Good Reads For Information Security Domain

For February 2016

OpenSSL Releases Security Advisory for Several Vulnerabilities
https://mta.openssl.org/pipermail/openssl-announce/2016-March/000066.html
https://drownattack.com/

Drupal Releases Critical Security Advisory for Multiple Vulnerabilities
https://www.drupal.org/SA-CORE-2016-001

Google Project Zero: The Definitive Guide on Win32 to NT Path Conversion
https://googleprojectzero.blogspot.com/2016/02/the-definitive-guide-on-win32-to-nt.html

Angler Attempts to Slip The Hook
http://blog.talosintel.com/2016/03/angler-slips-hook.html?f_l=s

Nissan Leaf hackable through insecure APIs
http://www.zdnet.com/article/nissan-leaf-hackable-through-insecure-apis/?f_l=s

OpenSSL CVE-2016-0799: heap corruption via BIO_printf
https://guidovranken.wordpress.com/2016/02/27/openssl-cve-2016-0799-heap-corruption-via-bio_printf/

Judge Says Apple Doesn’t Have to Unlock iPhone in Case Similar to San Bernardino
http://www.wired.com/2016/02/judge-says-apple-doesnt-have-to-unlock-iphone-in-case-similar-san-bernardino/

Getting Domain Admin with Kerberos Unconstrained Delegation
http://www.labofapenetrationtester.com/2016/02/getting-domain-admin-with-kerberos-unconstrained-delegation.html

For August 2014

Microsoft Patch Tuesday for August 2014
https://technet.microsoft.com/library/security/ms14-aug

Adobe Patch Tuesday for August 2014
http://blogs.adobe.com/psirt/?p=1118

Security flaw allows to bypass PayPal two-factor authentication
http://blog.lumension.com/9213/paypal-left-red-faced-after-more-security-holes-found-in-two-factor-authentication/

WordPress and Drupal Denial Of Service Vulnerability
http://www.breaksec.com/?p=6362

BlackHat 2014: Mobile Point of Sale Devices at Risk from Hackers
http://www.infosecurity-magazine.com/news/mobile-point-of-sale-devices-risk/

Blackphone: Inside a Secure Smart Phone
http://www.databreachtoday.com/interviews/blackphone-inside-secure-smart-phone-i-2414

FinFisher Government Spy Software Secrets Revealed by Hackers
http://www.tripwire.com/state-of-security/security-data-protection/cyber-security/finfisher/

Attackers Used Multiple Zero-Days to Hit Spy Agencies in Cyber-Espionage Campaign
http://www.securityweek.com/attackers-used-multiple-zero-days-hit-spy-agencies-cyber-espionage-campaign

Synology devices hit with “Synolocker” ransomware
http://blogs.avg.com/business/synology-devices-hit-synolocker-ransomware/

Automakers Openly Challenged To Bake In Security
http://www.darkreading.com/application-security/automakers-openly-challenged-to-bake-in-security/d/d-id/1297902

Mozilla posts plan for certificate revocation checking
http://www.zdnet.com/mozilla-posts-plan-for-certificate-revocation-checking-7000032444

Some “Experts” Say Planes Cannot be Digitally Hijacked
http://www.scmagazine.com/defcon-you-cannot-cyberhijack-an-airplane-but-you-can-create-mischief/article/365465/
http://www.theregister.co.uk/2014/08/10/why_hackers_wont_be_able_to_hijack_your_next_flight_the_facts/

US Federal Communications Commission Quizzes Wireless Providers About Speed Throttling Decisions
http://www.csmonitor.com/Innovation/2014/0808/FCC-to-wireless-providers-When-do-you-slow-download-speeds
http://www.washingtonpost.com/blogs/the-switch/wp/2014/08/08/fcc-to-verizon-all-the-kids-do-it-is-no-excuse-for-throttling-unlimited-data/

NIST Aims to Improve Industrial Control System Security with Testbed
http://www.theregister.co.uk/2014/08/12/nist_wants_better_scada_security/
RFI: https://www.fbo.gov/index?s=opportunity&mode=form&id=34058f1c96ba5cab935633acc50011c9&tab=core&_cview=0

