CySecurity News - Latest Information Security and Hacking Incidents: Security Tools

Cloud Network Cyber Security Encryption Tools infosec Security Tools

To Reliably Govern Multi-Cloud Workloads, IT Leaders Demand Better Security Insights

Gigamon has revealed the results of a Pulse. qa poll of IT and InfoSec experts to identify hurdles in progressing current multi-cloud plans.

According to a recent Pew Research poll, 64 percent of Americans prefer to work in either an entirely remote or hybrid environment, pushing organizations to deal with the growing complexity of transferring and expanding workloads in the cloud. As a result, respondents to the Pulse.qa poll rank transparency over cloud data-in-motion as the most important security element globally.

"Deep observability across hybrid and multi-cloud setups are required for every firm to stay competitive in a world of enhanced security risk and IT complexity. While each company's journey to service and infrastructure modernization is unique, bridging this visibility gap is critical to safeguarding and optimizing the network in order to provide a superior user experience." Gigamon's VP of brand and technical marketing, Bassam Khan, explained.

Multi-cloud methods' challenges

The successful administration of multi-cloud infrastructures is being hampered by increasing complexity and cost — 99 percent of respondents said the team lacked or violated an app service-level agreement (SLA) owing to challenges caused by an overly complicated cloud infrastructure.
Attempts by tech executives to transfer and boost workloads in the cloud are being hampered by rising costs and complexity – High cloud expenses, according to 67 percent of respondents, are hindering the firms' ability to transfer applications and workloads as quickly as they need; 96 percent said connectivity bottlenecks or complex cloud troubleshooting attempts hold down migration efforts.
The expense and complexities of cloud infrastructure deplete resources for other ventures and apps, frustrating already overworked IT employees — IT employee irritation was a close second (51%) to a lack of budget (61%) for critical applications.

82 percent of IT and InfoSec leaders favor best-of-breed third-party security tools over cloud platform provider technologies to overcome these cloud migration bottlenecks and issues. Furthermore, the percent prefers a single point of visibility across the whole environment to a compartmentalized approach to cloud problems.

In a comparable pattern, multi-cloud is utilized. It gives organizations more ways to take advantage of the cloud's benefits. In response to demand, multi-cloud is certainly one of the most popular techniques.

Google’s security tools can shield from cyber-attacks



 

Computer Security Cyber Security Tool Cyberattack Google Google Security Tools Security Tools

Google’s security tools can shield from cyber-attacks

Google has long been asking users to enable its security tools for shielding all its services - from Gmail to Google Photos - from hacking attempts.

The search giant has been pretty vocal about the importance of these features, but now, instead of urging users, it has released hard stats revealing how useful these capabilities can really be.

Let's take a look.

Advantage

Adding phone number can fend off bot-based attacks.

Researchers from New York University and the University of California, San Diego partnered with Google to assess at the impact of its security tools in preventing hijack attempts.

The results, presented recently at The Web Conference, revealed that simply adding a recovery phone number to Google account helped block a 100% bot-based attacks, 99% of automated phishing attacks, and 66% of targeted attacks.

Protection

Two-factor authentication offers highest security.

Google has been saying this for years and the stats prove it - two-step verification is the securest offering right now.

The studies reveal that using phone number-based 2SV (SMS verification) blocked 100% of automated bots, 96% of bulk phishing attacks, and 76% of targeted attacks.

Meanwhile, on-device prompts prevented 100% of automated bots, 99% of bulk phishing attacks and 90% of targeted attacks.

Security key offers strongest shield.

Notably, among all two-step verification methods, using a physical security key proved to be the strong account shield. It blocked all kind of attacks with a 100% success rate.

Risk

Google also showed what happens when you don't use 2SV.

The same study also measured the effectiveness of default sign-in verification techniques, like last location signed-in or your secondary email.

These knowledge-based methods are used when the company detects a suspicious sign-in attempt, say from a new device/location, and you don't have a 2SV on.

The results showed these methods can block bot-based attacks but can fail miserably against phishing or targeted hijack.



 

Breaking News HconSTF Penetration Testing Security News Security Tools

HconSTF v0.5 codename 'Prime' Released

HconSTF is Open Source Penetration Testing Framework based on different browser technologies, Which helps any security professional to assists in the Penetration testing or vulnerability scanning assessments.

