Showing posts sorted by relevance for query SET. Sort by date Show all posts
Showing posts sorted by relevance for query SET. Sort by date Show all posts

Social-Engineer Toolkit (SET) Version 4.0 Codenamed “Balls of Steel” Released

Posted by Avik Sarkar On 9/23/2012 12:05:00 am

Social-Engineer Toolkit (SET) Version 4.0 Codenamed “Balls of Steel” Released


Social Engineer Toolkit also known as SET gets another update. Now we have Social Engineer Toolkit version 4.0 codename “Balls of Steel” is officially available for public consumption. In his official blog; Trusted Sec, the developper of SET has claimed that this version of SET is the most advanced toolkit till today. This version is the collection of several months of development and over 50 new features and a number of enhancements, improvements, rewrites, and bug fixes
Lets talk about some highlights and the new major features of SET 4.0- the Java Applet attack has been completely rewritten and obfuscated with added evasion techniques. All of the payloads have been heavily encrypted with a number of heavy anti-debugging tools put in place. PyInjector is now available on the Java Applet attack natively and deploys shellcode automatically through a byte compiled executable. The powershell attack vectors now support customized payload selection through the config/set_config. A new attack vector has been added called the Dell DRAC Attack Vector (default credential finder). A new teensy payload has been added from the Offensive-Security crew – the auto-correcting attack vector with DIP switch and SDcard “Peensy”. The web cloner has been completely rewritten in native python removing the dependency for wget. The new IE zero day has been included in the Metasploit Web Attack Vector. The Java Repeater and Java Redirection has been rewritten to be more reliable. Obfuscation added to randomized droppers including OSX and Linux payloads.

Full Changelog of The Social-Engineer Toolkit (SET) 4.0:- 

  •  Added a new attack vector to SET called the Dell Drac attack vector under the Fast-Track menu.
  •  Optimized the new attack vector into SET with standard core libraries
  •  Added the source code for pyinjector to the set payloads
  •  Added an optimized and obfuscated binary for pyinjector to the set payloads
  •  Restructured menu systems to support new pyinjector payload for Java Applet Attack
  •  Added new option to SET Java Applet – PyInjector – injects shellcode straight into memory through a byte compiled python executable. Does not require python to be installed on victim
  •  Added base64 encoded to the parameters passed in shellcodexec and pyInjector
  •  Added base64 decode routine in Java Applet using sun.misc.BASE64Decoder – native base64 decoding in Java is the suck
  •  Java Applet redirect has been fixed – was a bug in how dynamic config files were changed
  •  Fixed the UNC embed to work when the flag is set properly in the config file
  •  Fixed the Java Repeater which would not work even if toggled on within the config file
  •  Fixed an operand error when selecting high payloads, it would cause a non harmful error and an additional delay when selecting certain payloads in Java Applet
  •  Added anti-debugging protection to pyinjector
  •  Added anti-debugging protection to SET interactive shell
  •  Added anti-debugging protection to Shellcodeexec
  •  Added virtual entry points and virtualized PE files to pyinjector
  •  Added virtual entry points and virtualized PE files to SET interactive shell
  •  Added virtual entry points and virtualized PE files to Shellcodeexec
  •  Added better obfsucation per generation on SET interactive shell and pyinjector
  •  Redesigned Java Applet which adds heavily obfsucated methods for deploying
  •  Removed Java Applet source code from being public – since redesign of applet, there are techniques used to obfuscate each time that are dynamic, better shelf life for applet
  •  Added a new config option to allow you to select the payloads for the powershell injection attack. By specifying the config options allows you to customize what payload gets delivered via the powershell shellcode injection attack
  •  Added double base64 encoding to make it more fun and better obfuscation per generation
  •  Added update_config() each time SET is loaded, will ensure that all of the updates are always present and in place when launching the toolkit
  •  Rewrote large portions of the Java Applet to be dynamic in nature and place a number of non descriptive things into place
  •  Added better stability to the Java Applet attack, note that the delay between execution is a couple seconds based on the obfuscation techniques in place
  •  Completely obfsucated the MAC and Linux binaries and generate a random name each time for deployment
  •  Fixed a bug that would cause custom imported executables to not always import correctly
  •  Fixed a bug that would cause a number above 16 to throw an invalid options error
  •  Added better cleanup routines for when SET starts to remove old cached information and files
  •  Fixed a bug that caused issues when deploy binaries was turned to off, would cause iterative loop for powershell and crash IE
  •  Centralized more routines into set.options – this will be where all configuration options reside eventually
  •  Added better stability when the Java Applet Repeater is loaded, the page will load properly then execute the applet.
  •  The site cloner has been completely redesigned to use urllib2 instead of wget, long time coming
  •  The cloner file has been cleaned up from a code perspective and efficiency
  •  Added better request handling with the new urllib2 modules for the website cloning
  •  Added user agent string configuration within the SET config and the new urllib2 fetching method
  •  Added a pause when generating Teensy payloads
  •  Added the Offensive-Security “Peensy” multi-attack vector for the Teensy attacks
  •  Added the Microsoft Internet Explorer execCommand Use-After-Free Vulnerability from Metasploit into the Metasploit Browser Exploits Attack vectors
  •  Fixed a bug in cleanup_routine that would cause the metasploit browser exploits to not function properly
  •  Fixed a bug that caused the X10 sniffer and jammer to throw an exceptions if the folder already existed



To Download The Social-Engineer Toolkit (SET) 4.0 Click Here



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Social-Engineer Toolkit (SET) 3.0 Codenamed #WeThrowBaseballs Released

