 This technical discussion list covers vulnerability research, exploit development, and security events/gossip. It was started by ImmunitySec founder Dave Aitel and many security luminaries participate. Many posts simply advertise Immunity products, but you can't really fault Dave for being self-promotional on a list named DailyDave.
List Archives
Latest Posts
Re: Fedora 12 Fail
Kees Cook (Nov 19)
I've seen variations on this sentence get repeated in a few places and I
think it's valuable to point out it should read as "Any _local_ user..."
(where "local" is defined by console-kit[1] -- see "ck-list-sessions"
command). This makes it a smaller scope of problem, but it should not
discourage anyone from reading the bug report anyway:
https://bugzilla.redhat.com/show_bug.cgi?id=534047
-Kees
[1]...
Re: Fedora 12 Fail
dan (Nov 19)
Michael Graham writes:
-+--------------------
| "I don't particularly care how UNIX has always worked." has already
| turned into a new catchphrase around here.
|
Those who do not understand UNIX are condemned to reinvent it, poorly.
-- Henry Spencer, 1987
Re: Fedora 12 Fail
Michael Graham (Nov 18)
"I don't particularly care how UNIX has always worked." has already
turned into a new catchphrase around here.
Fedora 12 Fail
Dave Aitel (Nov 18)
Probably the best Linux thread in months:
https://www.redhat.com/archives/fedora-devel-list/2009-November/msg00945.html
To sum it up, Fedora 12 is defaulting to "Any user can install any
package from the repo and then exploit it to get root". So like, if
the repo signs something hilarious like "bob's vulnerable FTP
server.rpm", every Fedora 12 server is vulnerable. Unless you've
uninstalled PolicyKit or something else...
Re: "We're in the top of the league."
Nate Lawson (Nov 13)
gold flake wrote:
The government is just a very large company. They experience the same
security problems as other big companies. I'm always annoyed to hear the
"we're under cyber attack via cyber warfare using cyber malware".
Please... you're under attack just like any other big company with
extremely valuable assets. You're not any more special than that. It's
possible the IRS is more valuable a target than Joe Random sergeant's PC.
Re: "We're in the top of the league."
gold flake (Nov 12)
I am not from US and was for almost 10 years part of my government's
cyber security setup. I can vouch for the claims regarding "some
foreign power"'s attacks. These are systematic, planned and
relentless attacks that we also faced. The vector was spear phishing
in most cases and the thumb drive method was used to propagate the
malware to the internal segment. The malware called home (mostly
China) and downloaded backdoors,...
Re: "We're in the top of the league."
Richard Bejtlich (Nov 12)
Aaron and everyone,
If anyone has doubts, or just wants to read some excellent
unclassified reporting on advanced persistent threat, please check out
this report by Northrop Grumman:
http://taosecurity.blogspot.com/2009/10/report-on-chinese-government-sponsored.html
Sincerely,
Richard
Re: "We're in the top of the league."
Dobbins, Roland (Nov 09)
Here's a pretty accurate assessment of the 60 Minutes story, IMHO:
<http://erratasec.blogspot.com/2009/11/brazil-outage-not-caused-by-hackers.html
>
-----------------------------------------------------------------------
Roland Dobbins <rdobbins () arbor net> // <http://www.arbornetworks.com>
Injustice is relatively easy to bear; what stings is justice.
-- H.L. Mencken
a brief interlude between exploits
dave (Nov 09)
There's been a lot happening in the world, and usually everyone is too
busy to comment on it. Exploit devs sometimes think of the world as the
dark troughs in a storm ocean, where the peaks are the sudden insights
of truth provided by a really good exploit, where all of a sudden you
can see for miles. Or maybe I just made all that up. In any case:
CBS says that someone turned off Brazilian power using cyber attack:...
"We're in the top of the league."
Aaron (Nov 09)
Anyone else catch the 60-minutes story about Cyber warfare? There are a lot of interesting anecdotes from Admiral Mike
McConnell (described in the story as the former top spy of the nation), Jim Lewis (director of the Center for Strategic
and International Studies), and Jim Gosler.
Some of the more WTF things admitted were:
- "Some foreign power" was able to penetrate the Pentagon by leaving infected thumbnail drives where military...
MITM Attack on Smartphones whitepaper
Mayank Aggarwal (Nov 05)
SMobile has released a detailed report on research indicating that smartphone users are just as susceptible to
man-in-the-middle (MITM) attacks as PC users. This report details the results of attempts to produce MITM attacks to
determine whether it is possible to intercept SSL encrypted communications between various smartphone devices and
servers. Of the devices that were tested, each of the major smartphone operating systems appeared to lack...
Re: PrevX and other projects
Shane Macaulay (Oct 30)
The chart on their main page would be a lot more compelling if they had
conversely applied whatever method they used to collect that information.
""""These statistics are provided to show that all vendors miss threats
and cannot be interpreted to compare the effectiveness of one product to
another."""""
That seems to indicate they would show us their failure rate when
compared to these vendors? And...
PrevX and other projects
dave (Oct 28)
So you can read one Immunity deliverable linked here:
http://www.prevx.com/ (look for "Independent Review").
Likewise, if you have wondered where all the Immunity Debugger scripts
ran off to, they were on the old Immunity Forum. We ripped the old forum
content out of the old database and imported into the new hotness, so
you can seem them all here:
https://forum.immunityinc.com/. I don't think Google spiders HTTPS sites
for some reason...
B. Aggressive. B. E. Aggressive. (or "One 0day is enough")
dave (Oct 27)
When you go into security consulting engagements with a new business
unit you usually face a few questions from the developers and business
owners. "What is it exactly that you're going to tell us?"
We always answer this the same way: "Things that will surprise you."
Most developers have read a lot about security these days - they
understand SQL Injection, Cross Site Scripting, access control, not to
use their own...
Last mile || InfoSys 2010 [ICAS, ICNS, INTENSIVE, LMPCNA] March 7-13, 2010 - Cancun, Mexico
Jaime Lloret Mauri (Oct 26)
Last mile || InfoSys 2010 [ICAS, ICNS, INTENSIVE, LMPCNA] March 7-13,
2010 - Cancun, Mexico
INVITATION
Note that we are entering the last few days of submission for the events
collocated in Cancun, Mexico
Please consider to contribute and encourage your team members and fellow
scientists to contribute to the following federated events.
The submission deadline has now been moved to November 1, 2009.
Publisher: CPS ( see:...
More Lists
Dozens of other network security lists are archived at
SecLists.Org.
|