Tuesday, February 26, 2013

More Stuxnet 0.5 News

Symantec original detailed paper Stuxnet 0.5: The Missing Link [PDF] http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/stuxnet_0_5_the_missing_link.pdf

Ars article on it Revealed: Stuxnet “beta’s” devious alternate attack on Iran nuke program, http://arstechnica.com/security/2013/02/new-version-of-stuxnet-sheds-light-on-iran-targeting-cyberweapon/

Symantec's main page http://www.symantec.com/index.jsp

Lots of interesting tidbits, including fact that there are now samples dating back to at least 2005, 2 years prior to previously known oldest sample.

Sunday, February 24, 2013

Pen Testing: Pwn Pad by Pwnie Express

Update 1/13/15: Link to free software download for those who already have hardware, found in the confusingly labeled IMHO "Community" section of Pwnie Express site https://www.pwnieexpress.com/community/


Pwnie Express, the same people that brought us the Pwn Plug http://arstechnica.com/business/2012/03/the-pwn-plug-is-a-little-white-box-that-can-hack-your-network/ or http://pwnieexpress.com/products/pwnplug-elite has a new, very cool piece of gear out they are calling the Pwn Pad.

Best review I have seen so far is by Wired http://www.wired.com/wiredenterprise/2013/02/pwnpad/, most of the other online reviews seem to be based on Wired's article.

The Pwn Pad is a 7" Android Tablet running Android OS 4.2 and Ubuntu 12.04.

They include some interesting hardware accessories with the Tablet, a OTG cable, so the tablet can have a functioning USB port, which allows you to use the included SENE Parani-UD100 USB Bluetooth dongle.

This isn't typical Bluetooth device, it has a 300 meter range with the standard external antenna included with the Pwn Pad, but with optional patch antenna it had up to a 1000m meter range, a full kilometer!

Link for buying SENE Parani UD100 USB dongle http://www.lemosint.com/bluetooth/bluetooth_serial_adapter_details.php?itemID=612

Link for optional antennas & other options for the SENE dongle http://www.lemosint.com/bluetooth/bluetooth_serial_adapters_accessories.php

They also include a TP-LINK TL-WN722N Wireless N150, I am including these links so people can check specs of included accessories.

Also including those links for the DIY people, since according to Digital Trends http://www.digitaltrends.com/mobile/nexus-7-android-hacking-tablet-pwnie-express/, "Pwnie Express is also going to release the source code, allowing for hackers to install it onto other Android devices than the Pwn Pad."

Update 1/13/15Link to free software download for those who already have hardware, confusingly labeled IMHO "Community" section of Pwnie Express site https://www.pwnieexpress.com/community/

So if you want to make your own Pen Testing Android Table, you will have list of resources needed.

Or you can preorder the Pwn Pad at http://pwnieexpress.com/products/pwnpad

From Pwnie Express link at top of post; Features, Accessories, & Tool Kit:

Core Features
  • Android OS 4.2 and Ubuntu 12.04
  • Large screen, Powerful battery
  • OSS-Based Pentester Toolkit
  • Long Range Wireless Packet Injection
HW Accessories:

  • TP-Link TL-WN722N (atheros usb wifi)
  • Sena UD100 (Bluetooth USB)
  • USB Ethernet
  • OTG cable (USB host mode)

Wireless Tools
  • Aircrack-ng
  • Kismet 
  • Wifite-2
  • Reaver
  • MDK3
  • EAPeak
  • Asleap-2.2
  • Hostapd
Bluetooth Tools:
  • bluez-utils
  • btscanner
  • bluelog
  • Ubertooth tools
Web Tools
  • Nikto
  • Wa3f
Network Tools
  • Nmap
  • Netcat
  • Cryptcat
  • Hping3
  • Macchanger
  • Tcpdump
  • Tshark
  • Ngrep
  • Dsniff
  • Ettercap-ng 7.5.3 
  • SSLstrip v9
  • Hamster and Ferret
  • Metasploit 4
  • SET
  • Easy-Creds v3.7.3
  • John (JTR)
  • Hydra
  • Medusa 2.1.1
  • Pyrit
  • Scapy

Friday, February 22, 2013

Nerd News: Amazon's Farewell to February Sale on Games

Amazon is running a big sale, called Farewell to February, with up 75% off a lot of games, worth checking out to see if any games you have been looking for are on sale.

