-
Five pieces of advice for those new to the infosec industry
I've worked in the security field in various roles (script kiddie, security researcher, incident response, application security engineer, security consultant, strategy, etc..) and thought I'd share a few points to those of you starting out in the security industry. Things are worse than you expect The reality is that companies, even large ones, are…
-
Security Industry Plagiarism: Finding 3 examples in 5 minutes with Google
UPDATE: One of the authors has posted two responses including an apology (accepted). I was taught in grade school that if you plan on writing something, never plagiarize. If you want to republish portions of existing content ensure you properly quote/reference them, and never represent this content as your own original work. Unfortunately it seems…
-
Quick defcon/blackhat preparation list
A couple of people had asked me what are some things that you can do prior to attending hacker cons such as Blackhat and Defcon. Kurt Cobain said it best "Just because you're paranoid, doesn't mean they're not after you'. Here's a short list (albeit not complete as I don't plan to publish all…
-
Oracle website vulnerable to SQL Injection
Someone has published a SQL Injection in labs.oracle.com at http://www.thehackernews.com/2011/07/oracle-website-vulnerable-to-sql.html . That is all.
-
Most common password for Gawker users is 123456
Gawker was recently compromised and had its source code and user passwords leaked onto the web. The Wall Street Journal has published a list of the top 50 passwords with the #1 password being '123456'. The full list can be found at http://blogs.wsj.com/digits/2010/12/13/the-top-50-gawker-media-passwords/
-
Twitter XSS worm
An XSS worm has hit twitter this morning and appears to have affected hundreds of thousands of users. Sophos has a good technical writeup at http://www.sophos.com/blogs/gc/g/2010/09/21/twitter-onmouseover-security-flaw-widely-exploited/ ARSTechnica has some coverage about Magnus Holm, the author of the worm. http://arstechnica.com/security/news/2010/09/twitter-worms-spread-quickly-thanks-to-blatant-security-flaw.ars I'll update this post once a more accurate count of affected users is published.
-
Apple website hit with SQL Injection
"A hack attack that can expose users to malware exploits has infected more than 1 million webpages, at least two of which belong to Apple. The SQL injection attacks bombard the websites of legitimate companies with database commands that attempt to add hidden links that lead to malware exploits. While most of the sites that…
-
RSnake joins google
In an April 1st shocker Robert "RSnake" Hansen (known in appsec circles as the prince of XSS) has just posted an entry on his site about his new gig at Google. "People tend to think of me as a Google hater, but the truth is the only thing I've hated about Google is the fact…
-
XSS, SQL Injection and Fuzzing Barcode Cheat Sheet
Someone has published an amusing cheat sheet that will allow you to fuzz barcode scanning systems for common input validation issues such as XSS and SQL Injection. They even provide an online barcode generator which allows you to create your own payloads. Not much else to say really 🙂 Link: http://www.irongeek.com/xss-sql-injection-fuzzing-barcode-generator.php
-
Facebook security pretty much what you’d expect?
An interview claiming to be with a facebook employee discusses a few things that you probably were hoping didn't happen. Here are some choice quotes from the article " Rumpus: Have you ever logged in to anyone’s account? Employee: I have. For engineering reasons. Rumpus: Have you ever done it outside of professional reasons? Employee:…
-
Hacker Messes With Student’s Schedule
I don't usually post much about hacking incidents but this one was particularly funny. "A college student has been dropped from her classes twice, apparently the victim of someone who hacked into her schedule.Michelle McCoy-Lloyd was going to take two culinary classes at San Joaquin Delta College starting next week.Last month, someone had hacked into…
-
Symantec SQL Injected, Seeks Counseling
"The Romanian hacker who successfully broke into a web site owned by security vendor Kaspersky Lab has struck again, this time exposing shortcomings in a Symantec web server. The hacker, known only as Unu, said in a blog post today that he was able to access a server belonging to the security giant using a…
-
Amazon EC2 cloud computing for password/crypto cracking
There is a rather lengthy set of posts on using cloud based computing services as ideal venues for crypto and password cracking. Link: http://news.electricalchemy.net/2009/10/cracking-passwords-in-cloud.html Link: http://news.electricalchemy.net/2009/10/password-cracking-in-cloud-part-5.html
-
One character mistake knocks .se TLD offline
