Email not looking beautiful? View it in your browser
#0x3C - July 3rd week | 2013-07-19 09:27:00 +0200
01 | News
Jealous of PRISM? Use "Amazon 1 Button" Chrome extension to sniff all HTTPS websites! via
Amazon is the latest company to come under fire for misusing its browser extension bar, with security researcher Krzysztof Kotowicz accusing the company of invading privacy via its 1Button extension for Chrome.
Nineteen Groups Sue NSA Over Data Collection | SecurityWeek.Com via
A suit filed against the NSA alleges that the mass collection of phone records under the so-called PRISM program violates Americans' constitutional rights.
How Microsoft handed the NSA access to encrypted messages | World news | The Guardian via
Documents show company collaborated closely with NSA and FBI to help agencies intercept data
How the PRISM Surveillance System Works via
Is the undercover program called PRISM actually a fairly transparent tool for gathering information or a mandate for snooping through your e-mail?
Email exchange between Edward Snowden and former GOP Senator Gordon Humphrey via
Another botched Windows patch: MS13-057/KB 2803821/KB 2834904 | Microsoft windows - InfoWorld via
Microsoft hasn't yet acknowledged Win7 patch KB 2803821 and WinXP patch KB 2834904, which have spawned complaints about top half of videos displaying in black
See 4 more links for 01 | News in our premium edition newsletter. It costs only $0.02 a day!.
02 | Vulnerabilities
MiniDLNA SQL Injection / Buffer Overflow ≈ Packet Storm via
MiniDLNA prior to v1.1.0 ( is prone to a variety of issues which could be used to take control of a host running this software.
Nations Buying as Hackers Sell Flaws in Computer Code - via
Governments pay hundreds of thousands of dollars to learn about and exploit weaknesses in the computer systems of foreign adversaries.
Forensics Software and Oracle Outside In via
Hi, it's Will. In this post I will discuss the risks of using forensics software to process untrusted data, as well as what can be done to mitigate those risks.
Bugtraq: [CVE-2013-4763|CVE-2013-4764] Vulnerability in built-in system app of Samsung Galaxy S3/S4 via
I would like to inform you that the details of the vulnerability in built-in system app of Samsung Galaxy S3/S4 (assigned as CVE-2013-4763 and CVE-2013-4764) are now disclosed to public.
Tumblr Updates iOS App with "Very important Security Fix" via
The company is patching a vulnerability that was provided to it on Tuesday, although it has not provided specifics details.
See 2 more links for 02 | Vulnerabilities in our premium edition newsletter. It costs only $0.02 a day!.
03 | Exploits
Plesk PHP Code Injection ≈ Packet Storm via
Reliable exploit for the Plesk PHP code injection vulnerability disclosed by Kingcope in June 2013. Can deliver inline and reverse shells using the payloads library, as well as offering (buggy) file upload features.
Microsoft Office PowerPoint 2007 - Crash PoC via
when you insert a sound to Microsoft office powerpoint 2007 ;the software will get crashed it tested on office 2007 ,all the versions may be affected too
See 2 more links for 03 | Exploits in our premium edition newsletter. It costs only $0.02 a day!.
04 | Malware
Malware Hidden Inside JPG EXIF Headers via
Interesting approach to hide malware.
FBI Ransomware Now Targeting Apple's Mac OS X Users | Malwarebytes Unpacked via
For years, Windows users have been plagued by ransomware demanding several hundred dollars to unlock their computers. Now there's a growing market to target Macs.
The Pl u gX malware revis i ted : introducing “Smoaler” via
The malware family we'll be looking at in this report is known as Smoaler, and it shares many features with PlugX
"My high school is raising money for cancer research. Each click earns me $1" via
Today, as usual. I began the strenuous and irritating task of scrolling through hundreds of spam DM's. Most lead to dating websites ect. Nothing worth writing about. Then, as I was scrolling I saw one dm that was just begging to be read. The message read "My high school is raising money for <insert location specific charity here>. Every click I get on <insert link here> earns me $1 from ads."
New tools let cyber criminals easily Trojanize legit Android apps | Mobile security - InfoWorld via
Tools leverage open source AndroRAT remote access tool, which gives a remote attacker control over an infected device
See 5 more links for 04 | Malware in our premium edition newsletter. It costs only $0.02 a day!.
05 | Papers
Defending Privacy at the U.S. Border: A Guide for Travelers Carrying Digital Devices via
EFF guide for defending your privacy at/near U.S. border
Anti-Virus Evasion: A Peek Under the Veil via
In this article, Mark Baggett summarizes some of the Anti-Virus evasion tactics of the past year or two, and then cranks it up a notch, by digging into the details of some recent AV-dodging techniques useful to penetration testers.
Network-based Malware Detection 2.0: Assessing Scale, Accuracy and Deployment via
Detecting malware feels like a losing battle. Between advanced attacks, innovative attackers, and well-funded state-sponsored and organized crime adversaries, organizations need every advantage they can get to stop the onslaught. We first identified and documented Network-Based Malware Detection (NBMD) devices as a promising technology back in early 2012, and they have made a difference in detecting malware at the perimeter. Of course nothing is perfect, but every little bit helps.
