background preloader

Security

Facebook Twitter

Mantra - Free and Open Source Browser based Security Framework. Defcon 18 - Kantana Multiboot Security Suite - JP Dunning - Part.mov. Plug and Prey: Malicious USB Devices. Plug and Prey: Malicious USB Devices Adrian Crenshaw Presented at Shmoocon 2011PDF VersionVideos of talks based on this paper Abstract This paper is meant as an overview of malicious USB devices.

Plug and Prey: Malicious USB Devices

The paper will first lay out a proposed set of categories for malicious USB devices, how these categories function, how they differ, and how they can be used by an attacker. Next the paper will offer information on how these threats can be technically detected and mitigated, as well as human practices that can help alleviate the threats posed by malicious USB devices. Sections: 1. 1. While a fair amount of research has gone into blocking malicious software (viruses, worms, trojans, spyware, etc.), comparatively less time has been spent researching malicious hardware devices. 2. It might be helpful to start off with a list of the generalized categories that malicious USB devices could fall into. 2.1 USB mass storage containing malware Mariposa botnet client on the Vodafone (Bustamante, 2010) 1. 2. 3.

Screenshots and Videos - Cyber Attack Management for Metasploit. InfoSecMedia - Latest updates from the Information Security Industry Videos & Articles. Heap spraying. Operation[edit] A heap spray does not actually exploit any security issues but it can be used to make a vulnerability easier to exploit. A heap spray by itself cannot be used to break any security boundaries: a separate security issue is needed. Exploiting security issues is often hard because various factors can influence this process. Chance alignments of memory and timing introduce a lot of randomness (from the attacker's point of view).

Tools

DOJOCON 2010 Videos. DOJOCON 2010 Videos First, thanks to Marcus Carey for inviting me out to DOJOCON.

DOJOCON 2010 Videos

Be sure to check out the organizers and and donate to the cause if you like the event. Below are the videos from the conference, at least the ones I can show :), enjoy. Index: Packet Storm ≈ Full Disclosure Information Security. Howto - Offensive-security.com. Ethical Hacking, Penetration Testing & Computer Security. Twentythreedotorg:index. Information Security News, IT Security News & Expert Insights: SecurityWeek.Com. New Facility to Help Enable Development of Cybersecurity Solutions Science Applications International Corporation (SAIC) today announced the grand opening of its Cyber Innovation Center (CIC) along the I-95 corridor in Columbia, Maryland.

Information Security News, IT Security News & Expert Insights: SecurityWeek.Com

The CIC includes a technical solutions lab and secured infrastructure intended to help SAIC develop and deliver cybersecurity solutions to customers. Other features of the center include a research and development, and training and conference spaces, as well as demonstration, prototyping and proposal solution support areas. Protect The Business - Enable Access. Evil Maid goes after TrueCrypt! From time to time it’s good to take a break from all the ultra-low-level stuff, like e.g. chipset or TXT hacking, and do something simple, yet still important.

Evil Maid goes after TrueCrypt!

Recently Alex Tereshkin and I got some spare time and we implemented the Evil Maid Attack against TrueCrypt system disk encryption in a form of a small bootable USB stick image that allows to perform the attack in an easy “plug-and-play” way. The whole infection process takes about 1 minute, and it’s well suited to be used by hotel maids. Information Security News, IT Security News & Expert Insights: SecurityWeek.Com. Theory of Unspoofable Device Identification Using NAND Flash Memory Markus Jakobsson and Karl-Anders Johansson In 1998, Intel announced the introduction of processor identities.

Information Security News, IT Security News & Expert Insights: SecurityWeek.Com

PaX. PaX is maintained by The PaX Team, whose principal coder is anonymous.

PaX

PaX has its own version of Tux, the Linux mascot. Significance[edit] Many, and perhaps even most, computer insecurities are due to errors in programs that make it possible to alter their function, effectively allowing them to be "rewritten" while running. The first 44 Ubuntu Security Notices can be categorized [1] to show that 41% of vulnerabilities stem from buffer overflows, 11% from integer overflows, and 16% from other bad handling of malformed data.

