SecuraBit

Before It Bytes!

SecuraBit Episode 69: Picking Locks and Messing up Podcasts, Welcome to Gringo Village!

SecuraBit Episode 69: Picking Locks and Messing up Podcasts, Welcome to Gringo Village!
November 3, 2010

Hosts:
Christopher Mills – @thechrisam
Andrew Borel –  @andrew_secbit
Anthony Gartner – @anthonygartner http://anthonygartner.com
Jason Mueller – @securabit_jay
Rob Fuller – @mubix
Tim Krabec – @tkrabec http://www.SMBMinute.com

Guests:
Deviant Ollam – http://deviating.net/ – Author of Syngress Practical Lock Picking
General topics:
Practical Lock Picking By Deviant Ollam http://www.syngress.com/hacking-and-penetration-testing/Practical-Lock-Picking/

Review submitted by a coworker:
Practical Lock Picking by Deviant Ollam was an enjoyable read. The author does a good job of covering the art and science of picking locks. He chose two of the most common types of locks for the bulk of his material which helps keep the focus of the book tight. He leads the reader from the basic operational principles of the locks, to flaws in the design & manufacture and finally how to pick the locks. The coverage of pick types and other tools of the trade round out the readers knowledge of the subject. His down to earth style and simple language help the reader understand the material and develop the skills to pick these types of locks. His logical progression of starting with one pin and working your way up to all the pins in the lock will help the reader build confidence in their skills. The final sections on bypassing the door reminds the reader that locks are part of a system and sometimes the way to defeat a system is not the direct approach. Overall I would give this book 4 out of 4 stars.

Shmoocon Tickets??

The Open Organization Of Lockpickers http://toool.us/
Lock Picking Videos – http://www.youtube.com/deviantollam
General Information http://deviating.net/lockpicking/

IE Zero Day
Microsoft Security Advisory (2458511)
Vulnerability in Internet Explorer Could Allow Remote Code Execution
http://www.microsoft.com/technet/security/advisory/2458511.mspx

Enhanced Mitigation Experience Toolkit v2.0
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=c6f0a6ee-05ac-4eb6-acd0-362559fd2f04

SpyEye v. ZeuS Rivalry Ends in Quiet Merger
http://krebsonsecurity.com/2010/10/spyeye-v-zeus-rivalry-ends-in-quiet-merger/

Upcoming events
#BSidesDFW November 6, 2010
#BSidesDE November 6, 2010
AppSec DC 2010 November 8-12, 2010
#BSidesOttawa November 12-13, 2010
RUXCON 2010 December 4-5, 2010
DojoCon December 11-12, 2010
#BSidesBerlin December 28-30, 2010
ShmooCon January 28-31, 2010

Links:
http://securabit.com
Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

SecuraBit Episode 68: Teaching for handbags!

SecuraBit  Episode 68: Teaching for handbags!

Hosts:
Christopher Mills – @thechrisam
Andrew Borel –  @andrew_secbit
Anthony Gartner – @anthonygartner http://anthonygartner.com
Jason Mueller – @securabit_jay

Guests:
Kevin Johnson discusses SANS SEC 542 Web App Pen Testing, Base, etc

General topics:
New Apple Macbook Air.

Recent Security
Zynga collecting data about Facebook users.
Social engineering at a capture the flag event.
Pros and cons to using social networks.
Attacking your web applications for a more secure application.
Samurai WTF (Web Testing Framework) http://samurai.inguardians.com/
Laudanum: Injectable Functionality http://laudanum.inguardians.com/
Basic Analysis and Security Engine (BASE) project http://base.secureideas.net/

Upcoming events
#BSidesDFW November 6, 2010
#BSidesDE November 6, 2010
AppSec DC 2010 November 8-12, 2010
#BSidesOttawa November 12-13, 2010
#BSidesBerlin December 28-30, 2010
ShmooCon January 28-31, 2010

Links:

http://securabit.com
Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

SecuraBit Episode 64: A whole lot of organized crime going on!