Posted by Avik Sarkar On 2/22/2012 11:56:00 pm

Social-Engineer Toolkit (SET) 3.0 Codenamed #WeThrowBaseballs Released
Earlier we have discussed many times about Social Engineer Toolkit also known as SET. Yet again the developer officially released the updated version of Social Engineer Toolkit Version 3 codename “#WeThrowBaseballs”. According to the developer- This release has been one of the most challenging ones thus far with the largest changelog, code rehaul, and features. Earlier all the version ware made for Unix & Linux platform in this release they have also made SET available for Windows Platform. 
Features:- 
1. Support for Windows – Tested on XP, Windows 7, and Windows Vista. Note that the Metasploit-based payloads to not work yet – when SET detects Windows they will not be shown only RATTE and SET Shell
2. New attack vector added – QRCode Attack – Generates QRCodes that you can direct to SET and perform attacks like the credential harvester and Java Applet attacks
3. Improved A/V avoidance on the SETShell and better performance. I’ve also fixed the non-encrypted communications when AES was not installed
4. Added a number of improvements and enhancements to all aspects of SET including major rehauls of the coding population and moved from things like subprocess.Popen(“mv etc.”) to shutil.copyfile(“etc”)
5. Rehauled SET Interactive Shell and RATTE to support Windows
6. New Metasploit exploits added to SET

Official change log and rest of other details can be found on the blog post of the developer. To Download Social Engineer Toolkit 3.0 Click Here



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

The Social-Engineer Toolkit v1.4

Posted by Avik Sarkar On 5/19/2011 12:32:00 pm


The Social Engineering Toolkit (SET) is a python-driven suite of custom tools which solely focuses on attacking the human element of penetration testing. It’s main purpose is to augment and simulate social-engineering attacks and allow the tester to effectively test how a targeted attack may succeed

  • Java changed how self signed certificates work. It shows a big UNKNOWN now, modified self sign a bit.
  • Added the ability to purchase a code signing certificate and sign it automatically. You can either import or create a request.
  • Fixed a bug in the wifi attack vector where it would not recognize /usr/local/sbin/dnsspoof as a valid path
  • Fixed a bug in the new backtrack5 to recognize airmon-ng
  • Added the ability to import your own code signed certificate without having to generate it through SET
  • Fixed an issue where the web templates would load two java applets on mistake, it now is correct and only loads one
  • Fixed a bounds exception issue when using the SET interactive shell, it was using pexpect.spawn and was changed to subprocess.Popen instead
  • Added better import detection and error handling around the python module readline. Older versions of python may not have, if it detects that python-readline is not installed it will disable tab completion
  • Added a new menu to the main SET interface that is the new verified codesigning certificate menu
  • Fixed a bug with the SET interactive shell that if you selected a number that was out of the range of shells listed, it would hang. It now throws a proper exception if an invalid number or non-numeric instance is given for input
  • Added more documentation around the core modules in the SET User_Manual
  • Updated the SET_User manual to reflect version 1.4
Download The Social Engineering Toolkit v1.4 (set.tar.gz) here.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Son of Flynn (Social Engineer Toolkit v2.2) Released

Posted by Avik Sarkar On 10/28/2011 06:35:00 pm



Social Engineer Toolkit has been updated! This release is named “Son of Flynn”. We now have the Social Engineer Toolkit version 2.2. The Social Engineering Toolkit (SET) is a python-driven suite of custom tools which solely focuses on attacking the human element of penetration testing. It’s main purpose is to augment and simulate social-engineering attacks and allow the tester to effectively test how a targeted attack may succeed.
Official Change Log for Social Engineer Toolkit v2.2:-
* Added better handling when generating your own legitimate certifcate and ensure proper import into SET
* Adjusted java repeater time to have a little more delay, seems to be more reliable and stable if that occurs.
* Removed the check from the main launch of SET for pymssql and only added it when the fast-track menu was specified
* Removed the derbycon posting since it already happened. When we get closer I’ll re-add it back in with detailed information
* Removed old files in the java applet attack that were not needed.
* Added better granularity checking the Java Applet attack when the shellcode exec or normal attacks were being specified.
* Fixed a bug that caused infectious media bomb out if shellcodeexec was specified as a payload
* Added a legal disclaimer for first inital use of SET that is must be used for lawful purposes only and never malicious intent
* Added improved stability of the java applet attack through better payload detect/selection
* Fixed a bug with shellcodeexec and creating a payload and listener through SET, it would throw an exception, it now exports shellcodeexec properly and exports alphanumeric shellcode
* Added new config check inside core.py, will return value of config, easier..will gradually replace all config checks with this
* Fixed an issue that would cause AUTO_REDIRECT=OFF to still continue to redirect. This was caused from a rewrite of teh applet and the same parameters not being filtered properly
* Added more customizing Options to RATTE. Now you can specifiy custom filename ratte uses for evading local firewalls. So you can deploy RATTE as readme.pdf.exe and it will run as iexplore.exe to bypass local firewalls. You can although specify if RATTE should be persistent or not. For testing network firewalls you won’t need a persistent one. Doing a penetration test you may choose a persistent configuration.
* Fixed a bug in RATTE which could break connection to Server. RATTE now runs much more stable and can bypass high end network firewalls much more reliable.
* Added a new config option called POWERSHELL_INJECTION, this uses the technique discovered by Matthew Graeber which injects shellcode directly into memory through powershell
* Added a new teensy powershell attack leveraging Matthew Graebers attack vector.
* Rehauled the Java Applet attack to incorporate the powershell injectiont technique, its still experimental, so will remain OFF in the config by default. The applet will not detect if Powershell is installed, and if so, use the shellcode deployment method to gain memory execution without touching disk through PowerShell.
* Fixed a bug that would cause mssql bruter to error if powershell injection was enabled or other attack vectors

