HNNCast.2010.08.27
HNNCast for the last week of August 2010 -
Top Stories:
Dejavu Microsoft Style, Middle Eastern USB Sticks it to US, PayPal/iTunes Warning, SpanAir Malware not in the Air
News:
Far East Joint Police Actions, Halo Reach Leak, Yo Yo Dos, AutoTrader Raiders
Tool Time:
Fast HTTP Vulnerability Scanner, XSSer, HTTP4e, DotDotPwn, RootKitUnhooker, OpenSSH, RS Mangler Correction
Quickies:
Indian Election Integrity in Question, Miss Vietnam Election Integrity NOT in Question, Seymour’s Butt, Irish Youth Identities Likely Leaked, UN Still SQL Injectable, Holly Benson DoS’d, InfoSec M&A, a REAL MIT Hack
Con Fu:
DefCon 18 Archive, RuxCon CFP, BlackHat Abu Dhabi CFP, Source Barcelona Registration, BruCon Beta Schedule, HacKid Con Registration, Malcon CFP
Stack of Shame:
Count: 151
Birthdays:
- ZDI-CAN-381 from IBM ( 730 days )
- ZDI-CAN-375 from IBM ( 730 days )
- ZDI-CAN-374 from IBM ( 730 days )
- ZDI-CAN-373 from IBM ( 730 days )
- ZDI-CAN-372 from IBM ( 730 days )
- ZDI-CAN-371 from IBM ( 730 days )
One Response to 'HNNCast.2010.08.27'
Subscribe to comments with RSS or TrackBack to 'HNNCast.2010.08.27'.
Leave a Reply
You must be logged in to post a comment.
Posted: August 29th, 2010
at 4:49pm by tan
Tagged with "South Korea", agent.btz, ATM fraud, Autotrader.com, BlackHat Abu Dhabi CFP, botnet, BruCon Beta Schedule, BSA, CAO, China, classified networks, credit card skimming, DC-9, DDoS, DefCon 18 Archive, DigiNinja, DOM, DotDotPwn, e-voting system, election fraud, Fast HTTP Vulnerability Scanner, FDC worm, Fortify, Fuzz, Germany, HacKid Con Registration, Halo reach, Hari Prasad, Holly Benson, HP, HTTP4e, IBM, Intel, Ireland, itunes, JSON, LNK bug, Malcon CFP, malware, McAffee, metasploit, Microsfot, Microsoft, Miss Vietnam World, MIT, online auction fraud, OpenSSH, password reset, Paypal Apple, process control vulnerability, Random Storm, REST, RKU, Robin, root-kit, RootKitUnhooker, RS Mangler, RuxCon CFP, Seymour Connecticut, Source Barcelona Registration, SpanAir, sql injection, Taiwan, TARDIS, telecom fraud, Tipping Point, Trojan, UN, United Nations, USB, voting machines, William J. Lynn III, Windows, XBox Live, XSSer, yoyodos, ZDI, Zero Day Initiative
Comments: 1 comment
HNNCast for the last week of August 2010
Top Stories
Dejavu Microsoft Style
http://www.scmagazineuk.com/warnings-made-of-an-old-new-windows-vulnerability-that-could-make-applications-open-to-remote-code-execution-attacks/article/177304/
http://cwe.mitre.org/data/definitions/114.html
http://www.theregister.co.uk/2010/08/24/windows_dll_casualties/
Middle Eastern USB Sticks it to US
http://www.washingtonpost.com/wp-dyn/content/article/2010/08/24/AR2010082406154.html
http://www.wired.com/dangerroom/2008/11/army-bans-usb-d/
http://www.wired.com/dangerroom/2010/08/insiders-doubt-2008-pentagon-hack-was-foreign-spy-attack/
PayPal/iTunes Warning
http://techcrunch.com/2010/08/23/paypal-itunes-fraud/
http://www.sophos.com/blogs/gc/g/2010/08/25/mystery-surrounds-itunespaypal-web-scam/
SpanAir Malware not in the Air
http://www.zdnet.com/blog/bott/fact-check-malware-did-not-bring-down-a-passenger-jet/2354
News
Far East Joint Police Actions
http://garwarner.blogspot.com/2010/08/major-fraud-ring-busted-in-largest.html
Halo Reach Leak
http://www.theregister.co.uk/2010/08/23/xbox_halo_3_leaked/
http://www.escapistmagazine.com/news/view/102930-Hackers-Claim-to-Have-Grabbed-Halo-Reach-From-Microsoft-Site
Yo Yo Dos
http://www.scmagazineus.com/ddos-botnet-family-discovered-targeting-scores-of-sites/article/177429/
AutoTrader Raiders
http://www.securityweek.com/autotrader-pays-400000-settle-claims-unlicensed-software-use
Tool Time
Fast HTTP Vulnerability Scanner
http://www.tarasco.org/security/FHScan_Fast_HTTP_Vulnerability_Scanner/index.html
http://www.tarasco.org/security/fhscan_core_library_api/index.html
XSSer
http://xsser.sourceforge.net/
HTTP4e
http://www.ywebb.com/eclipse-restful-http-client-plugin-http4e/
DotDotPwn
http://www.youtube.com/watch?v=16Hfe02TAeg&feature=player_embedded#!
http://packetstormsecurity.org/filedesc/ddpwn.tar-gz.html
RootKitUnhooker
http://www.rootkit.com/newsread.php?newsid=902
OpenSSH
http://www.openssh.com/txt/release-5.6
RS Mangler Correction
http://www.randomstorm.com/rsmangler-security-tool.php
Quickies
Indian Election Integrity in Question
http://www.youtube.com/watch?v=rKTSW-CA_x0&feature=player_embedded
https://www.eff.org/deeplinks/2010/08/security-researcher-arrested-refusing-disclose
http://indiaevm.org/evm_tr2010-jul29.pdf
Miss Vietnam Election Integrity NOT in Question
http://www.thanhniennews.com/2010/Pages/20100820133901.aspx
Seymour’s Dick is a Butt
http://www.nhregister.com/articles/2010/08/20/news/valley/doc4c6df71ec18f0675112063.txt
Irish Youth Identities Likely Leaked
http://www.irishtimes.com/newspaper/breaking/2010/0825/breaking32.html
http://www.irishtimes.com/newspaper/ireland/2010/0825/1224277542880.html
UN Still SQL Injectable
http://www.darkreading.com/vulnerability_management/security/vulnerabilities/showArticle.jhtml?articleID=226900111
Holly Benson DoS’d
http://www.postonpolitics.com/2010/08/benson-attorney-general-website-attacked/comment-page-1/#comment-60511
InfoSec M&A
a REAL MIT Hack
http://youbentmywookie.com/wtf/epic-doctor-who-prank-tardis-materializes-at-mit-9847
Con Fu
DefCon 18 Archive
https://www.defcon.org/html/links/dc-archives/dc-18-archive.html
RuxCon CFP
http://seclists.org/bugtraq/2010/Aug/222
BlackHat Abu Dhabi CFP
https://www.blackhat.com/html/bh-ad-10/registration/bh-ad-10-cfp.html
Source Barcelona Registration
http://www.sourceconference.com/
BruCon Beta Schedule
http://blog.brucon.org/2010/08/brucon-schedule-06-released.html
HacKid Con Registration
http://www.regonline.com/register/checkin.aspx?EventId=879779
Malcon CFP
http://malcon.org/web/
Stack of Shame
http://www.zerodayinitiative.com/advisories/upcoming/
tan
29 Aug 10 at 10:50 pm