Finding Low Hanging Fruit with Kali
Apr14

Finding Low Hanging Fruit with Kali

(BSides Nashville 2015) (Hacking Illustrated Series InfoSec Tutorial Videos) Every network has low hanging fruit, easy to find and fix vulnerabilities that will quickly improve its security posture. In this presentation we will discuss how to use Kali Linux to find the low hanging fruit on your network. We will focus on finding unnecessary services, weak passwords, exploitable vulnerabilities, and unencrypted services....

Read More
SPEAR – Redirect to SMB
Apr14

SPEAR – Redirect to SMB

We’ve uncovered a new technique for stealing sensitive login credentials from any Windows PC, tablet or server, including ones running previews of the yet-to-be-released Windows 10 operating system. Software from at least 31 companies including Adobe, Apple, Box, Microsoft, Oracle and Symantec can be exploited using this vulnerability, which we have dubbed Redirect to SMB.  Carnegie Mellon University CERT disclosed the vulnerability...

Read More
Updated: One Hacker, 4 Exploits = $225,000 Bounty – Pwn2Own 2015 results
Mar20

Updated: One Hacker, 4 Exploits = $225,000 Bounty – Pwn2Own 2015 results

Update: After earning $110,000 for his first 3 exploits, JungHoon Lee (lokihardt) took out Apple Safari using a use-after-free (UAF) vulnerability in an uninitialized stack pointer in the browser and bypassed the sandbox for code execution. That netted him another $50,000 USD and brought his daily total to $225,000. This is an amazing accomplishment for anyone, but it’s especially impressive considering he is an individual competitor...

Read More
Security Ninjas: An Open Source Application Security Training Program
Mar18

Security Ninjas: An Open Source Application Security Training Program

In order for OpenDNS to be able to make the internet secure, we need to make sure OpenDNS itself is secure. On the Application Security front, apart from performing security reviews, we also conduct internal security awareness and training exercises. What Is the Security Ninjas Program? Security Ninjas is an Application Security Training Program that I created for our software developers here at OpenDNS. It has really helped our...

Read More
GHOST Remote Metasploit Code
Mar18

GHOST Remote Metasploit Code

A demonstration of remote code execution of the GHOST vulnerability, delivered as a standalone Metasploit module, is now available. The module remotely exploits CVE-2015-0235 (a.k.a. GHOST, a heap-based buffer overflow in the GNU C Library’s gethostbyname functions) on x86 and x86_64 GNU/Linux systems that run the Exim mail server. Read...

Read More
FREAKing hell: ALL Windows versions vulnerable to SSL snoop
Mar09

FREAKing hell: ALL Windows versions vulnerable to SSL snoop

Relax! We’ve got a (server-knackering) workaround to sort things out, says Microsoft Microsoft has confirmed that its implementation of SSL/TLS in all versions of Windows is vulnerable to the FREAK encryption-downgrade attack. This means if you’re using the company’s Windows operating system, an attacker on your network can potentially force Internet Explorer and other software using the Windows Secure Channel...

Read More