7MS #205: News and Links Roundup
What follows are some of my favorite training opportunities, news bits, tools/scripts and humorous stories to send you into the weekend with!
- BHIS has a Webcast coming up June 23rd from 2p-3p EST described as:
When your job is to act as a malicious attacker on a daily basis for the good of helping organizations, you can’t help but wonder “What if I decided to embrace the evil within?” What if one day we woke up evil? Every day as pentesters, we compromise organizations through a variety of ways. If I were to wake up one day and decide to completely throw ethics out the window, how profitable could we be, and could we avoid getting caught?
In this talk we will walk through a detailed methodology about how we go about exploiting organizations for fun and profit, this time not under the “white hat.” Non-attribution, target acquisition, exploitation, and profit will be the focal points. Blue teamers will get a peek into the mindset of a dedicated attacker. Red teamers will learn a few new techniques for their attack methodologies.
You can sign up here.
- Tim Tomes PWAPT (Practical Web Application Penetration Testing) is coming to Boston on July 18-19. In Tim's invite he says:
I've added some new content to this edition of PWAPT. The new content includes advanced vulnerabilities such as Blind SQL Injection, DOM XSS, and Server-Side Template Injection to name a few. See my [training page](http://www.lanmaster53.com/training/ ) for more details and get [signed up](https://www.regonline.com/Register/Checkin.aspx?EventID=1844420 ) today!
- Tradecraft Tuesday looks like a fun/interactive way to hear about the latest hacker techniques:
Every Tuesday at 12pm ET, Chris Bisnett and Kyle Hanslovan expose the techniques used by hackers. With their 20 combined years in offensive cyber security and digital forensics, Chris and Kyle cover a new topic each week in a LIVE video chat. These unrehearsed conversations allow anyone to join in, ask questions, and share their experiences from offensive and defensive perspectives. In case you miss an episode, each recorded session will be uploaded to Cybrary’s new CH4NN3L platform.
- Who doesn't like free books? Especially related to security and hacking! Keep looking at Packtpub's free learning page often to get a continuous stream of great e-books (special thanks to Lorddrachenblut and Xoke for the tip (and speaking of free training, be sure to check out their Open FOSS Training site.
A reminder to patch all your Microsoft things as this patch Tuesday was a big one:
16 batch bundles addressing 40+ flaws - including BadTunnel which affects all versions of Windows going as far back as Win 95.
On a related note: this is cool - Shavlik does a monthly Webinar on Patch Tuesday.
- Lets Encrypt let a few emails slip:
As the announcement explained, the blooper was committed "via an automated system which contained a bug that mistakenly prepended between 0 and 7,618 other email addresses to the body of the email. The result was that recipients could see the email addresses of other recipients."
"Each email mistakenly contained the email addresses from the emails sent prior to it," added Let's Encrypt, "so earlier emails contained fewer addresses than later ones."
Speaking of letting emails slip, I got a goofy one from the UPS Store this week (listen to today's episode for more info).
Update: it's fixed now, thanks Krebs!
GitHub got slammed by credential-bruting attack using reused usernames and passwords from other recent breaches. Might be a good idea to change that password, just in case. Here's Github's statement on the matter.
uTorrent forms were also breached so you might want to change your password there as well.
If you use 2FA that's great! However, just make sure not to fall for this text scam which thwarts it.
Who hacked the Democratic National Committee? CrowdStrike concluded it was multiple Russian hacker groups but then a lone hacker named Guccifer took credit. Either way, Tomer Weingarten, CEO of SentinelOne, emphasized that attribution is tough:
"Attribution is hard—not always accurate, but in some cases doable," Weingarten said. "And who knows—maybe there were multiple hackers inside the DNC network."
Microsoft to buy LinkedIn for for $26 BEEELION dollars. Personally, I only wonder if this means Clippy will make a comeback?!
The ClamAV (sorta) 0-day is embarassing. What's maybe more embarrassing is there are so many machines exposed to the Internet running it!
Pentesting a solid network? Use Nessus as a weapon.
It looks like you can get a 10-device license for Sophos Home for free. Note: this is not any kind of referral link and I'm not getting any perks/payment or anything like that. I signed up and haven't installed it yet, but looks to be legit!
A whole slew of Steam games and other goodies are on sale via a "pay what you want" offering from HumbleBundle.
I think we've all felt like Info Security Jerk at one time or another:
"Sometimes I just want to rip off the heads of the developers at work and crap down their necks. Sometimes I want to skip step one."
Coworkers leaving their computer unlocked? Maybe ruining their search history will teach them better.
7ms.us has some BPATTY updates:
- Table of contents (finally, I know ;-)
- Added section on using SimpleHTTPServer with specific port
- Added reminder to "make" aha before running it
- Added SSH example to the Hydra section
- Section on using
catto get a list of only unique values from a file
- Started section on