To Download SET 2.2 Click Here



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Apple Working On TV With Integrated Voice/Motion Controller & Gaming Console

Posted by Avik Sarkar On 4/17/2012 12:29:00 pm

Apple Working On TV With Integrated Voice/Motion Controller & Gaming Console

Apple is planning an assault on the living room with a TV that will come equipped with an Apple-branded, Kinect-like video game console. According to sources Apple is working on a television set with an iTunes-integrated touch screen remote and Siri-like voice command technology. The TV set will be coming before the end of 2012. Rumors and patents have said as much for the past year, so that’s nothing new. But that’s not all we’ve heard. Also it has come to light that Apple’s television set will come with an Apple-branded, Kinect-like video game console. The interface will rely heavily on motion and touch controls. The rumor gained more traction following claim made by Walter Isaccson in Steve Jobs’ biography that the late Apple CEO would ‘like to create an integrated television set that is completely easy to use’ that would ‘ seamlessly synced with all of your devices and with iCloud. ‘Jobs also claimed to have ‘finally cracked’ the user interface problem to make the whole package easy to use.
Here comes few Doubts:-
  • Outside of the iOS platform (iPhone and iPad), Apple isn’t known as a gaming company.
  • A TV with a built-in voice and motion controller and a games console? How much is this thing going to retail for exactly?
  • The games console market is tightly stitched up by Microsoft, Sony and Nintendo. Breaking into this new market would be extremely difficult.
  • Valve does have a portfolio of Mac games, but not enough to create a new ecosystem for a games console.
  • Apart from branding, what differentiates an Apple games experience from PC/Mac/Xbox 360/PS3?
  • Wouldn’t it make more sense for Apple to bring iOS games into the living room through an updated Apple TV set top box? There’s a massive ecosystem of games here ready to exploit, along with a healthy developer base.
  • That said, folks who own an iPhone/iPad and an Apple TV device can use AirPlay to put games on any HDMI-enabled TV without the need for an Apple-branded TV or an Apple-branded games console. Where does a console fit into the picture?

-Source (Cut of Mac, Forbes, Rumor) 





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

The Social-Engineer Toolkit (SET) v2.1

Posted by Avik Sarkar On 8/10/2011 10:16:00 pm

The Social Engineering Toolkit (SET) is a python-driven suite of custom tools which solely focuses on attacking the human element of penetration testing. It’s main purpose is to augment and simulate social-engineering attacks and allow the tester to effectively test how a targeted attack may succeed

The official change log:-

Added slim_set.py in config, will slim down the SET instance
Added a new config option in set_config to turn SET_Interactive shell to off which will mean you need to spare some room in SET.
Changing the structure of how menus look, so when you go to phishing, you know your in the phishing menu, when your in webattack you know you’re there
Added core function set_check to see if interactive shell is turned on or off
Added new core function to standardize menu output for option 99
Added a 99 backout menu to the infectious media menu
To Download Social Engineering Toolkit v2.1 (set.tar.gz)click here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

BlackHole Exploit Kit 1.0.2 is now Available

Posted by Avik Sarkar On 5/25/2011 01:51:00 pm


BlackHole exploit kit is yet another in an ongoing wave of attack toolkits flooding the underground market. The kit first appeared on the crimeware market in September of 2010 and ever since then has quickly been gaining market share over its vast number of competitors. In fact, many antivirus vendors now claim that this is one of the most prevalent exploit kits used in the wild. Even Malware Domain List is showing quite a few domains infected with the BlackHole exploit kit. TDS or Traffic Direction Script. While this is not an entirely new concept in attack toolkits the TDS included her is much more sophisticated and powerful than those in other kits. A TDS is basically an engine that allows redirection of traffic through a set of rules. For example, a user can set up a set of rules that redirect flow to different landing pages on their domain. These rules could be based on operating system, browser, country of origin, exploit, files, etc. One rule might redirect traffic to page A for all users that are running Windows OS from XP to Vista and running IE 8, while another rule can redirect Windows 7 users to page B. Those were just simple example rules.
More advanced rules could set expiration dates for certain payloads and replace them with new ones when the date is reached. The TDS included in BlackHole even goes the extra step and allows you to create traffic flows based on these rules and provides management interface for the flows. A savvy malicious user with a lot of experience could easily utilize this rule engine to increase their infection numbers.From a web application standpoint BlackHole is built just like other kits, consisting of a PHP and MySQL backend. Since the majority of web servers run on the LAMP stack this enabled for very easy applicationdeployment. The user interface for this kit is a cut about the rest, and it definitely looks nicer than almost any other attack kit.
Download BlackHole Exploit Kit 1.0.2 here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

No Internet Connection For DNSChanger Victims As FBI Will Shutdown DNSChanger Servers on July 9

Posted by Avik Sarkar On 7/05/2012 05:19:00 pm

No Internet Connection For DNSChanger Victims As FBI Will Shutdown DNSChanger Servers on July 9
Earlier in this year FBI carried out Operation Ghost Click to destroy the DNSChanger network and set up a replacement server which redirected DNS queries from affected computers to their correct destinations. This was a temporary solution, so now the FBI decided the server which is still infecting millions of people is set to be switched off on the 9th of July, I mean this Monday.  This will mean that users who are infected with the malware will be almost completely unable to access the internet normally. Users are therefore advised to check whether their computers or routers use one of the FBI-listed IP addresses for DNS queries, well before the server shutdown, by visiting dnschanger.eu or dns-ok.us. Users who want to check their configuration manually need to look out for the following IP address ranges:-
  • 85.255.112.0 to 85.255.127.255
  • 67.210.0.0 to 67.210.15.255
  • 93.188.160.0 to 93.188.167.255
  • 77.67.83.0 to 77.67.83.255
  • 213.109.64.0 to 213.109.79.255
  • 64.28.176.0 to 64.28.191.255
If an address from one of the above ranges is already set as the DNS server on the computer or router, it is infected with DNSChanger. Users can find out where to locate this DNS server information for their particular case using a wizard set up by the eco association. Future DNS queries can be made using servers such as Google's at 8.8.8.8. 
Although this date and the DNS problem have been public knowledge for several months, there are still thousands of infected computers in use in the UK. Two months ago, the FBI was still registering queries from around 20,000 UK IP addresses. From Monday, users will only be able to visit web sites from infected computers by entering the IP address directly (e.g. http://193.99.144.80 for heise.de). 



