Security 0wnage

Vulnerabilities and Exploits Flying all over in Vancouver

2010-03-26T21:57:00.001-04:00

If you want to be a witness to all kinds of new Vulnerabilities and Exploits to major Web Browsers, OS, and Mobile devices, then you should head right away to Vancouver, BC, Canada where the CanSecWest Conference is taking place. The infamous Pwn2Own contest is well underway and is bringing results like no other contest. In the past 2 days vulnerabilities in Microsoft's IE 8 was discovered and exploited by Peter Vreugdenhil a security researcher participating in this contest. Apple's Safari was also exploited mostly to Own iPhone devices. Mozilla's Firefox was not left out of the party. A security researcher that goes by the name of Nils developed the exploit to attack Firefox 3.x. Note that all of those Vulnerabilities and exploits will be reported to Vendors in order to provide sufficient patches and the exploit code will not be available until the vendors patch there products.

Nils2Own: 'I want to see security flaws fixed'

The Reason behind Conficker

2010-03-19T15:09:00.014-04:00

If you are in the security field, you probably had heard about the Conficker Worm. But for everyone else who is interested in Information Security, or anybody in the IT field, or even anyone who owns a PC, this is a concern. The Conficker Worm was on of the highlights of the first quarter of last year and the end of 2008. You will find the link at the bottom of this post that tells you all about Conficker. This post is to show you the reason behind Conficker and how it came to live. It started in October 23, 2008 when Microsoft reported a Vulnerability in their
Windows platform regarding its Networking services, MS08-067. This vulnerability allows Remote Code Execution with System level privileges. That means once you are hacked, the attacker can do whatever he wants on your machine. For Cyber-criminals this is a perfect environment for a worm spread. So they did not waste anytime and took advantage of this vulnerability. Less than a month after MS08-067 was reported, on November 21, 2008 we saw the first generation of Conficker. By January 2009, the number of infected machines ranged between 9-15 million. Today, we can still see the affect of the Conficker Worm, as Cyber-Criminals has been using all the infected machine as Cyber real state for Malware distributors. Below you will find a demo of how to trigger the vulnerability and all the links you might need on how to detect and protect against this vulnerability.

Microsoft Advisory
Microsoft Security Update
Microsoft® Windows® Malicious Software Removal Tool
Secunia Advisory

Latest Internet Explorer 0-day Vulnerability Demo

2010-03-16T22:57:00.016-04:00

Most of you have already heard or know about the latest 0-day vulnerability affecting Microsoft's Internet Explorer. In the video demo below, i show you how to perform the attack on a demo lab network. As always this video is for tutorial and educational purposes only. I am also providing the original advisory from Microsoft and the vulnerability information from Secunia and Security Focus which both are considered to be leaders in providing vulnerability advisories.

Microsoft Advisory: http://www.microsoft.com/technet/security/advisory/981374.mspx
BID: http://www.securityfocus.com/bid/38615
Secunia ID: http://secunia.com/advisories/38860

For any questions, comments, or recommendations; leave it in the comments section below.