15.6 C
London
Friday, August 18, 2017
Home Tags HTTPS

Tag: HTTPS

A provocative white hat hacker who has previously disclosed vulnerabilities in both California’s ObamaCare portal and FireEye's core security product has now revealed a serious flaw in the Council of Better Business Bureau’s (CBBB) Web-based complaints application, which is used by nearly a million people annually to file complaints against businesses.The CBBB criticized the “unauthorized application vulnerability test” but said in a statement that they believe “the motivation was not malicious," and are "not pursuing the matter further." The CBBB is the umbrella organization for the independent local BBBs, the not-for-profit consumer advocacy groups that operate in the United States, Canada, and Mexico.

The BBBs attempt to mediate disputes between consumers and businesses, and also accredit businesses based on how well the business meets the BBB’s “Standards of Trust.” Independent security researcher Kristian Erik Hermansen discovered the vulnerability while attempting to file a complaint against Verizon. He told Ars the telecoms giant had defrauded a family member and that despite a successful class-action lawsuit against the company, the fraudulent charges were causing the family member credit problems. "I saw an earlier complaint I filed and noticed the ID numbers were close in proximity," he told Ars. "Thus, they were likely incremental. Whenever I see integers, I increment, and see [what happens]....Then I attempted to access one report using another ID," he said, "and it worked, but only if you have a valid cookie / session token." CBBB told Ars the vulnerability is now fixed. However, Hermansen took the opportunity to explain his work. His exploit set a cookie and increments the attachment ID: n='10000044'; curl -s -b 'OurBBBODRExtranet=F99BDCDFDE33270CC83556A9E540355DC7B870387F8A1C52FF7C27D1B99A29E65C635305959DBA7A8D8D416A5295FD4DCCEBBD710B15C79D35C1D8B5825196AC502809E79356DC8B48F9ED91C2760114859ACBAAE3557256A22C4C941A8CE793882AB171E022E66014F19714468F02C975188FFE6509B3482E134E6F43FB3088AB541C2275BCB9C468E516020767B76DC2F405FB6557A52FCE611BDBEE071AF595C629144766F176F8B4E7632A7CF57FDBF0C1DA77D89916341A9C7651FCAC4639A9E68A236C7AD4A0936FF9B8C02ECB6742E64ADB5B07E1ED8D1599E31EEA6399798E692AE11A0FEEC31792B7E1368B5C13B08B0A5A3EF37996BB9CD7AD634E356DA684561978256306F38D34B13295CEF15FD5F8E4029579620FB36BCDC102E8DF86EEDFD5368DF8474CEDADA81227912D55904949B26A76D28D0F3EB5B0D0B960E434C460F773F9D4F3AA819C0A41ADCFB9F27E93744FA5EEB9864745D5B766A2E0E9C2A96C92EC68DC2A6029046F7D62E241CA319132C77221147E72C2DFE8216ABE51D3348139EA916E3A9F3FF4FEA6F61F59C9F0C0B32335538A7C79080B4C54CA' "https://bluecomplaints.bbb.org/MessageAttachment.aspx?MessageID=${n}&MessageAttachmentIndex=0" > /tmp/10000044.pdf "Pick any number n,” Hermansen said. “You need to change the extension based on content-dispositon header." A quick iteration produced a list of files that included thousands of e-mail attachments from people using BBB's online complaint process—including document names that suggested the presence of sensitive personally identifying information (PII), such as social security numbers, dates of birth, credit card details, and so forth. Enlarge / Hermansen provided Ars with a list of more than 4,000 filenames, including documents that appear to refer to disputes regarding credit card transaction, locksmiths, disability insurance, auto repair, collection agencies, and many others.