"What was essentially a typo last night resulted in the temporary disappearance from the Internet of almost a million Web sites in Sweden — every address with a .se top-level down name. According to Web monitoring company Pingdom, which happens to be based in Sweden, the disablement of an entire top-level domain "is exceptionally rare.…
-
Yahoo Best Jobs in America ranks infosec professional #8
After checking out my favorite stocks this morning at finance.yahoo.com I saw an article titled 'best jobs in America' so figured I'd check it out. To my surprise Computer/Network Security Consultant was ranked as the 8th best job in the US. Very cool! Link: http://finance.yahoo.com/career-work/article/107932/best-jobs-in-america.html
-
Reddit XSS worm spreads
UPDATE: Reddit has posted a blog entry at http://blog.reddit.com/2009/09/we-had-some-bugs-and-it-hurt-us.html addressing this. "Popular social news website Reddit has stopped the spread of a cross-site scripting (XSS) worm that hit the site on Monday. The XSS worm spread via comments on the site, originally from the account of a user called xssfinder. Reddit failed to filter out…
-
SVN Flaw Reveals Source Code to 3,300 Popular Websites
"A Russian security group has posted a detailed blog post about how they managed to extract the source code to over 3,300 websites. The group found that some of the largest and best known domains on the web, such as apache.org and php.net, amongst others, are vulnerable to an elementary information leak that exposes the…
-
Chrome adds defence for cross-site scripting attacks, already busted
"The 4.0.207.0 release uses a reflective XSS filter that checks each script before it executes to check if the script appears in the request that generated the page. Should it find a match, the script will be blocked. According to Chromium developer Adam Barth, the developers plan to post an academic paper that will describe…
-
WordPress Admin Password Reset Vulnerability
"Yesterday a vulnerability was discovered: a specially crafted URL could be requested that would allow an attacker to bypass a security check to verify a user requested a password reset. As a result, the first account without a key in the database (usually the admin account) would have its password reset and a new password…
-
Gary McKinnon loses appeal
"Gary McKinnon has lost a judicial review against his extradition to the United States on hacking charges. Lawyers for the Briton hoped his recent diagnosis with Asperger's Syndrome would be enough to persuade judges to overturn previous rulings and allow McKinnon to be tried in the UK." – The Register Long story short Gary hacked…
-
Why you never use ATMs in the hotel defcon is hosted in, or near
Just got back from vegas and finally started catching up. Looks like a fake ATM was placed at defcon (no surprise). "As the conference was kicking off a few days ago, attendees noticed that at ATM placed in the Riviera Hotel, which plays host to the annual event, didn't quite look right, according to a…
-
Antisec hackers replace all imageshack images!
The hacking group/movement antisec has replaced every image on imageshack with a hacked image and has posted the following to the full disclosure mailing list. " __ .__ _____ _____/ |_|__| ______ ____ ____ \__ \ / \ __\ | ______ / ___// __ \_/ ___\ / __ \| | \ …
-
New OpenSSH Flaw Likely a Hoax?
"A claim of a software vulnerability in a program used to connect securely to servers across the Internet is likely a hoax, according to an analyst with the SANS Internet Storm Center. The program, called OpenSSH (Secure Shell), is installed on tens of millions of servers made by vendors such as Red Hat, Hewlett-Packard, Apple…
-
Social Security Numbers Can Be Extrapolated From Public Data
"For years, government officials have urged consumers to protect their social security numbers by giving out the nine-digit codes only when absolutely necessary. Now it turns out that all the caution in the world may not be enough: New research shows that social security numbers can be predicted from publicly available birth information with a…
-
Security Guard Busted For Hacking Hospital’s HVAC, Patient Information Computers
"A former security guard for a Dallas hospital has been arrested by federal authorities for allegedly breaking into the facility's HVAC and confidential patient information computer systems. In a bizarre twist, he posted videos of his hacks on YouTube, and was trying to recruit other hackers to help him wage a massive DDoS attack on…
Favorite Links
- Security Templates (New)
- The Web Application Security Consortium
- QA Security
- The Web Security Mailing List
- Romain Gaucher’s Blog
- Jeremiah Grossman’s Blog
Popular Pages
WASC Threat Classification
- Abuse of Functionality
- Application Misconfiguration
- Brute Force Attack
- Content Spoofing
- Credential/Session Prediction
- Denial of Service
- Directory Indexing
- Information Leakage
- Remote File Inclusion Attack
- Routing Detour Attack
- SOAP Array Abuse
- XML Attribute Blowup
- XML Injection
- XML External Entity Attack