Downclimb

2015.08.23

RSS feed

Downclimb: Summit Route’s Weekly Cyber News Recap
2015.08.16 – 2015.08.23: https://SummitRoute.com

Quotes

“If the highest aim of a captain were to preserve his ship, he would keep it in port forever.” Thomas Aquinas (13th century theologist)

 

“Specialists can tell you what to worry about. True experts can tell you what not to worry about.” Paul Graham

 

“If you disclose 0days please include a brief note why you did it. Public interest deserves an explanation for your actions!” @osxreverser

 

“Once again we have hype and distraction over juicy news and you still don’t have a complete inventory of your network.” Jack Daniel (regarding the Ashley Madison hack)

 

“StackOverflow, ensuring vulnerable code lives forever, in 1000s of apps.” Justin Case

 

“Software is eating the world. Software rots. This is a very scary thing to think about.” the grugq

Top stories

15,000 arrested in China for cybercrimes

In the first month of an operation called “clean the Internet”, China has arrested 15,000 people. Some of these are your normal Chinese arrests for breaking censorship laws, but many of these are real cybercrimes, such as spreading an SMS virus, setting up fake base stations to spam text messages, and web site compromises.

  • https://nakedsecurity.sophos.com/2015/08/20/china-vows-to-clean-the-internet-in-cybercrime-crackdown-15000-arrested/

Self Defense - Patching the Stagefright Patch

Shows how to do binary patching to fix one of the Stagefright vulnerabilities.

  • https://pwnaccelerator.github.io/2015/stagefright-patch-the-patch.html

Man in the Cloud (MITC) Attacks

The concept of this paper is that if an attacker wants access to data on a system, he doesn’t need to install malware to exfil the data, but rather can simply change the configurations of the existing backup tools on the system, so that tools like Dropbox can sync all the files on the system to an account under the attacker’s control. This is very difficult to detect.

  • http://www.imperva.com/docs/imperva_Hacker_Intelligence_Initiative_No22_Jul2015_v1d.pdf

Analysis of PS4’s security and the state of hacking

In-depth discussion of the progress that has been made on PlayStation 4 (PS4) hacking. The same exploit techniques used to compromise systems are also used to try to root these proprietary systems (such as phones) in order to run arbitrary code on them.

  • https://cturt.github.io/ps4.html

Conference materials and publications

  • BroCon: Conference last week in Massachusetts for talks related to Bro, an open-source network IDS project.

Tools

  • BinNavi: A binary analysis IDE that allows you to inspect, navigate, edit and annotate control flow graphs and call graphs of disassembled code. This was one of Zynamic’s tools (in addition to BinDiff), which was purchased by Google in 2011 and all development on the tools largely stopped then. BinNavi relies on IDA Pro. It takes the database of disassembly produced by IDA Pro and provides an alternative way to view and interact with that data.

Other reads

  • The network is hostile: Post from Matthew Green that drives home the point that we need to encrypt all traffic.