-Source (The-H)



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Social Engineer Toolkit (SET) Version 2.4.2 Released

Posted by Avik Sarkar On 12/01/2011 06:07:00 pm



Social Engineer Toolkit has been updated! We now have the Social Engineer Toolkit version 2.4.2

Brief About SET:-
The Social Engineering Toolkit (SET) is a python-driven suite of custom tools which solely focuses on attacking the human element of penetration testing. It’s main purpose is to augment and simulate social-engineering attacks and allow the tester to effectively test how a targeted attack may succeed.

Official Change Log For Social Engineer Toolkit v2.4.2:-


  • Fixed a bug in multiattack vector where specifying java applet attack and shellcode exec would not properly inject alphanumeric shellcode into applet properly
  • Restructured multiattack vector to properly clone, prep payload delivery, then inject alphanumeric shellcode
  • Added better handling around multiple attack vectors
  • Fixed a bug that caused msfvenom to bomb out if path was /opt/framework3/msf3 versus /opt/framework/msf3
  • Added better handling around multiattack in Social Engineer Toolkit
  • Fixed a bug with self signed certificates would continue to show Microsoft versus what you sign it with
  • Changed java applet to load and render at bottom of body versus in head. Page should now load with Java Applet appearing
  • Fixed a bug where Java Repeater would not load properly when executed due to a incorrect loop within cloner.py
  • Added the ability to use filename for import versus directory
  • Added the ability to import index.html files versus just the folder on the custom import feature


To Download Social Engineer Toolkit v2.4.2 Click Here



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Twitter Traffic Hits 6,049 Tweets per Second As News of Jobs' Death Spread

Posted by Avik Sarkar On 10/09/2011 07:35:00 pm



Traffic hit near-record levels on Twitter Wednesday after news spread of Apple co-founder Steve Jobs' death. Leaders in the high-tech industry, as well as Apple fans and average people, took to social networking sites Wednesday night and Thursday to spread the word about Jobs and to share memories and tributes to the man behind the iMac, iPod, iPhone and iPad. Around 8 p.m. EDT Wednesday, shortly after news of Jobs' passing was made public, Twitter was handling 6,049 tweets per second, according to Twitter spokeswoman Rachael Horwitz.
"I'm surprised at the number of tweets it got, but I guess I shouldn't be," said Zeus Kerravala, principal analyst with ZK Research. "Social networks are increasingly the de facto place for people to go to when they want to share information. Twitter is perfect for this type of thing."
While Wednesday night didn't set a record for Twitter traffic, it was one of the site's highest number of tweets per second ever recorded.
Horwitz noted that early last May, the death of al-Qaeda leader Osama Bin Laden set a record at that time with a peak of 5,106 tweets per second.
When Brazil was eliminated from the international soccer tournament Copa America in July, Twitter saw 7,166 tweets per second. The current record is 8,868 tweets per second, which was set during the 2011 MTV Video Music Awards in August, Horwitz noted.

Shawn White, vice president of operations at Keynote Systems, an Internet and mobile monitoring company, told Computerworld that the surge in Twitter traffic after Job's death was staggering.
"We saw it with the death of Michael Jackson and the inauguration of President Obama. Sometimes sites just get overwhelmed," White said. "The pattern we saw [with Twitter] was that things hummed a long pretty normally and then right after the announcement of Steve Jobs' passing, the site slowed." He noted that the time to access Twitter's homepage for many users went from 3 seconds to 20 or 30 seconds. The site increasingly struggled under the load, with the first error hitting at 8:10 p.m. ET.
Then the availability of Twitter's homepage dropped nearly 40% between 8:50 and 9:05, according to Keynote.
"During that 15-minute period, roughly 60% of Twitter users would have gotten some kind of error trying to get to the home page. And if they got there, it was probably really slow," White said. "But Twitter recovered pretty quickly."


-News Source (Computer World, BBC, twitter) 




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Red Hat Announced Beta of Red Hat Enterprise Linux (RHEL) 6.3

Posted by Avik Sarkar On 4/28/2012 02:56:00 pm

Red Hat Announced Beta of Red Hat Enterprise Linux 6.3
Just over four months after the release of Red Hat Enterprise Linux (RHEL) 6.2, developer at RedHat has made a beta of version of RHEL 6.3 available. This beta includes a broad set of updates to the existing feature set and also provides rich new functionality particularly in the areas of virtualization, scalability, storage, file systems, and security. As always, the Red Hat Enterprise Linux 6.3 beta delivers new hardware enablement made possible by our strong relationships with our strategic hardware partners. This beta release has been designed for optimized performance, scalability, and reliability to cater to the diverse workloads running in physical, virtual and cloud environments.