SecuraBit  Episode 64:  A whole lot of organized crime going on!
August 25, 2010

Hosts:
Anthony Gartner – @anthonygartner http://anthonygartner.com
Chris Gerling  – @chrisgerling
Andrew Borel –  @andrew_secbit

Guests:
Bryan Sartin – Director of Investigative Response at Verizon Business
General topics:
Verizon RISK Team – http://www.verizonbusiness.com/products/security/risk/

Bryan Sartin, the Director of Investigative Response at Verizon Business, discusses the 2010 Verizon Data Breach Report
http://www.verizonbusiness.com/resources/reports/rp_2010-data-breach-report_en_xg.pdf

VERIS Frameworkhttps://verisframework.wiki.zoho.com/

MalCon: A Call for ‘Ethical Malcoding’ http://krebsonsecurity.com/2010/08/malcon-a-call-for-ethical-malcoding/

SecTor 2010 – http://www.sector.ca/
Security Training October 25.
Conference Sessions October 26 & 27, 2010.

The real iTunes fraud vulnerability: Gullible users – http://news.cnet.com/8301-13579_3-20014481-37.html

Upcoming events
Hacker Halted http://www.hackerhalted.com/ Tim Is speaking October 14th
Louisivlle Infosec 10/7. http://www.louisvilleinfosec.com/
Atlanta B-Sides 10/8. http://www.securitybsides.com/BSidesAtlanta
HacKid – http://www.hackid.org/ 10/9-10/10
Phreaknic 10/15. http://www.phreaknic.info/pn14/

Links:
http://securabit.com
Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

SecuraBit Episode 62: Visualizing Data with NetWitness

SecuraBit  Episode 62: Visualizing Data with NetWitness

Hosts:
Anthony Gartner  @anthonygartner http://anthonygartner.com
Chris Gerling @chrisgerling
Christopher Mills @thechrisam
Andrew Borel @andrew_secbit

Guests:
Eddie Schwartz – @eddieschwartz

General topics:
BSidesLV http://www.securitybsides.com/BSidesLasVegas
BlackHat https://www.blackhat.com/html/bh-us-10/bh-us-10-home.html
Defcon https://www.defcon.org/html/defcon-18/dc-18-schedule.html

Shmoocon Woot Video http://www.youtube.com/watch?v=HJ0ypgZU_D0
NetWitness Visualize http://visualize.netwitness.com/

Brief panel on certifications.

iPhone App Now Available. http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

http://itunes.apple.com/us/podcast/securabit/id280048405

Upcoming events
South Florida ISSA’s Hack the flag and chili cook-off  Saturday August 14, 2010 from 12:00pm – 5:00pm
http://sfissa.org/index.php/sfissa-mm-events/htf-main/85-hack-the-flag-2010
Hacker Halted http://www.hackerhalted.com/ Tim Is speaking October 14th

Links:
http://securabit.com
Chat with us on IRC at irc.freenode.net #securabit
iTunes Podcast – http://itunes.apple.com/us/podcast/securabit/id280048405
iPhone App Now Available – http://itunes.apple.com/us/app/securabit-mobile/id382484512?mt=8

SecuraBit Episode 61: Reverse Engineering Malware with a Spider Monkey

SecuraBit Episode 61: Reverse Engineering Malware with a Spider Monkey

Hosts:
Christopher Mills – @thechrisam
Andrew Borel –  @andrew_secbit
Tim Krabec – @tkrabec http://www.SMBMinute.com
Nicholas Berthaume — @nberthaume https://www.bordergatewayprotocol.net
Anthony Gartner – @anthonygartner http://anthonygartner.com

Guests:
Guest: Lenny Zeltser – @lennyzeltser http://zeltser.com/

General topics:
Reverse Engineering Malware

New Linux Distro to analyze malware
REMnux: A Linux Distribution for Reverse-Engineering Malware
http://zeltser.com/remnux/
Based on Ubuntu
Released just 5 days ago – July 8, 2010
2500 Downloads so far
VMWare appliance
Live Distro going out to Source Forge soon
Enlightenment as window manager, (no gnome or kde)
Just what you need to do the analysis
Lightweight as possible
Tools
Emulate Services
Allow malware to interact with your own resources
how does it differ from CW Sandbox
Determine the signs of comprise to compare with your production environment
JS Unpack
Since it is an Ubuntu distro, you can roll a custom version for your environment or lab.
Intrigrrated into the Reverse Engining Malware course from SANS

SANS Digital Forensics Summit
The state of people relying on only antivirus for protection.

