What's New | Cenzic Security Blog

Reminder: OWASP AppSec USA Annual Conference Sep 9-10

Tue, 31 Aug 2010 17:28:25 -0400

Sep 9-10 marks the annual OWASP AppSec USA event in Irvine, CA

Be sure to attend this year’s annual OWASP AppSec USA Conference next week on Sep 9-10 in Irvine, CA.

In addition to the sand and palm trees, attend the latest presentations on application security from security experts representing companies like Adobe, Mozilla, and Boeing.

One presentation we’d like to highlight:

“Session Management Security Tips & Tricks”
by
Lars Ewe, Cenzic CTO
September 10 at 11:15 – Noon
Pacific Ballroom
UC Irvine Conference Center
Irvine, CA

We’ll see you in sunny California!

by
Erin Swanson, Marketing
Eswanson@cenzic.com

Hack Highlight: BP Websites Defaced via XSS Vulnerability

Mon, 30 Aug 2010 14:10:51 -0400

BP online presence defaced via Cross Site Scripting (XSS) Vulnerability by hacking community

BP continues to be the subject of criticism following the Deepwater Horizon oil spill, as the hacking community is taking umbrage to some of BP’s recent public relations activities in the online arena, such as a recent website defacement via Cross-Site Scripting (XSS).

Specifically, reactions to BP’s having bought the sponsored link for the search term ‘oil spill’ seems to have triggered resentment in the form of both reconnaissance work, a Twitter account compromise, and an amusing cross site scripting vulnerability.

According to the article, the XSS ought to be corrected, and dual factor authentication on VPN’s is kind of a must have at this point. And BP should also undertake a security audit of their perimeter, web properties, online services used, and security policies.

by
Erin Swanson, Marketing
Eswanson@cenzic.com

Cenzic Detects a PHP Buffer Overflow Vulnerability

Fri, 27 Aug 2010 15:35:06 -0400

Weekly product update – Cenzic detects a PHP Buffer Overflow Vulnerability

As of August 27, 2010 Cenzic now detects a PHP 'ibase_gen_id()' Function off-by-one Buffer Overflow Vulnerability (BugtraqID 42516). PHP is prone to an off-by-one buffer-overflow vulnerability because it fails to perform boundary checks before copying user-supplied data to insufficiently sized memory buffers. A hacker can exploit this issue to execute arbitrary machine code in the context of the PHP process. Failed exploit attempts will likely crash the web server, denying service to legitimate users. PHP 5.3.3 is vulnerable; other versions may also be affected.

Background on Cenzic’s SmartAttacks
Every week, Cenzic’s suite of products is updated with the latest vulnerabilities (custom, commercial, and open-source) to better detect "holes" in Web applications. These Web application vulnerabilities include (but not limited to) cross site scripting, buffer overflow, path or directory traversal, SQL injection, HTTP response splitting, and other workflow types.

by
Erin Swanson
Eswanson@cenzic.com

Hack Highlight: Twitter XSS Vulnerability Possibly Exploited by Turkish Hackers

Mon, 23 Aug 2010 19:55:13 -0400

Cross Site Scripting (XSS) Vulnerability on Twitter exploited by Turkish Hackers

As part of our blog series on highlighting specific website attacks occurring in the real world, we’d like to highlight the popular vulnerability that hackers love to exploit: Cross-Site Scripting (XSS).

Back in June 2010, a persistent Cross-Site Scripting Vulnerability (XSS) on Twitter’s website was exploited by Turkish hackers to post a rogue status, “Hacked by Turkish Hackers”.

Twitter quickly fixed the vulnerability, but continues to suffer from bad press about a variety of hacks on their popular social network site.

by
Mandeep Khera, CMO
Mandeep@cenzic.com

Cenzic Detects a Sun Java System Denial of Service Vulnerability

Fri, 20 Aug 2010 15:32:42 -0400

Weekly product update – Cenzic detects a Sun Java System Denial of Service Vulnerability

As of August 20, 2010 Cenzic now detects a Sun Java System Web Server Admin Interface Denial of Service Vulnerability (BugtraqID 41389). Sun Java System Web Server is prone to a denial-of-service vulnerability. An attacker can exploit this issue to crash the affected application, denying service to legitimate users. Sun Java System Web Server 7.0 Update 7 is affected; other versions may also be vulnerable.

by
Erin Swanson
Eswanson@cenzic.com

Hack Highlight: Session Management Vulnerability Exploited to Gain iPad User Information

Thu, 19 Aug 2010 19:59:44 -0400

Hackers exploited a Session Management Vulnerability in the AT&T’s network to gain iPad User information

As part of our blog series on highlighting specific website attacks occurring in the real world, we’d be amiss if we didn’t mention the session management vulnerability that was exploited to gain iPad user information back in June 2010.

