SOLDIERX.COM Nobody Can Stop Information Insemination

Posted by Ben Nagy on Feb 06

Denizens of DailyDave,

Because I am not good at internets, I am just going to leave this here
and let the cool kids disseminate it with twitter or whatever the hell
you use these days.

On behalf of the selection committee (Thomas Lim, Dave and Halvar) and
the advisory adjunct (researchers of COSEINC) it gives me extreme
pleasure to announce the speakers for this year's SyScan Singapore.
Some of you may be unaware that 2012 was announced to...

Posted by Isaac Dawson on Feb 04

How hard of a time the FBI is going to have with removing anonymous from
their networks now? This whole leaked conference call recording reminded me
of an email Dave sent out (which I can't seem to find) where he mentioned
the longer an attacker is ingrained in your network, the harder they are to
remove.
-Isaac

Posted by dan on Feb 04

FYI. It is a good meeting.

--dan

------- Forwarded Message Body

I'm writing to remind you that the submissions deadline for the 5th
USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET '12)
is just under three weeks away.

Please submit your work by Thursday, February 23, 2012, 11:59 p.m. PST.
http://www.usenix.org/leet12/cfpb

Now in its fifth year, LEET continues to provide a unique forum for the
discussion of...

Posted by Dave Aitel on Jan 30

Democratic Cyber Security Plan (to be voted on this week or something):
http://www.opencongress.org/bill/112-s413/show
Today's Republican response (which can be summed up to "I don't think
so", but the "regulation" angle is a continuing tough one here):
http://www.politico.com/news/stories/0112/72120.html

Also, the WSJ posted an opinion piece this weekend on cyber-security:...

Posted by Dave Aitel on Jan 27

Dear DD - attached is some red meat. :>
-dave

Introduction

It is, of course, very possible that hackers will get to help choose
America's next president. Possibly not in the most direct way (aka,
attacking the electoral system directly, the candidates, or the super
PACs that support their campaigns), although this did happen to some
extent last time around
<...

Posted by Dave Aitel on Jan 19

INFILTRATE 2012 is over (as of an hour from now). I will say that all
the talks, especially the keynotes, exceeded our expectations. That's a
good thing - we had high expectations even of Thomas Lim!

Here is one review:
http://blog.opensecurityresearch.com/2012/01/infiltrate-wrap-up.html

Immunity gave two talks ourselves. We'll release Leo's later, but you
should read Mark's now:
And here is Mark's Prezi:...

Posted by Dave Aitel on Jan 09

So we ordered quite a few open bars for INFILTRATE people - one of which
is the night before the conference (see below). Also, as a reminder, the
Master Class and Unethical Hacking classes DO start on Sunday. That's
SUNDAY. Not MONDAY. You can ask me why during one of the many open bars! :>

Also if you are on the twitterz you should probably follow
@InfiltrateCon (https://twitter.com/#!/infiltratecon
<...

Posted by Dave Aitel on Jan 09

Every so often you see a ton of effort from a security person go into a
platform or protocol that most people ignore. For example, X405, or
MSRPC or DCERPC or HTTP or the BlackBerry Playbook. I don't have a good
way to explain it, but there's an event horizon where once you've
understood a platform enough, the only way to secure it against you is
to turn it off or tunnel it completely under something that provides its
own...

Posted by Andrew Case on Jan 09

We are writing to announce that our paper on Android memory forensics has
just been published in the Journal of Digital Investigation. Please see the
following blog post for complete details and the paper:

http://dfsforensics.blogspot.com/2012/01/new-paper-acquisition-and-analysis-of.html

If you have any questions or comments please reply to this Email or comment
on the blog.

Thanks,
Andrew

Posted by Michal Zalewski on Jan 06

This reminds me of the wise words of the chairman of Trend Micro:

"Android is open-source, which means the hacker can also understand
the underlying architecture and source code. We have to give credit to
Apple, because they are very careful about it. It's impossible for
certain types of viruses to operate on the iPhone."

Shortly thereafter, Kaspersky "joined" the open source community, and
now looks like Symantec will,...

Posted by Mohammad Hosein on Jan 06

"Sadly, we'll likely never know the answer."
how come ? attackers can easily post details on how they compromised the
targets and to whom they belong and considering there could be a couple of
names and , perhaps , some phones or emails included in such leak , it
shouldnt be hard to connect the dots . the cybergames between Pakistani and
Indian groups is going on for a very long time now and although people in
forums and tweets are...

Posted by William Arbaugh on Jan 06

Security Week ran a story that Symantec's AV source was obtained (and soon to be released) via a compromise of an
Indian Military Intelligence server.
http://www.securityweek.com/symantec-investigating-possible-theft-norton-av-source-code

Symantec issued a statement that the compromise and eventual release of the source does not place customers at risk
since the source is 4+ years old....

Posted by Dave Aitel on Jan 06

Just how bad is that Sec-Consult Apache Struts vulnerability...

(from their advisory)
___

2.) Remote command execution in Struts <= 2.3.1 (CookieInterceptor)

Given struts.xml is configured to handle all cookie names (independent
of limited cookie values):
<action name="Test" class="example.Test">
<interceptor-ref name="cookie">
<param...

Posted by h1kari on Jan 05

Hey guys,

Sorry about the shameless self-promotion, but I just thought I'd
mention that my wife and I run a technical bookstore in Seattle and
we're part of the computer security community (I started and run
ToorCon/ToorCamp/etc) so our bookstore is obviously heavily based
around supporting the local community and fostering tech innovation in
the area.

I say this because we just started selling Google eBooks and so if you
have a...

Posted by Dave Aitel on Jan 04

So I personally wasn't a huge fan, but more than one person has
suggested Daemonby Leinad Zeraus. But you can't buy this in electronic
format anymore for some reason, and I can't find the torrent on
PirateBay, so it's not eligible! You're better off reading Daniel Keys
Moran's AI War instead. :>
http://www.amazon.com/I-War-Book-One-ebook/dp/B004XMR5A4

At this year's INFILTRATE, due to a few factors, we have...

Posted by I)ruid on Jan 04

Hello,

InfoSec Southwest is proud to announce our keynote speaker and
first-round speaker selections for our 2012 conference. Our CFP remains
open until February 1st 2012 after which we will make our remaining
final speaker selections. CFP information is available at:

http://www.infosecsouthwest.com/cfp.html

Keynote Speaker: Peiter "Mudge" Zatko

We're quite excited to have Mudge accept our invitation to be our
Keynote...

Posted by Michal Zalewski on Jan 03

Okay!

/mz

PS. And yeah, thanks for the review :-)

Posted by Dave Aitel on Jan 02

So this is my review of lcamtuf's book, which is this: It's the best
book out there on web security right now, and if we had more time, we'd
buy one for every student at the INFILTRATE WebHacking class.

The book is less an attempt to "teach" web security than the result of
lcamtuf's extremely deep and systematic review of the basement of web
technology. I think only lcamtuf could have written it, since it not
only...

Posted by Dave Aitel on Jan 02

For those of you traveling to INFILTRATE (in just a few short days!) I
wanted to post a list of books, so you don't end up reading the whole
Stain trilogy, or "The Lucky One" or something like that.

First off, thrillers/spy books:
Robert Baer is a bit political, but he's a very good writer and all his
books are extremely readable. You'll remember him from incoherent movies
(Syriana) that were based on his books, just...