PowerShell for Fun and Profit – Paul’s Security Weekly #590
January 18, 2019
Joff will demonstrate some syntax with PowerShell useful for transferring data into a network while pen testing. The technical segment assumes that the pen testing is able to directly use PowerShell from the console itself, although the techniques can be adapted for different purposes.
Two charged with hacking company filings out of SECs EDGAR system - Wow: According to the indictments, Radchenko, Ieremenko and others conspired to pry open the SEC’s EDGAR system, which is used by publicly traded companies to file required financial disclosures, such as annual and quarterly earnings reports. Those reports are full of information that can lead to profit for those who get their hands on them, including details about companies’ financial health, operations and earnings. Such information can and often does affect companies’ stock prices when it’s publicly disclosed.
Two Code Execution Flaws Patched in Drupal | SecurityWeek.Com - One of the flaws has been described as a weakness that allows remote execution of arbitrary PHP code. The issue is related to the phar stream wrapper built into PHP and how it handles untrusted phar:// URIs. “Some Drupal code (core, contrib, and custom) may be performing file operations on insufficiently validated user input, thereby being exposed to this vulnerability,” Drupal developers explained in an advisory. “This vulnerability is mitigated by the fact that such code paths typically require access to an administrative permission or an atypical configuration.”
773M Password Megabreach is Years Old Krebs on Security - Is it illegal to sell password dumps if you did not perform the actual attacks? Sanixer said Collection#1 consists of data pulled from a huge number of hacked sites, and was not exactly his “freshest” offering. Rather, he sort of steered me away from that archive, suggested that — unlike most of his other wares — Collection #1 was at least 2-3 years old. His other password packages, which he said are not all pictured in the above screen shot and total more than 4 terabytes in size, are less than a year old, Sanixer explained.
Prices for Zero-Day Exploits Are Rising - Schneier on Security - I don't buy this from Geer, I don't trust the Government and expect they would skim exploits off the top, well, the good ones anyhow: "There is no doubt that the U.S. Government could openly corner the world vulnerability market," said Geer, "that is, we buy them all and we make them all public. Simply announce 'Show us a competing bid, and we'll give you [10 times more].' Sure, there are some who will say 'I hate Americans; I sell only to Ukrainians,' but because vulnerability finding is increasingly automation-assisted, the seller who won't sell to the Americans knows that his vulns can be rediscovered in due course by someone who will sell to the Americans who will tell everybody, thus his need to sell his product before it outdates is irresistible."
Quantum-embedded chips could secure IoT - Not-so-sure this fixes the IoT security problem, Quantum Crypto fixes everything though, right? “The world's first quantum-driven secure chip (QDSC), on silicon, which, when combined with cryptographic APIs, provides highly scalable, integratable, easy-to-implement and seamless end-to-end security for any connected device,” the company claims. The chips generate large quantities of unique cryptographic keys using quantum processes, Crypto Quantique explains.
New Attacks Target Recent PHP Framework Vulnerability - Great point: One of the payloads Cashdollar has seen delivered is a Mirai variant – a development he has worried about, he says. "I had been waiting for Mirai botnet kits to include Web app code in their arsenal," he says, "and this was an indicator that it's happening." The code being executed through the PHP framework calls can skip a series of steps long considered essential for malware. "Back in the 1990s, people were always trying to get root access," Cashdollar says. "Now it doesn't matter. They just want to execute code on the system as any user so they can share malware or mine coin. They want to execute code on as many systems as possible."
Microsoft Launches New Azure DevOps Bug Bounty Program - Nice to see MS supporting Devops, a little late to the party, but the technology was not mature enough until recently anyhow (and still has a ways to go): Microsoft has announced the launch of a new bug bounty program, this one aimed at Azure DevOps services and applications. The program will offer bounties of up to $20,000 for new bugs and vulnerabilities discovered in the company's Azure DevOps online services and the latest release of Azure DevOps server.
Follow us on Twitter: https://www.twitter.com/securityweekly
[caption id="attachment_210" align="alignleft" width="120"] Joff Thyer - Security Analyst, Black Hills Information Security.[/caption]
[caption id="attachment_210" align="alignleft" width="120"] Paul Asadorian - CEO, Security Weekly.[/caption]
[caption id="attachment_210" align="alignleft" width="120"] Doug White - Professor, Roger Williams University.[/caption]
[caption id="attachment_210" align="alignleft" width="120"] Lee Neely - Senior Cyber Analyst , Lawrence Livermore National Laboratory.[/caption]
RSA Conference 2019 is the place to be for the latest in cybersecurity data, innovation and thought leadership. From March 4-8, San Francisco will come alive with cybersecurity's brightest minds as they gather together to discuss the industry's new
If you are interested in quality over quantity and having meaningful conversations instead of just a badge scan, join us April 1-3, at Disney's Contemporary Resort for InfoSec World 2019 where you can connect and network with like-minded individuals
The Sequoia Project, in partnership with ONC, released the 13 proposed elements of the Trusted Exchange Framework and Common Agreement (TEFCA), the standardized guidance for fueling interoperability and data exchange in health care. But some stakeholder groups are concerned the electronic health information definition is too broad for many providers.
Democratic congressman Jim Langevin, D-R.I., argued that much like how police must prioritize the work of firefighters when an arsonist lights a house on fire, the FBI and other agencies must prioritize incident response over disruptive operations and other goals when it comes to ransomware.