Federal Judge Says Law Enforcement Can Access Entire eMail Account in Investigation
http://www.computerworld.com/s/article/9250281/U.S._court_rules_in_favor_of_providing_officials_access_to_entire_email_account?taxonomyId=17
http://blogs.wsj.com/law/2014/08/08/judge-blesses-justice-department-email-searches/

Verifying Preferred SSL/TLS Ciphers with nmap
https://isc.sans.edu/forums/diary/Verifying+preferred+SSL+TLS+ciphers+with+Nmap/18513

Nest Thermostat Hack
http://venturebeat.com/2014/08/10/hello-dave-i-control-your-thermostat-googles-nest-gets-hacked/

Cryptowall Spreading via Yahoo! Ads
https://www.bluecoat.com/company/press-releases/blue-coat-uncovers-new-malvertising-attack-leveraging-major-ad-network

Xiaomi Phones Call Home With User Data
http://www.f-secure.com/weblog/archives/00002731.html

Exploiting Web Applications Using XSRF
https://isc.sans.edu/forums/diary/Complete+application+ownage+via+Multi-POST+XSRF/18507

Incident Response with Triage-IR
https://isc.sans.edu/forums/diary/Incident+Response+with+Triage-ir/18509

Blackphone Hacked
https://twitter.com/TeamAndIRC/status/498187730023501824

Oracle Data Redaction Easily Bypassed
http://packetstorm.foofus.com/papers/database/Oracle_Data_Redaction_is_Broken.pdf

For July 2014

MailPoet Vulnerability Exploited in the Wild – Breaking Thousands of WordPress Sites
http://blog.sucuri.net/2014/07/mailpoet-vulnerability-exploited-in-the-wild-breaking-thousands-of-wordpress-sites.html

Firefox 31 and Firefox ESR 24
nakedsecurity.sophos.com/2014/07/23/firefox-31-has-arrived-11-bulletins-3-critical-0-visual-surprises/
https://www.mozilla.org/security/known-vulnerabilities/firefox.html

Attackers abusing Internet Explorer to enumerate software and detect security products
http://www.alienvault.com/open-threat-exchange/blog/attackers-abusing-internet-explorer-to-enumerate-software-and-detect-securi

Hacker worms his way into WSJ computer systems
www.zdnet.com/hacker-worms-his-way-into-wsj-computer-systems-7000031908/

Mayhem – a hidden threat for *nix web servers
https://www.virusbtn.com/virusbulletin/archive/2014/07/vb201407-Mayhem

New Back Door Trojan Program is No Fool
http://www.symantec.com/connect/blogs/new-back-door-trojan-program-no-fool

Far East Targeted by Drive by Download Attack
http://sfi.re/1n05ym0

METRO.US Website Compromised to Serve Malicious Code
http://community.websense.com/blogs/securitylabs/archive/2014/07/22/metro-us-website-compromised-to-serve-malicious-code.aspx

Black Hat Preview – Android crypto blunder exposes users to highly privileged malware
http://arstechnica.com/security/2014/07/android-crypto-blunder-exposes-users-to-highly-privileged-malware/

[Honeypot Alert] WordPress XML-RPC Brute Force Scanning
blog.spiderlabs.com/2014/07/honeypot-alert-wordpress-xml-rpc-brute-force-scanning.html

Changes in the Asprox Botnet
http://blog.fortinet.com/Changes-in-the-Asprox-Botnet/

Neverquest Banking Trojan Updated to Include More Than 30 Financial Institutions in Japan
http://www.securityweek.com/neverquest-banking-trojan-updated-include-more-30-financial-institutions-japan

Snifula Banking Trojan Back to Target Japanese Regional Financial Institutions
http://www.symantec.com/connect/blogs/snifula-banking-trojan-back-target-japanese-regional-financial-institutions

Don’t Overestimate EMV Protections, Underestimate Card Thief Sophistication
http://www.darkreading.com/dont-overestimate-emv-protections-underestimate-card-thief-sophistication/d/d-id/1297450

How Thieves Can Hack and Disable Your Home Alarm System
http://www.wired.com/2014/07/hacking-home-alarms/

Researchers Develop ‘BlackForest’ To Collect, Correlate Threat Intelligence
http://www.darkreading.com/researchers-develop-blackforest-to-collect-correlate-threat-intelligence--/d/d-id/1297570

For March 2014

Microsoft issues Fix it for critical IE 0-day exploited in attacks
http://www.net-security.org/secworld.php?id=16392

