[funsec] [HITB-Announce] HITB eZine Issue 002 out now!
The second quarterly HITB eZine (issue 002) has been released! Grab your copies from here: https://www.hackinthebox.org/modules.php?op=modload&name=News&file=article&sid=35995 === 3 months ago, our newly 'reborn' ezine was a completely new experience to our small team and we didn't expect it to have a lot of followers considering its absence for many years. But to our surprise, we received over 20K downloads just weeks after its re-launch! Despite all this, there are still many things for us to work on and improve upon. Our team is still working hard to make sure our ezine will not only become a resource our readers love to read, but also something they would like to keep. Our promise is that every issue will have something unique to offer. You can be a CSO or a hardcore security geek, we're confident our content offers something for everyone. For the second issue, all the articles are now in high resolution. We hope by doing this it will increase the quality and and clarity of the materials. In addition, the articles are now organized into their respective sections and the code listings in them have been improved and are now easier to read. Also, a new "Interviews" section has been added and for this issue, we have interviewed two well known experts from France for their thoughts on the state of computer security. Finally, we are always looking for feedback from our readers. It's very important for us to know how we can improve in terms of content and design. Please feel free to drop us an email if you have some constructive feedback or ideas that will help us to raise the bar even higher. See you in the summer (Issue 003 will be released at HITBSecConf2010 - Amsterdam) --- Hafez Kamal HITB Crew Hack in The Box (M) Sdn. Bhd. Suite 26.3, Level 26, Menara IMC, No. 8 Jalan Sultan Ismail, 50250 Kuala Lumpur, Malaysia Tel: +603-20394724 Fax: +603-20318359 ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] [HITB-Announce] HITBSecConf2010 - Dubai - Presentation Materials
Presentation materials from the 4th annual Hack In The Box Security Conference in Dubai are now available for download! http://conference.hitb.org/hitbsecconf2010dxb/materials/ KEYNOTE 1 - John Viega - A/V Vendors Aren't As Dumb As They Look D1 - Daniel Mende - Attacking Cisco WLAN Solutions D1 - Laurent Oudot - Improving the Stealthiness of Web Hacking D1 - Dimitri Petropoulos - Attacking ATMs and HSMs ** D1 - Dino Covotsos - Analysis of a Next Generation Botnet D1 - The Grugq - Crime, Kung Fu and Rice ## KEYNOTE 2 - Sourcefire - Near Real Time Detection D2 - Mariano Di Croce - SAP Penetration Testing with Bizsploit D2 - Fred Raynal + Sogeti - Gathering and Exploiting Information D2 - Marc Schoenefeld - Examining Android Code with undx2 D2 - Saumil Shah - Web Security - Going Nowhere? D2 - Gynvael Coldwind - A Case Study of Recent Windows Vulnerabilities Notes: ** - Speaker changed due to the fscking ash cloud mess! ## - Grugq was stopped by his employer COSEINC from presenting his original 'Attacking GSM Base Stations and Mobile Phone Basebands' presentation - WTF?! #fail!!! See you guys at HITBSecConf2010 - Amsterdam (June 29th - July 2nd at the NH Grand Krasnapolsky) http://conference.hitb.org/hitbsecconf2010ams/ --- Hafez Kamal HITB Crew Hack in The Box (M) Sdn. Bhd. Suite 26.3, Level 26, Menara IMC, No. 8 Jalan Sultan Ismail, 50250 Kuala Lumpur, Malaysia Tel: +603-20394724 Fax: +603-20318359 ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] [HITB-Announce] HITBSecConf2009 - Malaysia Videos Released!
The second quarterly HITB eZine (issue 002) has been released! Grab your copies from here: https://www.hackinthebox.org/modules.php?op=modload&name=News&file=article&sid=35995 === 3 months ago, our newly 'reborn' ezine was a completely new experience to our small team and we didn't expect it to have a lot of followers considering its absence for many years. But to our surprise, we received over 20K downloads just weeks after its re-launch! Despite all this, there are still many things for us to work on and improve upon. Our team is still working hard to make sure our ezine will not only become a resource our readers love to read, but also something they would like to keep. Our promise is that every issue will have something unique to offer. You can be a CSO or a hardcore security geek, we're confident our content offers something for everyone. For the second issue, all the articles are now in high resolution. We hope by doing this it will increase the quality and and clarity of the materials. In addition, the articles are now organized into their respective sections and the code listings in them have been improved and are now easier to read. Also, a new "Interviews" section has been added and for this issue, we have interviewed two well known experts from France for their thoughts on the state of computer security. Finally, we are always looking for feedback from our readers. It's very important for us to know how we can improve in terms of content and design. Please feel free to drop us an email if you have some constructive feedback or ideas that will help us to raise the bar even higher. See you in the summer (Issue 003 will be released at HITBSecConf2010 - Amsterdam) --- Hafez Kamal HITB Crew Hack in The Box (M) Sdn. Bhd. Suite 26.3, Level 26, Menara IMC, No. 8 Jalan Sultan Ismail, 50250 Kuala Lumpur, Malaysia Tel: +603-20394724 Fax: +603-20318359 ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Hitler tries a DMCA takedown
You've all seen the Hitler/Downfall parodies. Recently Constantin Films, the owner, got a number of them removed from YouTube. Now Brad Templeton, of rec.humor.funny (http://www.netfunny.com/rhf/), got into the act with his own, pointing out that parody is "fair use." http://ideas.4brad.com/hitler-tries-dmca-takedown http://www.youtube.com/watch?v=PzUoWkbNLe8 YouTube is apparently somewhat sympathetic, and has noted, to viewers, that it has provisions for challenges to video takedowns over copyright complaints: http://youtube-global.blogspot.com/2010/04/content-id-and-fair-use.html http://mashable.com/2010/04/22/hitler-youtube-downfall/ == (quote inserted randomly by Pegasus Mailer) rsl...@vcn.bc.ca sl...@victoria.tc.ca rsl...@computercrime.org Patriotism is the Rohypnol of the American Public - John Bender, http://bantha.cjb.net/john victoria.tc.ca/techrev/rms.htm blog.isc2.org/isc2_blog/slade/index.html http://blogs.securiteam.com/index.php/archives/author/p1/ http://twitter.com/NoticeBored http://twitter.com/rslade ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Another Firefox plugin with spyware?
