HNNCast.2010.09.17
HNNCast for the third week of September, 2010
Top Stories
Here’s Your Virus, What’s Inside the Worm, Ah Doh Be Yet Again, Stux with Stuxnet, IOError Finds the Needle in the Haystack
News
Moar Hack is Whack, Shaq, OpenX Attack, heI Hope You Enjoyed Your Stay, Employees Goin’ Rogue
Tool Time
NCrack, WinAPIOverride32, WinObj, StreamArmor, RIPS, Sandcat, Nessus iPhone, Metasploit Express, Fiddler Core, HexInject, SET
Quickies
I’m DDoS, HDCP Key, Defcon Social Engineering Challenge Report, Free Malaysia Under Attack, pwn Your Space, One Turk v. the World, Web Hacking Indicent Database Semiannual, One Million Malware March, Cyber Security Awareness Month
Con-Fu
1st Interpol Information Security Conference, THOTcon CFP, POC CFP, DojoCon CFP, Rooted Con CTF Posted, Astaro/Sector Bus, B-Sides World Wrap-up, CCCorection
Stack of Shame
count: 142 (-7)
days til day zero: 140
up for release on day zero: 138
birthdays: none
One Response to 'HNNCast.2010.09.17'
Subscribe to comments with RSS or TrackBack to 'HNNCast.2010.09.17'.
Leave a Reply
You must be logged in to post a comment.
Posted: September 20th, 2010
at 7:41am by spacerog
Tagged with "Adobe Reader", "cross-site scripting", "Flash Player", .NET, ActiveX, Adobe, alternate data streams, Anna Kournikova, Anti-Virus, ASM, Astaro Bus, Atlanta, Aurora, autorun, AV, B-Sides World Wrap-up, Baltimore Substance Abuse Systems, black box, Brigades of Tariq ibn Ziyad, browser defense, Brussels, CCC, CFP, checksum, Chicago, ciber-jihad, COM, credit card fraud, CTF, Cyber Security Awareness Month, cyber-bullying, cyber-stalking, Dallas/Ft. Worth, David Barksdale, DDoS, defacement, Defcon Social Engineering Contest, Delaware, Dew Delhi, Dojocon, Fiddler Core, file type detection, Google, Hack is Whack, Halifax, hardcoded password, Haystack, HDCP, HDMI, HEI Hospitality, Here You go, HexInject, Hong Kong, I Love You, I'm DDoS, IBM, imddos.org, IMPACT, Information Security Conference, instant messenger, Interpol, IOError, Iran, Iraq, Jacob Applebaum, Kansas City, Las Vegas, LNK, London, Malaysia, malware, Marriott, Mellisa, Metasploit Express, Microsoft, NCrack, Nessus iPhone, network authentication cracking, ofc_upload_image.php, OLE, One Turk Against the World, Open Flash Chart 2, OpenX, Ottawa, Outlook, Own Your Space, patch schedule, PDF, phishing, PHP, Pirate Bay, POC, POS, Rapid 7, RDP, Rick-Roll, RIPS, Rooted Con, rootkit analytics, Sandcat, screensaver, SECtor, SecureWorks, security bug, Seimens, Seoul, SET, Shaquille O'Neal, Sheraton, Snoop Dogg, Social Engineer Toolkit, socialengineer.org, Spider Labs, static source code analyis, StreamArmor, Stuxnet, SugarHouse Road, Symantec, SysInternals, teensy HID payloads, Tenable, Terry Jones, Thotcon, Toronto, TrustWave, Turkish Attacker, Twitter, US Army, Virginia, virus, vulnerability, web application scanner, Web Hacking Incident Database Semiannual Report, Westin, white box, WinAPIOverride32, WinCC, WinObj, worm, Zero Day Initiative, zero-day
Comments: 1 comment
HNNCast for the third week of September, 2010
Top Stories
Here’s Your Virus
http://www.theregister.co.uk/2010/09/10/email_worm_spreading/
http://abcnews.go.com/Technology/virus-mail-spreads-online/story?id=11596433
What’s Inside the Worm
http://www.youtube.com/watch?v=IkMifFGqt78&feature=player_embedded
http://www.darkreading.com/insiderthreat/security/attacks/showArticle.jhtml?articleID=227400137
Ah Doh Be Yet Again
http://www.scmagazineus.com/adobe-discloses-flash-bug-moves-up-reader-fixes/article/178839/
http://www.theregister.co.uk/2010/09/13/adobe_flash_0day_vuln/