See 2 more links for 05 | Papers in our premium edition newsletter. It costs only $0.02 a day!.
06 | Books
TaoSecurity: Pre-Order The Practice of Network Security Monitoring Before Price Hike via
When my publisher and I planned and priced my new book The Practice of Network Security Monitoring, we assumed the book would be about 250 pages. As we conclude the copyediting process and put print in layout format, it's clear the book will be well over 300. The current estimate is 328, but I think it could approach 350 pages.
07 | Tutorials
Google Analytic Values in Cache Files via
A while ago I wrote about Google Analytic Cookies. These cookies can contain information such as keywords, referrer, number of visits and the first and most recent visit. This information is stored in cookie variables called __utma, __utmb and __utmz.
Back to Defense: Finding Hooks in OS X with Volatility via
In my previous post I discussed how to mess with the OS X syscall table through direct syscall table modification, syscall function inlining, and patching the syscall handler. As I promised, I'll be providing a plugin to find the mess! The code for the check_hooks plugin can be found at github and it incorporates existing detections for the sake of completeness. So let's go through the scenarios discussed earlier.
See 3 more links for 07 | Tutorials in our premium edition newsletter. It costs only $0.02 a day!.
08 | Videos
Sharkfest 2013 - Keynote: The History Of Wireshark via
Join the creator of Gerald Combs as he reviews the 15 year history of the world's most popular network analyzer - Wireshark. Recorded live at Sharkfest 2013, UC Berkeley, CA. June 2013.
Building a Higher Order of Security Intelligence - Francis deSouza - RSA Conference US 2013 Keynote - YouTube via
Francis deSouza President, Products and Services Symantec Security professionals have reached a turning point where the solutions and...
Jboss Hacking And Upload Malicious Jsp Shell via
In this video you will learn how to compromise JBoss AS Administration Console and Uploading Malicious JSP Shell.
See 1 more links for 08 | Videos in our premium edition newsletter. It costs only $0.02 a day!.
09 | Tools
Windows Essentials 2012 | Forensic Artifacts via
Forensic Artifacts of Windows Essentials
Tarsnap - Online backups for the truly paranoid via
Tarsnap is a secure online backup system for Linux, BSD, OS X, and other UNIX-like operating systems
bWAPP via
bWAPP or a buggy web application is a free and open source web application build to allow security enthusiasts, students and developers to better secure web applications. It is for educational purposes only.
CopperDroid via
CopperDroid represents our research effort to automatically perform out-of-the-box dynamic behavioral analysis of Android malware. To this end, CopperDroid presents a unified analysis to characterize low-level OS-specific (e.g., writing to a file) and high-level Android-specific behaviors (e.g., sending an SMS, placing a phone call). Based on the observation that such behaviors are however achieved through the invocation of system calls, CopperDroid's VMI-based dynamic system call-centric analysis is able to faithfully describe the behavior of Android malware whether it is initiated from Java, JNI or native code execution.
Shark: Real-time queries and analytics for big data - Strata via
Hadoop's strength is in batch processing, MapReduce isn't particularly suited for interactive/adhoc queries. Real-time1 SQL queries (on Hadoop data) are usually performed using custom connectors to MPP databases. In...
See 4 more links for 09 | Tools in our premium edition newsletter. It costs only $0.02 a day!.
11 | Pwnage
U.K. Ministry of Defence hit by cyberattack, data stolen | ZDNet via
The U.K. government department was victim of a cyber-espionage attack that saw sensitive data stolen by unnamed hackers, a parliamentary report discloses.
FBI Agents Find Texas County's Personnel Files in Vietnam via
16,000 current and former Harris County employees' names, birthdates and Social Security numbers were exposed
Staying on top of TLS attacks | CloudFlare Blog via
CloudFlare makes extensive use of TLS connections throughout our service which makes staying on top of the latest news about security problems with TLS a priority. We use TLS both externally and internally and different uses of TLS have different constraints. hacked with via
The website of (a major computer manufacturer) has been hacked and is serving up malware, despite MSI being informed of the problem
'Hangover' Persists, More Mac Malware Found via
Researchers who this spring unearthed details of a diverse cyberespionage campaign out of India recently also discovered it using additional malware targeting Mac OS X machines, as well as telltale signs that some of the suspected actors behind the hacks know they are being watched online.
How cybercriminals create and operate Android-based botnets | Webroot Threat Blog - Internet Security Threat Updates from Around the World via
On their way to acquire the latest and coolest Android game or application, end users with outdated situational awareness on the latest threats facing them often not only undermine the confidentiality and integrity of their devices, but also, can unknowingly expose critical business data to the cybercriminals who managed to infect their devices.
See 4 more links for 11 | Pwnage in our premium edition newsletter. It costs only $0.02 a day!.
You received this email because you subscribed to at some point of time in the past. If you are fed up with this information stream you can unsubscribe.