Got the skills? Need to make the rent?
From DV Labs:
The TippingPoint Zero Day Initiative (ZDI) is proud to announce that the annual Pwn2Own contest is back again this year at the CanSecWest security conference held in Vancouver, BC on March 24th 2010. As the contest name implies, if you successfully exploit a target you get to keep it along with a ZDI cash prize and related benefits. This is our 4th year running and to commemorate we have increased the total cash prize amount to $100,000 USD.
$Deity knows that I won’t be taking home that prize. 
But, it would sure be nice to win. Best of luck to everyone who enters.
(Image used under CC from Tom Klaver)
As of earlier tonight a project a few months in the making has finally been unleashed (pun intended). Thanks to the great guys over at Offensive Security and whoever’s awesome idea it was to team them up with the Metasploit guys, a new resource called Metasploit Unleashed – Mastering the Framework is now online.
For those of you who don’t know, Offensive-Security are the people behind the Penetration Testing with Backtrack Trainings. Now they have teamed up with HD Moore and the Metasploit folks and put together the most comprehensive Metasploit training out there.
Best of all, it is free and for a good cause.
“This free information security training is brought to you in a community effort to promote awareness and raise funds for underprivileged children in East Africa. Through a heart-warming effort by several security professionals, we are proud to present the most complete and in-depth open course about the Metasploit Framework.”
To really drive the point home, they decided 2 all stars weren’t enough and threw in a 3rd team mate with Johnny Long and Hackers For Charity.
If you enjoy it and find it useful, we ask that you make a donation to the HFC (Hackers For Charity), $4.00 will feed a child for a month, so any contribution is welcome. We hope you enjoy this course as much as we enjoyed making it.
The “full” version of this course includes a PDF guide (it has the same material as the wiki) and a set of flash videos which walk you though the modules. You may purchase these materials from the Offensive Security Training page. All proceeds from this course go to HFC.
I highly recommend if you are interested in learning more about the Metasploit Framework that you float over this way and even if you’re not interested you should absolutely make a donation to HFC none the less.
Get it while its hot!
Matt
Part of the original inspiration for starting Liquidmatrix in ‘98 was the guys from L0pht and hackernews.com. Now, Hacker News is spinning back up again in video format. This January HNN will launch and Spacerogue has posted a teaser.
I’m really looking forward to seeing HNN grow. Be sure to check it out.
HNN Twitter Feed
Shortly after 10 9:30 am EST Twitter apparently came under fire from a massive denial of service attack. The site is in a hard down state as of this posting. In a possibly related note users of Facebook have been reporting slow page loads as well as outright failures. Social media day of reckoning in progress or some ‘mafiaboy’-esque wannabe?
Tags: Twitter, Twitter DOS, Twitter Hacked, Twitter Fail
Evidence that a zero day can happen to anyone. The good folks over at Matasano woke this morning to the rather unfortunate realization that their web server had been defaced. In addition to the defacement, which was taken offline in relatively short order, the instigators posted a mirror, of a sort, to the Full Disclosure mailing list.
Thanks to “Z” and everyone who sent in screen caps and supporting material to our “tips SHIFT2 liquidmatrix.org” email.
Will post more as information rolls in.
UPDATE: From a trusted source of Liquidmatrix we hear that it was a tcpwrapped sshd at Matasano.
Hmm. As the tips roll in I’m starting to wonder if this was a hack at all. Disgruntled insider evil or a bad password?
Today a posting hit the Full Disclosure list that has tongues a wagging.
From FD:
Hello world,
The U.S. T-Mobile network predominately uses the GSM/GPRS/EDGE 1900 MHz frequency-band, making it the largest 1900 MHz network in the United States. Service is
available in 98 of the 100 largest markets and 268 million potential customers.Like Checkpoint Tmobile has been owned for some time. We have everything, their databases, confidental documents, scripts and programs from their servers,
financial documents up to 2009.We already contacted with their competitors and they didn’t show interest in buying their data -probably because the mails got to the wrong people- so now we are
offering them for the highest bidder.Please only serious offers, don’t waste our time.
Contact: pwnmobile_at_safe-mail.net
Truth or rumour? No comment from T-Mobile when we made contact.
