December 15, 2018

Facebook Account Password Extractor

ElcomSoft has announced the release of the Facebook Password Extractor, a free tool to recover Facebooks’ user credentials that are stored or cached in popular Web browsers.

The user credentials, such as user account and passwords, are routinely stored or cached in Web browsers to speed up access to protected resources. While it is possible to extract cached passwords from each of the popular Web browsers, it has never been an easy task. Mozilla Firefox, Apple Safari, Opera, Google Chrome and older versions of Microsoft Internet Explorer (v. 6 and earlier) use lighter security mechanisms that are easier to break. However, InternetExplorer 7, 8, and 9 employ an enhanced security model that makes extracting a cached password impossible without knowing the exact authorisation URL.

Facebook Password Extractor is the first free tool on the market to help users to recover lost and forgotten Facebook passwords from all popular Web browsers including enhanced-security Internet Explorer 7 to 9. This free for personal use (non-commercial) utility can instantly reveal cached login and password information to Facebook accounts. Supporting all versions of Microsoft Internet Explorer including IE9, Mozilla Firefox including Firefox 4, Apple Safari up to version 5, Opera up to version 11, and Google Chrome up to version 11, Facebook Password Extractor is the first free Facebook recovery tool to display multiple Facebook logins and passwords instantly and automatically.

Facebook Password Extractor supports the enhanced security model used in Internet Explorer 7 onwards, by including a small database containing exact Web addresses of all possible Facebook login pages.

Facebook Password Extractor can be downloaded now.

Apache 2.2.19 Released: Security Update and Bug-fix

The Apache HTTP Server Project team released the new version 2.2.19 of the Apache HTTP Server (httpd).

This new version is a security update and bug-fix release to address CVE-2011-1928 and CVE-2011-0419 DoS vulnerabilities. This release also corrects a versioning incompatibility in 2.2.18 and it is a major release of the stable branch, and represents the best available version of Apache HTTP Server according to the project’s website.

The Apache 2.2.19 includes some new features such as Smart Filtering, Improved Caching, AJP Proxy, Proxy Load Balancing, Graceful Shutdown support, Large File Support, the Event MPM, and refactored Authentication/Authorization.

This new release includes the Apache Portable Runtime (APR) version 1.4.5 and APR Utility Library (APR-util) version 1.3.12, bundled with the tar and zip distributions. The APR libraries libapr and libaprutil (and on Win32, libapriconv version 1.2.1) must all be updated to ensure binary compatibility and address many known security and platform bugs.

Apache HTTP Server 2.2.19 is available for download here.

 

Netsparker Version 1.9.0.5 Released

Mavituna Security Ltd has released a new version of Netsparker, Web Application Security Scanner. According to Mavituna Security blog, the Netsparker version 1.9.0.5 has two new security tests and many new features as follow:

New Redirect Tests

This release introduces 2 new security tests, which confirm whether redirects in the web application are working as expected. If the application sends a redirect back but keeps processing the page this generally indicates a bug. The impact of the bug can vary from “Authentication Bypass “ to a simple forgotten line in the code. However, it almost always indicates a bug that needs to be addressed.

New Features

  • Microsoft Live ID, SSO Authentication Support
  • Vulnerability Summary added to reports
  • Summary Report added to Sitemap. When you click name of the website that you are scanning from the sitemap Netsparker now shows a summary report of the current scan.

Improvements on Security Tests

  • Blind SQL Injection coverage improved
  • Protocol-agnostic Open Redirection checks added
  • LFI security test coverage improved
  • Version information automatically added to all Error Based SQL Injection issues now
  • New XSS checks added to bypass blacklists

Other Improvements and Bug Fixes

  • A Form Parsing bug fixed in Text Parser
  • An error log in Blind Command Injection Engine fixed
  • Some URI Based XSS issues were reported multiple times
  • Minor bugs fixed in the Detailed and XML Reports
  • Typo fixed in CSV Report
  • Set-Cookie headers wasn’t working properly in Redirects
  • Netsparker now supports multiple set-cookies with same cookie name
  • Anti-CSRF token support improved for Form Authentication
  • A bug fixed in profile save with NTLM authentication
  • Naming in certain vulnerabilities changed. New naming uses “Confirmed”, “[Probable]” and “[Possible]”.
  • Several bugs about JavaScript parsing and Form Authentication addressed

Visit Mavituna Security website for more information and educational videos.

 

Source & Picture: mavitunasecurity.com

NetScanTools Pro version 11 Released

Northwest Performance Software has announced the release of NetScanTools Pro Version 11. This network discovery and information gathering toolkit has a long history of use for ethical hacking and penetration testing.

NetScanTools Pro provides information about IP addresses, host-names, domain names, email addresses and URLs. It includes tools for active discovery, passive discovery, packet capture and packet generation as well as tools designed to retrieve information from third parties like its extensive DNS toolset and Whois tool.