Hcon is very delighted to announce this, After around 14 months its released, HconSTF v0.5 codename 'Prime' is here

Noticeable things for this version :
Now its more enhanced for,

Web Penetration Testing
Web Exploits Development
Web Malware Analysis
Osint , Cyber Spying and Doxing !!
and moch more with lots of hidden features

so HconSTF v0.5 briefly,

based on Firefox 17.0.1
Designed in Process based methodology
Less in size (40mb packed-80mb extracted), consumes less memory
More than 165+ search plugins
New IDB 0.1 release integrated
underlined Logging for each and every request
more NEW scanners for DomXSS, Reflected XSS
New reporting features like note taking, url logging for easy report making
Smart searchbox - just select and it will copy it and just change search engine to search
Integrated Tor, AdvoR, I2p and more proxies
New Grease monkey scripts (18 scripts)

More details can be found here.

Download



 

BackBox Linux PenTesting Pentesting OS Security News Security Tools

Download BackBox Linux 3.01 -PenTesting Distro

The BackBox Team annnounced the updated release of BackBox Linux, the version 3.01. This release include features such as Linux Kernel 3.2 and Xfce 4.8.

BackBox is an Ubuntu based Linux distribution penetration test and security assessment oriented providing a network and informatic systems analysis toolkit. BackBox desktop environment includes a minimal yet complete set of tools required for ethical hacking and security testing.

What's new

New and updated hacking tools (ex. backfuzz, beef, bluediving, cvechecker, htexploit, metasploit, set, sqlmap, websploit, weevely, wpscan, zaproxy, etc.)
System improvements
Upstream components
Bug corrections
Performance boost
Improved auditing menu
Improved Wi-Fi dirvers (compat-wireless aircrack patched)

The ISO images (32bit & 64bit) can be downloaded from the following location:
http://www.backbox.org/downloads

Hook Analyser 2.2 Released , malware analyzer tool



 

IT Security News Malware Analyzers Security News Security Tools

Hook Analyser 2.2 Released , malware analyzer tool

Hook Analyser is a freeware project, started in 2011, to analyse an application during the run-time. The project can be potentially useful in analysing malwares (static and run time), and for performing application crash analysis.

Features:
1. Spawn and Hook to Application
This feature allows analyst to spawn an application, and hook into it

2. Hook to a specific running process
The option allows analyst to hook to a running (active) process.

3. Perform quick static malware analysis
This module is one of the most interesting and useful module of Hook Analyser, which performs scanning on PE or Widows executables to identify potential malware traces.

4. Application crash analysis
This module enables exploit researcher and/or application developer to analyse memory content when an application crashes.

Change log -

The UI and modules of the project have been re-written. The interactive mode is more verbose.
The (static) malware analysis module has been enhanced.
Bug fixes and other improvements.

Download it from here:
beenuarora.com/HookAnalyser2.2.zip

'Knight X Plus' - Cyber intelligence product from ClubHack2012



 

ClubHack ClubHack 2012 EHN Knight X Plus Security Tools

'Knight X Plus' - Cyber intelligence product from ClubHack2012

ClubHack Introducing 'Knight X Plus' - Cyber intelligence product which gives you Power of Queen & Knight in your cyber intelligence .

A big data based OSINT platform that harnesses the power of cloud, big data and highly scalable architecture to do proactive monitoring, analysis and automated response of live cyber threats and opportunities

Product Features:

Blazing Fast
Automated Information Retrieval
Knowledge Discovery
Cyber Media Monitoring
Geospatial Analysis
Analysis based on stats, time-series data, link analysis logic and more
Graphic Rich Visualizations for better understanding of the data
User Friendly UI
Drill Downs on almost anything

Platform Features:

Automated Alerts on Information / Knowledge Discovery
Pluggable approach to pour in any type of data
Unique Job Queue Management Design, built to scale in distributed processing
Post processing jobs can range from doing huge data crunching to “distributed ping” upto your imagination
Highly scalable, expand distributed engine in 10 minutes flat
Intelligent data storage for lightning fast retrieval

Further details can be found here:
http://knightxplus.com

Tools released at Defcon can crack widely used PPTP encryption in under a day



 

DefCon Hackers Conference Security Tools Software Release

Tools released at Defcon can crack widely used PPTP encryption in under a day

Security researchers released two tools at the Defcon security conference which can be used to crack the encryption of any PPTP (Point-to-Point Tunneling Protocol) as well as WPA2-Enterprise (Wireless Protected Access) sessions which use MS-CHAPv2 for authentication.