Key Features in the Red Hat Enterprise Linux 6.3 Beta:-
Virtualization-
  • A new tool called Virt-P2V that facilitates the conversion of physical Windows or Red Hat Enterprise Linux systems into virtual images to be deployed as KVM guests inside Red Hat Enterprise Linux or Red Hat Enterprise Virtualization.
  • Stronger compliance with Payment Card Industry Data Security Standards (PCI-DSS), including the ability to perform secure wipes of virtual machine disks.
  • The ability to perform live volume resizing, improving the overall availability of virtualized guests.
Scalability-
  • The maximum number of virtual CPUs (vCPUs) has been increased from 64 to 160, which lets you run larger CPU-intensive workloads on the Red Hat Enterprise Linux platform. VMware ESX 5.0 currently support 32 vCPUs.
  • The maximum supported memory configuration for KVM guests has been increased from 512GB to 2TB.
File Systems-
  • GFS2 enhancements that create faster read-write capabilities for specific use cases.
  • Support of O_Direct in FUSE (Filesystem in User Space), which can provide improved performance for certain workloads.
  • Simplified configuration and administration for the file system. Integration of automount capability with System Security Services Daemon (SSSD) provides centralized management of configuration data and the ability to improve performance through caching and load balancing. (This feature is a Technology Preview.)
Storage-
  • Red Hat Enterprise Linux 6.3 provides full support for Fibre Channel over Ethernet (FCoE) Target. This feature, which was previously provided as a Technology Preview, allows customers to present their Red Hat Enterprise Linux servers as FCoE storage devices. This feature complements the FCoE Initiator support that was delivered in Red Hat Enterprise Linux 6.0.
  • The Logical Volume Manager (LVM) now provides support for RAID levels 4, 5, and 6. (Previously, support for these RAID levels was provided through the MD subsystem.) This expanded LVM RAID support simplifies overall storage administration by consolidating all management functions, such as creating volumes, resizing volumes, deploying RAID, taking snapshots, etc., into a single interface. (This feature is a Technology Preview.)
  • The LVM now provides the ability to create thin provisioned logical volumes. Previously, storage was allocated when the volume was created, and needed to be monitored for space consumption and expanded manually. In Red Hat Enterprise Linux 6.3, storage is allocated as required, allowing volumes to expand up to the requested size on demand without intervention. (This feature is a Technology Preview.)
Security-
  • Availability of a two-factor authentication mechanism, enhancing the overall security available to lock down Red Hat Enterprise Linux environments and enabling compliance with industry standards such as PCI-DSS.
  • Expansion of the Advanced Encryption Standard (AES) to provide particular benefits for system performance on multi-processor machines.
Identity Management-
  • With native support for netgroups and the services map in System Security Services Daemon (SSSD), Red Hat Enterprise Linux servers can be integrated into centralized systems -- such as Active Directory -- to manage system users.
  • The addition of an automembership plug-in streamlines the administration of new users and hosts when they are added into the Identity Management system by automatically placing them into a predefined set of groups, speeding user and host provisioning.
  • Performance improvements through session data caching, which lowers the overall load on authentication servers.
Hardware Enablement-
  • Software bandwidth management for USB 3.0 for select Intel platforms is now available.
  • Compiler optimization for Intel Xeon E5 processor family, which improves the result of string operations, is now included.
  • Improvements to memory and I/O breakpoint execution operations within compiler tools are now included.
Developer Tools-
  • With the introduction of OpenJDK 7, customers can develop and test with the latest version of open source Java.
To Download Red Hat Enterprise Linux 6.3 Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

5 More Cyber-Cells In Maharashtra (Nashik, Nagpur, Aurangabad, Pune & Kolhapur)

Posted by Avik Sarkar On 4/04/2012 02:28:00 pm

5 More Cyber-Cells In Maharashtra (Nashik, Nagpur, Aurangabad, Pune & Kolhapur)
 

In a bid to curb cyber crime, the Maharashtra government on Saturday announced that it would set up five more cyber cells in the state. According to Satej Patil  minister of state for home "The cyber cells will be set up in Nashik, Nagpur, Aurangabad, Pune and Kolhapur mainly to curb cyber crimes like data theft and hacking," Maharashtra reported an increase of 151% in cyber crime, with cases rising from 161 in 2009 to 246 in 2010. Mumbai alone reported 49 cases as against 39 in 2009. According to the National Crime Records Bureau (NCRB) report ‘Crime in India for the year 2010’, the city registered 58 cases related to cyber crime under the IT Act, 2000, in 2010, as against eight in 2009.
Pune is closely followed by Hyderabad at second position with 56 cases, Bangalore and Mumbai are at the third position with 49 cases each
A senior officer attached with the city police told DNA, “Presently, Bangalore and Hyderabad, the two top IT hubs in the country, have such specialised police station. The Mumbai police also opened a station at Bandra-Kurla complex in suburban Bandra on May 2009,” Cyber crime victims have to virtually run from pillar to post to lodge complaints.
Late in 2011 we have seen Kolkata has set up a new cyber-lab to prevent or fight against cyber crime, now Maharashtra Govt. has planned to setup 5 new cyber cells. So we must have to say slowly but steadily Indian Govt is plaining to enhance cyber-security :P

-Source (DNA India & TOI)




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Permanent Internet Ban in Iran, Govt Launching National Intranet Service

