http://www.secuobs.com Observatoire de la securite Internet fr webmaster@secuobs.com 2012-11-26 15:04:56 - Billy BK Rios : In July of this year, I wrote about some of the frustrations I encountered when working with Tridium and trying to get them to fix various issues with their Niagara framework The Niagara framework is the most prevalent Industrial Control System ICS in the world it links together various ICS technologies and protocols Looking at http://www.secuobs.com/revue/news/413429.shtmlhttp://www.secuobs.com/revue/news/413429.shtml Secuobs.com : 2012-10-11 21:41:39 - Billy BK Rios - A few years ago, I discovered a peculiar design decision described in the PDF specification This design flaw allows for an attacker to conduct XSS attacks against some websites that would not normally have XSS vulnerabilities I reported this issue to Adobe in late 2009 Apparently, there are some challenging back-compat issues which make changing http://www.secuobs.com/revue/news/405127.shtmlhttp://www.secuobs.com/revue/news/405127.shtml Secuobs.com : 2012-07-13 03:29:51 - Billy BK Rios - We are happy to see Robert O Harrrow is shining a light on the vulnerabilities associated with Industrial Control Systems ICS The ICS software community is light years behind modern software security Sadly, we can honestly say that the security of iTunes is more robust than most ICS software Terry and I plan on releasing some http://www.secuobs.com/revue/news/387023.shtmlhttp://www.secuobs.com/revue/news/387023.shtml Secuobs.com : 2011-12-21 02:59:07 - Billy BK Rios - I have been working with ICS-CERT and various vendors over the last year, finding bugs and responsibility reporting nearly 1000 bugs all for free and in my spare time Overall, its been a great experience Most of the vendors have been great to work with and ICS-CERT has done a great job managing all the http://www.secuobs.com/revue/news/348328.shtmlhttp://www.secuobs.com/revue/news/348328.shtml Secuobs.com : 2011-06-11 01:05:41 - Billy BK Rios - I m posting some of the research I ve been working on over the last few months I planned on submitting some of this research to the Blackhat DEFCON CFP, but it looks like I ll be tied up for most of the summer and I won t be able to make it out to Vegas for BH or DEFCON http://www.secuobs.com/revue/news/310557.shtmlhttp://www.secuobs.com/revue/news/310557.shtml Secuobs.com : 2011-01-04 14:13:58 - Billy BK Rios - A few weeks ago, I posted a description of a set of bugs that could be chained together to do bad things In the PoC I provided, a SWF file reads an arbitrary file from the victim s local file system and passes the stolen content to an attacker s server One of the readers PZ had http://www.secuobs.com/revue/news/275660.shtmlhttp://www.secuobs.com/revue/news/275660.shtml Secuobs.com : 2010-12-22 22:10:18 - Billy BK Rios - Imagine there is an un-patched Internet Explorer vuln in the wild While the vendor scrambles to dev test QA and prime the release for hundreds of millions of users I ve been there it takes time , some organizations may choose to adjust their defensive posture by suggesting things like, Use an alternate browser until a patch is made http://www.secuobs.com/revue/news/273675.shtmlhttp://www.secuobs.com/revue/news/273675.shtml Secuobs.com : 2010-12-17 14:05:18 - Billy BK Rios - I had the honor of presenting at RuxCon and BayThreat this year Both were great conferences with great people I m always humbled when I learn of what others are doing in the security community and even more humbled when asked to present I gave a presentation called Will It Blend The title of the talk http://www.secuobs.com/revue/news/272566.shtmlhttp://www.secuobs.com/revue/news/272566.shtml Secuobs.com : 2010-10-18 21:13:07 - Billy BK Rios - A few weeks ago, Adobe released an advisory for a ton of Acrobat Reader bugs Buried in the long list of Acrobat Reader bugs was a patch for a vulnerability I reported to Adobe Taking a look at the entry in the advisory, we see the following description CVE-2010-3625 This update resolves a prefix protocol http://www.secuobs.com/revue/news/257954.shtmlhttp://www.secuobs.com/revue/news/257954.shtml Secuobs.com : 2010-09-27 14:43:22 - Billy BK Rios - Boom I ve just taken over a Zeus C C I fire up a second, clean VM just to verify yup it works Ok, now what A while back, I came across a kit for setting up a Zeus botnet It was an interesting package Looking at the C C, bot builder, the actual bot, and user manual http://www.secuobs.com/revue/news/251976.shtmlhttp://www.secuobs.com/revue/news/251976.shtml Secuobs.com : 2010-09-22 11:42:53 - Billy BK Rios - First, some background I love American football My team is the Chicago Bears I ve been a Bears fan since the 80 s when Walter Payton, Mike Singletary, and Jim McMahon dominated the field The last few years as a Bears fan has been difficult, but I ve hung in there A few years ago the Bears had http://www.secuobs.com/revue/news/250605.shtmlhttp://www.secuobs.com/revue/news/250605.shtml Secuobs.com : 2010-09-17 01:55:44 - Billy BK Rios - In April of this year, Adobe patched a couple of bugs I reported to them One was a code execution bug CVE-2010-0191 and the other was a PDF based XSS CVE-2010-0190 I ll cover the code execution bug in a future post as Adobe is still fixing a variant I reported , but for now I d like http://www.secuobs.com/revue/news/247853.shtmlhttp://www.secuobs.com/revue/news/247853.shtml