InfoSec Daily Podcast Episode 587 for February 6, 2012. Tonight's podcast is hosted by Rick Hayes, Dave Kennedy, Boris Sverdlik, and Beau Woods.
Announcements:
Unsung Heroes
Have you ever stumbled on a tool and wondered “Why didn’t I know this existed!” or “If only I’d had this last week on that test”… Chris John Riley has started to gather suggestions for your “unsung hero” of the tools world. He is looking specifically to gather a list of tools that aren’t on every penetration testers, or forensic investigators list, but that you have respect for. http://blog.c22.cc/2012/01/13/unsung-heros
Information Security Blogger Awards 2012
Since we were over looked again for the Best Podcast on Security you can email ashimmy@hotmail.com with your name, email address and ISD Podcast as your write-in nominee. Please note, you have to provide your blog or podcast URL so that it can be verified that you are a blogger or podcaster. Vote for your favorite blogs as well on http://www.ashimmy.com.
Brad Smith (theNurse)
We all know and love Brad Smith, aka theNurse. His humor and smiling positivity is a wonderful example for our community. At Hacker Halted he had a massive stroke and has been in the hospital ever since.
Brad and his wife did not ask for this help, but as a community we feel that if we can help we want to. Please feel free to check in for status or to donate. Either way we thank you and I know Brad thanks your for your support, prayers and positive thoughts.
http://www.social-engineer.org/brad-smith-updates/
http://www.social-engineer.org/bradsmithdonation/
Metasploit Framework Unleashed Cincinnati
When: February 11, 2012.
Where: Digitorium in Griffin Hall, the home of Northern Kentucky University’s College of Informatics
https://msfucincy.wordpress.com/
$20 donation for #HFC
Social Engineering Training
When: March 5-9, 2012
Where: Seattle, Washington
When: July 21-24, 2012
Where: Black Hat Vegas
When: August 20-24, 2012
Where: Bristol, UK
When: November 12-16, 2012
Where: Columbia, MD
http://www.social-engineer.com/social-engineer-training
InfoSec Southwest
When: March 30-April 1
Where: Austin, TX
http://www.Infosecsouthwest.com
Linuxfest Northwest 2012
When: Saturday, April 28th-29th, 2012
Where: Bellingham Technical College – Bellingham, WA
http://www.linuxfestnorthwest.org/
CFP now open!
AIDE 2012
When: May 21-25, 2012
Where: MU Forensic Science Center
Huntington, West Virginia
http://aide.marshall.edu
CFP now open!
LayerOne 2012
When: May 26-27, 2012
Where: Clarion Hotel – Anaheim, CA
http://www.layerone.org
CFP now open!
DerbyCon 2012 – The “Deuce” Reunion
When: September 27-30, 2012
Where: Louisville, KY
http://www.derbycon.com
Thanks to everyone that has purchased products from Amazon through the affiliate program. If you’re not familiar with the affiliate program, simply go to http://www.isdpodcast.com and locate the Affiliate Program link on the right hand side.
Stories
Source: http://news.techworld.com/security/3335337/kaspersky-lab-backs-out-of-ipo-plans
Kaspersky Lab founder Eugene Kaspersky has cancelled plans for the firm to go public, announcing his intention to buy back a 20 percent stake sold to a private equity investor a year ago.
In comments that emerged from the company’s Cancun analyst conference, Kaspersky’s CEO said the reason for the about turn had to do with his reservations about how an IPO might affect the company’s unusual culture.
"It is flexible. It is very, very innovative. I like it. I don't want to change," the famously laid-back Kaspersky was reported by Reuters to have said. "You don't have to report to anybody else but yourself."
The news comes only a year after private equity General Atlantic had paid north of a rumoured $200 million in exchange for a 20 percent stake in Kaspersky Lab, which valued the company at the $1 billion mark.
….
Source: http://www.computerworld.com/s/article/9223989/BTJunkie_voluntarily_closes_file_sharing_website
The BitTorrent search engine BTJunkie has shut down its website, the latest file-sharing site to take defensive action following law enforcement's shutdown of MegaUpload last month.
BTJunkie said the move was voluntary. "We've been fighting for years for your right to communicate, but it's time to move on. It's been an experience of a lifetime, we wish you all the best!"
