layer 2 attacks a pentester would be interested in; MAC Flooding, VLAN Hopping, DTP attacks,...
Interview: SANS Pen Test Summit Part 3 - HD Moore
SANS WhatWorks in Penetration Testing Ethical Hacking Summit with Ed Skoudis (http://www.sans.org/info/25039) brings together a number of authors, researchers, and actual practitioners of pen testing, the summit will not only give a view as to where we stand as a community right now but also where we are headed in the future. Joining Ed will be a number of celebrated hackers (the positive connotation of the term) including Google Hacking Expert (http://johnny.ihackstuff.com/), Johnny Long, and the man behind the Metasploit Project (http://www.metasploit.com/), HD Moore.
I once had a conversation of Ed Skoudis regarding career choices and advice. He... Ed Skoudis and the Pen Testing Factory
“Inside this [class]room, all of my dreams become realities; and some of my realities become dreams.”
Student: Ed Skoudis's opening his factory. He's gonna let people in!
Teacher: You sure?
Student: It's all over the net, and he's giving truckloads of ethical hacking secrets away.
Teacher: Class dismissed.
Student: No, no. The first one's only for 25 people.
Teacher: Class undismissed.
Student: He's making available 25 golden tickets, and the people who buy them will win the big prize.
Teacher: Where's he hidden the tickets?
Student: They’re not really hidden. They’re inside SANS Events. You have to buy SANS courses to get them.
Teacher: Class re-dismissed.
The terms “Ethical...
April 2008 Free Giveaway - Winner
We Have A Winner!!
Summit Brochure (http://www.sans.org/pentesting08_summit/brochure.pdf?portal=806f0a8d1188a3baf62c9a377b5e2c02). The lucky EH-Net member who will be given a complimentary summit pass worth $1745 has been chosen and it is vijay2. Congrats and keep up the good work.
del.icio.us
Discuss in Forums
Participation on EH-Net is the ONLY way to win. Start a thread that sparks lots of interest; share thoughts and experiences; help a newbie... quality is more important than quantity.
Only EH-Net members are eligible!
Registration Is FREE!
Interview: SANS Pen Test Summit Part 2 - Johnny Long
SANS WhatWorks in Penetration Testing Ethical Hacking Summit with Ed Skoudis (http://www.sans.org/info/25039) brings together a number of authors, researchers, and actual practitioners of pen testing, the summit will not only give a view as to where we stand as a community right now but also where we are headed in the future. Joining Ed will be a number of celebrated hackers (the positive connotation of the term) including Google Hacking Expert (http://johnny.ihackstuff.com/), Johnny Long, and the man behind the Metasploit Project (http://www.metasploit.com/), HD Moore.
I once had a conversation of Ed Skoudis regarding career choices and advice. He...
Interview: SANS Pen Test Summit Part 1 - Ed Skoudis
Intelguardians (http://www.intelguardians.com/) has been an author, instructor and professional penetration tester for the better part of 15 years. The SANS Institute has been a highly regarded organization extolling the virtues of security education, certification and research for quite some time as well. Together they have put together a summit specifically dealing with penetration testing as a profession. The SANS WhatWorks in Penetration Testing Ethical Hacking Summit with Ed Skoudis (http://www.sans.org/info/25039) brings together a number of authors, researchers, and actual practitioners of pen testing, the summit will not only give a view as to where we stand as a... Interview: EC-Council Offers Details and Insights on CEH v6
The latest version of the Certified Ethical Hacker (CEH) Courseware is due to be released and presented for the first time at Hacker Halted USA 2008 in June. Many small details of CEH Version 6 have been peppered on the Internet, as well as snippets of teaser copy on EC-Council’s own web site.
“With a total of 28 new and never seen before modules, covering the latest concepts, featuring more real life cases, and showcasing the latest hacking and security tools, the Certified Ethical Hacker (Version 6) will be the most advanced course ever.”
So I requested an interview with...
@Lockdown
I'm pretty sure its for forum flaming; replying with a link to that site with the search query to show how easy it would have been to just search.
Back
|
Pause
|
Next