Posted by Avik Sarkar On 4/10/2012 02:13:00 pm

Permanent Internet Ban in Iran, Govt Launching National Intranet Service  

The Iran Government has announced its plans to establish a National Intranet within five months. As a result millions of Internet users in Iran will be permanently denied access to the World Wide Web (WWW) and cut off from popular social networking sites, email services & so on. The government is set to roll out the first phase of the project in May, following which Google, Hotmail and Yahoo services will be blocked and replaced with government Intranet services like Iran Mail and Iran Search Engine. At this stage, however, the World Wide Web, apart from the aforementioned sites, will still be accessible. Iran government has already started the registration procedure to apply for procuring Iran Mail ID, which mandates authentic information pertaining to a person's identity, including national ID, address and full name. Registration will be approved only after verifying it against the government data on the particular applicant. The second and final stage of the national Intranet will be launched in August, which will permanently deny Iranians access to the Internet. "All Internet Service Providers (ISP) should only present National Internet by August," Taghipour said in the statement. Iranian ISPs already face heavy penalties if they fail to comply with the government filter list. By establishing the Intranet, the government control is set to become stricter. Foreign sites can still be accessed over the Intranet provided they are mentioned in a "white list" set up by the government. The government is also believed to be planning for better control on proxy servers which allow users to access banned sites. Accordint to statement of Reza Taghipour, the Iranian minister for Information and Communications Technology, announced the setting up of a national Intranet and the effective blockage of services like Google, Gmail, Google Plus, Yahoo and Hotmail, in line with Iran's plan for a "clean Internet."

-Source (IB Times)


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Oracle Released Java 7 update 10 With Security Enhancements & Bug Fixes

Posted by Avik Sarkar On 12/21/2012 07:18:00 pm

Oracle Released Java 7 update 10 With Security Enhancements & Bug Fixes 

This is the third time in a year when Oracle has updated the standard edition of Java platform. This release includes new security controls in addition to a bug fix and updated timezone data. This latest update also contains a number of security enhancements and is now certified for Mac OS X 10.8 and Windows 8. The security enhancements include the ability to disable any Java application from running in the browser and the ability to set a desired level of security for unsigned applets, Java Web Start applications, and embedded JavaFX applications. While keeping in mind the last security issues with Java, in the press release of this Java update Oracle said "if the JRE is deemed expired or insecure, additional security warnings are displayed. In most of these dialogs, the user has the option to block running the app, to continue running the app, or to go to java.com to download the latest release."

Security Feature Enhancements

The JDK 7u10 release includes the following enhancements:
  • The ability to disable any Java application from running in the browser. This mode can be set in the Java Control Panel or (on Microsoft Windows platform only) using a command-line install argument.
  • The ability to select the desired level of security for unsigned applets, Java Web Start applications, and embedded JavaFX applications that run in a browser. Four levels of security are supported. This feature can be set in the Java Control Panel or (on Microsoft Windows platform only) using a command-line install argument.
  • New dialogs to warn you when the JRE is insecure (either expired or below the security baseline) and needs to be updated.

Bug Fixes

Notable Bug Fixes in JDK 7u10

The following are some of the notable bug fixes included in JDK 7u10.
Area: java command

Description: Wildcard expansion for single entry classpath does not work on Windows platforms.

The Java command and Setting the classpath documents describe how the wildcard character (*) can be used in a classpath element to expand into a list of the .jar files in the associated directory, separated by the classpath separator (;).
This wildcard expansion does not work in a Windows command shell for a single element classpath due to the Microsoft bug described in Wildcard Handling is Broken.
See 7146424.
For a list of other bug fixes included in this release, see JDK 7u10 Bug Fixes page. 

The updated Java Development Kit and Java Runtime Environment are available to download from the Oracle site. 



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

NSS Labs are Now Offering Rewards Money for Fresh Exploits

Posted by Avik Sarkar On 10/06/2011 05:15:00 pm


NSS Labs is sweetening the pot for its ExploitHub marketplace by offering rewards to security gurus who can write working exploits for a dozen "high-value" vulnerabilities. The company, which has set aside US$4,400 in reward money, plans to give $100 to $500 to the first people to submit a working exploit for the vulnerabilities. Ten of the vulnerabilities concern Microsoft's Internet Explorer browser and two were found in Adobe's Flash multimedia program.
The exploits must be client-side remote exploits that can result in code execution. Proof-of-concept code and denial-of-service conditions do not qualify. NSS Labs will pay the developer with American Express gift cards. Residents from countries that the U.S. has a standing embargo against are not allowed to participate.
NSS Labs said that those who win can then sell their exploits on ExploitHub, a marketplace the company set up for penetration testers to acquire exploits to test against their infrastructure. ExploitHub was set up to help with the development of penetration testing tools and to assist computer security researchers.
Those who write the winning exploits may then sell their code on ExploitHub, with NSS Labs taking a 30 percent commission. Penetration testers can also make requests via the marketplace for exploits for specific vulnerabilities. Those who want to buy exploits are vetted by NSS Labs to ensure the marketplace is not abused.
ExploitHub also only sells exploits for vulnerabilities that have been patched and does not host ones for zero-day vulnerabilities. 

The vulnerabilities that NSS Labs is offering the reward for are:-

1. CVE-2011-1256: Microsoft Internet Explorer CElement Memory Corruption

2. CVE-2011-1266: Microsoft Internet Explorer VML vgx.dll Use After Free

3. CVE-2011-1261: Microsoft Internet Explorer selection.empty Use After Free

4. CVE-2011-1262: Microsoft Internet Explorer Redirect Memory Corruption

5. CVE-2011-1963: Microsoft Internet Explorer XSLT Memory Corruption

6. CVE-2011-1964: Microsoft Internet Explorer Style Object Memory Corruption

7. CVE-2011-0094: Microsoft Internet Explorer CSS Use After Free Memory Corruption

8. CVE-2011-0038: Microsoft Internet Explorer 8 IESHIMS.DLL Insecure Library Loading

9. CVE-2011-0035: Microsoft Internet Explorer Deleted Data Source Object Memory Corruption

10. CVE-2010-3346: Microsoft Internet Explorer HTML Time Element Memory Corruption

11. CVE-2011-2110: Adobe Flash Player ActionScript Function Variable Arguments Information

12. CVE-2011-0628: Adobe Flash Player Remote Integer Overflow Code Execution


-News Source (PC-World)


