Rodney Campbell's Blog

Attack Surface Analysis of BlackBerry Devices (pdf)

One of the BlackBerry’s main selling points is that it provides an integrated wireless messaging system, providing push email access over cellular wireless networks throughout the world. Another major factor in the BlackBerry’s popularity is its comprehensive and systematic approach to security. BlackBerry devices are versatile, and can be used for a range of functions including telephony, SMS, email, and Web browsing amongst other things.

Hack in the Box 2007 Presentations

Insecure Magazine Issue 13

HD Moore joins iPhone hackers

Releases Metasploit Framework for device “HD Moore, one of the developers of the Metasploit hacking software, is supporting the iPhone within the Metasploit framework and providing tools to run ‘shellcode’ prompts.

Interview With A Convicted Hacker: Robert Moore

On his way to federal prison, the 23-year-old hacker says breaking into computers at telecom companies and major corporations was “so easy a caveman could do it.”

SCOUT – Speedy Complete Online URL Test

This page allows you to submit a suspicious URL to our high interaction client honeypot Capture to determine whether the suspicious URL is indeed malicious. The client honeypot, which runs Windows XP and Internet Explorer 6, will make the request to the server and determine whether any unauthorized state changes, such as placing an executable file in the start-up folder, have been made. If these state changes are detected, our client honeypot will classify the URL as malicious.

The (Practically) Ultimate OpenSSH/Keychain Howto

How to generate public/private key pairs and strong passphrases, and how to use the wonderful Keychain utility to automate your SSH logins.

Internet Security Moving Toward ‘White List’

According to Symantec, ‘Internet security is headed toward a major reversal in philosophy, where a ‘white list’ which allows only benevolent programs to run on a computer will replace the current ‘black list’ system’.

Hacker Finds Serious Flaw in Adobe PDF

Security researcher said he would not release code that shows how a PDF attack works until Adobe provided a patch for the problem.

Scrutinizing SIP Payloads – Traversing Attack Vecors in VOIP (pdf)

The objective of this research is to traverse the hidden artifacts of SIP realm to expose the infection oriented vectors.

Uninformed Journal Volume 8

Real-time Steganography with RTP, A Brief Analysis of PatchGuard Version 3, Escaping Internet Explorer Protected Mode, OS X Kernel-mode Exploitation in a Weekend, A Catalog of Windows Local Kernel-mode Backdoors and Generalizing Data Flow Information.

Data Stored in RAM Could Be Subject to E-Discovery, Court Says

Why is the U.S. District Court for the Central District of California’s recent ruling that defendants in a copyright infringement case “collect and produce” information stored in their servers’ random access memory significant?

Google Desktop as a Source of Digital Evidence (pdf)

Discusses the emerging trend of Personal Desktop Searching utilities on desktop computers, and how the information cached and stored with these systems can be retrieved and analysed, even after the original document has been removed.

The Threat of Reputation-Based Attacks

An attempt to smear the good name of a legitimate organization by tainting them with the stain of illegal activity – known as a “reputation attack” – by making it look to the victims of the stolen PayPal accounts as if the legitimate organisation is the one stealing their money.

Report – Insiders cause more computer security problems than viruses (pdf)

The Computer Security Institute has just released the 2007 edition (PDF) of its long-running “Computer Crime and Security Survey,” and it offers some dreary news for overworked computer security admins: average losses from attacks have surged this year. More surprising is the finding that the single biggest security threat faced by corporate networks doesn’t come from virus writers any more; instead, it comes from company insiders.

Malware moves from scattershot to honeypot

End users were far less likely to receive malware programs in their in-boxes and far more likely to get attacked as they visited legitimate Web sites over the first six months of 2007.

The Biggest Ever BitTorrent Leak: MediaDefender Internal Emails Go Public

The company MediaDefender works with the RIAA and MPAA against piracy, setting up fake torrents and trackers and disrupting p2p traffic. Previously, the TorrentFreak site accused them of setting up a fake internet video download site designed to catch and bust users. MediaDefender denied the entrapment charges. Now 700MB of MediaDefender’s internal emails from the last 6 months have been leaked onto BitTorrent trackers. The emails detail their entire plan, including how they intended to distance themselves from the fake company they set up and future strategies.

Time Running Out for Public Key Encryption

Two research teams have independently made quantum computers that run the prime-number-factorising Shor’s algorithm — a significant step towards breaking public key cryptography.

Exploit code appears for Microsoft Agent bug

Less than 24 hours after Microsoft released September’s security patches, a proof-of-concept JavaScript exploit code that attacks Microsoft Agent was posted online.

Security expert used Tor to collect government e-mail passwords

Last month, Swedish security specialist Dan Egerstad exposed the passwords and login information for 100 e-mail accounts on embassy and government servers. In a blog entry today, Egerstad disclosed his methodology. He collected the information by running a specialized packet sniffer on five Tor exit nodes operated by his organization, Deranged Security.

PIRANA – Exploitation Framework for Email Content Filters

PIRANA is an exploitation framework that tests the security of a email content filter. By means of a vulnerability database, the content filter to be tested will be bombarded by various emails containing a malicious payload intended to compromise the computing platform.

Skype Worm Infects Windows PCs

A worm spreading to Windows PCs through Skype’s IM. The worm is variously called Ramex.a and Pykspa.d.

Independent iPhone Free Software Unlock Achieved

iPhone hackers have released a free software unlock for the iPhone. Apparently there are two solutions – a script based on ieraser, and the other is called iUnlock.