You can use code CAGROCKS at checkout for an extra 25% off a single purchase.

They have deals on games for PC, Mac, Playstation 3, & Xbox 360.

They have War of the Roses for $4.99, my friend Kavik did the Basic Combat Guide for War of the Roses VOD below.

His Youtube channel is http://www.youtube.com/user/KavikTV his Crossbow Guide for War of the Roses & "Barbarian" Tutorial for War of the Roses are real good.

Friday, February 15, 2013

Security & Hacking: "Exploit Sat on LA Times Website for 6 Weeks"

Makes me laugh & cry http://krebsonsecurity.com/2013/02/exploit-sat-on-la-times-website-for-6-weeks/

The Los Angeles Times has scrubbed its Web site of malicious code that served browser exploits and malware to potentially hundreds of thousands of readers over the past six weeks.

Thursday, February 14, 2013

Nerd News: Adobe CEO "Answering" Questions about Pricing from Australian Parliament

To me this certainly seems like the CEO of Adobe,  is evading the question about price gouging, in his response to Australian Parliament.

Via http://www.dailytech.com/Update+Adobe+CEO+Dodges+Questions+on+Overpricing+in+Australia/article29902.htm

Nerd Gear: "Samsung Galaxy Note 2 USB Connection Kit"

Link for above VOD http://youtu.be/eRE3EH9enK8 from Himesh's Tech Tips and Reviews http://www.youtube.com/user/himesh123456789

Connection kit like that demonstrated in VOD, Samsung S2 & S3 Multi-functional 4 in 1 Connection Kit : USB /SD Card/Micro SD/Micro USB Inputs, there are also OTG cables like the Micro USB to USB Adapter for Galaxy S3, Note II smart phone and Note Tabs .

I also think these new high cap USB sticks like the Kingston Digital HyperX 3.0 DataTraveler   are usful for OTG cable, you can use external HDD with OTG cable, but you need external power for the HDD then, since OTG can't provide that kind of power.

For more on OTG http://en.wikipedia.org/wiki/USB_On-The-Go

You can certainly use a high capacity micro SD card, or SD card with the adapter, but a USB 3.0 flash stick like the Kingston HyperX will be a LOT faster for downloading or uploading movies or whatever from your computer, as long as your machine has USB 3.0

Especially if your wanting to play with HD or Blu-ray!

BTW if anyone knows what that micro mouse might be please let me know, don't think I've ever seen one that small before.

Wednesday, February 13, 2013

In case you missed it, yesterday was Microsoft Patch Tuesday

Brian Krebs has excellent review of Microsoft's Patch Tuesday http://krebsonsecurity.com/2013/02/microsoft-adobe-release-critical-security-updates/

He also covers Adobe patches for Flash Player, AIR and Shockwave.

Introduction to Encryption: "Locking the bad guys out with asymmetric encryption"


If you already know a fair bit about encryption, you could skip to the comments http://arstechnica.com/security/2013/02/lock-robster-keeping-the-bad-guys-out-with-asymmetric-encryption/?comments=1

Peter Bright, the author of the article, knows more about the topic than he wrote, he was trying to keep it readable and understandable for people with no background knowledge.

I know I am going to refer people to this article frequently for some time to come, instead of trying to explain it myself.

Monday, February 11, 2013

Security & Hacking: Facebook's Computer Emergency Response Team

Very cool story IMO http://arstechnica.com/security/2013/02/at-facebook-zero-day-exploits-backdoor-code-bring-war-games-drill-to-life/

Note FBI connection.

I think software companies, online businesses, etc should use Red Teams a lot more than they seem to do now.

I think people should also think about the connection to Red Team type exercises and gaming, really the same basic principle or concept at the core.

Your testing yourself against a real opponent, and pushing yourself to improve, a very necessary step if you want more than mediocre performance regardless of the field involved.

A big part of management, is understanding motivation, and applying that understanding to benefit the performance of your company.

Pay is a factor, but for most people, pay isn't the biggest factor, you need to pay people enough, but after that requirement is met, things like Task Significance, Autonomy, Feedback, being Appreciated, and so forth.