The innovator’s dilemma http://www.amazon.com/Innovators-Dilemma-Revolutionary-Business-Essentials/dp/0060521996
Microsoft Security Essentials http://www.microsoft.com/security_essentials/

http://www.sans.org/vlive/
Forensics 610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques
SANS vLive! FOR610 – 201001 – Monday, July 26, 2010 – Thursday, August 26, 2010
http://www.sans.org/vlive/details.php?nid=20668

Upcoming events:

BSidesLV http://www.securitybsides.com/BSidesLasVegas
BlackHat https://www.blackhat.com/html/bh-us-10/bh-us-10-home.html
Defcon https://www.defcon.org/html/defcon-18/dc-18-schedule.html
Tim is speaking http://defcon.org/html/defcon-18/dc-18-speakers.html#PanelHTF
Tim is also doing a skytalks schedule http://sudux.com/skytalks_web.jpg
Hacker Halted http://www.hackerhalted.com/ Tim Is speaking October 14th
South Florida ISSA’s Hack the flag and chili cookoff  Saturday August 14, 2010 from 12:00pm – 5:00pm
http://sfissa.org/index.php/sfissa-mm-events/htf-main/85-hack-the-flag-2010
These are the upcoming security cons and where you can find those of us that will be attending starting in less than two weeks.

Links:
Chat with us on IRC at irc.freenode.net #securabit

SecuraBit Episode 60: Free Calamari!!!

SecuraBit  Episode 60: Free Calamari!!!

Hosts:
Anthony Gartner – @anthonygartner http://anthonygartner.com
Christopher Mills – @thechrisam
Andrew Borel –  @andrew_secbit
Jason Mueller – @securabit_jay
Tim Krabec – @tkrabec http://www.SMBMinute.com

Guests:
Christopher Boyd (Sunbelt Software)
http://en.wikipedia.org/wiki/Christopher_Boyd
http://www.vitalsecurity.org/
http://sunbeltblog.blogspot.com/

General topics:
Chris speaks about how he got involved in the position he is in now.  He also got into how he basically social engineers and discusses his blog.

Dodgy Dr Who Games
Orkut Shenanigans
The Sunbelt Security Blog
Fun with Internet Trolls
How Drugs and Stabby Things Led to a Career in Security
Internet Kill Switch
Twitter Agrees to Data-Security Audits
HacKid –http://www.hackid.org/

Links:

FTC Requires Twitter To Set Up Data-Security Audits
http://news.yahoo.com/s/nf/20100624/tc_nf/74031

Make sure you are there for Sunbelt’s next quarterly briefing entitled “Turning the Tables on Bad Guys:  Malware Unmasked”.  It will be at 9am and again at 2pm on August 25th, 2010.  Register here!

Chat with us on IRC at irc.freenode.net #securabit

SecuraBit Episode 59: Too many acronyms, my head is going to explode!

SecuraBit Episode 59: Too many acronyms, my head is going to explode!

Hosts:
Anthony Gartner @anthonygartner http://anthonygartner.com
Christopher Mills @thechrisam
Andrew Borel  @andrew_secbit
Chris Gerling @chrisgerling

Guests:
Dan Philpott discusses NIST, Information Assurance, SCAP, FISMA, etc

Contact info:
Twitter: @danphilpott

General topics:
Federal Information Security Management Act (FISMA) Implementation Project http://csrc.nist.gov/groups/SMA/fisma/index.html

Special Publications (800 Series)
http://csrc.nist.gov/publications/PubsSPs.html

Small Business Corner (SBC)
http://csrc.nist.gov/groups/SMA/sbc/index.html

FISMApedia
http://fismapedia.org/index.php?title=Main_Page

The Security Content Automation Protocol (SCAP)
http://scap.nist.gov/
-Change Management

Windows Sysinternals
http://technet.microsoft.com/en-us/sysinternals/default.aspx

Sysinternals Suite
http://technet.microsoft.com/en-us/sysinternals/bb842062.aspx

Links:
http://csrc.nist.gov/

Make sure you are there for Sunbelt’s next quarterly briefing entitled “Turning the Tables on Bad Guys: Malware Unmasked”.  It will be at 9am and again at 2pm on August 25th, 2010.  Register here!