A security flaw in AT&T's network exposed the e-mail addresses of more than 100,000 owners of Apple's 3G iPad. The security hole was uncovered by Goatse Security, a group known among security experts as hackers who enjoy pulling Web pranks. The group exploited a session prediction vulnerability which allowed the hackers to write a script to predict the iPad owners' unique identification numbers to obtain their e-mail addresses.

The list of exposed owners included New York Mayor Michael Bloomberg, White House Chief of Staff Rahm Emanuel and other powerful figures in finance, media and politics.

by
Mandeep Khera, CMO
Mandeep@cenzic.com

Most Dangerous Internet Search? Cameron Diaz.

Thu, 19 Aug 2010 14:49:27 -0400

Searching on the web for Cameron Diaz is risky business

Move over Jessica Biel, Cameron Diaz just made the number one spot for most risky Internet search. Searches related to Diaz are more likely to bring up sites linked to dangerous malware and spyware.

It’s the fastest and easiest ways to get you

By clicking on strange sites, it’s the fastest and easiest way to get your computer infected with malware. Once a computer is infected, cyber criminals can steal victim’s sensitive information such as banking passwords, social security numbers, etc.

Consider yourself warned ;-)

by
Erin Swanson, Marketing
Eswanson@cenzic.com

John Weinschenk, CEO of Cenzic Featured on Application Security MythBusters Series

Mon, 16 Aug 2010 16:06:52 -0400

Watch this video on application security MythBusters featuring Cenzic CEO, John Weinschenk

As part of its Application Security MythBusters series, Cenzic interviewed John Weinschenk, President and CEO of Cenzic.

When Cenzic’s Chief Marketing Officer, Mandeep Khera, asks John about the state of Web application security, he answers that despite the plethora of hacking going on, people are still in denial about their websites not being secure. Mr. Weinschenk believes that other security solutions like SSL have a place, but they won’t protect sensitive data.

Watch the 4 minute video today!

If you have any other questions or topic suggestions about the latest myths out there, send an email to: MythBusters@cenzic.com

by
Erin Swanson, Marketing
Eswanson@cenzic.com

Cenzic Adds New SmartAttack to Its Attack Library: Unrestricted File Upload

Fri, 13 Aug 2010 14:22:36 -0400

Weekly product update – Cenzic adds 107th SmartAttack: Unrestricted File Upload

As of August 13, 2010 Cenzic created a brand new SmartAttack, Unrestricted File Upload, bringing the total attack category library to 107. The new SmartAttack checks various flaws present in the "file upload" functionality. Presence of these flaws may result in various attacks like Cross-Site Scripting, Malware hosting, etc.

Along in this weekly product update, Cenzic can also detect PHP Multiple Vulnerabilities like Remote Code Execution, Unauthorized Access Attacks (BugtraqID 41991). PHP is prone to multiple security vulnerabilities that an attacker can exploit to execute arbitrary code, crash the affected application, gain access to sensitive information, and bypass security restrictions. Other attacks are also possible. Versions PHP 5.3 (Prior to 5.3.3) and PHP 5.2 (Prior to 5.2.14) are affected.

by
Erin Swanson
Eswanson@cenzic.com

Hack Highlight: Hackers Exploit SQL Vulnerability on Thousands of Websites

Thu, 12 Aug 2010 19:54:53 -0400

Back in June 2010 hackers exploited a SQL vulnerability on thousands of websites

This post will be the first among many where we’ll highlight specific website attacks occurring in the real world. In June 2010, hackers exploited a SQL vulnerability on more than 100,000 webpages, including victims as diverse as The Wall Street Journal, TomTom, and the UK's Strathclyde police were hit by an attack that redirected visitors to a website that attempted to install malware on their machines.

The sites were infected using SQL injection exploits, which allow attackers to tamper with a server's database by typing commands into user-input fields. The hackers used the exploit to plant iframes in the compromised sites that redirected visitors to robint.us. Malicious JavaScript on that site attempted to infect end users with malware dubbed Mal/Behav-290.

by
Mandeep Khera, CMO
Mandeep@cenzic.com

PCI Compliance Standard: No New Updates

Thu, 12 Aug 2010 14:00:14 -0400

No new requirements proposed in v 2.0 of the PCI compliance security standard

The long-anticipated new version of the PCI Compliance Data Security Standard includes no new requirements - just clarifications and new guidance on existing components.