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Videoconferencing System Is Vulnerable, Hacker Can Listen Company's Confidential Discussions

Posted by Avik Sarkar On 1/26/2012 06:59:00 pm

Videoconferencing System Is Vulnerable, Hacker Can Listen Company's Confidential Discussions 
Recent research underscores that insecure video conferencing systems can allow hackers to listen into a company's confidential discussions. 
According to an exclusive article of Robert Lemos, Contributing Editor of Dark Reading:- Last October, security researcher HD Moore scanned about 3 percent of addressable Internet space looking for high-end videoconferencing systems -- the type of systems present in many corporate boardrooms and meeting spaces.
The scan, which took about two hours using a handful of computers, discovered a quarter of a million systems that understood the H.323 protocol, widely used by Internet protocol (IP) communication systems. Using that list, Moore, the chief security officer for vulnerability-management firm Rapid7, used a module for the popular Metasploit framework to "dial" each server, connect long enough to grab the public handshake packets, and then dropped the connection. "Any machine that accepted a call was set to auto answer," Moore says. "It was fairly easy to figure out who was vulnerable, because if they weren't vulnerable, then they would not have picked up the call." Using the information, Moore and Rapid7 CEO Mike Tuchen identified 5,000 videoconferencing systems that were set to automatically answer incoming calls, allowing a knowledgeable attacker to essentially gain a front-row seat inside corporate meetings. Videoconferencing systems that automatically answer incoming calls can be turned on externally by an attacker without attracting the attention of people in the boardroom. In tests on systems in Rapid7's lab, the researchers found that the system could listen into nearby conversations and record video of the surrounding environment -- even read e-mail from a laptop screen and passwords off of a sticky note that was 20 feet away. While the number of vulnerable systems may be small -- about 150,000 across the Internet, Moore estimates -- the technique returned an interesting set of targets, he says.





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Indian Govt. Asked Social Networks (Facebook, Google, Yahoo & Microsoft) To Screen Contents From India

Posted by VOICE OF GREYHAT On 12/07/2011 12:18:00 am


Indian government has told social networking giants Facebook, Google, Yahoo and Microsoft to remove material that might "offend Indian sensibilities". Top officials from the Indian units of Google, Microsoft, Yahoo and Facebook are meeting with Kapil Sibal, India’s acting telecommunications minister, on Monday afternoon to discuss the issue, say two executives of Internet companies. The executives asked not to be identified because they are not authorized to speak to the media on the issue.
Mr. Sibal’s office confirmed that he would meet with Internet service providers Monday but did not provide more information about the content of the meeting. About six weeks ago, Mr. Sibal called legal representatives from the top Internet service providers and Facebook into his New Delhi office, said one of the executives who was briefed on the meeting. At the meeting, Mr. Sibal showed attendees a Facebook page that maligned the Congress Party’s president, Sonia Gandhi.  “This is unacceptable,” he told attendees, the executive said, and he asked them to find a way to monitor what is posted on their sites.
In the second meeting with the same executives in late November, Mr. Sibal told them that he expected them to use human beings to screen content, not technology, the executive said. The three executives said Mr. Sibal has told these companies that he expects them to set up a proactive prescreening system, with staffers looking for objectionable content and deleting it before it is posted. The executives said representatives from these companies will tell Mr. Sibal at the meeting on Monday that his demand is impossible, given the volume of user-generated content coming from India, and that they cannot be responsible for determining what is and isn’t defamatory or disparaging.
“If there’s a law and there’s a court order, we can follow up on it,” said an executive from one of the companies attending the meeting. But these companies can’t be in the business of deciding what is and isn’t legal to post, he said. 
Yahoo, Facebook and Microsoft did not respond immediately to calls for comment, and a Google spokeswoman said the company had no comment on the issue. Facebook said earlier this year it has more than 25 million users in India. Google has over 100 million Internet users in India. The demand is the Indian government’s latest attempt to monitor and control electronic information. In April, the ministry issued rules demanding Internet service providers delete information posted on Web sites that officials or private citizens deemed disparaging or harassing. 
The Indian government also plans to set up its own unit to monitor information posted on Web sites and social media sites, executives said, which will report to Gulshan Rai, the director general of India’s cyber-security monitor. 
Some Indian cities like Mumbai have already set up special units to monitor Internet sites like Facebook and Orkut, the social networking site operated by Google, for content considered disparaging or obscene.
Now lets see what these social network authorities do in this case......



-News Source (The Guardian & New York Times) 



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Next Generation Mobile Security Solution For Android By Trend Micro Mobile Security

Posted by Avik Sarkar On 9/16/2011 11:35:00 pm


Trend Micro, Inc. (tyo:4704) a global cloud security leader and long-time innovator in mobile security, today announced the latest addition to Trend Micro's Mobile arsenal, Trend Micro(TM) Mobile Security Personal Edition, a solution designed to protect both Android smartphones and tablets that includes a free app scanner, lost device protection and enhanced security to block threats while surfing the Web, calling or texting.
In January 2011, Trend Micro introduced Trend Micro(TM) Mobile Security for Android(TM) during CES in Las Vegas, NV. Early features included:
  • Safe surfing
  • Parental controls
  • Download protection
  • Call and text filtering