Ars has redacted the filenames to protect the privacy of the affected users. Alarmed, Hermansen contacted the BBB to alert them to these issues. "I called multiple times over the last week or so," he told Ars. "No calls back.
I did get a couple people on the phone but they were clueless non-technical people." Hermansen also tried to use the BBB's online complaint system to lodge a support ticket but says the BBB closed the ticket because he wanted to report the vulnerability anonymously.
It was only after he successfully reported the vulnerability that he agreed to be identified publicly. Frustrated by any clear path to report this serious issue, Hermansen reached out to Ars. A day later, our request for comment led to a 45-minute telephone conversation between Hermansen and Michael Perdue, COO of the Council of Better Business Bureaus. According to Hermansen, the COO thanked him for his efforts, and promised to make it easier to report security vulnerabilities in the future. "I think they are doing a good job now," Hermansen said. "It's because their organization is fragmented and run like a non-profit franchise so each one doesn’t know all the process for getting info to the right people sometimes." In a statement, the CBBB made it clear it was less than thrilled by the “unauthorized test.” "A user of BBB’s complaint system," they wrote, "who is also a security expert, performed an unauthorized application vulnerability test of one of the organization’s primary IT vendors.

The user notified BBB about a vulnerability that he detected.

As soon as this vulnerability was brought to CBBB’s attention, it was quickly fixed.

CBBB believes the motivation was not malicious, and is not pursuing the matter further." Hermansen denied conducting an unauthorized vulnerability test and emphasized that he did not access any users' data besides his own. "I have not performed any penetration testing," he said. "I have used mathematics to increment an integer.
See The State vs. Weev." The difference between this case and Weev's, he added, is that the notorious black hat had "accessed other people's private info.
I have not. Only my own." CBBB's statement also denied that their complaint processing application collected personally identifiable information (PII) such as date of birth, social security numbers, or banking details.

CBBB wrote: Through its complaint handling system, BBB collects the following PII: name, address, telephone number, and e-mail address.

This PII is redacted before the details of the complaint are published at bbb.org. Other information collected pertains to the nature of the complaint: the business, its address, the date and nature of the transaction in question, and details about the dispute. BBB does not request other PII or sensitive information such as date of birth, Social Security or Social Insurance numbers, banking or credit card information, etc. Users of the BBB online complaint filing system are urged not to attach any documents that include such information. But, Hermansen pointed out, even though the BBB does not collect that information on purpose, that information is "in there due to the nature of consumer issues with banks and credit firms." He also noted that some of the complaint attachments appeared to contain personal health information (PHI). "BBB has a specific form for PHI." BBB declined to answer our follow-up questions asking what additional steps they intend to take to secure their online services going forward, saying only that the “written statement is our only on-the-record comment.” Of late, headlines have been full of “white hat finds vulnerability, police make arrest at gunpoint in dawn raid.” The CBBB deserves credit for responding so rapidly—and dare we say, so maturely—to Hermansen’s provocative efforts to report the security flaw. As Hermansen put it, "It usually doesn't work this way." J.M. Porup is a freelance cybersecurity reporter who lives in Toronto. When he dies his epitaph will simply read "assume breach." You can find him on Twitter at @toholdaquill. This post originated on Ars Technica UK
Cyber-security firm to work with security specialist value-added distributor to support aggressive EMEA expansion plansLondon – 7 June 2016 – Malwarebytes™, the leading advanced malware prevention and remediation solution, today announced it has signed Wick Hill as a pan-European value-added distributor specialising in security.

The agreement supports Malwarebytes’ rapidly growing presence in Europe and continued strategy to expand in the area through channel relationships. Ian Kilpatrick, chairman Wick Hill Group Wick Hill and Malwarebytes will work together to offer the cyber security company’s advanced endpoint protection and remediation capabilities for enterprises to resellers in the UK, DACH, Benelux, France and the Nordics, as part of a two-tier distribution model. Wick Hill is frequently recognised as one of the best specialist security distributors in the region, and the deal will further expand Malwarebytes’ reach while providing Wick Hill with access to an increasingly in-depth portfolio of layered solutions. Anthony O’Mara, VP, EMEA at Malwarebytes, said: “Given the ever advancing threat landscape, the possibility of suffering a security breach has never been higher. Our proven ability to quickly detect and remediate these threats means our products are in higher demand than ever. “Given its reach and reputation in the cyber security space, Wick Hill is an ideal partner for us.

The company also operates an enviable range of partner support services and has a track record of helping vendors expand their reseller base and grow sales.

