Information Security and Network Awareness

Hurricane Labs

Subscribe to Hurricane Labs: eMailAlertsEmail Alerts
Get Hurricane Labs: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Latest Blogs from Hurricane Labs
----------------CRITICAL----------------* Thunderbird* Firefox and Xulrunner* tiff* avahi* iOS 4.3 Personal Hotspot-----------------SECURITY-----------------* Android Market XSS Fixed* Iran Welcomes Hackers* Hackers versus Apple* VoIP Abuse* 6 Steps: Protect Your Android Phone---------...
----------------CRITICAL----------------* Linux kernel vulnerabilities* Logwatch* OpenJDK 6* vsftpd* samba* webkit-----------------SECURITY-----------------* Is Starbucks a Sweet Spot for Hackers?* Changing the status quo for security: Turn it on* Android Malware on the Rise* Is P2P En...
----------------CRITICAL----------------* Linux kernal vulnerabilities* pam-pgsql security update* Linksys Cisco Wag120N* Mac OS X Trojan-----------------SECURITY-----------------* Lifehacker 5 Best Browser Security Extensions* Is VoIP too secure?* Facebook's User Friendly Privacy Poli...
----------------CRITICAL----------------* glibc and alloca()* RaksoCT SQL Injection* Novell Netware RPC-----------------SECURITY-----------------* FBI Top 10 Internet Crimes* Mac Thunderbolt Security Concerns* Apple Shares OS X Lion with Security Experts--------------------------------...
----------------CRITICAL----------------moodle- [http://seclists.org/bugtraq/2011/Feb/231]Cisco Secure Desktop CSDWebInstaller- [http://seclists.org/fulldisclosure/2011/Feb/614]Cisco TelePresence Multipoint Switch- [http://seclists.org/fulldisclosure/2011/Feb/598]avahi- [http://seclist...
----------------CRITICAL----------------openafs security update- [http://seclists.org/fulldisclosure/2011/Feb/347]phpmyadmin security update- [http://seclists.org/fulldisclosure/2011/Feb/352]Django vulnerabilties- [http://seclists.org/fulldisclosure/2011/Feb/384]Cisco Security Agent Ma...
----------------------------------Daily News 2011-02-16--------------------------------------------------CRITICAL----------------openssl- [http://seclists.org/bugtraq/2011/Feb/170]shadow vulnerability- [http://seclists.org/fulldisclosure/2011/Feb/329]Ruby on Rails- [http://seclists.org...
----------------------------------Daily News 2011-02-09--------------------------------------------------CRITICAL----------------Adobe Acrobat Reader multiple vulnerabilities- [http://seclists.org/fulldisclosure/2011/Feb/180]- [http://seclists.org/fulldisclosure/2011/Feb/181]- [http://...
----------------------------------Daily News 2011-02-08--------------------------------------------------CRITICAL----------------proftpd- [http://seclists.org/fulldisclosure/2011/Feb/173]Microsoft Office Excel Office Art- [http://seclists.org/bugtraq/2011/Feb/50]- "…can lead to code ex...
----------------------------------Daily News 2011-02-07--------------------------------------------------CRITICAL----------------HTC Peep- [http://seclists.org/fulldisclosure/2011/Feb/49]- "…vulnerabilities during the authentication process against the Twitter service…"Apache Tomcat mu...
OpenDLP is a great time saving tool when looking for sensitive data on windows machines but one pain with using it is that it requires a username and password for the target machine. Passwords are not always a luxury provided when conducting a pentest, but password hashes are usually p...
----------------------------------Daily News 2011-02-03--------------------------------------------------CRITICAL----------------OpenOffice.org vulnerabilities- [http://seclists.org/fulldisclosure/2011/Feb/17]- "…a remote attacker could execute arbitrary code with user privileges."VLC ...
----------------------------------Daily News 2011-02-02--------------------------------------------------CRITICAL----------------Linux kernal vulnerabilities- [http://seclists.org/fulldisclosure/2011/Feb/7]- "…exploit this to crash the host system, leading to a denial of service."Cisco...
----------------------------------Daily News 2011-02-01--------------------------------------------------CRITICAL----------------Subversion vulnerabilities- [http://seclists.org/fulldisclosure/2011/Feb/2]- Affects Ubuntu 6.06 LTS, 8.04 LTS, 9.10, 10.04 LTS, 10.10Apache CouchDB XSS- [ht...
----------------------------------Daily News 2011-01-31--------------------------------------------------CRITICAL----------------Google Chrome .replace DOS- [http://www.exploit-db.com/exploits/16079]IE MHTML XSS- [http://www.exploit-db.com/exploits/16071]Adobe ColdFusion- [http://secli...
When people talk about the merits of Open Source software vs closed source/proprietary software, one of the most common advantages listed for open source is "you have the source, you can modify it, you can change it". This is my worst favorite argument, and I even catch our own sales g...
Realplayer Remote Code Exectution - [http://seclists.org/fulldisclosure/2011/Jan/518] FreeBSD 8.0 Local Denial of Service - [http://www.exploit-db.com/exploits/16064]
----------------------------------Daily News 2011-01-27--------------------------------------------------CRITICAL----------------OpenOffice vulnerabilities fixed- [http://seclists.org/fulldisclosure/2011/Jan/473]OpenOffice Memory Corruption- [http://seclists.org/fulldisclosure/2011/Jan...