These types of bugs often open the possibility to inject and execute foreign code, or execute existing code out of order, and make up 61% of the sample group, discarding overlap. Exploit (online gaming) In video games, an exploit (colloquially sploit) is the use of a bug or glitches, rates, hit boxes, or speed, etc. by a player to their advantage in a manner not intended by the game's designers.[1] Exploits have been classified as a form of cheating; however, the precise determination of what is or is not considered an exploit can be controversial.

Exploit (online gaming)

This debate stems from a number of factors but typically involves the argument that the issues are part of the game and require no changes or external programs to take advantage of them.[2] Arguments in favor of the cheating view involve the spirit of the game and the potentially damaging effects of the exploit on the game's community.[3][4] While the rules or game code may not explicitly disallow a specific exploit, it may be seen that using that exploit goes against the spirit of the game.[3] The potential damage of an exploit on a game has been described by a World of Warcraft community manager as "devastating".[4] UW Computer Security Research and Course Blog » Online Game Security. Recently, a freelancer named Federico Biancuzzi published a book with his co-author, Greg Hoglund, about exploiting online games’ vulnerabilities.

UW Computer Security Research and Course Blog » Online Game Security

The article is an interview with Federico. He talked about one of the vulnerabilities in MMORPG is the fact that the server stores states in the client machines to have these client machines do some of the computations. This allows adversaries to be able to hack within their own machines to gain various benefits. User space. A modern computer operating system usually segregates virtual memory into kernel space and user space.

User space

[a] Primarily, this separation serves to protect data and functionality from faults (by improving fault tolerance) and malicious behaviour (by providing computer security). Kernel space[edit] Userland[edit] Implementation[edit] See also[edit] Notes[edit] References[edit] External links[edit] Linux Kernel Space Definition. Client/Server Runtime Subsystem. Workings[edit] CSRSS runs as a user-mode system service.

Client/Server Runtime Subsystem

When a user-mode process calls a function involving console windows, process/thread creation, or side-by-side support, instead of issuing a system call, the Win32 libraries (kernel32.dll, user32.dll, gdi32.dll) send an inter-process call to the CSRSS process which does most of the actual work without compromising the kernel.[1] Window manager and GDI services are handled by a kernel mode driver (win32k.sys) instead.[2] CSRSS is called along with winlogon.exe at Windows start-up. Whitespace (programming language) The language itself is an imperative stack-based language. The virtual machine on which the programs run has a stack and a heap. The programmer is free to push arbitrary-width integers onto the stack (currently there is no implementation of floating point numbers) and can also access the heap as a permanent store for variables and data structures. The idea of using whitespace characters as operators for the C++ language was facetiously suggested five years earlier by Bjarne Stroustrup.[3] Commands are composed of sequences of spaces, tab stops and linefeeds.

For example, tab-space-space-space adds the top two elements on the stack. Cyber Exercises and Cyber Conflict Leadership Training. In the late spring and early summer of this year several announcements were made by the US Government about the need to execute cyber challenges to find and recruit top cyber talent. In response to this, White Wolf Security is facilitating Cyber Dawn, an open cyber exercise in the D.C. Metro Area. White Wolf Security is a leading cyber exercise company located in Lancaster, PA. Reverse SSH Tunneling. Cellphone Botnets, Blackmailing VOIP & a Healthy Cybercrime Economy - Security/Vulnerabilities - DarkReading. New report from Georgia Tech Information Security Center highlights the top threats for '09 and beyond Cellphones will become members of botnets. VOIP systems will get hit by blackmailing denial-of-service attacks.

The cybercrime economy will thrive, even as the global economy struggles. And today, around 15 percent of all computers online are infected as bots, up from 10 percent last year, according to the Georgia Tech Information Security Center's (GTISC) new report on emerging cyber threats for 2009 and beyond. Online Cyber Information Security Training. Free Information Security Training and Resources. The Metasploit Unleashed free online training course was created to fill a gap in quality documentation on the practical usage of the popular and versatile Metasploit Framework. In keeping with the open-source nature of Metasploit, this resource is provided at no charge.

More Information The Exploit Database is the ultimate archive of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. Its aim is to serve as the most comprehensive collection of exploits gathered from various sources. The Freenet Project - /index. Docs.

Encryption

Wireless.