Perhaps it's time for all Firefox plugins to be tested in an environment with tcpdump/wireshark running so that all network traffic is duly accounted for. ---Rsk ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Another Firefox plugin with spyware?
Suddenly this plugin has a privacy policy and is sandboxed. https://addons.mozilla.org/en-US/firefox/addon/9591 > > > While checking out FF plugins for twitter today, I came across the > following comment wrt Power Twitter 1.38; > > __ > > Cool addon, but... > > ever had a look inside? > > I did this morning, while trying to find out why one of the images in a > tweet wasn't properly replaced (it just dissapeared). I found this call at > startup: > > http://powertwitter.me/req.php? > agent=firefox&action=userPage&version=1.38&&sViewingUser=&sLoggedInUser= > [me]&sViewingUser=&sLoggedInUser=[meagain]&ptPrefEX=off&ptPrefRM=off > > That, along that half of the code is downloaded after this call. More than > that, link replacement also happens in the network: > > http://linkmapper.codingsocial.com/map.powertwitter/? > action=parseLink&version=1.38&format=json&linkNumber=26&url=[someURI] > > I don't know if you do, I don't like being tracked without my knowledge. > > Rated 1 out of 5 stars by Ric on April 20, 2010 > __ > > > ___ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Apparently McAfee stepped on their genitals today...
not only stepped on their genitals but down right crushed them into a flattened pancake! I don't' know what's worse, deleting SVCHOST.EXE, or NOT properly QA'ing the DAT files so they're able to delete SVCHOST.exe. oh, I think it's not QA'ing dats like they used to I'll tell you what, I really miss the old days that I'm affectionately calling the "Vinnie Days" for Avert / Mcafee Labs! Things ran really well back then let me tell you that for nothing! :-) Mike B From: funsec-boun...@linuxbox.org on behalf of David Harley Sent: Thu 4/22/2010 11:37 AM To: 'Juha-Matti Laurio'; 'The Security Community'; 'funsec' Subject: Re: [funsec] Apparently McAfee stepped on their genitals today... Generated a lot of BHSEO too. -- David Harley BA CISSP FBCS CITP ESET Research Fellow & Director of Malware Intelligence > -Original Message- > From: funsec-boun...@linuxbox.org > [mailto:funsec-boun...@linuxbox.org] On Behalf Of Juha-Matti Laurio > Sent: 22 April 2010 09:41 > To: The Security Community; funsec > Subject: Re: [funsec] Apparently McAfee stepped on their > genitals today... > > This is covered at > https://kc.mcafee.com/corporate/index?page=content&id=KB68780 > > Juha-Matti > > The Security Community [thesecuritycommun...@gmail.com] kirjoitti: > > http://isc.sans.org/ > > > > We have received several reports indicating some issues with McAfee > > DAT 5958 causing Windows XP SP3 clients to be locked out. It is > > affecting svchost.exe. Here is an example of the message: > > > > The file C:WINDOWSsystem32svchost.exe contains the > W32/Wecorl.a Virus. > > Undetermined clean error, OAS denied access and continued. Detected > > using Scan engine version 5400.1158 DAT version 5958.. > > ___ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Apparently McAfee stepped on their genitals today...
Generated a lot of BHSEO too. -- David Harley BA CISSP FBCS CITP ESET Research Fellow & Director of Malware Intelligence > -Original Message- > From: funsec-boun...@linuxbox.org > [mailto:funsec-boun...@linuxbox.org] On Behalf Of Juha-Matti Laurio > Sent: 22 April 2010 09:41 > To: The Security Community; funsec > Subject: Re: [funsec] Apparently McAfee stepped on their > genitals today... > > This is covered at > https://kc.mcafee.com/corporate/index?page=content&id=KB68780 > > Juha-Matti > > The Security Community [thesecuritycommun...@gmail.com] kirjoitti: > > http://isc.sans.org/ > > > > We have received several reports indicating some issues with McAfee > > DAT 5958 causing Windows XP SP3 clients to be locked out. It is > > affecting svchost.exe. Here is an example of the message: > > > > The file C:WINDOWSsystem32svchost.exe contains the > W32/Wecorl.a Virus. > > Undetermined clean error, OAS denied access and continued. Detected > > using Scan engine version 5400.1158 DAT version 5958.. > > ___ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Apparently McAfee stepped on their genitals today...
This is covered at https://kc.mcafee.com/corporate/index?page=content&id=KB68780 Juha-Matti The Security Community [thesecuritycommun...@gmail.com] kirjoitti: > http://isc.sans.org/ > > We have received several reports indicating some issues with McAfee > DAT 5958 causing Windows XP SP3 clients to be locked out. It is > affecting svchost.exe. Here is an example of the message: > > The file C:WINDOWSsystem32svchost.exe contains the W32/Wecorl.a Virus. > Undetermined clean error, OAS denied access and continued. Detected > using Scan engine version 5400.1158 DAT version 5958.. ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.