If your not familiar with this, http://en.wikipedia.org/wiki/Job_satisfaction is a good place to start.

Or http://en.wikipedia.org/wiki/Quality_of_working_life

Nerd News: Apple, Microsoft and Adobe to face Australian parliament about pricing

Source & full story at http://www.bbc.co.uk/news/business-21406745# snippet:
The firms have previously made written submissions to the committee but have so far declined to appear in person.

They are now scheduled to appear before the committee on 22 March.

The Australian newspaper quoted Ed Husic, a member of parliament, as saying that according to some estimates the price of some of goods in Australia were as much as 60% higher than in the US

Nerd Gear: Microsoft Surface Pro Insights

After reading Paul Thurrott's Going Pro: Thinking About Performance article http://winsupersite.com/windows-8/going-pro-thinking-about-performance, I came across this in the Comments section from another reader:

saqrkh on Feb 10, 2013
After having used the Surface Pro now for 36 hours, I think it will shine most in an office/work-setting for most people. At work we carry our laptops around for meetings, presentations, to our colleagues and bosses for feedback on work, etc.
Being much lighter and capable (touch and digitizer/inking) the Surface Pro is a superb alternative to the traditional laptop for each of those functions. Even the sub-par battery life would be a non-issue since we always come back to our desks.
Unfortunately, the battery life on this thing isn't good enough to make it a professional's best friend. That said, for the here and now, it's a great partner to have with you whilst in the office.

I have mentioned before, I am real interested in the Surface Pro, but after reading Anatech's article, http://www.anandtech.com/show/6695/microsoft-surface-pro-review, decided I will wait until Haswell before considering it, but saqrkh's comment above really resonated with me.

That is very close to the use case I was looking at from the Blackberry Playbook.

The Playbook was a real disappointment for me, like the hardware, but it seemed more like an Alpha than Beta product.

I had been looking at it as device that would tightly pair with my Blackberry Bold, for me personally I hate carrying laptops or even tablets around if I can avoid it, I already carry a lot of other gear.

So I tend to use smartphone 4-5 hours every day for things most people use Tablets or even Notebooks for, but a larger screen and keyboard will speed things up if you need to do a lot of writing or data entry, also allows one to be involved in a meeting far more than if your squinting at a small screen.

After the success of the Galaxy Note, and the Note 2, I know I am not the only one that feels that way. The Galaxy Note will replace my Blackberry Bold & much of what I wanted to do with the Blackberry Playbook.

Hopefully with Haswell the Surface Pro, or perhaps a Lenovo or ASUS tablet, will solve problems and use cases that the Galaxy Note 2 doesn't.

Otherwise I will still have to lug around a laptop, or what usually happens to me, limp along with my phone, since those situations tend to arise unexpectedly.

Saturday, February 9, 2013

The mGG Founders Cup (WoL)

 Duckvillelol is streaming and casting it at http://www.twitch.tv/duckvillelol#8054

Info on The mGG Founders Cup: http://www.sc2sea.com/showthread.php?t=6957


Double elimination with both winner and losers brackets.
All matches up will be best of 1 (Bo1) until the winner & losers semi-finals which will be a best of 3 (Bo3) and the finals will be a best of 5 (Bo5).
Date: 9th-10th of February, 2013
Start Time: 17:30 KST/7:30pm AEDT (Australian Eastern Daylight Time)/9:30 CET/3:30 EST
Sign up to be completed by Friday, 8th of February.
Extended Series Rules Apply for repeat matchups.

1st PLACE PRIZE:One mGG Jersery!


We wanted the map pool for this tourney to remind everyone of maps they might have played on in the past whilst also looking ahead towards the next year of mGG. Therefore we included a lot of maps that are not currently being played in the pro-scene at the moment.

Metalopolis LE
The Shattered Temple
Shakuras Plataeu
WCS Antiga Shipyard
WCS Daybreak
Akilon Flats
Newkirk District

Friday, February 8, 2013

Thursday, February 7, 2013

Random Wikipedia of the Day (RWotD): Groats


Stumbled on this today, clarifies what they are, have known sorta what they were, but always wondered about the details, because one of my favorite Sci Fi series, the Miles/Vorkosigan Series, mentions them often.

