Tenable Network Security Podcast - Episode 72

Welcome to the Tenable Network Security Podcast - Episode 72

Hosts: Paul Asadoorian, Product Evangelist and Carlos Perez, Lead Vulnerability Researcher

Announcements

• Nessus 4.4.1 has been released! Includes several improvements and a new option for SYN port scanning.
• Check out our video channel on YouTube that contains the latest Nessus and SecurityCenter 4 tutorials.
• We're hiring! - Visit the Tenable web site for more information about open positions.
• You can subscribe to the Tenable Network Security Podcast on iTunes!
• Tenable Tweets - You can find us on Twitter at http://twitter.com/tenablesecurity where we make various announcements, provide Nessus plugin statistics and more!

Stories

• Throwing Star LAN Tap - I have to admit, I'm a big fan of ninjas. Ever since I was a kid (in some ways I still am) I've been fascinated with ninjas. It's a combination of things that fuel my fascination: smoke bombs, swords, poison and, of course, throwing stars. Any time I can arm myself with a ninja-like tool that pertains to my job, I'm in. The LAN tap throwing stars allow you to monitor network traffic passively (e.g. there is no send, only receive) between a host and the network. This comes in handy for troubleshooting, forensics, and even to collect some data using Tenable's Passive Vulnerability Scanner.




• When Love Turns to Money - Literally: "...love turned to money. Around $200,000, that is, which is the approximate amount of cash that said man had wired to his cyber-girlfriend over the course of their quote-unquote time together"


• Do Not Click This Link - Just proof that if you think people will not click on stuff, they probably will.


• - This device plugs into the wall and looks very "unsuspicious". However, it's connecting to (likely just "open") wireless networks, ARP cache poisoning, and replacing content in HTTP streams. While the implementation is focused on creating bogus news stories, it could be used to send out attacks... at least that's what I'd use it for!


• ZeuS crimeware variant targets Symbian and BlackBerry users - "Upon successful infection, the crimeware injects a legitimately looking field into the web page. The aim is to trick end users into giving out their mTANs, which stands for mobile transaction authentication numbers. Now that the gang has obtained access to their cell phone number, including the type of the device, a SMS is sent back to the victim with a link to a mobile application targeting either Symbian or BlackBerry devices." I believe this presents a problem for many organizations on the network monitoring front. It's difficult, if not impossible, to monitor cell phone communications over 3G, 4G, or CDMA. If attacks are coming at your users via these communications networks, you have only host-based security in play to defend yourselves. User education only buys you so much; a well-constructed social engineering attack is going to trick some users, with increasing success rates as we rely on technology more and more. Hardening your systems, including mobile devices, and having some client security (anti-virus software, host intrusion prevention, or something along those lines) is going to be key to being more secure than the out-of-the-box software that comes with your phone, which seems to be a monolithic operating system with little security. The bar is set a tad higher for iOS devices, as the apps have to be signed, showing that code-signing does work to at least deter attacks. However, if you can trigger a browser exploit on the iPhone, you don't need to run a signed app.


• RAT (Remote Administration Tool) in Beta For OS X - RAT is a fun tool. I've seen it action in a few different capture the flag events. It's fairly noisy on the system and on the network, but it can embed itself into different processes. Of course, if you think there are no viruses for ANY platform in general use today, you are likely mistaken.