http://threatpost.com/en_us/blogs/researchers-google-aurora-attackers-back-business-091310
Stuck with Stuxnet
http://www.pcworld.com/businesscenter/article/205420/siemens_stuxnet_worm_hit_industrial_systems.html
http://krebsonsecurity.com/2010/09/stuxnet-worm-far-more-sophisticated-than-previously-thought/
IOError Finds the Needle in the Haystack
http://www.wired.com/threatlevel/2010/09/haystack/
http://www.haystacknetwork.com/faq/
http://www.freedom-to-tinker.com/blog/felten/why-did-anybody-believe-haystack
http://www.oblomovka.com/
News
Moar Hack is Whack
http://www.youtube.com/watch?v=hczaiM3LH0M&p=25019D74BA7009D1&playnext=1&index=16
http://www.theregister.co.uk/2010/09/09/symantec_hackiwack_rickrolled_again/
Shaq
http://www.myfoxorlando.com/dpp/entertainment/091510-shaq-sued
http://www.radaronline.com/print/36198
http://www.f-secure.com/weblog/archives/00002030.html
OpenX Attack
http://torrentfreak.com/hackers-target-and-exploit-pirate-bay-ad-server-100913/
http://www.h-online.com/open/news/item/Year-old-vulnerability-endangers-OpenX-ad-server-1078115.html
heI Hope You Enjoyed Your Stay
http://www.computerworld.com/s/article/9184398/Hotel_operator_warns_of_data_breach
Employees Goin’ Rogue
http://weblogs.baltimoresun.com/news/crime/blog/2010/09/employee_charged_with_hacking.html
http://gawker.com/5637234/
Tool Time
http://security-sh3ll.blogspot.com/2010/09/ncrack-03alpha-released.html
http://jacquelin.potier.free.fr/winapioverride32/
http://technet.microsoft.com/en-us/sysinternals/bb896657.aspx
http://security-sh3ll.blogspot.com/2010/09/released-streamarmor-11.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+security-shell+%28Security-Shell%29
http://security-sh3ll.blogspot.com/2010/09/rips-version-033-released.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+security-shell+%28Security-Shell%29
http://www.syhunt.com/?n=Sandcat.4W
http://blog.tenablesecurity.com/2010/09/announcing-the-nessus-iphone-app.html
http://www.metasploit.com/express/
http://www.fiddler2.com/fiddler/core/
http://hexinject.sourceforge.net/
http://www.social-engineer.org/framework/Computer_Based_Social_Engineering_Tools:_Social_Engineer_Toolkit_%28SET%29
Quickies
http://imddos.org/?jdfwkey=0gc022
http://www.damballa.com/IMDDOS/
http://www.engadget.com/2010/09/14/hdcp-master-key-supposedly-released-unlocks-hdtv-copy-protect/
http://www.technewsdaily.com/drm-crack-mostly-meaningless–1221/
http://pastie.org/1157833
http://www.darkreading.com/insiderthreat/security/vulnerabilities/showArticle.jhtml?articleID=227400472
http://www.social-engineer.org/general-blog/defcon-18-social-engineer-ctf-contest-findings-report-summary/
http://www.infosecurity-magazine.com/view/12466/malaysian-government-critics-silenced-with-ddos-attacks/
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=87583728-ef14-4703-a649-0fd34bd19d13&displayLang=en
http://www.thetowntalk.com/article/20100912/NEWS01/9120329/1002/One-of-city-of-Alexandria-s-websites-hit-by-hacker
https://www.trustwave.com/spiderLabs-papers.php
http://www.darkreading.com/smb-security/security/app-security/showArticle.jhtml?articleID=227400494
Con-Fu
http://www.iisc2010.org/
http://www.thotcon.org/sponsors.html
http://seclists.org/bugtraq/2010/Sep/78
http://www.powerofcommunity.net/
http://www.dojocon.org/
http://www.rs-labs.com/rooted2010-ctf/
http://blog.uncommonsensesecurity.com/2010/09/sectorbus-will-roll-will-you.html
http://www.securitybsides.org/
Stack of Shame
http://www.zerodayinitiative.com/advisories/upcoming/
tan
20 Sep 10 at 8:58 am