Chat with us on IRC at irc.freenode.net #securabit

SecuraBit Episode 58: Forensic Goodness with Harlan Carvey

SecuraBit Episode 58: Forensic Goodness with Harlan Carvey

Hosts:

Anthony Gartner  @anthonygartner http://anthonygartner.com
Christopher Mills @thechrisam
Chris Gerling @chrisgerling
Aricon
Andrew Borel @andrew_secbit

Guests:
Harlan Carvey
http://windowsir.blogspot.com/
Tools:  http://tech.groups.yahoo.com/group/win4n6/

General topics:
Timeline creation
Regripper
Forensic trends
SIFT
Lance Mueller http://www.forensickb.com/

SecuraBit Episode 56: “Try Harder” – used with permission

SecuraBit Episode 56: “Try Harder” – Used with permission

Hosts:
Anthony Gartner @anthonygartner http://anthonygartner.com
Christopher Mills @thechrisam
Chris Gerling @chrisgerling
Jason Mueller @securabit_jay
Andrew Borel @andrew_secbit

Guests:
Chris Hadnagy – @humanhacker
Operations Manager and involved with
www.offensive-security.com
www.backtrack-linux.org
http://www.social-engineer.org/

General topics:
MSFU course Saturday the 8th from 10am to 5pm in Louisville, KY‎

Chris Speaks of a new kernel update released around the day of recording for Backtrack 4

Since you are able to listen to this podcast the DNS Security Update did not affect you

SANS Investigative Forensic Toolkit (SIFT) was updated

Links:
http://www.exploit-db.com/
http://www.offensive-security.com/images/ryu-help-me.png
Kid Friendly Podcast
http://www.social-engineer.org/framework/Social_Engineering_Framework

Free MSFU Course
http://www.offensive-security.com/metasploit-unleashed/
SANS SIFT
https://computer-forensics2.sans.org/community/siftkit/

Sponsor mention: Sunbelt Software Webinar: Thursday, May 27, 2010, 2PM – 3PM EDT
Quarterly Briefing: Turn the tables on Bad Guys: Malware Unmasked
Register Here!

The cyber threat landscape is constantly changing, and even with the most sophisticated security you’re never completely protected from attacks. As part of our mission to ‘keep the bad guys out’, SunbeltLabs presents in this webinar how we use our own sandbox technology to keep a step ahead.

Sunbelt Software’s Lead Security Analyst, Brian Jack and Malware Response Manager, Dodi Glenn will discuss the current threat landscape and dig deeper into some of the most dangerous and complicated threats out there.  During this briefing we will focus on two different types of threats: malicious PDFs and rogue antivirus applications. Learn how to gain an edge when protecting your enterprise.

Whether you are dealing with spear phishing or mass attacks, join us to see how to deploy the right tools and learn how to quickly analyze and unmask malware. New threats require new technologies and techniques to protect yourself and your organization. Sign up now and turn the tables on the bad guys.

Chat with us on IRC at irc.freenode.net #securabit

SecuraBit Episode 55: 10000 Tubes of KY and a Case of Dog Biscuits!

Sponsored by Sunbelt Software! Creators of the Sunbelt CWSandbox, for all your malware analysis needs! Visit their website for more details!

Hosts:
Anthony Gartner @anthonygartner http://anthonygartner.com
Christopher Mills @thechrisam
Chris Gerling @chrisgerling
Andrew Borel @andrew_secbit

Missing Hosts:
Jason Mueller – @securabit_jay

Guests:
Joshua Wright – @joswr1ght http://www.willhackforsushi.com/

– Josh talks about the MiFi hack
– Bluetooth Hacking
– Barcode scanner hacking including the Bluetooth scanner hacks
– SANS SEC617 SEC617 Course
– 617BIT Discount Code for $500 off the vLive! Course
– Upcoming courses taught by Josh Wright http://www.sans.org/security-training/instructors_upcoming.php?id=97
– Pentest summit – Baltimore, MD – Josh will be speaking there.  His talk will be about essential crypto for pentesters.  http://www.sans.org/pen-testing-summit-2010/

General topics:
Mcafee Released a failed (fubar) virus definition Discussion thread
Gmail authentication code stolen
Someone we know was owned

Links:
http://www.willhackforsushi.com/
SEC617 Course
http://www.sans.org/security-training/instructors_upcoming.php?id=97
Bruce Schneier’s book list
Dark Reading – Taking Penetration Testing In-House

Chat with us on IRC at irc.freenode.net #securabit