Secuobs.com : 2010-08-02 13:14:27 - Billy BK Rios - Last week, Apple patched a bug in Safari I had reported to the Apple security team The impact of the bug was listed as a vulnerability that could cause files from the user s system to be sent to a remote server The advisory can be found here CVE-2010-1778 Here s a breakdown of how you can http://www.secuobs.com/revue/news/245875.shtmlhttp://www.secuobs.com/revue/news/245875.shtml Secuobs.com : 2010-07-19 11:30:10 - Billy BK Rios - I recently came across a XSS vulnerability on Twitter 99pourcents of XSS bugs are fairly straightforward and this bug was no exception Getting a simple alert box was easy, but creating a payload to actually do something valuable steal the twitter cookie, post on behalf of the victim etc was interesting exercise Nothing earth shattering or http://www.secuobs.com/revue/news/241619.shtmlhttp://www.secuobs.com/revue/news/241619.shtml Secuobs.com : 2009-06-09 10:32:01 - Billy BK Rios - A few weeks ago, Apple released a patch for their Safari browser Thepatch included a fix for a RSS feed handling vulnerability I hadreported to them a while back The advisory can be found here Thisparticular vulnerability is actually a variation of a previous RSSfeed handling vulnerability I had reported to http://www.secuobs.com/revue/news/107299.shtmlhttp://www.secuobs.com/revue/news/107299.shtml Secuobs.com : 2009-05-20 06:07:14 - Billy BK Rios - I run a number of different browsers, for various reasons I was onceeven called a “browserholic” by a colleague I pulled down IE8b2 whenit went live a week ago I don’t want to talk about the myriad ofsecurity features or browsing features as I think they’ve been coveredin detail by many http://www.secuobs.com/revue/news/99333.shtmlhttp://www.secuobs.com/revue/news/99333.shtml Secuobs.com : 2009-05-20 06:07:14 - Billy BK Rios - I recently read a paper written by Sandro Gauci from Enable Securityentitled “Surf Jacking - HTTPS will not save you” You can find thepaper here It’s an interesting read and extremely relevant to today’sweb applications The heart of the paper describes some simple tricksto force a session cookie to be sent http://www.secuobs.com/revue/news/99332.shtmlhttp://www.secuobs.com/revue/news/99332.shtml Secuobs.com : 2009-05-20 06:07:14 - Billy BK Rios - Dark Reading recently had an interesting article related to the securityof Hotel networks; you can find the article I’m talking about here AsI read the article… I couldn’t help but smile… the article made itseem like Hotels have horribly insecure networks The truth is, THEYDO…along with airports, coffee shops, bookstores and pretty http://www.secuobs.com/revue/news/99331.shtmlhttp://www.secuobs.com/revue/news/99331.shtml Secuobs.com : 2009-05-20 06:07:14 - Billy BK Rios - I was thinking back to Sandro’s paper on Surf Jacking and I realized thatthere was one small caveat where the “Secure” flag wouldn’t protectyour cookies from Surf Jacking… The Side Jacking and Surf Jackingtechniques basically stipulate that the attacker has to be on the samenetwork segment as the victim you have to http://www.secuobs.com/revue/news/99330.shtmlhttp://www.secuobs.com/revue/news/99330.shtml Secuobs.com : 2009-05-20 06:07:14 - Billy BK Rios - It’s been a crazy couple weeks Some quick housekeeping: ChicagoCon –I’ll be in Chi-Town next week giving one of the Keynotes atChicagoCon If you’re going to be in the area, hit me up and we’llgrab a few drinks Bluehat - I’m glad to see all the young blood inthe scene It’s going to http://www.secuobs.com/revue/news/99329.shtmlhttp://www.secuobs.com/revue/news/99329.shtml Secuobs.com : 2009-05-20 06:07:14 - Billy BK Rios - WOW, it’s been a busy couple of weeks I was in Tokyo last week forPacSec PacSec was a great time, there were some GREAT talks, andDragos knows how to party I co-presented a talk entitled“Cross-Domain Leakiness: Divulging Sensitive Information and AttackingSSL Sessions” with Chris Evans from Google I’m curious if this http://www.secuobs.com/revue/news/99328.shtmlhttp://www.secuobs.com/revue/news/99328.shtml Secuobs.com : 2009-05-20 06:07:14 - Billy BK Rios - Apple recently patched a vulnerability Nitesh “Leisure Suit” Dhanjani andI reported to them last week CVE-2008-4216 We had reported asimilar vulnerability to Apple about two months ago CVE-2008-3638In fact, the exploitation technique was so similar we held offreleasing details until this 2nd patch was released The basic gist ofthis vulnerability pits http://www.secuobs.com/revue/news/99327.shtmlhttp://www.secuobs.com/revue/news/99327.shtml Secuobs.com : 2009-05-20 06:07:14 - Billy BK Rios - Apple recently patched a vulnerability in Safari’s RSS feed handlingmechanisms I reported to them The advisory for Safari on OS X can befound here and the Safari for Windows advisory can be found here Asalways, Apple was excellent in their handling of the issue Two otherresearchers reported this same vulnerability to http://www.secuobs.com/revue/news/99326.shtmlhttp://www.secuobs.com/revue/news/99326.shtml Secuobs.com : 2009-05-20 06:07:14 - Billy BK Rios - Whew It’s been a busy couple of months for me I’m always curious as tohow I get so much on my plate A quick recap of some of the stuff I’vebeen working on / or have coming in the near future: 1 HITB Dubai isalmost here I’ve been selected to give two talks http://www.secuobs.com/revue/news/99325.shtmlhttp://www.secuobs.com/revue/news/99325.shtml