The website, which started in 2005, was ranked by the file-sharing blog TorrentFreak fifth in a top 10 list of the most popular BitTorrent sites for 2011 based on traffic statistics collected by Alexa and Compete, both Web metrics analysis companies. A "torrent" is a small file that enables files to be shared on a peer-to-peer network using the BitTorrent protocol.
The decision by BTJunkie to shut down is perhaps one of the most drastic steps taken by a file-sharing site to avoid legal trouble. Other popular sites have also implemented changes to lower their profile.
The website FileSonic disabled file sharing among users, only allowing members to upload and download their own files. Another sharing site, Uploaded.to, temporarily blocked visitors with IP addresses inside the U.S.
….
Source: http://www.theregister.co.uk/2012/02/03/satellite_phone_hack/
Source: http://www.hgi.rub.de/hgi/hgi-seminar/aktuelles/#don-t-trust-satellite-phones
German researchers claim they have found weaknesses in two commonly-used satellite encryption protocols that could render them vulnerable to eavesdropping in real time.
In the paper titled Don't Trust Satellite Phones (currently available only as an abstract), Benedikt Driessen and Ralf Hund of Ruhr University describe how they reverse engineered the GMR-1 and GMR-2 encryption algorithms or stream ciphers used to secure voice traffic on a range of commercial satellite networks.
The pair attacked different digital signal processor (DSP) firmware updates for two handsets, Thuraya’s GMR-1-based SO-2510, and Inmarsat’s GMR-2 IsatPhonePro, extracting the encryption keys used to secure communications in half an hour using a $2,000 setup.
According to an interview with the Daily Telegraph, the researchers believe a more powerful system could achieve the same results in real time, necessary in most cases for eavesdropping to be useful.
….
Source: http://news.softpedia.com/news/Size-Doesn-t-Matter-Smaller-DDOS-Attacks-May-Be-Deadlier-251024.shtml
Contrary to popular beliefs, bigger isn’t always necessary better. This is especially true when it comes to distributed denial of service (DDOS) attacks where instead of size, much more significant is the type of attack.
This is just one of the conclusions published by Radware’s Emergency Response Team (ERT) after performing a series of tests and polls.
They found that 76% of the DDOS attacks that successfully targeted companies had a bandwidth of less than 1 Gbps. Even so, the damage these hits can cause is far greater than many suspect.
Situations in which companies are brought down by massive DDOS attacks are rare, the numbers revealing that only 9% of the attacks recorded in 2011 were over 10 Gbps, the remaining 32% falling in the under 10 Mbps category.
However, practice shows that less intensive, but equally serious attacks have a high potential to bring down an organization if an HTTP flood on the application level is involved, instead of a larger UDP flood on the network.
Among the myths Radware busted in their latest report is the one that says firewalls and intrusion prevention systems (IPS) are able to stop DDOS attacks. In reality, firewalls are often the weakest links and the best way to mitigate such attacks is by using dedicated hardware solutions.
….
Source: http://mashable.com/2012/02/06/coca-cola-acura-websites-crashed-during-super-bowl/
The New England Patriots weren’t the only ones who choked Sunday night.
Websites from Coca-Cola, Acura and film Act of Valor crashed Sunday night after being overwhelmed by Super Bowl ad-driven traffic. In Coke’s case, a Facebook app featuring animated polar bears in the ads buckled under the strain. On the other hand, Kia’s site had the most reliable, fastest performance of all Super Bowl advertisers Sunday night, according to Yottaa, a website optimization firm.
Yottaa monitored all the Super Bowl advertisers’ sites Sunday and found those three sites were the only ones that crashed. Coke’s site was down long enough for the company to put up a maintenance page. ActofValor.com, meanwhile, experienced at least six outages of five minutes. That site was also five times slower than average during the big game.
Meanwhile, Acura’s homepage was working, but a call-to-action link wasn’t. “With an ad spend of $3.5 million plus production costs for 30 seconds of a commercial, leaving visitors with a bad experience is not the way to launch a new car,” Bob Buffone, Yottaa co-founder and CTO wrote on the company’s blog.
….
