Adam Boileau (Metlstorm) has released a script (winlockpwn) written in Python, which allows a device running Linux to be connected to the FireWire port of a target workstation running Windows XP to get full read/write memory access and bypass Windows authentication. He demonstrated the tool in 2006, but didn’t release it until a few days ago. And this type of attack is also apparently effective against other OSes such Linux and OS X. And if the device doesn’t have a FireWire port, you’re not necessarily out of luck. If it has a slot for a PCMCIA card, a PCMCIA FireWire card will do the trick. And if you don’t have Linux on your laptop, just run your favorite Linux Live CD distro and grab the winlockpwn code and go.
Dogbert the Security Consultant Strikes Again: Online Storage of Passwords
March 6, 2008 — secauditorOk maybe I need to rethink associating all Online Password Storage groups in the same realm as Dogbert. Think think think think…hmmmm….NOPE!
A nice aspect of the blog that I put out for me is the backend shows me where a referral comes from and recently one came from http://www.notsorelevant.com/2008-01-30/is-giving-away-passwords-cool-again/ while the information with in the article was interesting especially the new German application Allyve I thought the author missed the mark comparing this product to OpenID or OAuth. Allyve works more along the lines of any of the top 3 hits that Google brings back when searching for Online Password Storage. Agatra – Comodo – Handypassword
Concerns: More on Password Cracking
March 5, 2008 — secauditorI was talking with a coworker the other day about password cracking and I wanted to write up another post regarding that conversation and Michael Coates comments on a previous article that I wrote.
There are two main areas that must be looked at anytime an organization enters into password cracking. First is the transportation and storage of the password database and the non-repudiation aspect of users once password cracking is entered into. For this article I want to look at the later. Let’s look at a scenario to start with.
Crack in the Armor - Windows Mobile Phone Security
March 4, 2008 — secauditorToday a notice hit http://www.sophos.com about a Trojan infecting phones utilizing Microsoft Windows Mobile. This is making its way across China when the phone accesses one of several websites over there. It is only a matter of time before this affects Europe and North America.
The trojan, called winCE//infojack, it is wrapped together with several legitimate mini-games, including Mahjongg and a version of Tetris. The trojan is written in such a way that an unsuspecting user will install the package” on the mobile device.
Another Certification Bites the Dust
March 4, 2008 — secauditorWhile we are on the certification bandwagon I must apologize for the lack of material over the course of the last several days. I have been guilty of competing in the certification dance. This last weekend I took the GIAC PCI exam and this week I will be taking Cisco’s Wide Area Application Services exam. I will complete a post regarding these two exams later this week.
On to the news. Trusecure was recently sold off to Verizon (via CyberTrust). With this transaction happening the TICSA certification has been shut down. Now this might not be the most recognized certification around but it did hold some value. The nice thing is ISC is allowing holders of the certification to get there SSCP.
Here is the message from Verizon/CyberTrust/Trusecure:
-
Radical Reads
Incident Response and Computer Forensics, Second EditionVRRP: Increasing Reliability and Failover with the Virtual Router Redundancy Protocol
Cyber Crime Investigator's Field Guide, Second Edition
CEH: Official Certified Ethical Hacker Review Guide: Exam 312-50
Certified Ethical Hacker Exam Prep (Exam Prep 2 (Que Publishing))