NetScanToolsPro now supports IP version 6 and has a new improved GUI. New tools in NetScanToolsPro 11 include Connection Monitor, MAC Address to Manufacturer, Network Interfaces – Wireless, Routing Table – IPV4, and SNMP Scanner Tool for SNMPv3.

You can download the free version of NetScanTools Pro here.

NetScanTools is a registered trademark of Northwest Performance Software, Inc.

CollabNet ScrumWorks Basic Server transmits credential information in plaintext

The communication between the CollabNet ScrumWorks Basic Server and CollabNet ScrumWorks Desktop Client is transmitting credential information in plaintext.

With reference to US-CERT vulnerability note (VU#547167), The CollabNet ScrumWorks Basic Server communicates with the CollabNet ScrumWorks Desktop Client using unencrypted java objects. These unencrypted java objects contain the username and password of the active user or (by calling specific functions) all users on the CollabNet ScrumWorks Basic Server.

An additional vulnerability exists in CollabNet ScrumWorks where the ScrumWorks Basic Server stores unencrypted client username and passwords in its internal database.

The vulnerability has been reported by David Elze from Daimler TSS Technical Security.

Online Summit: Cybercrime & Computer Forensics

Last year, the world experienced significant breaches involving the use of botnets, viruses, and other forms of attacks targeting governments and businesses alike.

Engage live with experts at the Cybercrime & Computer Forensics Summit on Feb 3rd to learn what the latest threats to your business are, how to effectively manage breaches, and how to safeguard your organization from cybercriminals all over the world.

Click here to view the full program and sign up to attend your favorite presentations.

WHEN: February 3, 2011, or afterward on demand

Presentations include:

Cyber Security in 2011: What IT Security Managers Need to Know

Natalya Kaspersky, Chairperson of the Board of Directors, Co-Founder of Kaspersky Lab

Enterprise-Wide Risk Management

Ronald S. Ross, Fellow, NIST

Using Logs for Breach Investigations and Incident Response

Dr. Anton Chuvakin, Principal, Security Warrior Consulting

Preventing CyberCrime by Relying on SSL Protocol

Larry Seltzer, Security Analyst

Cybercrime Gets Social

Paul Dwyer, Chief Advisor at International Cyber Threat Task Force (ICTTF)

Cybercrime & Identity

Mike Small, Fellow Analyst at Kuppinger Cole


View the full program and register to view the free webcasts here.

Nmap 5.50 With Gopher Protocol Support Released‏

It has been a year since the last Nmap stable release and six months since development version (5.3DC1) of this powerful network scanner.

In this release the Nmap Scripting Engine(NSE) has been enhanced to expand up the protocol stack and take network discovery to the next level. Nmap 5.50 can now query all sorts of application protocols, including web servers, databases, DNS servers, FTP, and even Gopher servers!

This version has a brute forcing engine and supports network broadcast script in addition to two new script scanning phases known as prerule and postrule. It supports Nping with an innovative new echo mode and its developers added 636 OS fingerprints and 1,037 version detection signatures to Nmap since 5.21, bringing the totals to 2,982 and 7,319.

Nmap 5.50 source code as well as binary packages for Linux, Mac, and Windows are now available at:

http://nmap.org/download.html

More information about this release is available here.

PandaLabs Releases 2010 Annual Security Report

PandaLabs, the antimalware laboratory of Panda Security – The Cloud Security Company – has released its 2010 Annual Security Report, which details an extremely interesting year of cyber-crime, cyber-war and cyber-activism. The full report is available at: http://press.pandasecurity.com/press-room/panda-white-paper/.

In 2010, cyber-criminals created and distributed one-third of all existing viruses, creating 34 percent of all malware that has ever existed and been classified by the company. Panda Security’s proprietary Collective Intelligence system, which automatically detects, analyzes and classifies 99.4 percent of all malware received, currently stores 134 million unique files, out of which 60 million are malware (viruses, worms, Trojans and other computer threats).

Despite these dramatic numbers, the report highlights some good news. PandaLabs discovered that the speed at which the number of new threats is growing has actually decreased when compared to 2009. Every year since 2003, new threats grew by at least 100 percent every year, but in 2010, the increase was approximately 50 percent.

Banker Trojans still dominate the ranking of new malware that appeared in 2010 (56 percent of all samples), followed by viruses and worms. In addition, a fairly recent newcomer to the malware landscape, rogueware (fake antivirus software) already comprised 11.6  of all the malware gathered in the Collective Intelligence database, and has become a category, that despite appearing only four years ago, has created great havoc among users. For a visual representation of the breakdown of malware categories, please visit: http://www.flickr.com/photos/panda_security/5299741783/.

The countries leading the list of most infections are Thailand, China and Taiwan, with 60 to 70 percent of infected computers (data gathered from the free scanning tool Panda ActiveScan in 2010). To see a graph of how other countries ranked, please visit: http://www.flickr.com/photos/panda_security/5299741647/.