MS-CHAPv2 is an authentication protocol created by Microsoft and introduced in Windows NT 4.0 SP4. Despite its age, it is still used as the primary authentication mechanism by most PPTP virtual private network (VPN) clients.

ChapCrack can take captured network traffic that contains a MS-CHAPv2 network handshake (PPTP VPN or WPA2 Enterprise handshake) and reduce the handshake's security to a single DES (Data Encryption Standard) key.

This DES key can then be submitted to CloudCracker.com -- a commercial online password cracking service that runs on a special FPGA cracking box developed by David Hulton of Pico Computing -- where it will be decrypted in under a day.

The CloudCracker output can then be used with ChapCrack to decrypt an entire session captured with WireShark or other similar network sniffing tools.

PPTP is commonly used by small and medium-size businesses -- large corporations use other VPN technologies like those provided by Cisco -- and it's also widely used by personal VPN service providers, Marlinspike said.

The researcher gave the example of IPredator, a VPN service from the creators of The Pirate Bay, which is marketed as a solution to evade ISP tracking, but only supports PPTP.

Marlinspike's advice to businesses and VPN providers was to stop using PPTP and switch to other technologies like IPsec or OpenVPN. Companies with wireless network deployments that use WPA2 Enterprise security with MS-CHAPv2 authentication should also switch to an alternative.

Wireshark released version 1.8.1 and 1.6.9 to close critical vulnerability



 

Network Analyzer Softwares Security Tools Software Release

Wireshark released version 1.8.1 and 1.6.9 to close critical vulnerability

Wireshark Team have released versions 1.8.1 and 1.6.9 to close important vulnerabilities in their open source network protocol analyser.

The vulnerabilities are a problem in the Point-to-Point Protocol (PPP) dissector that leads to a crash and a bug in the Network File System (NFS) dissector that could result in excessive consumption of CPU resources; to take advantage of the holes, an attacker must inject a malformed packet onto the wire or convince a victim to read a malformed packet trace file.

Versions 1.4.0 to 1.4.13, 1.6.0 to 1.6.8 and 1.8.0 are affected; Users are advised to upgrade to 1.6.9 and 1.8.1 to fix the problem.

Wireshark 1.6.9 and 1.8.1 are available to download

MJP Security Plugin for WordPress Released



 

MJP Security Plugin for WordPress Released

MJP Security Tools is a plugin designed to fix a lot of WordPress security issues, as well as providing extra support.

Features:

* Scan the database for possible XSS issues.
* Limit login attempts to one per ten seconds per user.
* Check all file permissions.
* Check for presence of index.html files in all directories.
* Check if WordPress is up-to-date.
* Remove the version number from HTML source.
* Log all POST requests.
* Log all failed login attempts.
* Change the admin username.
* Randomize the database table prefix.
* Require stronger passwords.
* Detect SSH.

You can get it from here:
http://wordpress.org/extend/plugins/mjp-security-plugin/

fwknop: Single Packet Authorization and Port Knocking , Linux Firewall



 

fwknop: Single Packet Authorization and Port Knocking , Linux Firewall

CipherDyne released fwknop-2.0 ,fully written in C and functions on embedded systems, OpenBSD, and more.

fwknop stands for the "FireWall KNock OPerator", and implements an authorization scheme called Single Packet Authorization (SPA). This method of authorization is based around a default-drop packet filter (fwknop supports both iptables on Linux systems and ipfw on FreeBSD and Mac OS X systems) and libpcap. SPA is essentially next generation port knocking .

Download it from here:

http://www.cipherdyne.org/fwknop/

Twitter released Android SMS Encryption Tool "TextSecure"



 

Twitter released Android SMS Encryption Tool "TextSecure"

Twitter has released a tool "TextSecure " to encrypt the messages in Android mobiles before sending.

"We're excited to announce the open source release of TextSecure, our secure text messaging client for Android, which Twitter acquired when we joined their team last month.

We've always been interested in the ability for individuals and organizations to communicate freely and securely." Whisper Systems's development team.

TextSecure is a replacement for the standard text messaging application, allowing you to send and receive text messages as normal. Additionally, TextSecure provides:

Local Encryption -- All text messages, regardless of destination, that are sent or received with TextSecure are stored in an encrypted database on your phone.
Wire Encryption -- When communicating with a recipient who is also using TextSecure, text messages are encrypted during transmission.