[Sidenote:  Fans of SciFi that are trying to get girlfriend or boyfriend into SciFi might have very good luck with this series.  The first two books of the series, Shards of Honor & Barrayar available in single book titled Cordelias Honor are really a prequel to main character in rest of the series.  Both my girlfriend & mom, who are not SciFi fans really liked those prequel books a lot.  The entire series has very strong female characters, most would probably kick Xena & Buffy's butt, one of them could even make River Tam work hard.]

Found it interesting that supposedly lot of NFL players are using them for Carb loading day before game.

Think part of my confusion is that particular term isn't used commonly in US version of English, here this type of food is usually called "Steel Cut Oats", though that would only be one type of Groat if I understand correctly.

Nerd News: Flash Update

YMMV but Firefox wasn't showing that I needed to update Flash yet, and this isn't the first time this has happened to me, perhaps they only update that once or twice a day or something?

Anyway, there is a new version of Flash out, and to avoided getting Hacked you should update/patch Flash if you use it.

This page http://www.adobe.com/software/flash/about/ will show you in a little box on right near top what version of Flash your running if you don't have it disabled.

It will even show the Chrome (Pepper Based) version of Flash.  Though you shouldn't have to worry about patching Chrome's version this way.

Below that little box, is a bigger box showing most recent versions of Flash for all OS & Browser combinations, so you can easily see if your running most current version or not.

You can download current version from here http://get.adobe.com/flashplayer/.

For Chrome, all you need to do to check, is click the Chrome Menu/three bar button, then click About Google Chrome, that will trigger update for Chrome.

Note I generally include full links so people can Google links easily, just highlight and right click "search Google for", instead of just clicking if they have any doubt about link being legit.

I do skip full links sometimes when they are just to long IMO, or I am using several in a row with text, where I feel the confusion factor vs transparency ratio gets out of whack.

You can also use siteadvisor https://www.siteadvisor.com/sites/ or WOT http://www.mywot.com/en/scorecard to check links.

Unshort.me, http://unshort.me/, is also a very useful tool, it will unshorten URL from Twitter or whatever, so you can see real target without having to go to site.

I tend to use siteadvisor, which is a McAfee service, don't like their AV but do like siteadvisor, I tend to use WOT for things not on siteadvisor or for "gray" sites.

Wednesday, February 6, 2013

Security & Hacking: ComboFix Infected & Why

sUBs was infected, http://www.bleepingcomputer.com/forums/topic483431.html/page__st__30__p__2962903#entry2962903
"I was infected. Actually not so unlikely since I have to on a daily basis, download/processes a large amount of malware specimens. After so many years, this is the first time which I unintentionally infected myself; reason being a faulty mice which triggered an unwanted double click within a zipped attachment of live samples. For those affected, I offer my deepest apologies. It was never my intention to distribute malware. "

So he handles Malware samples on the same machine that he uses for uploading ComboFix?

Supposed to be fixed now, http://blog.eset.com/2013/02/05/combofix-fixed-popular-utility-safe-to-use

Might be good idea if your set on using this software, to update it quarterly or something, so if  you need to use it, there will have been enough time for crowd sourcing to spot a problem?

Though AV software isn't much good without recent updates, so I don't even like that suggestion of mine.

Personally I tend towards once bitten, twice shy for AV & related software.

For example, I have had problems with AVG in the past, and will never use them again, or recommend them.

Though all software has bugs, IMHO a critical bug is different thing entirely from loss of some functionality.

AV software that infects your machine is kinda like a doctor that makes you sicker than you were before you saw them.

Nerd Gear: Black Hornet Nano UAV

1"x4" Black Hornet Nano UAV

Article http://www.aero-news.net/index.cfm?do=main.textpost&id=62e9b044-0871-46b8-bf7b-f4b1cbcee60f

These are really interesting.

Not just for Sensor, but platform could also be used for Mesh Network I suspect.


Nerd Gear: Anandtech Review Surface Pro

Anandtech's Microsoft Surface Pro Review http://www.anandtech.com/show/6695/microsoft-surface-pro-review

I have been waiting for this, I am really interested in Microsoft's Surface Pro, looking at eventually getting either a Surface Pro or iPad, though I believe the Surface Pro compares more directly with the 11" Macbook Air, see Anandtech's iPad 4 review  and Macbook Air review for comparisons.