2010 witnessed hackers exploit social media, the positioning of fake websites (BlackHat SEO techniques) and zero-day vulnerabilities as its primary methods of infection. Spam also kept its position as one of the main threats in 2010, despite the fact that the dismantling of certain botnets (like the famous Operation Mariposa or Bredolab) prevented many computers from being used as zombies to send spam. This created a positive effect in spam traffic worldwide. Last year, approximately 95 percent of all email traffic globally was spam, but this dropped to an average of 85 percent in 2010.

2010: Cyber-crime, Cyber-war and Cyber-activism

2010 was truly the year of cyber-crime, cyber-war and cyber-activism. Although cyber-crime has existed for many years, cyber-war became a much more active and aggressive part of the malware landscape. The most notorious was Stuxnet, a new worm that targeted nuclear power plants and managed to infect the Bushehr plant, as confirmed by the Iranian authorities. Simultaneously, a new worm appeared called “Here you have,” that was created by a terrorist organization known as “Brigades of Tariq ibn Ziyad.” According to this group, their intention was to remind the United States of the 9/11 attacks and call for respect for the Islamic religion as a response to Pastor Terry Jones’ threat of burning the Quran.

And even though some aspects are still to be clarified, Operation Aurora was also in the spotlight. The attack, allegedly launched from China, targeted employees of large multinationals by installing a Trojan on their PCs that could access all their confidential information.

2010 also witnessed the emergence of new phenomenon called cyber-protests or hacktivism. This phenomenon, made famous by the Anonymous group, is not actually new, but grabbed the headlines in 2010 for the coordinated DDoS attacks launched on copyright societies and their defense of WikiLeaks’ founder Julian Assange.

Social Networks in the Spotlight

Besides offering information about the main security holes in Windows and Mac, the 2010 Annual Security Report also covers the most important security incidents affecting the most popular social networking sites. Facebook and Twitter were the most affected, but there were also attacks on other sites including LinkedIn and Fotolog. There were several techniques used for tricking users on these sites, such as hijacking Facebook’s “Like” button, stealing identities to send out messages from trusted sources, exploiting vulnerabilities in Twitter to run Javascript code and distributing fake apps that redirect users to infected sites.

The full report is available at http://press.pandasecurity.com/press-room/panda-white-paper/. Visit the PandaLabs blog for more information about these and other threats.

Source:[Panda Security]

Conference Series Targeting Technical Information Security Professionals Making Spring Debut in Dallas, Texas

EC-Council launches the TakeDownCon series – a highly technical information security conference series that promises to be an excellent knowledge acquisition and skills exchange platform.

TakeDownCon will bring together information security researchers and technical experts, both the brightest and darkest, from the corporate and government sectors to academic as well the underground, and make it into one of the world’s premier infosec event where the latest security threats are presented and debated, and vulnerabilities are disclosed and scrutinized.

TakeDownCon will also feature a pre-event training platform offering EC-Council certification training including the world-renowned Certified Ethical Hacker (CEH) and Computer Hacking Forensic Investigator (CHFI) programs. In addition, there will also be highly advanced and technical courses offered by EC-Council’s Center of Advanced Security Training (CAST). These programs are designed by industry practitioners and experts, and will allow participants to go through both hands on and real life scenario based training covering domains such as web application security, penetration testing and social engineering.

Jay Bavisi, President of EC-Council said, “There is a huge gap, and we recognize the need for more information security training and education. TakeDownCon will be the ideal platform for knowledge acquisition. Dallas was chosen for its strategic geographical location, and the vast demand for information security training. TakeDownCon, being highly technical, will feature a brand new format, it will be very focused, content driven, and attendees will see no frills, thus making it accessible for the masses.”

This conference will also see the launch of “Nite Locks et all”. It is where physical security vulnerabilities and lock picking skills will be showcased, and a chance for attendees to try their hands on lock picking, under the tutelage of experts in this realm.

The Call for Paper is now open. If you are interested to reveal a zero day exploit, expose a new vulnerability or flag an unknown threat, this may well be the platform for you to showcase and demonstrate your technical expertise and proficiency, as well as demonstrate your thought leadership. Do visit http://www.takedowncon.com/cfp to submit your paper to be considered.

TakeDownCon will make its debut in Dallas, TX from May 14 – 19, 2011. More details can be found at http://www.takedowncon.com.

Apple Releases Mac OS 10.6.6 to Include Beginnings of Mac App Store Integration

Apple released OS X 10.6.6 with access to the Mac App Store in Software Update. It is available now as a free 114 MB download for Snow Leopard users. As noted by Macworld, the Mac App Store already includes some apps from Apple such as the iLife ’11 suite with standalone apps sold at $15 each.

This is a major update that improves the operating system’s stability, compatibility and security. In addition to support for the new Mac App Store. Further, the update closes a variety of security holes in the operating system. Full change-log and first screen-shots of the Mac App Store below.

Update: here are the direct links to the OS X 10.6.6. update.

Source:[Apple.com]