As part of Rigby Private Equity (RPE), Wick Hill also has access to an established network of resellers across EMEA, and we will be taking advantage of that to grow our presence even further in the future.” Ian Kilpatrick, chairman Wick Hill Group, continued: “We are delighted that Malwarebytes has chosen Wick Hill as a pan-EMEA distribution partner.

Driven by the strength of its product set, the company has a uniquely valuable brand in the security market, providing resellers with a massive opportunity.” “In today’s increasingly insecure IT environment, multi-level protection is vital and we feel Malwarebytes fits perfectly into our existing portfolio. We’re very excited about helping the company grow its EMEA channel to expand across the region.” In July 2015, Wick Hill became part of Rigby Private Equity (RPE). RPE is building an EMEA-wide, high-value, specialist distribution business, with a common proposition and consistent delivery.
Value added distributor Zycko, is also part of RPE with the combined Wick Hill and Zycko product portfolio encompassing networking, infrastructure, security, communications, storage, access, performance, monitoring and management. Paul Eccleston, head of RPE, commented: “The appointment of Wick Hill by Malwarebytes is another milestone for RPE, following Zycko’s recent appointment by Unitrends as its sole EMEA wide distributor.
It demonstrates that there is a strong need for a pan-EMEA distributor that can work with companies wanting to expand and grow internationally, in partnership with a value added distributor that can deliver technical and sales support consistently, whilst giving vendors access to an established reseller network.” -- ENDS -- About MalwarebytesMalwarebytes protects consumers and businesses against dangerous threats such as malware, ransomware, and exploits that escape detection by traditional antivirus solutions. Malwarebytes Anti-Malware, the company’s flagship product, has a highly advanced heuristic detection engine that removed more than five billion malicious threats from computers worldwide. More than 10,000 SMBs and enterprise businesses worldwide trust Malwarebytes to protect their data.

Founded in 2008, the company is headquartered in California with offices in Europe, and a global team of researchers and experts.

For more information, please visit us at https://www.malwarebytes.com/.Malwarebytes reflects the operating philosophy of its founder and CEO Marcin Kleczynski: to create the best disinfection and protection solutions to combat the world’s most harmful Internet threats. Marcin was recently named “CEO of the Year” in the Global Excellence awards and has been named to the 2015 Forbes 30 Under 30 Rising Stars of Enterprise Technology list and the Silicon Valley Business Journal’s 40 Under 40 award, adding those to a 2014 Ernst & Young Entrepreneur of the Year Award. About Wick HillEstablished in 1976, value added distributor Wick Hill specialises in secure IP infrastructure solutions.

The company sources and delivers best-of-breed, easy-to-use solutions through its channel partners, with a portfolio that covers security, performance, access, networking, convergence, storage and hosted solutions. Wick Hill is particularly focused on providing a wide range of value-added support for its channel partners.

This includes strong lead generation and conversion, technical and consultancy support, and comprehensive training. Wick Hill Group is part of Rigby Private Equity, a subsidiary of Rigby Group Investments, an independent company within Rigby Group plc. Wick Hill has its headquarters in the UK and offices in Germany and Austria. Wick Hill also offers services to channel partners in fourteen European countries and worldwide, through its association with Zycko, as part of RPE. For further press information on Wick Hill, please contact Annabelle Brown on 01326 318212, email pr@wickhill.com. Wick Hill https://www.wickhill.com.

For further press information on Malwarebytes, please contact Aislinn Collins on 07980 711864, email malwarebytes@fieldhouseassociates.com
An update for glibc is now available for Red Hat Enterprise Linux 6.5 AdvancedUpdate Support.Red Hat Product Security has rated this update as having a security impact ofModerate.

A Common Vulnerability Scoring System (CVSS) base score, which gives adetailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. The glibc packages provide the standard C libraries (libc), POSIX threadlibraries (libpthread), standard math libraries (libm), and the name servicecache daemon (nscd) used by multiple programs on the system. Without theselibraries, the Linux system cannot function correctly.Security Fix(es):* It was discovered that, under certain circumstances, glibc's getaddrinfo()function would send DNS queries to random file descriptors.