A more detailed summary of the proposed versions 2.0 of PCI DSS and PA DSS will be released in September, prior to the council's community meetings. The final version of the amended standards is expected to be released in October, and go into effect on January 11, 2011.

by
Erin Swanson
Eswanson@cenzic.com

Chenxi Wang from Forrester Research Featured on Application Security MythBusters Series

Wed, 11 Aug 2010 21:26:45 -0400

Watch this video on application security MythBusters featuring Chenxi Wang of Forrester Research

As part of its Application Security MythBusters series, Cenzic interviewed Chenxi Wang, Ph.D., Principal Analyst at Forrester Research.

When Cenzic’s Chief Marketing Officer, Mandeep Khera, asks Dr. Wang on her perspective about the state of Web application security, she answers in one word: abysmal. According to this analyst, very few people even realize the dangers of working with so many unprotected web applications.

And as far as PCI compliance goes, Chenxi agrees that the regulation is a great step forward towards a more secure Internet but on the flip side, it enables people to have a “check box” mentality. She suggests that every company should be continuously auditing their applications and going deeper than the basic PCI compliance tests.

And like other speakers on this video series, Dr. Wang believes more secure code training is needed in order to solve the problem at its root. In the meantime, companies must spend money on fixing their applications.

Watch the 8 minute video today!

If you have any other questions or topic suggestions about the latest myths out there, send an email to: MythBusters@cenzic.com

by
Erin Swanson, Marketing
Eswanson@cenzic.com

Cenzic Detects an Apache Information Disclosure Vulnerability & Updates 1 SmartAttack™

Fri, 06 Aug 2010 17:55:10 -0400

Weekly product update: Cenzic detects an Apache Information Disclosure Vulnerability & updates 1 SmartAttack™

As of August 6, 2010 Cenzic now detects an Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability (BugtraqID 42102). Attackers can leverage this issue to gain access to sensitive information that can aid in further attacks. Apache 2.2.9 on Unix is vulnerable.

We also enhanced our Session ID in URL SmartAttack so it can detect session ids that are stored in unconventional ways (e.g. in a URL path parameter). This enhancement enables the SmartAttack to perform more accurately.

by
Erin Swanson
Eswanson@cenzic.com

OWASP AppSec USA Annual Conference in Irvine, CA

Thu, 05 Aug 2010 21:36:22 -0400

Attend this legendary OWASP AppSec USA event in Irvine, CA

This year’s annual OWASP AppSec USA Conference is being held on the West coast for a change – it will be a great time of year to visit southern California.

So while you’re getting your fill of sun and palm trees, attend the latest talks on application security from security experts from Adobe, Mozilla, and Boeing.

One presentation we’d like to highlight:

Session Management Security Tips & Tricks
by
Lars Ewe, Cenzic CTO
September 10 at 11:15 – Noon
Pacific Ballroom
UC Irvine Conference Center
Irvine, CA

We look forward to seeing you in sunny California!

by
Erin Swanson, Marketing
Eswanson@cenzic.com

What's New | Cenzic Security Blog

Reminder: OWASP AppSec USA Annual Conference Sep 9-10

See Also

Hack Highlight: BP Websites Defaced via XSS Vulnerability

See Also

Cenzic Detects a PHP Buffer Overflow Vulnerability

See Also

Hack Highlight: Twitter XSS Vulnerability Possibly Exploited by Turkish Hackers

See Also

Cenzic Detects a Sun Java System Denial of Service Vulnerability

See Also

Hack Highlight: Session Management Vulnerability Exploited to Gain iPad User Information

See Also

Most Dangerous Internet Search? Cameron Diaz.

See Also

John Weinschenk, CEO of Cenzic Featured on Application Security MythBusters Series

See Also

Cenzic Adds New SmartAttack to Its Attack Library: Unrestricted File Upload

See Also

Hack Highlight: Hackers Exploit SQL Vulnerability on Thousands of Websites

See Also

PCI Compliance Standard: No New Updates

See Also

Chenxi Wang from Forrester Research Featured on Application Security MythBusters Series

See Also

Cenzic Detects an Apache Information Disclosure Vulnerability & Updates 1 SmartAttack™

See Also

OWASP AppSec USA Annual Conference in Irvine, CA

See Also