If you read the comments of the Surface Pro review, Anand says he will try and run the 11" MBA through their new laptop power tests to give comparable numbers for people to compare Surface Pro directly with 11" MBA for battery life.

But it looks like they are roughly comparable for battery life about 4-5 hours with light use.

The Surface Pro & base model 11" MBA both use the 1.7 GHz i5-3317U CPU and the integrated GPU.

Weight wise, if you count the weight of either keyboard cover option for the Surface Pro, it falls between the 11" & 13" Macbook Airs.

Respective Weights:

Total weight of Surface Pro + Touch Cover is ~2.46 lbs, total weight of Surface Pro + Type Cover is ~2.55 lbs, vs Macbook Air 11" at 2.38 lbs or Macbook Air 13" at 2.96 lbs.

I had been debating getting a iPad 5/6 next spring (Spring 2014) or a Surface Pro to replace my 13" ASUS Laptop running Windows 7.

My laptop is one of the UL30V series, has weak discrete G 210M GPU in it, http://www.notebookcheck.net/NVIDIA-GeForce-G-210M.17638.0.html, no where near real gaming laptop.

When I bought it just wanted something that would run SC2 in addition to other less demanding games, which it does fine.  SC2 runs fine at low to medium settings which was all I needed when I bought it.

I have a more powerful machine now, and girlfriend wants to build a gaming rig, so we will eventually have a couple of powerful gaming machines.

But I want something that is easily portable for use away from home, after reading these reviews, think I will wait for a Haswell upgrade to get a Surface Pro.

Or a Haswell Macbook Air with Retina?  But that would probably be twice the cost of a Surface Pro :/

A lot depends on your use case & budget.

Can't say I *need* more than I have right now, my laptop still runs plenty of games from Steam no problem, and I only use it for gaming anymore when I am out of town for more than a day.

Edited to add:  I have been reading a lot of comments from various people on Surface Pro, the most interesting was about a device demoed at CES, that I liked, but totally forgot about.

The Razer Edge

Razer's site http://www.razerzone.com/gaming-systems/razer-edge/

Anandtech's comments from CES on it http://www.anandtech.com/show/6649/razer-edge-impressions-and-thoughts

If your looking to get something before Haswell, this probably makes a lot more sense, since it has a GT 640M LE, http://www.notebookcheck.net/NVIDIA-GeForce-GT-640M-LE.72199.0.html.

Now I am really confused, I am not a fan of Razer's stuff, IMO they are over priced on many of their products.

Not bad stuff, but your paying for the name vs the performance frequently IMO.  I do have a couple of friends that have one of their keyboards or gaming mouse. I use a Das Silent (Cherry MX Brown) keyboard myself, IMO Cherry or Alps keys are the way to go, see http://www.daskeyboard.com/blog/?page_id=1458#keyswitches for more on keys, but which exact brand/layout (backlit or not, "quiet" or not) is just matter of personal preference.

The Razer Edge does look very slick, both the keyboard & gamepad docks support external battery that about doubles battery capacity.

So for light to moderate usage, using extended battery, you could probably come close to equaling iPad or Nexus.

Though gaming with it will burn the battery quickly.

Tuesday, February 5, 2013

Security & Hacking: DOE Hacked?

United States DOE (Department of Energy) has supposedly been hacked.

I am not having any luck confirming this story, AFAIK this link is original story & everyone else is quoting them (with or without citation):  http://freebeacon.com/cyber-breach/

From the Free Beacon link:
The cyber attack was confirmed Friday by DOE security officials and is still under investigation. Officials are working to determine the exact nature of the attack and the extent of potential damage.
The personal data compromised involves information related to several hundred people, the officials said.
A total of 14 computer servers and 20 workstations at the headquarters were penetrated during the attack.
The department is currently in the process of notifying the employees and contractors whose information was stolen.
The department is planning steps to plug security holes in its network that were revealed by the attack, the officials said.

If the reported details are accurate, doesn't sound like they were using best practices, PII information should have been stored encrypted.

If I were a betting man, I would bet they were compromised via a Phishing attack, but I would like to see some more details about this incident.

Would like to see independent confirmation of this story to start with, because for real news it is kinda like real backup of data, you really should have 3 sources that are independent of each other.

