[SecurityRatty] tag: cult

Microsoft Fixes 8-year Old Design Flaw in SMB

Wed, 12 Nov 2008 18:11:12 +0000

With regard to the recent Patch Tuesday fix, there has been an issue fixed regarding NTLM Relaying, that has been around for more than eight years.

In 2000, I wrote an advisory about NTLM relaying (CVE-2000-0834). The problem turned out to be significantly larger than I originally suggested in the advisory. The attack extended to other NTLM-based authentications on other protocols and allowed general-purpose credential theft via a man-in-the-middle attack.

The SMBRelay tool was published in 2001 by Sir Dystic of Cult Of The Dead Cow, and that really took it to the next level. The protocol completely fell apart. It kicked off a number of other analyses of the NTLM protocol that finally resulted in this patch. Eight years after it’s discovery.

At least they got around to it. Thanks!

Opera Browser Integrates Malware Protection

Sun, 08 Jun 2008 10:27:05 +0000

Opera, arguably one of the fastest rendering browsers available, is stepping up on security. With their version 9.5 release they are adding in malware protection courtesy of a deal that was struck with Haute Secure.

From Tech Crunch:

Haute Secure makes software that aggressively monitors and alerts users to malware sites. Besides the version that is being integrated into Opera, Haute is also available as a free plugin for Internet Explorer and Firefox. It differentiates itself from other blocking software by analyzing sites on the link level instead of at the domain level. This means that on very large sites like MySpace that contain a combination of legitimate material along with more sinister profiles, pages will be blocked on a case by case basis instead of simply banning the entire MySpace site.

Opera, while not nearly as popular as Internet Explorer or Firefox, has managed to gain something of a cult following since its original launch in 1996.

Nice upgrade for the little browser that ~~could~~ can. If you haven’t tried it give Opera a test drive. I use it as one of my 3 regular browsers.

Article Link

Google Vulnerability Scanner

Tue, 04 Mar 2008 09:12:22 +0000

We've all known for years that you can use Google to scan for vulnerabilities. Well, now the process has been automated.

Presenting: Goolag Scanner from the Cult of the Dead Cow.

I've seen a lot of pre-release scanning results from these guys, and it's pretty amazing what they've found.

Hacker group releases automated 'Google hacking' tool

Fri, 22 Feb 2008 11:00:00 +0000

The Cult of the Dead Cow hacker group has released an open-source tool that can use a collection of specially crafted Google search terms to scan Web sites for security vulnerabilities.

Hackers turn Google into vulnerability scanner

Thu, 21 Feb 2008 21:00:00 +0000

The hacking group Cult of the Dead Cow (CDC) this week released a tool that turns Google into an automated vulnerability scanner, scouring Web sites for sensitive information such as passwords or server vulnerabilities.

Hear the latest on WAN application performance	Advertisement
Give us 5 minutes to show how we can address your toughest challenges & Get $25 Coffee Gift Card!

Goolag makes Google Hacking a snap

Thu, 21 Feb 2008 21:00:00 +0000

The hacking group Cult of the Dead Cow has released a tool that should make Google hacking a little easier for novices.