It is open source software so everyone can contribute to the development. Those interested in the source can find it over on GitHub. There is also a mailing list for those who have questions, suggestions, or wish to get involved.



 

PuTTY version 0.62 is released

All the pre-built binaries, and the source code, are now available
from the PuTTY website at

http://www.chiark.greenend.org.uk/~sgtatham/putty/

PuTTY 0.62 is a bug-fix release: it contains fixes for eight bugs
present in 0.61, and otherwise the two versions do not differ. Most of
the changes in the current development snapshots are not included in
this code.

One of the bugs is a SECURITY FIX, so if it affects you, you should
update now:

- PuTTY 0.62 fixes a security issue present in 0.59, 0.60 and 0.61.
If you log in using SSH-2 keyboard-interactive authentication
(which is the usual method used by modern servers to request a
password), the password you type was accidentally kept in PuTTY's
memory for the rest of its run, where it could be retrieved by
other processes reading PuTTY's memory, or written out to swap
files or crash dumps.

source

OpenDNS released preview of DNSCrypt Tool which secures DNS Traffic



 

OpenDNS released preview of DNSCrypt Tool which secures DNS Traffic

OpenDNS released a preview of DNSCrypt Tool , a piece of lightweight software that everyone should use to boost online privacy and security. It works by encrypting all DNS traffic between the user and OpenDNS, preventing any spying, spoofing or man-in-the-middle attacks.

For now, DNSCyrpt supports only Mac platform.

DNSCrypt works like SSL in that it wraps all DNS traffic with encryption the same way SSL wraps all HTTP traffic, it's not the crypto library being used. We're using elliptical-curve cryptography, in particular the Curve25519 eliptical curve. The design goals are similar to those described in the DNSCurve forwarder design.

What about DNSSEC? Does this eliminate the need for DNSSEC?

No. DNSCrypt and DNSSEC are complementary. DNSSEC does a number of things. First, it provides authentication. (Is the DNS record I'm getting a response for coming from the owner of the domain name I'm asking about or has it been tampered with?) Second, DNSSEC provides a chain of trust to help establish confidence that the answers you're getting are verifiable. But unfortunately, DNSSEC doesn't actually provide encryption for DNS records, even those signed by DNSSEC. Even if everyone in the world used DNSSEC, the need to encrypt all DNS traffic would not go away. Moreover, DNSSEC today represents a near-zero percentage of overall domain names and an increasingly smaller percentage of DNS records each day as the Internet grows.

That said, DNSSEC and DNSCrypt can work perfectly together. They aren't conflicting in any way. Think of DNSCrypt as a wrapper around all DNS traffic and DNSSEC as a way of signing and providing validation for a subset of those records. There are benefits to DNSSEC that DNSCrypt isn't trying to address. In fact, we hope DNSSEC adoption grows so that people can have more confidence in the entire DNS infrastructure, not just the link between our customers and OpenDNS.

Download DNS Crypt

Naxsi 0.41 released -Open Source Web Application Firewall module for Nginx



 

Naxsi 0.41 released -Open Source Web Application Firewall module for Nginx

What is Naxsi?

Naxsi is an open source, high performance, low rules maintenance, Web Application Firewall module for Nginx, the infamous web server and reverse-proxy.

Its goal is to help people securing their web applications against attacks like SQL Injections, Cross Site Scripting, Cross Site Request Forgery, Local & Remote file inclusions.

The difference with most WAF (Web Application Firewalls) out there is that it does not rely upon signatures to detect and block attacks. It uses a simpler model where, instead of trying to detect "known" attacks, it detects unexpected characters in the HTTP requests/arguments.

Each kind of unusual character will increase the score of the request. If the request reaches a score considered "too high", the request will be denied, and the user will be redirected to a "forbidden" page. Yes, it works somewhat like a spam system.

Changelog:

- Feature: added support for FILE_EXT. We can now control file uploads
names/extensions as well.
- Added a rule for FILE_EXT into naxsi_core.rules
- Added unit testing for FILE_EXT feature
- Fixed erroneous log messages
- Fixed an error on whitelist of types $URL:xxx|URL

Download it from here:

http://code.google.com/p/naxsi/downloads/list

VanishCrypt -Virtual Encryption Tool Developed by SecurityLabs



 

Encryption Tools Security Tools Software Release

VanishCrypt -Virtual Encryption Tool Developed by SecurityLabs

SecurityLabs released VanishCrypt as a freeware,a Virtual Encryption Tool that used to lock your Confidential Data in Virtual Disk(like TrueCrypt). The Developer said it is completely inaccessible without correct password. This application stores the files with strong CryptoAPI.