An attacker couldpotentially use this flaw to send DNS queries to unintended recipients,resulting in information disclosure or data loss due to the applicationencountering corrupted data. (CVE-2013-7423) For details on how to apply this update, which includes the changes described inthis advisory, refer to:https://access.redhat.com/articles/11258For the update to take effect, all services linked to the glibc library must berestarted, or the system rebooted.Red Hat Enterprise Linux Server AUS (v. 6.5) SRPMS: glibc-2.12-1.132.el6_5.8.src.rpm     MD5: e9049ea229e38a7c2c62ff80025e8d39SHA-256: 8d6eaf9a9ebfd95f41451ea73ee2c986ac0d1a64f5f5aff8b1721d6853e91f4d   x86_64: glibc-2.12-1.132.el6_5.8.i686.rpm     MD5: d44d1d1373995c13b2e92f9c130bb25bSHA-256: 7081dde413448f1f3b8377430b5e57f712293b49d033bdc88e43691dca422fd1 glibc-2.12-1.132.el6_5.8.x86_64.rpm     MD5: 16856b57164c884bc40d0ad59a9bbe58SHA-256: 54575f6c3f69d12706851a23756849816e83e3a599216f856acfd3d309145655 glibc-common-2.12-1.132.el6_5.8.x86_64.rpm     MD5: 59216de8816f02fb951c1b4916bc0e41SHA-256: d6262d83d9094d618a34ab53b55d1553f8446326d48cbf013d7fdedc16e54abc glibc-debuginfo-2.12-1.132.el6_5.8.i686.rpm     MD5: 159e61a37f5a13044ead91343189d0edSHA-256: eaf7f82fa7cdf9ef146c3b5c9eb3d8b1b733acce3586dbf16204019dd4764a2c glibc-debuginfo-2.12-1.132.el6_5.8.x86_64.rpm     MD5: 8dcefea682b96419a129f74af8fc114eSHA-256: f0a31218ba2e448f326b58872d0ef277d59539d8a2d6cdaeac907b52d57ebd35 glibc-debuginfo-common-2.12-1.132.el6_5.8.i686.rpm     MD5: 46459fffb6344b2cf6837d3d8da2b475SHA-256: 75aacfd79408a134229904e2e16fb7f65b0894cf51c000cf88a59e843c9a9726 glibc-debuginfo-common-2.12-1.132.el6_5.8.x86_64.rpm     MD5: 79cbe4e075b6032becb0d9ca1fc89738SHA-256: b03cd1e16109c55f6713114666757fbddd8a6dfb9709493b1189690e60aa47e0 glibc-devel-2.12-1.132.el6_5.8.i686.rpm     MD5: 35940bb7af09a4639e1db3c124e3c7e9SHA-256: 11f3aba89d40e413035880b45fe7db8dd4650c98deaf2246c0bd050e64989203 glibc-devel-2.12-1.132.el6_5.8.x86_64.rpm     MD5: 23c9e2abb92d8579bf193b17260063e0SHA-256: b45543690a7db496db964171c53745f5fb090215d5bb355aa9014ca31862b725 glibc-headers-2.12-1.132.el6_5.8.x86_64.rpm     MD5: f039ce8738929d2936e95002ed58e100SHA-256: d464808d249acafde2ebb47d1ebc4657b950c07acbbe8fc445bd338a7c5b7a73 glibc-static-2.12-1.132.el6_5.8.i686.rpm     MD5: 139395413f4e3b4613daffa2fa73fa0dSHA-256: d5445e9df6fc0c017cf00cf60c6f68bc7277c60584017a1b527e4b59d55ae6b7 glibc-static-2.12-1.132.el6_5.8.x86_64.rpm     MD5: 5429c462bf4293a74b54c864fb4e1924SHA-256: e8afe84fa9855cf76d6dfd9956943c3239b2a3139ca5d1214f2118fe9fb3fbac glibc-utils-2.12-1.132.el6_5.8.x86_64.rpm     MD5: 569018db6eb719d426c29d11c027e7ffSHA-256: 81892bfd7aa48f8ce9b6895df1acc5c95b7df5f02a5149bb0dfeb5d87f171df1 nscd-2.12-1.132.el6_5.8.x86_64.rpm     MD5: ddc4ecca90fb6794f8c1493a794d7d88SHA-256: 278ad1b2d053f135f60876d944419eeb307b2ed361db20c08313ac1781e6d43d   (The unlinked packages above are only available from the Red Hat Network) 1187109 - CVE-2013-7423 glibc: getaddrinfo() writes DNS queries to random file descriptors under high load1339960 - CVE-2013-7423 glibc: getaddrinfo() sends DNS queries to random file descriptors [rhel-6.5.z] These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
Forget filter coffee, jerks in suits, and awful hors d'oeuvre.