[UPDATE]: Today we received an official response from T-Mobile on this story. (June 8, 2009)
“The protection of our customers’ information, and the safety and security of our systems, is absolutely paramount at T-Mobile. Regarding the recent claim, we are fully investigating the matter. As is our standard practice, if there is any evidence that customer information has been compromised, we would inform those affected as soon as possible.”
Tags: t-mobile, t-mobile hacked, t-mobile breach
Ran across a new breach story this weekend that almost slipped under my radar from the San Francisco Chronicle. Reportedly some “overseas” hackers broke into UC Berkeley computer systems and accessed a proverbial “shit ton” of confidential information.
The databases contained 97,000 Social Security numbers, health insurance information and nontreatment medical information, such as immunization records, names of doctors whom people may have seen and dates of medical visits, said Shelton Waggener, UC Berkeley’s associate vice chancellor for information technology and its chief information officer.
Supposedly though, the large number of Social Security numbers were contained on a separate database than the names and medical histories that coincided with them. However, they are unclear if the “oversea” hackers were able to access both sets of information to be able to match them up and assemble a complete identity.
The hackers, primarily from China and elsewhere in Asia, had access to the information for six months before they were discovered. The breach exposed the records of 160,000 people, of whom 97,000 had Social Security numbers included in the database, officials said.
This is where most of these breach articles lose me. If the people providing the data for this news article honestly aren’t sure about something like the hackers forming a complete identity, how can their IP tracking technology be so rock solid that they are sure that the hackers are legitimately from Asia. Just as Asian as 1,000 email accounts “from Asia” costing a kid in New Jersey a few dollars?
Further evidence of the crack security team’s vast knowledge of this incident is evident here:
The hackers broke into the computer system Oct. 9 and were not discovered until April 9, when administrators performing routine maintenance came across an “anomaly” in the system and found taunting messages that had been posted three days earlier, UC said.
I’d prefer not to touch this part because it seems wrong and easy but what kind of IDS do they have or some seriously huge log files to know how this attack happened 6 months later. OK that is all I’m saying about that.
There are some other people that agree with my line of thought quoted at the end of the article if you’re interested.
Hackers have managed to breach computers on the state network for Oregon.
From KGW.com
State officials say state computer security experts are investigating a security breach that was detected in an Oregon Department of Human Services computer network.
Lonn Hoklin, spokesman for the Oregon Department of Administrative Services, told the Statesman Journal newspaper in Salem that a hacker intrusion was detected about 3 p.m. Wednesday.
At this point it is unclear what information was accessed, by whom, and when. An investigation is underway and a report is apparently expected later this week.
In a moment of severe irony the Australian Censorship Board had their website hacked (snicker) according to the folks at Wired.
This group has raised the ire of many folks concerning their attempts to censor online content. In addition to typical negative content categories they are also looking to block “websites of a tour operator, Queensland boarding kennel and a Queensland dentist. It also includes the Wikileaks website.”
From Wired:
Australia’s official online censorship board’s web page was offline Thursday, hours after hackers hijacked it to protest revelations the government was going to require ISPs to block public access to thousands of websites, many of which aren’t obscene. (including a dentist)
Anonymous hackers defaced the Censorship Board’s homepage — classification.gov.au — and restated the board’s public message in a chilling and humorous tone.
At the time of this posting (2.5 hours later) the site was still offline.
From ABC News Australia:
“Apparently without irony, ACMA threatens fines of up to $11,000 a day for linking to sites on its secret, unreviewable, censorship blacklist – a list the Government hopes to expand into a giant national censorship machine.”
Um, bite me ACMA.
For more on this story read the full article at Wired.
Hackers have blown through the annoying captcha setup that Ticketmaster uses to trip up customers in an attempt to be secure.
From Vancouver Sun:
But even if the hackers don’t get there before you, regular ticket buyers could flood the online ordering site in such numbers that all the tickets could be sold out in minutes, or even in less than a minute depending on how tickets are being released.
“Maybe it takes you a minute-and-a-half to click through to buy a ticket, in that minute-and-a-half the hacker could have made 100,000 ticket requests,” said Ryan Purita, a forensic examiner and security specialist with Sherlock Forensics. “You cannot beat a hacker script.
“Nobody can type that fast and that’s where the advantage comes from.”
So, “you can’t hope for beating a script so, why try” seems to be the message. Odd.
For the full article read on.