As Android devices gain in popularity so does its use from cybercriminals. Trend Micro's threat researchers have tracked new threats targeting Android devices growing at 800% since February 2011. In this version, which also follows the release of Trend Micro's Enterprise solution, Trend Micro Mobile Security 7, a consumer's mobile devices will be better protected based on the new data that has been discovered over the last six months. New and enhanced features include:
New App Scanner: Designed to block infected apps from installing and stealing your personal information
New Lost Device Protection: From a personal online portal, you can locate a lost device, trigger an alarm, remotely lock it or even wipe it clean to protect your personal information.
Enhanced Surf, Call, and Text Security: Designed to block online threats like banking scams, blocks unwanted calls and text messages and designed to block inappropriate websites to protect your children. "We believe mobile users need to be protected against malicious applications. To help protect as many people as possible and stifle criminal attempts to steal personal and financial information we are offering our anti-malware scanner for free." said Carol Carpenter, General Manager, Consumer Business at Trend Micro.
Additional enhancements offer a secure Web-based portal that enables users to remotely find a lost device on a Google map and set off an alarm, even if the device is set to silent. If the device can't be found it can be locked from the portal and if all else fails the user can wipe the contents by triggering a factory reset. As a safeguard, if the SIM card is removed the device is also automatically locked. The Web-based portal provides an easy user experience for those who may be in a state of panic over the whereabouts of their device. They just need to remember http://www.TrendMicro.com/ilostmyandroid .
With the sheer amount of personal information now being stored and transacted via these devices it is imperative that misplaced devices be recoverable or the sensitive information deleted. Not only do these devices allow a 3rd party to run up phone and data bills, but they could potentially grant access to online banking, social networking and in some cases even provide access to home automation systems including doors and alarms.
"With over 200,000 devices currently protected with prior or Beta versions of the solution, and Trend Micro's history of protecting mobile platforms since the middle of last decade. We are confident in our ability to provide a range of solutions that enable people to live out their digital lives in a safe and secure fashion." concluded Ms Carpenter.
Trend Micro Mobile Security Personal Edition also gives users the ability to protect their web surfing, calls and texts. Leveraging the power of the Trend Micro(TM) Smart Protection Network infrastructure, which blocks over 5 billion threats daily, all websites visited on the device browser are checked against the same reputation databases that protect Trend Micro's global customer base. Parents can set web surfing policies to block inappropriate content. And calls and text message scan be blocked to avoid time wasting, costly and unwanted contact. Trend Micro Mobile Security Personal Edition is available via the Android Market and major retail stores. While the app scanner is free, the premium services, including Lost Device Protection and Surf, Call, Text Security are available for USD$29.99 for a 1 year license.


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

The Social-Engineer Toolkit v1.5.3 Released

Posted by Avik Sarkar On 7/22/2011 01:39:00 pm


The Social Engineering Toolkit (SET) is a python-driven suite of custom tools which solely focuses on attacking the human element of penetration testing. It’s main purpose is to augment and simulate social-engineering attacks and allow the tester to effectively test how a targeted attack may succeed

What is new in SET v1.5.3 :-
  • Large menu rehaul and things moved to different places and code cleaned up
  • Fixed the logging problem that would not generate log messages for errors insrc/logs/
  • Added print_status, print_error, and print_input in the core modules, all menus should now use this from now on
  • Added some alignment to some menus and made it flow better
This release primarily focuses bug fixes and menu enhancements!

Download The Social Engineering Toolkit v1.5.3 (set.tar.gz) here.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Red Hat Enterprise Linux (RHEL) 6.2 Beta Released

Posted by Avik Sarkar On 10/07/2011 05:28:00 pm

 
Beta for Red Hat Enterprise Linux 6.2 is now available. This beta includes a broad set of updates to the existing feature set and also provides rich new functionality particularly in the areas of performance and scaling, identity management, high availability, advanced storage, and networking. As always, this beta delivers new hardware enablement made possible by our strong relationships with our strategic hardware partners. This beta release has been designed for optimized performance, scalability and reliability to cater to the diverse workloads running in physical, virtual and cloud environments.
The key benefits for organizations working with this beta for Red Hat Enterprise Linux 6.2 are operational efficiency realized through enterprise management and monitoring, along with enhanced business agility through additional support for virtualized and clustered deployments.

Key functionality in this beta for Red Hat Enterprise Linux 6.2 are as follows:-

Performance and Scaling:-
  • Kernel-level optimizations implemented in the process scheduler, networking, virtualization, and I/O subsystems.
  • Faster creation of ext4 file systems and improved response times in XFS for certain workloads.
  • Improved CPU controller scalability and enhanced resource management features to set processor utilization ceilings.
Identity Management:-
  • Centralized identity management for the flexible management of users, roles, policies, and authentication services.
  • New capabilities for the unification of Kerberos ticketing, DNS naming, user and group ids, and Linux systems policies into a single service.
High Availability:-
  • Support for Red Hat Enterprise Linux 6 guests on VMware® hosts and comprehensive support for the GFS2 shared storage file system have been added to the High Availability Add-on Product, creating a more tightly integrated environment.
  • Full support for the UDP-unicast protocol which reduces administration overhead, resulting in easier cluster deployment.
Advanced Storage:-
  • World Wide Name (WWN), or World Wide Identifier (WWID), for storage devices making it easier to identify them during installation for users utilizing Storage Area Networks (SAN) and other advanced network topologies.
  • Within production environments using infiniband – where high throughput and low latency are key requirements – Red Hat Enterprise Linux can now be purposed as an iSCSI initiator and storage server.
Networking:-
  • Transmit Packet Steering (XPS) capabilities which improve network packet transmission throughput by 30%.

To See the Official Release Note of Red Hat Click Here

For Download Click Here

-News Source (RedHat)


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search