New Adobe Flash Player Zero-day Exploit Leads to PlugX
http://blog.trendmicro.com/trendlabs-security-intelligence/new-adobe-flash-player-zero-day-exploit-leads-to-plugx/

Major Apple security flaw: Patch issued, users open to MITM attacks
http://www.zdnet.com/major-apple-security-flaw-patch-issued-users-open-to-mitm-attacks-7000026624/

Android WebView Exploit, 70% Devices Vulnerable
https://community.rapid7.com/community/metasploit/blog/2014/02/13/weekly-metasploit-update

Banking trojan hit a large number of Islamic Mobile Banking Customers
http://securityaffairs.co/wordpress/22465/cyber-crime/banking-trojan-hit-islamic-mobile.html

Cisco Announces OpenAppID – the Next Open Source ‘Game Changer’ in Cybersecurity
http://blogs.cisco.com/security/cisco-announces-openappid-the-next-open-source-game-changer-in-cybersecurity/

GnuTLS: Incorrect error handling in certificate verification
https://rhn.redhat.com/errata/RHSA-2014-0247.html

Hackers take control of 300,000 home routers
http://www.bbc.com/news/technology-26417441

Hello, a new specifically covered exploit kit
http://vrt-blog.snort.org/2014/03/hello-new-exploit-kit.html

Microsoft is using popups to warn XP users of impending end-of-support
http://www.techi.com/2014/03/microsoft-is-using-popups-to-warn-xp-users-of-impending-end-of-support/

VPN flaw makes Android Jelly Bean and KitKat susceptible to hijacking
http://www.neowin.net/news/vpn-flaw-makes-android-jelly-bean-and-kitkat-susceptible-to-hijacking

Medical Device Security: The Hurdles – Analysis of the Pain Points and the Progress
http://www.databreachtoday.com/medical-device-security-hurdles-a-6593

Snort 2.9.7.0 Alpha with OpenAppID, a quick introduction to getting started
http://blog.snort.org/2014/02/snort-2970-alpha-with-openappid-quick.html

For Feb 2014

Scanning for Symantec Endpoint Manager
http://isc.sans.edu/diary/Scanning+for+Symantec+Endpoint+Manager/17657

Mysterious ‘Moon’ worm spreads into many Linksys routers ­ and hunts new victims
http://www.welivesecurity.com/2014/02/17/mysterious-moon-worm-spreads-into-many-linksys-routers-and-hunts-new-victims/

MSIE 0-day Exploit CVE-2014-0322 – Possibly Targeting French Aerospace Association
http://community.websense.com/blogs/securitylabs/archive/2014/02/13/msie-0-day-exploit-cve-2014-0322-possibly-targeting-french-aerospace-organization.aspx

Fake SSL Certificates Uncovered: The Tip of the Iceberg and Weaponized Trust
http://www.venafi.com/blog/post/fake-ssl-certificates-uncovered-the-tip-of-the-iceberg-and-weaponized-trust

HTTP NTLM Information Disclosure
http://blog.gdssecurity.com/labs/2014/2/12/http-ntlm-information-disclosure.html

Introducing ClamAV community signatures
http://blog.clamav.net/2014/02/introducing-clamav-community-signatures.html

Microsoft Update Tuesday: February 2014, huge fix for Internet Explorer
http://vrt-blog.snort.org/2014/02/microsoft-update-tuesday-february-2014.html

Careto: Covering unavailable samples
http://blog.clamav.net/2014/02/careto-covering-unavailable-samples.html

Corkow – the lesser-known Bitcoin-curious cousin of the Russian banking Trojan family
http://www.welivesecurity.com/2014/02/11/corkow-bitcoin-russian-banking-trojan/

Microsoft to discontinue use of MD5 hashed digital certificates
http://www.zdnet.com/ms-update-coming-to-block-md5-digital-certificates-7000026168/

How old data can come back to haunt you
http://penturalabs.wordpress.com/2014/02/11/how-old-data-can-come-back-to-haunt-you/

Microsoft introduces multifactor authentication for all Office 365 users
http://www.net-security.org/secworld.php?id=16342

 

Keep reading…

Tagged with: , ,
  • Very rapidly this website will be famous amid all blogging and site-building
    people, due to it’s fastidious posts