Daily Dave

MITM Attack on Smartphones whitepaper

Fri, 06 Nov 2009 01:54:33 GMT

Posted by Mayank Aggarwal on Nov 05

SMobile has released a detailed report on research indicating that smartphone users are just as susceptible to
man-in-the-middle (MITM) attacks as PC users. This report details the results of attempts to produce MITM attacks to
determine whether it is possible to intercept SSL encrypted communications between various smartphone devices and
servers. Of the devices that were tested, each of the major smartphone operating systems appeared to lack...

Re: PrevX and other projects

Fri, 30 Oct 2009 12:06:38 GMT

Posted by Shane Macaulay on Oct 30

The chart on their main page would be a lot more compelling if they had
conversely applied whatever method they used to collect that information.

""""These statistics are provided to show that all vendors miss threats
and cannot be interpreted to compare the effectiveness of one product to
another."""""

That seems to indicate they would show us their failure rate when
compared to these vendors? And...

PrevX and other projects

Wed, 28 Oct 2009 18:24:22 GMT

Posted by dave on Oct 28

So you can read one Immunity deliverable linked here:
http://www.prevx.com/ (look for "Independent Review").

Likewise, if you have wondered where all the Immunity Debugger scripts
ran off to, they were on the old Immunity Forum. We ripped the old forum
content out of the old database and imported into the new hotness, so
you can seem them all here:
https://forum.immunityinc.com/. I don't think Google spiders HTTPS sites
for some reason...

B. Aggressive. B. E. Aggressive. (or "One 0day is enough")

Tue, 27 Oct 2009 15:56:47 GMT

Posted by dave on Oct 27

When you go into security consulting engagements with a new business
unit you usually face a few questions from the developers and business
owners. "What is it exactly that you're going to tell us?"

We always answer this the same way: "Things that will surprise you."

Most developers have read a lot about security these days - they
understand SQL Injection, Cross Site Scripting, access control, not to
use their own...

Last mile || InfoSys 2010 [ICAS, ICNS, INTENSIVE, LMPCNA] March 7-13, 2010 - Cancun, Mexico

Tue, 27 Oct 2009 01:39:19 GMT

Posted by Jaime Lloret Mauri on Oct 26

Last mile || InfoSys 2010 [ICAS, ICNS, INTENSIVE, LMPCNA] March 7-13,
2010 - Cancun, Mexico

INVITATION

Note that we are entering the last few days of submission for the events
collocated in Cancun, Mexico

Please consider to contribute and encourage your team members and fellow
scientists to contribute to the following federated events.

The submission deadline has now been moved to November 1, 2009.

Publisher: CPS ( see:...

Re: Friday afternoon RAND fail. :>

Mon, 26 Oct 2009 16:37:40 GMT

Posted by dave on Oct 26

In related news, VulnDisco has Solaris 0day this month.
https://forum.immunityinc.com/board/thread/63/vulndisco/?page=1#post-63

One of the people who did peer review for that RAND paper emailed me.
I'll leave what he said private though. I'm sure the author (Martin C.
Libicki) has had enough people annoying him over it this morning. :>

-dave

Gunter Ollmann wrote:
...

Re: Friday afternoon RAND fail. :>

Sat, 24 Oct 2009 03:45:50 GMT

Posted by Travis Carelock on Oct 23

From Rand's new whitepaper on Cyberwarfare (pg. 73):

http://www.rand.org/pubs/monographs/2009/RAND_MG877.pdf

"""
The following hints may be indicative. Private hackers are more
likely to use techniques that have been circulating throughout the
hacker community. While it is not impossible that they have managed
to generate a novel exploit to take advantage of a hitherto unknown
vulnerability, they are unlikely to have...

Re: Friday afternoon RAND fail. :>

Fri, 23 Oct 2009 23:12:53 GMT

Posted by Gunter Ollmann on Oct 23

Friday afternoon RAND fail. :>

Fri, 23 Oct 2009 21:18:16 GMT

Posted by dave on Oct 23

Re: Exploits matter.

Fri, 23 Oct 2009 02:35:11 GMT

Posted by security curmudgeon on Oct 22

Based on discussion from this thread and internal chat:

http://blog.osvdb.org/2009/10/22/classification-exploit-status-overhaul#

Classification: Exploit Status Overhaul

Posted by jericho 31 minutes ago
OSVDB's classification system is designed to categorize certain attributes
of a vulnerability. This facilitates custom searches by a specific
attribute, helps researchers develop metrics and gives a better picture of
the vulnerability...

Re: Solvers!

Thu, 22 Oct 2009 13:24:10 GMT

Posted by nnp on Oct 22

The architecture and design of the basic algorithm behind most solvers
we use for input generation was first described in 1960 (the DPLL
algorithm) so I think we're safe from the patent mongers there ;-) As
for the logic-specific parts of the solvers, most are described in
academic papers spanning the last 40 years so I presume that
constitutes 'prior art'.

I don't know of anybody working on designing or implementing the
modern crop of SMT...

Solvers!

Thu, 22 Oct 2009 02:06:58 GMT

Posted by dave on Oct 21

I'm trying to get a django app built so I can demo some of our new tech,
but it's slow going. In the meantime today's extra credit reading and
viewing:

http://seanhn.wordpress.com/ (solver->exploits blog and paper)

http://media.blackhat.com/bh-usa-06/video/2006_BlackHat_Vegas-V7-Halvar_Flake-Need_New_Tools.mp4

That's probably Halvar's best talk - in it he chats about solving input
crafting issues with large equation solvers (from 2006 so...

SOURCE Boston 2010 Call for Papers

Mon, 19 Oct 2009 18:15:40 GMT

Posted by Christien Rioux on Oct 19

SOURCE Boston 2010 Call for Papers is Now Open!

SOURCE Boston 2010
April 21-23, 2010
Seaport Hotel
www.sourceconference.com

SOURCE is the first and only conference combining advanced technology
and security practices with the business of security. With thoughtful
attention to detail and emphasis on high quality and compelling
technical content, SOURCE is committed to delivering valuable
information in a high energy and fun environment.

SOURCE...

CanSecWest 2010 CALL FOR PAPERS (deadline Nov 30, conf. Mar22-26) and PacSec (Nov 4/5) Selections

Mon, 19 Oct 2009 17:41:54 GMT

Posted by Dragos Ruiu on Oct 19

We extend our apologies if you are inconvenienced by multiple copies of this messages.

We would like to announce the PacSec 2009 Paper Selections, and
the opening of the 2010 CanSecWest Call For Papers. Given
the proximity of the Winter Olympics in Vancouver one month
before the conference, we would advise all planning to attend
to make travel preparations well in advance for next year...

PacSec 2009 Presentations

Keynote Presentation...

[NPA] Call for Papers: International Journal of Network Protocols and Algorithms

Sat, 10 Oct 2009 23:13:22 GMT

Posted by Jaime Lloret_Mauri on Oct 10

********************* Call for Papers for Vol 1, Issue 2 *********************

Network Protocols and Algorithms

ISSN 1943-3581

http://www.macrothink.org/journal/index.php/npa/

Network Protocols and Algorithms is a free online international journal, peer-reviewed and published by Macrothink
Institute. It publishes papers focused on the design, development, manage, optimize or monitoring any type of network
protocol, communication system,...