It supports the following Operating System:
Win9x, WinNT, Win2000, WinXP, WinVista and Win7 and Linux under wine.

Additional Features:

It have "Advanced Mode" with you can create a real virtual drive accessible in Explorer that contains your files stored in the vdisk image.
It uses Win32 API for I/O operations for a great speed improvements

Download from here.

Video Demo:

HFOX Security Testing Framework(HSTF) 0.1 Beta released by Hcon



 

PenTesting Tools Security Tools Software Release

HFOX Security Testing Framework(HSTF) 0.1 Beta released by Hcon

HFOX Security Testing Framework(HSTF) 0.1 Beta released by Hcon. This is chromium Based Penetration Testing tool.

Specification :

Based on Chromium Source (iron build) version 14
more secure and Tracking free from Google & Stable then other Chromium based builds
Over 100 tools integration with very easy use interface
Tested and heavily modified tools suggestions contributed by professional pentesters , web developers , Security
Free and open source
Totally Portable (no need to install) , you can carry it around in your usb , memory card etc.
Runs on all windows including windows - XP , VISTA , 7

Project Homepage:
http://www.hcon.in

Your Browser Matters ~Website to Rate the Browser Security , Microsoft



 

internet Security Security News Security Tools Software Release

Your Browser Matters ~Website to Rate the Browser Security , Microsoft

Microsoft launched a website named as Your Browser Matters for checking the security of your browser. Whenever a visitor browse the site, It judge the browser security and return the score out of Four points. The score is based on the protection over the Security risks such as phishing,malware and some other threats.

Looks like Microsoft launched this web application in order to create public awareness about the browser and Internet risks.

Score Results in Different Browsers:

When i visit that site through my Firefox 6, it displayed 2 out of 4. For google chrome it shows 2.5 out of 4. I come to know that IE9 have 4 out of 4 score(i never used it). For IE7 , it is 1 out of 4. It refused to rate safari browser.

How the Grading System works?

Your Browser Matters rate the browser based on the following factors:

#.Protection Against Malware/Virus Downloads(1 Point):

Internet browser must give protection against the Malware/Virus Downloads by restricting malware distributing websites. Microsoft developed IE9(Internet Explorer 9) with this protection. IE9 scored 1 point here. But Mozilla and Chrome scored 0.

#.Blocking Phishing Sites(1 Point):
It should detect the Phishing sites and provide protection against them. IE9 scored 1, Firefox=1,Chrome=1

#. Protection Against Browser Attack(1 point):
Securing Extensions and an Effective Sandbox; also includes points for auto-updating, and a restriction for extensions and plugins. IE 9 = 1 point, Firefox = 0.5, Chrome = 1.

#. Protection Against Website Attack:

There are a lot of options here including blocking insecure content on webpages (which is kind of more annoying than what it’s worth, in my view), sanitizing HTML, and protecting against “Clickjacking.” IE 9 = 1 point, Firefox = 0.5, Chrome = 0.5.

So the total score for Firefox=2 ,Chrome=2.5 ,IE9=4.

Tweaking.com - Windows Repair (All in One) v1.4.0 Released



 

Tweaking.com - Windows Repair (All in One) v1.4.0 Released

Windows Repair is an all-in-one repair tool to help fix a large
majority of known Windows problems including registry errors and file
permissions as well as issues with Internet Explorer, Windows Update, Windows
Firewall and more. Malware and installed programs can modify your default settings.
With Tweaking.com - Windows Repair you can restore Windows original settings.

Tweaking.com - Windows Repair (All in One) v1.4.0

Download

v1.4.0
Removed the custom buttons from the program. It was causing the program to crash on some systems. Program is meant to repair, not look pretty, so ugly standard safe buttons it is :-)
Add new repair "Repair Windows Sidebar/Gadgets"
Changed the window size of the repair window, making it smaller and easier to fit on screen for smaller resolutions.
More code tweaks.

Malware Analyzer v3.3 Released ~Security Tools



 