Our Blog
Shuttleworth comments on Microsoft/Ubuntu deal rumours
Mark Shuttleworth on his blog makes it clear -snip- “We have declined to discuss any agreement with Microsoft under the threat of unspecified patent infringements.” … I have no objections to working with Microsoft in ways that further the cause of free software, and I donâ€t rule out any collaboration with them, in the event that they adopt a position of constructive engagement with the free software community. … All…
Viva Las Vegas!
BlackHat Vegas is almost on us again, and this will be the 6th year running that we present there.. This year Marco and i will be taking a new look at some old attacks.. The bulk of the talk will focus (like its name suggests) on timing attacks, but we will be looking in general at timing, race conditions and other attacks that have not yet been packaged into tools…
CSI Corporate Threat Modeling Talk
Whew. After much last-minute war with PPT C# and ORM our slides and Beta 1.0 of our tool are available on our research site. I think the slides are pretty neat, and I’m *very* excited about the tool, but unfortunately we didn’t get as far with the latter as we’d hoped to. Still, it illustrates the concept pretty nicely and its built pretty solid (thanks James) so it should grow…
Safari on Win32, and browser choices in general..
Gareth linked to David Maynor’s blog where he documents the results of some simple fuzzing against the new Win32 port of Safari. Of course fanboys everywhere are going to be on this one like, erm.. like a thing that is very onto another thing.. but.. i digress.. 2 things are interesting in all this for me though.. Why Apple chose now to do the win32 safari release Why anyone in security…
More Pentagon data leakage through Office files..
R J Hillhouse (who has a fascinating background) found that when she double clicked a graph on a slide deck belonging to the office of national intelligence (available from the DIA website), the linked spreadsheet popped up.. This effectively revealed “the dollar amounts in tens of millions spent by the US Intelligence Community on contractors”. Aages ago lcamtuf highlighted info leakage through MS Office files, and it seems these days…
Threat Modelling Talk at CSI Phoenix
After a six hour delay due to technical problems *before* my journey even started I’m finally on the plane and waiting for take off. Tag an additional five hour delay due to a missed connection in New York and this quickly become a very, very long trip. Perhaps my longest ever. Ah well, the price we pay for living at the end of the world, I guess. I’m on my…
VMware for OSX (Fusion) – Beta 4
VMware have just released beta4 of its Fusion product for OSX. The initial beta was hard to justify and a little flaky, which allowed Parallels to take an early lead. We still have people in the office who swear by parallels.. But.. in my book VMware has just been such a life saver since we first started making heavy use of it (about 6 years ago) that i figured it…
Right escalation via services or scheduled tasks in Windows
Scheduled tasks and services are often run as accounts with excessive privileges (HP Insight, backups etc) instead of limited service accounts. By exploring the tasks under c:\windows\tasks or the services by managing the computer, you can quickly see possible options to escalate your rights. By replacing at the actual exe that the service or task runs with a exe of your own, you can spawn a netcat shell. I use…
Hotel Hacking
Check out http://hongkong.langhamplacehotels.com/accom/technology.htm in Hong Kong. They provide Cisco IP phones in the rooms, but with a difference. According to an article I read in TIME the hotel will collect your most frequently dialled numbers and load them onto the touchscreen phone when you return for your next visit. Not only that, they also program the phone to show stock quotes or news and weather from your home town, AND…
Re: Jeremiah Grossmans “How to find your websites”
Jeremiah from WhiteHatSec has just written a quick piece on how to find your websites. Now Footprinting is obviously dear to our hearts, with 3 Blackhat talks on it (or applications of it) (“Automation – Deus ex Machina or Rube Goldberg Machine?“, “Putting The Tea Back Into CyberTerrorism“, “The Role of Non Obvious Relationships in the Foot Printing Process“), a commercial tool almost dedicated to it, and a full blown…