3 min
Microsoft
It's the end of XP as we know it, April Patch Tuesday 2014, and, oh yeah... heartbleed.
So this is it, the last hurrah for the once beloved XP, the last kick at the can
for patching up the old boat. Sure, by today's standards it's a leaky,
indefensible, liability, but… hey, do you even remember Windows 98? Or (*gasp*)
ME? At least we can all finally put IE 6 to rest, once and for all, the final
excuse for corporate life-support has been pulled… except for legacy apps built
so poorly that they depend on IE 6 and are “too costly” to replace.
As everyone should know by now, ther
3 min
Exploits
Metasploit's Brand New Heartbleed Scanner Module (CVE-2014-0160)
Is the Internet down? Metasploit publishes module for Heartbleed
If you read this blog at all regularly, you're quite likely the sort of Internet
citizen who has heard about the Heartbleed attack and grasp how serious this bug
is. It's suffice to say that it's a Big Deal -- one of those once-a-year bugs
that kicks everyone in security into action. OpenSSL underpins much of the
security of the Internet, so widespread bugs in these critical libraries affects
everyone.
The subsequently published
14 min
Exploits
"Hack Away at the Unessential" with ExpLib2 in Metasploit
This blog post was jointly written by Wei sinn3r
Chen and Juan Vazquez
Memory corruption exploitation is not how it used to be. With modern mitigations
in place, such as GS, SafeSEH, SEHOP, DEP, ASLR/FASLR, EAF+, ASR, VTable guards,
memory randomization, and sealed optimization, etc, exploit development has
become much more complicated. It definitely shows when you see researchers
jumping through hoops like reverse-engineering
2 min
Metasploitable in the Cloud
This guest blog comes to us from Marius Corici from CTF365 .
When asked to describe himself he gave me the following: "I enjoy being an
entrepreneur and discovering new solutions for old problems. Motto: Think a lot
to do less and preserve energy to provide simplicity."
There is no doubt that the best way to learn Information Security is hands-on
and to make this easier, the guys from Rapid7 and Metasploit created
Metasploitable
2 min
Metasploit
R7-2014-05 Vulnerability in Metasploit Modules (Fixed)
Metasploit Pro, Community, and Express users are urged to update to the latest
version of Metasploit to receive the patch for the described vulnerability. Kali
Linux users should use the normal 'apt-get update' method of updating, while
other Metasploit Pro, Community, and Express users can use the in-application
Administration : Software Updates button.
A remote privilege escalation vulnerability has been discovered by Ben Campbell
of MWR InfoSecurity
2 min
Like msfvenom? Here's A Faster Way to Generate Stand-alone Metasploit Payloads
Part of the Metasploit Framework, msfvenom is a command-line tool that helps
penetration testers to generate stand-alone payloads to run on compromised
machines to get remote access to the system. Msfvenom is a combination of two
other Metasploit Framework tools: Msfpayload and Msfencode, which generate and
encode payloads respectively.
Even if you have used Msfvenom before, chances are that you need to look up the
tool's documentation every time you want to generate a payload. Msfvenom is a
2 min
IT Ops
5 Great Blogs for DevOps
If you are a DevOps professional looking to get more involved or further your
learning, or just looking for some entertaining, insightful content, we wanted
to put together a list of 5 great blogs for DevOps. And, we know we missed some,
so feel free comment and share what other blogs should be on here!
A few great blogs that we think you might find valuable:
1. ContinuousDelivery.com – Dave Farley and
Jez Humble run this site. Jez is a principal consult
8 min
Driving Risk Reduction through RealContext™ in Nexpose 5.9
We are pleased to announce the next major release of Nexpose, version 5.9. This
release focuses on reducing the risk that matters to your business, quickly and
efficiently.
Business Context?
One of the biggest failings of the security industry so far is that it has
failed to successfully tie the knowledge and the needs of the business to the
overall risk landscape. Every organization has different thoughts and needs
around how they prioritize risk, what they deem fundamentally important, and h
3 min
Tarpits. A Nexpose Killer?
In the challenge of network security there are many great tools at your
disposal. Some of these tools are the IDS/IPS and Firewall. An IDS will detect
an attack, relay the info to the IPS which will help prevent it. Firewalls
generally block stuff (IP or port related), and also tend to have some basic
IDS/IPS functionality.
What is a Tarpit?
A Tarpit is a service generally found on IDS/IPS and Firewalls as well as
servers, that delay or shroud incoming connections. Basically when port
scanning,
6 min
IT Ops
Synchronizing Clocks In a Cassandra Cluster Pt. 2 - Solutions
This is the second part of a two part series. Before you read this, you should
go back and read the original article, “Synchronizing Clocks In a Cassandra
Cluster Pt. 1 – The Problem
.” In
it, I covered how important clocks are and how bad clocks can be in virtualized
systems (like Amazon EC2) today. In today’s installment, I’m going to cover some
disadvantages of off-the-shelf NTP installations, and how to overcome them.
C
5 min
Debugging Metasploit modules with pry-debugger
Pentester Pete here again. It's nice to see ya'll and thanks for coming back.
Have you ever had those times when you're developing, updating, or when a
Metasploit module throws a backtrace on ya, and you're scratching your head
asking yourself, “why me, what's going on”? Well, I hope this blog will get you
through those moments with as little pain as possible. That's right, in this
blog we'll cry , laugh
, a
5 min
IT Ops
Synchronizing Clocks In a Cassandra Cluster Pt. 1 - The Problem
Cassandra is a highly-distributable NoSQL
database with tunable consistency. What makes it highly distributable makes it
also, in part, vulnerable: the whole deployment must run on synchronized clocks.
It’s quite surprising that, given how crucial this is, it is not covered
sufficiently in literature. And, if it is, it simply refers to installation of a
NTP daemon on each node which – if followed blindly – leads to really bad
consequences. You will find blog post
3 min
Apple
Metasploit Weekly Update: There's a Bug In Your Brain
Running Malicious Code in Safari
The most fun module this week, in my humble opinion, is from Rapid7's own
Javascript Dementor, Joe Vennix . Joe wrote up
this crafty implementation of a Safari User-Assisted Download and Run Attack
, which is not technically a vulnerability or a bug or anything -- it's a
feature that ends up being a kind of a huge risk. Here's how it goes:
1 min
Microsoft
Patch Tuesday - March 2014
Microsoft's March Patch Tuesday again came in on the lighter side of some
months. This continues the 2014 trend of smaller Patch Tuesdays. We only see 2
issues that are critical/remote code execution, one of which is the usual IE
(MS14-012), the other is an an issue in the DirectShow libraries (MS14-013)
which affects most versions of Windows from XP up to 8.1/2012r2. These two are
where we should focus our patching efforts.
Of the 18 CVEs addressed in MS14-012, one is known to be in limit
3 min
IT Ops
DevOps: Vagrant with Chef-Server
In my last blog post, The DevOps Tools We Use & How We Use Them
, I talked about how we use
Chef with Vagrant for
managing, maintaining and monitoring our servers. (If you haven’t read it yet, I
suggest you have a quick look at it for reference.) This is great for a
development environment where you spin up servers locally in Virtualbox, however
in doesn’t help much when trying to maint