I recently put together a guide for tackling and analyzing malware, click read more below to check it out.

While studying for the win7 exam (70-680) I stumbled upon rather simple way to implement desktop imaging without investing in external tools such as Ghost or Acronis. Although, due to the numerous errors and omissions from all sources I researched, I found no single reference that contained the information needed to generate and apply a working image without error. I’m therefore puting together the following how-to as a complete reference. Click read more to see the how-to. Questions/Comments can be directed to (opticfiber at topsight.net).

"Process Memory Dumper (PMD) is an application that allows you to dump the entire memory of the chosen process. NOTE: this is NOT a PE Dumper. PMD dumps the ENTIRE memory space of the process. We believe that this tool could help in Forensics and Credentials Disclosure Research."

More info and download here:

www.evilfingers.com

Security researchers Alexander Sotirov, Marc Stevens, Jacob Appelbaum, Arjen Lenstra, David Molnar, Dag Arne Osvik, and Benne de Weger have identified a vulnerability in the Internet Public Key Infrastructure that allows them to create rouge CA's (basicly makes all PKI based SSL useless).

"Our attack takes advantage of a weakness in the MD5 cryptographic hash function that allows the construction of different messages with the same MD5 hash. This is known as an MD5 "collision". Previous work on MD5 collisions between 2004 and 2007 showed that the use of this hash function in digital signatures can lead to theoretical attack scenarios. Our current work proves that at least one attack scenario can be exploited in practice, thus exposing the security infrastructure of the web to realistic threats."

To read the full article see: www.win.tue.nl/

Today Vietnamese security research and Anti virus company BKIS announced a vulnerability in the proprietary facial recognition authentication systems included with most laptops. Le Nhat Minh, Nguyen Minh Duc, Bui Quang Minh, Le Minh Hung found that by using not so special printed photographs of the target users, certain facial systems simply recognized the photographs as the actual user allowing successful authentication.

One could infer that most systems are vulnerable to this vulnerability due to the two dimensional nature of these systems. For more information and video demo see the below link.

Video: http://security.bkis.vn/Proof-of-concept/Face_Recognition/FaceRecognitionBypassing_DemoVideo.wmv

Announcement: http://security.bkis.vn/?p=292

irongeek.com has once again done a fantastic job of putting together an in depth video demo, this time focusing on wireshark. If your new to wireshark, or just need a refresher on how to use and create filters, this video is very helpful.

Check it out at irongeek.com

Robert VandenBrink has publish a paper on SANS detailing how to get a complete port scanner up and running via TCL on cisco IOS.

"This paper describes IOSmap, a port scanning tool implemented on Cisco IOS using the native TCL (Tool
Command Language) scripting language on that platform. The business requirement for this tool,
implementation considerations and challenges, and design choices are discussed."

See more here: www.sans.org

Reading Gizmodo's mobile web round up and I just had to laugh at this:

"Internet Explorer on Windows Mobile
Jesus Christ. This is a joke, right Microsoft? Hahaha. No really, this is the worst smartphone browser on the planet. It couldn't render its way out of an ASCII-art paper bag. It totally screwed up every single test page, except for Wikipedia, which it only mostly screwed up. Good luck navigating a page if you're granted the miraculous occurrence of it being rendered in a state that's usable. Grade: F-"

See the whole article here: http://gizmodo.com/5090988/mobile-browser-battlemodo-which-phones-deliver-the-real-web