Saturday, January 12, 2013

Another cup of Java zeroday

Stop scratching our head and let's start taking a cup of coffee



In a rather fast development of exploit pack scene,  Brian Krebs noted that a full patched Java 7 Update 10 can be exploited to execute anything. (spotted in the wild)

While this is not surprising personally for me, it might for Oracle Security Team haha

I had some nerd chills reading the small details, sure it's pretty terrible for Java but it's still quite beautiful and impressive work by this brilliant but bad guy.


IMO Oracle should consider ditching paper qualifications and hire these guys as pen tester!! LOL



Lead story by Brian

http://krebsonsecurity.com/2013/01/zero-day-java-exploit-debuts-in-crimeware/


POC by @Kafeine

http://malware.dontneedcoffee.com/2013/01/0-day-17u10-spotted-in-while-disable.html


Reproduction by AlienVault Labs

http://labs.alienvault.com/labs/index.php/2013/new-year-new-java-zeroday/
Posted by at No comments:
Labels: , , , , ,

Friday, January 11, 2013

What if Nokia decrypt your HTTPS connection without informing?




I would be mad if I'm a rich guy lol!!

(which is unlikely as it seems that so far only user of 'Asha' series 40 affected, no rich men use ASHA!!)


The reason of decryption was actually to speed up user connection (proxy compression) at Nokia server ends but simply think of this way:

 Decrypt HTTPS = Clear text
Clear text = FREE CC details , FB credentials etc


Are Nokia willing to pay if their server got compromised and all those yummy information got sucked into haxor pocket? I bet they couldn't even afford it!!



Lead story by David Meyer

http://gigaom.com/2013/01/10/nokia-yes-we-decrypt-your-https-data-but-dont-worry-about-it/


Discovery by Indian IT Sec Expert - Gaurang K Pandya

http://gaurangkp.wordpress.com/2012/12/05/nokia-proxy/
Posted by at No comments:
Labels: , , , , ,

Thursday, January 10, 2013

How expert IT Sec guy in Malaysia? I found one which is Very!!

Not found by me actually but popular IT Sec blogger Brian Krebs mentioned this guy name earlier today which open my eyes how that a quietly country in Malaysia has actually an international recognized talent or expert in vulnerability research!!! (WOW)




The guy name is Sow Ching Shiong who humbly presented himself as independent security in the report. (if you Google him further, you'll know that he currently works under a Military sub-company which specialize in IT Sec lolol)

LOL if there's ever a Datukship award poll for Malaysian High Tech Nerd, i would sincerely vote for him!!! He's not that borakkencang.com type who lip service only or talk like he know abcz12399, this guy is the SH1T !!! (Even Microsoft Security Team knows him.... )


He recently discovered holes in FB and Yahoo that make it possible to hijack user accounts and reported it via responsible disclosure.

Haha if you guys don't know, now there's huge market for these type of security holes... i bet the richfag FB and Yahoo must be thankful for him and at least offer him some digits for his bank account? $_________$


Lead story by the always reliable and honest Brian

http://krebsonsecurity.com/2013/01/facebook-yahoo-fix-valuable-ecurity-hole/


Sow Ching Shiong research/POC blog

http://chingshiong.blogspot.com/2013/01/facebook-bug-4-password-reset.html
Posted by at No comments:
Labels: , , , , ,

Tuesday, January 8, 2013

Yet another certificate fiasco





Never ending drama huh?

I guess those Turks copied the same shit from their Malaysian counterparts?

(Why become a Gov approved CA if you unknowingly create a cert usable for abuse!!? Like WTF?)




Mozilla Team seems don't like this at all

 https://blog.mozilla.org/security/2013/01/03/revoking-trust-in-two-turktrust-certficates/



Even Dustin Childs et Al are (not) enjoying the extra new year gift

http://technet.microsoft.com/en-us/security/advisory/2798897
Posted by at No comments:
Labels: , , , , ,

Thursday, January 3, 2013

2013 greets you with a new IE 0day

Yo, how it's going?

So when i catching up with latest and hottest news today found out that a targeted attack using new IE exploit being discussed. Interesting to note that it only affects IE 6 , 7 and 9.


(Who the hell still using IE6? LOOOL)






Are Microsoft Security Team happy with this gift? hahah guess not for Dustin Childs



Official Security Advisory by Micro$oft:

http://technet.microsoft.com/en-us/security/advisory/2794220


FireEye team published a very technical explanation in their blog.

http://blog.fireeye.com/research/2012/12/council-foreign-relations-water-hole-attack-details.html
Posted by at No comments:
Labels: , , , , , ,

Monday, October 1, 2012

Adobe turn to be compromised

Hah... what so hot today?

I guess it's Adobe IT Security Personal ass? My wild guess the haxor is using the so called "APT" or Advanced Persistence Threat to reach this server...


As usual those big corporate name will down play this kind of incident.... you can see the nicely written keyword there in red color.... hahah





We recently received two malicious utilities that appeared to be digitally signed using a valid Adobe code signing certificate. The discovery of these utilities was isolated to a single source. As soon as we verified the signatures, we immediately decommissioned the existing Adobe code signing infrastructure and initiated a forensics investigation to determine how these signatures were created. We have identified a compromised build server with access to the Adobe code signing infrastructure. We are proceeding with plans to revoke the certificate and publish updates for existing Adobe software signed using the impacted certificate. This only affects the Adobe software signed with the impacted certificate that runs on the Windows platform and three Adobe AIR applications* that run on both Windows and Macintosh. The revocation does not impact any other Adobe software for Macintosh or other platforms.




http://blogs.adobe.com/asset/2012/09/inappropriate-use-of-adobe-code-signing-certificate.html
Posted by at No comments:
Labels: , , , , ,

Saturday, September 29, 2012

Maxis Internet APN settings

Clueless? Tired? Annoyed?

Come try this:


1) Make sure 3G or GPRS already been activated? Not sure?
     Type *136#

2) Buy or subscribe to an internet package. If you're damn rich just open the data without any package and
    enjoy the 0.05 bux per 10kb rate

    Student? Cheapskate?

    Just take the 1 bux for 50mb daily prepaid offer

3) The infamous APN settings:

Name : Maxis 3G WAP
APN : unet     <---- important, bbnet is only for broadband
Proxy : 202.75.133.49
Port : 80
Username : maxis
Password : wap
Server : <not set>
MMSC : http://172.16.74.100:10021/mmsc
MMS Port : 80
MSC : 502
MNS : 12
APN Type : Internet + MMS     <--- doesn't matter put "default" , "internet & mms" also can

4) Turn the farking Mobile Data option ON

5) For custom rom phone, change your Wifi sleep policy to allow mobile data

6) Reboot your phone.


Extra steps:

7) Download data manager to monitor data usage, can try My Data Manager

8) If still fail, can try switch your mobile profile to Mobile Internet:

a) *100#
b) 9  - Internet and settings
c) 4 - wireless broadband
d) click next until you find switch profile, pick mobile internet




Posted by at No comments:
Labels: , , , , , ,
Subscribe to: Posts (Atom)