----------------------------------Daily News 2011-01-26--------------------------------------------------CRITICAL----------------syslog-ng wrong file permission vulnerability- [http://seclists.org/bugtraq/2011/Jan/153]- "…allow anybody with local access to read and write the log files…...
----------------------------------Daily News 2011-01-25--------------------------------------------------CRITICAL----------------Ubuntu Tomcat- [http://seclists.org/bugtraq/2011/Jan/136]- "…a remote attacker could exploit this to modify the contents, or steal confidential data…"- Affec...
----------------------------------Daily News 2011-01-24--------------------------------------------------CRITICAL----------------Adobe Flash Player vulnerabilities- [http://seclists.org/bugtraq/2011/Jan/132]- "…possibly resulting in the execution of arbitrary code with the privileges o...
----------------------------------Daily News 2011-01-21--------------------------------------------------CRITICAL----------------Microsoft Fax Cover Page Editor Vulnerability- [http://seclists.org/bugtraq/2011/Jan/125]- "…demonstrates the possibility of executing code immediately after...
A long time ago (a long, long, time ago) when I was a fledgling systems administrator/web person thing. I used to get told that security products were "too hard to use" by my very short-sighted boss at the time. "You'll never get that configured, it's too hard to use in production, bla...
In case you hadn't heard, Hurricane Labs has a URL shortening service, similar to bit.ly and tinyurl.com. The URL is www.hlurl.com, and its free to use. If your client supports it, you can even set up automatic URL shortening with it. The following URL would create an hlurl for our blo...
----------------------------------Daily News 2011-01-20--------------------------------------------------CRITICAL----------------Sudo vulnerability- [http://seclists.org/fulldisclosure/2011/Jan/378]- "…sudo would not prompt for a password when a group was specified in the Runas_Spec."-...
I get accused (often accurately) of not paying much attention to Microsoft Security tools so I decided to have a look at one that caught my eye this week. It is the Microsoft Attack Surface Analyzer and it's pretty not bad, okay it's pretty good, so far. Here's my adventure in Microsof...
----------------------------------Daily News 2011-01-19--------------------------------------------------CRITICAL----------------Asterisk Stack Buffer Overflow- [http://seclists.org/bugtraq/2011/Jan/109]- "When forming an outgoing SIP request while in pedantic mode, a stack buffer can ...
As we're all aware, the tech world travels lightning fast - tradeshow conferences, software upgrades, vulnerabilities, data leaks - blink and you just might miss it. Well fear not, Hurricane Labs is here to help. Everyday we'll be compiling an easy-to-skim, Flintstones vitamin-sized pi...
As a lot of news outlets are reporting, the FCC today voted (3-2 along party lines, for the record) on new rules regarding net neutrality. Several websites are reporting vastly different interpretations of these rules, including:Engadget (http://hlurl.com/k2): FCC passes limited net ne...
I received a call this evening from a co-worker concerned about an interesting pattern in our monitoring system. Normally, many things can be happening at once when monitoring a large number of networks, so fake patterns can sometimes emerge. Unfortunately, tonight's pattern was very r...
This morning a worm has been crawling its way profile to profile over the "twitterverse". The worm has been spreading via a cross site scripting bug that exists when tweeting a specially crafted update -http://a.no/@"onmouseover=";$('textarea:first').val(this.innerHTML);$('.status-upd...
It seems a common misconception of our semi-annual Hurricane Labs Hack Challenge (http://www.clevelandhacks.com -- #hackchallenge on twitter) is that our challenge network is somehow fortified and that we use the challenge to "test defenses". Well that has never been the case (though ...
3:00am. Your phone is ringing off the hook, your Facebook wall is filled with derogatory comments, and there are 27 pizza delivery men waiting at your front door. As you sit in bed sipping your ice-cold Hoffachino with your Macbook propped up on your lap you start thinking to yourself,...
We have a saying where I'm from "once you have physical access to a machine, game is over." Well ATMs are thought to be special because they are super secure and physical access is kind of a requirement for them. You would think their manufacturers, providers, customers, someone would ...
Last week was the 18th year of DefCon, the hacking convention that takes place in Las Vegas, NV. A colleague of mine and myself headed out to the conference with intentions of learning something new. As usual, we were not disappointed. The conference itself was bigger than ever, clocki...
With the internet buzzing about the latest Windows exploit against LNK files I took a chance to look at the topic from an attackers perspective and also from a defensive perspective. A module for this attack has been added to the metasploit repository so we will use it in this example....
I think I'm going to start a photo-journal of just all the unlocked, unattended doctor/nurse/medical assistant workstation. Basically this is similar to http://hlurl.com/fa but this time I was able to actually talk to the nurse and doctor involved and get their insight. This one is br...
Physical security is something we take seriously at Hurricane Labs for both ourselves and for our customers. Lately, the penetration testing team has been researching how to exploit some vulnerabilities that many office-type settings have. Here are just a few examples of what we uncove...
Folks that know me know one thing about me for certain, I am a conflicted individual. On the one hand I detest encryption as a security mechanism and on the other I LOVE encryption as a privacy mechanism. In the same day, nay, sometimes in the same hour I can argue for and against SSL ...
This past weekend Offensive Security held a capture the flag event to raise money for Hackers for Charity. After participating in their previous capture the flag event it was an easy decision to sign up for this one. Information about the event can be found on the following page - http...