Monday, February 4, 2013

Nerd Gear: Anandtech reviews entire Intel 525 SSD line

They test 30 GB- 240 GB, I am actually interested in the small ones for couple projects I am thinking about for my home network experiments.


Root Practice Catz & Minigun both streaming

Lot of shenanigans, maybe even some real practice ^_^


Security & Hacking: UPnP update

First, Steve Gibson's ShieldsUP now has UPnP scan in it!  Big thanks to Steve for getting this out so fast!!

Steve Tweeted https://twitter.com/SGgrc/status/297165652257554432:
GRC'S new UPnP Exposure Test is NOW ONLINE. Goto Choose "ShieldsUP!"... and you can't miss it.

http://grc.com is direct link, above is twitter shortened link to same url, ShieldsUP is large image with link on that page.

Easy & simple to do, not complicated to use, if you can click a mouse you can use it.

According to this Tweet from Steve, OpenWRT is vulnerable as well, https://twitter.com/SGgrc/status/297173997743902720:
UPnP: I'm checking returned data, but NO IP addresses. I've seen that a Roku is exposed, and so is OpenWRT (and lots of other stuff!)

Saturday, February 2, 2013

Hardware Hacking: "Pro-Grade Point-of-Sale Skimmer"


I wonder if this is actually how Barnes & Noble was hacked? 


And for whatever reasons they don't want to disclose the connection?

Comments on Brian Krebs post are well worth reading as well, I learned BT is legit for POS (Point of Sale) devices transmitting Credit Card data as long as it is encrypted.

Link (PDF) https://www.pcisecuritystandards.org/pdfs/PCI_DSS_Wireless_Guideline_with_WiFi_and_Bluetooth_082211.pdf

Really well done work, wish I could solder as well as whoever did that!

Pen Testing & Hardware Hacking: Hacking Laptop Docking Station


Very slick idea, by NCC Group's Research Director Andy Davis.

NCC link http://www.nccgroup.com/en/our-services/security-testing-audit-compliance/

I suspect Andy Davis prefers to exploit Hardware vulnerabilities, also found this notice about USB Mac Lion exploit discovered by him http://www.securityfocus.com/archive/1/524248/30/0/threaded

It is an "Arbitrary Code Execution (bug triggered by USB device insertion)."

I think (my opinion, no hard data to support) that providing security from Hardware Hacks like this, is a lot harder than defending against more common Computer threats like Phishing, Java exploits, weak passwords, etc.

Not objectively harder, but practically harder, because providing good security form Hardware Hacks requires people with skills from both Physical Security and Computer Security.

As well as budget support from upper management, the hardest type of support to secure.

The budget support is for good vetting and retention of cleaning personnel, I have mentioned this before in relation to hardware attacks,

It is difficult to convince higher management of the Security need to pay 3-5 times more than a business is used to for custodians.

Think Social Engineering attacks, or working as part of cleaning crew, would allow easy placement of device like this.

How many companies care enough about security to pay good wages to keep good, vetted, in house Custodians vs using a Contractor provided Cleaning Crew?

Those cleaning crews tend to have high turn over, additionally, because of the high turnover, they tend to have low standards for hiring.

They need to keep hiring people that won't be paid much or be treated with much respect, so they tend to hire many people that have problems (criminal records, drug/alcohol, etc).

Even if they use in house custodians, still tends to be a low pay, low status job, with a lot of turnover, and generally low standards for hire.

Remember, Custodians or Cleaning Crews tend to have physical access to entire company, heck they are normally given keys.

It is trivially easy for someone on Cleaning Crew to swap out a hacked dock with existing one, or install hardware keyloggers.

Friday, February 1, 2013

Security & Hacking: Twitter discovers live attack, possible 250k users impacted

Source http://blog.twitter.com/2013/02/keeping-our-users-secure.html:
"We discovered one live attack and were able to shut it down in process moments later. However, our investigation has thus far indicated that the attackers may have had access to limited user information – usernames, email addresses, session tokens and encrypted/salted versions of passwords – for approximately 250,000 users."

Twitter has revoked tokens & forced password resets for impacted accounts, they also suggest disabling Java in browsers, and using at least a 10 character password.

All very good security advice.

I am actually impressed with information they provided in that post.  Well done message for general audience.