2. Major news of the month
● Turkey Uprest
● Thailand Coup
● Ebay Hacked and fake DB sold on ebay
● Reflection attacks continue
● Heartbleed rated as 5/10 on CVSS2
● USA charges 5 chinese national for cyber-espinoge
● Silverlight Exploits are on the rise
● Multitude of Defacements and lots of hacks
● Few interesting tools / updates released
3. Major hacks
● Ebay Hack
– Reportedly hacked in 2013
– DB Stolen
– Someone sold fake userdb on ebay.
● Bit.ly
– users' email addresses, encrypted passwords, API keys
and OAuth tokens
● Orange
– 1.3 million user db (name,email,phone)
4. ATS Failure : Memory exhaustion
● As aircraft flew through the region, the $2.4 billion system made by
Lockheed Martin Corp, cycled off and on trying to fix the error, triggered by
a lack of altitude information in the U-2's flight plan, according to the
sources, who were not authorized to speak publicly about the incident.
● FAA spokeswoman Laura Brown said the computer had to examine a large
number of air routes to "de-conflict the aircraft with lower-altitude flights".
● She said that process "used a large amount of available memory and
interrupted the computer's other flight-processing functions".
● The FAA later set the system to require altitudes for every flight plan and
added memory to the system, which should prevent such problems in the
future, Brown said.
● Ref :
http://www.reuters.com/article/2014/05/12/us-airtraffic-bug-exclusive-idUS
BREA4B02320140512
5. Interesting Read's
● Voicemail based 2FA Bypass
– If password is exposed
– Request 2FA while making sure the owner is on call.
– Request goes to voicemail, hack and retrieve
– http://blog.shubh.am/how-i-bypassed-2-factor-authentication-on-
google-yahoo-linkedin-and-many-others/
● Ad network based RCE attack
– RCE in “Yahoo“, “Microsoft MSN“, And “Orange“
– Hosted ad network flaw
– http://www.sec-down.com/wordpress/?p=409
6. Heartbleed Updates
● CA system vulnerable to heartbleed
http://seclists.org/fulldisclosure/2014/May/76
● Rated as 5/10 in CVSS version 2
● Certification drama
7. Interesting Bits
● STONED by bitcoin
– Someone embedded STONED virus signature in bitcoin blockchain.
● CTF Guide
– https://trailofbits.github.io/ctf/
● Owning network using PUT
– http://niiconsulting.com/checkmate/2014/04/owning-enterprise-http-put
/
● Oauth Security by Egor Homokov
– http://www.oauthsecurity.com/
● IOS CheatSheet
– https://www.owasp.org/index.php/IOS_Application_Security_Testing
_Cheat_Sheet
8. Interesting Bits
● Facebook launched its own SDCARD Encryption library for
Android
– https://facebook.github.io/conceal/
● Microsoft Outlook stores plain text emails on android device
– http://blog.includesecurity.com/2014/05/mobile-app-data-privacy-
outlook-example.html
● PDFium is opensource
– https://code.google.com/p/pdfium/
● Github allows username forging via global user.email
● XML Attacks : http://packetstormsecurity.com/files/126764
9. Interesting Bits
● Skype stores in plaintext data
– In Linux: /home/user/.Skype/skypename/
– In Mac OS X: /Users/user/Library/Application
Support/Skype/skypeuser
– In Windows :
C:UsersUsernameAppDataRoamingSkypeskyp
e.id
● ios 7.1.1 claimed to be jailbroken by ionic
10. Full Disclosure
● Telegram authentication bypass :
http://seclists.org/fulldisclosure/2014/Apr/293
● iTunes and HP OfficeJet 6700 drivers forgot to
qoute there binaries :
http://seclists.org/fulldisclosure/2014/May/0
● Sudo Gone Wrong :
http://seclists.org/fulldisclosure/2014/May/64
12. Tools
● Sandcat opensourced : https://github.com/felipedaragon/sandcat
● iGoat Version 2.1 released :
http://www.toolswatch.org/2014/04/igoat-v2-1-released/ :
https://code.google.com/p/owasp-igoat/
● AppSensor Guide v2 : The AppSensor project defines a
conceptual framework and methodology that offers prescriptive
guidance to implement intrusion detection and automated
response into an existing application.
https://www.owasp.org/index.php/OWASP_AppSensor_Project
● Tails v1.0 – The Amnesic Incognito Live System Released :
https://tails.boum.org
13. Exploit-db stats
● Exploit DB :
– 15 : Remote Exploit
– 6 : Local Exploit
– 17 : Web Exploits
– 8 : DoS Exploits
– 9 : Whitepapers