3 min
Product Updates
Weekly Update: The Nginx Exploit and Continuous Testing
Nginx Exploit for CVE-2013-2028
The most exciting element of this week's update is the new exploit for Nginx
which exercises the vulnerability described by CVE-2013-2028
. The
Metasploit module was written by Metasploit community contributors hal and
saelo, and exploits Greg McManus's bug across a bunch of versions on a few
pre-compiled Linux targets. We don't often come across remote, server-side stack
buffer overflows in popul
3 min
Authentication
John the Ripper 1.8.0
Hi,
Concluding phase one of the Magnificent7 project, I've released John the Ripper
1.8.0 today. This version
number reflects that we view this as a major release, considering that version
1.7 came out in early 2006 - more than 7 years ago - and there have been only
(many) minor releases during those years (the latest of them being 1.7.9).
Curiously, it's also been a little over 7 years between versions 1.6 (late 1998)
and 1.7, so it was t
1 min
SecurityStreet Talks - Houston
Join UHY Advisors and Rapid7 for an afternoon of learning, networking and
discussion with your peers from the Houston security community.
Presenters include Zate Berg, Internal Security Manager at Rapid7, Chris Ward
with Vinson & Elkins LLP, Security Evangelist's Quincy Jackson and Kenneth
Sayles, and more. The afternoon will consist of short, 30-45 minute
presentations focused on hacking industrial control systems, building risk
management methodologies, security philosophy and information sec
2 min
IT Ops
Heroku Account Consolidation-Single View of all your Logs
If you host multiple apps on Heroku, you know the pain of having to log in to a
separate add-on account for each of your Heroku apps. Whether you’re monitoring
several different production applications, have separate apps for your
production, staging, and test environments, or are a consultant in charge of
administering separate applications for each of your clients you know how
irritating it can be to constantly have to switch between accounts.
This is particularly annoying when you’re trying
3 min
Metasploit
Weekly Update: 4.6.1, ColdFusion Exploit, and SVN Lockdown
Metasploit 4.6.1 Released
This week's update bumps the patch version of Metasploit to 4.6.1 (for installed
versions of Metasploit). The major change here is the ability to install
Metasploit on Windows 8 and Windows Server 2012. That meant we had to fiddle
with the installer and a few of Metasploit Pro's dependencies to get that all
working correctly, and that led to skipping last week's release so we could be
sure all the moving parts lined up correctly.
This release also fixes a few minor iss
3 min
Metasploit
Git Clone Metasploit; Don't SVN Checkout
TL;DR: Please stop using SVN with
svn co https://www.metasploit.com/svn/framework3/trunk
and start using the GitHub repo with
git clone git://github.com/rapid7/metasploit-framework
As of today, a few of you may notice that an attempt to update Metasploit
Framework over SVN (instead of git or msfupdate) results in an authentication
request. If you try to SVN checkout on Windows, using TortoiseSVN, you will see
a pop up much like this:
For command line people, if you try to 'svn co' or 'svn
2 min
Nexpose
Nexpose 5.6 - Top Remediation Reports - Reports that provide the biggest bang for your buck
Nexpose 5.6, in case you haven't heard, added the Top Remediation report
templates. Why is this a game changer??? Because now you can view security from
an actionable lens that focuses and expands to fit your needs. The report
orders the remediations according to their effect on your organization, rolling
up solutions across assets and allowing you to take the most impactful steps
available. What does this mean for you? Well instead of asking "what is wrong",
you can now ask "what should I do".
2 min
May 2013 - Patch Tuesday, the "yet another IE 0-day edition"
Going into this patch Tuesday the big question was: will MS13-038 address the “
Department of Labor IE 0-day (CVE-2013-1347)
”?
Microsoft had hinted strongly that a patch was on the way, with the unspoken
caveat that there is always a risk of a it getting pulled at the last minute for
quality issues. As it turns out, MS13-038 is what was expected and should
address the “Department of Labor IE 0-day,” which is great. So hooray f
4 min
Vaccinating systems against VM-aware malware
The neverending fight with malware forced researchers and security firms to
develop tools and automated systems to facilitate the unmanageable amount of
work they've been facing when dissecting malicious artifacts: from debuggers,
monitoring tools to virtualized systems and sandboxes.
On the other side, malware authors quickly picked them up as easy indicators of
anomalies from their target victims' systems.
This has initiated a still ongoing arms race between malware writers and malware
analy
1 min
IT Ops
Switching between UTC and local time
All Logentries servers are configured for the UTC timezone. We use this as the
default timezone for all internal data including customer’s logs. However, at
the browser UI level we detect a user’s local timezone and present all dates in
a more human friendly way, i.e. in the local time.
We now allow users to change their time zone to UTC. This can be very handy when
you manage systems in multiple regions or have a distributed development team
where you want to have a common timezone that you ca
1 min
Metasploit
Metasploit's 10th Anniversary: Laptop Decal Design Competition
When I wrote up the Metasploit Hits 1000 Exploits post back in December, I had
to perform a little open source forensic work to get something resembling an
accurate history of the Metasploit project -- after all, it's difficult for me
to remember a time on the Internet without Metasploit. I traced the first
mention of 1.0 back to this mailing list post
in 2003. You know what that
means, right? This year marks the 10th year of the Metasploit Fr
4 min
Apple
Abusing Safari's webarchive file format
tldr: For now, don't open .webarchive files, and check the Metasploit module,
Apple Safari .webarchive File Format UXSS
Safari's webarchive format saves all the resources in a web page - images,
scripts, stylesheets - into a single file. A flaw exists in the security model
behind webarchives that allows us to execute script in the context of any domain
(a Universal Cross-site S
5 min
Release Notes
Simplify Vulnerability Management with Nexpose 5.6
We are pleased to announce the next major release of Nexpose, version 5.6. This
release focuses on providing you the most impactful remediation steps to reduce
risk to your organization and extends our current configuration assessment
functionality.
New Look and Feel
The most visible change in Nexpose 5.6 is the new look and feel of the user
interface. The action header is now smaller to maximize screen space and
usability, and the new colour scheme makes it easier to focus on important areas
3 min
Microsoft
Microsoft EMET 4.0 might be the best enterprise security tool you're not using yet
Cross-posted from dangerous.net
Last week Microsoft announced
their 4.0 beta release of EMET (Enhanced Mitigation Experience Toolkit). If you
are responsible for securing Windows systems, you should definitely be looking
at this free tool if you haven't already.
EMET is a toolkit provided by Microsoft to configure security controls on
Wi
4 min
Metasploit
How To Do Internal Security Audits Remotely To Reduce Travel Costs
An internal penetration tests simulates an attack on the network from inside the
network. It typically simulates a rogue employee with user-level credentials or
a person with physical access to the network, such as cleaning staff, trying to
access resources on the network they're not authorized for.
Internal penetration tests typically require the auditor to be physically
present in the location. If you are working as a consultant, then conducting
internal penetration tests can mean a lot of