Expect metal, craft beer and zero-days galore Special report In Australia and New Zealand, hackers are doing it for themselves by creating vibrant security conferences that run on their own terms and actively avoid the corporate-speak and fear-mongering that characterises so many vendor-led events. These conferences, or "cons", are booming and showcase security skills that rival the best the global security industry can offer. The hacker-run conferences are nothing like commercial technology confabs: vendor pitches are universally banned, so are trade show booths.

Bars replace bain maries full of conference casseroles and black metal-inspired custom shirts are the de facto uniform. At these events hackers reveal holes in the world's most popular technology and public transport systems to a soundtrack of sweeping moans of derision, laughter, and, for some cons, bursts of on-stage pyrotechnics. Most hacker presenters follow the modern line and push the companies they hack to fix holes ahead of their on-stage disclosures, yet blasé promises to fix earn retribution as zero-days are still dropped. Delegates at these cons are a mix of professional penetration testers and security admins, hackers of dubious history, curious developers, and students.
Some of those attending are partly responsible for defending the nation’s biggest and most important companies. Most of these volunteer-run and continually sold-out events cost between A$50 and A$150, with some occasionally free for the most broke hacker, and are home to a staple of community-run lockpick and capture the flag competitions lasting what is a typically two-day conference. After an arguable decade of hiatus, the cheap grassroots cons have spread out to cover almost all Australian states. Hackers have WAHCKON in Perth, CrikeyCon in Brisbane, Platypuscon in Sydney, BSides in Canberra, Unrest in Melbourne, and regional pillar Kiwicon in Wellington. These could not be further from the typical C-level security event where ticket prices demand up to A$2000, technical talks are scarce, and vendor booths and pressed suits are as prolific as branded backpacks. Of the six community cons, three have or will launch this year. What: BSides Canberra When: 17 - 18 March 2017 Where: Canberra How much: A$50 Who: Silvio, Kylie, Andrew, Rick, Ryan, Topy, Wily, Klepas, Iggy, Ed, Pete, Villain, Matt, Sam, George, Peter, Nathan, Neal, Joffy, and Paul. Stories: EFF revises IM safety ratings after pen testers pop 'secure' tools Lock-hackers crack restricted keys used to secure data centres Bug bounty blitzers open-source sick subdomain-spotter Plotting 'mass damage' in Australia? SMBs' crappy login hygiene really helps – hacker BSides Canberra, held on the shoulder of the Government’s large defence sector-orientated Australian Cyber Security Conference (ACSC), concluded its second and last day to a standing ovation.

The $50 hacker meet run by security pair Silvio Cesare and Kylie McDevitt sold out quickly. “There are many reasons we started BSides Canberra,” co-organiser Cesare says. “We wanted to provide a local conference for Canberra at which we could inspire the next generation of hackers.” The popular pair have a focus on encouraging new blood into the security sector at large, and more specifically into the conference circuit to consume and present new research.

To that end they have kept the ticket prices rock bottom to ensure it is accessible to anyone interested in the field. Sponsorship from community-centric security firms means the conference breaks even, throws two open-bar parties, and gives each of the 290 delegates a custom t-shirt and home-made Arduino badge that displays the conference running order.
Says Cesare: “… we think there will be people at corporate conference that will go nowhere near a hackercon and vice versa but there will also be an overlap,” Cesare says. “We don’t make a profit … this is just our passion.” Highlights of the con include auctioning nasty Oracle zeroday flaws – one written on a napkin – to fund a ‘steak dinner’ for the organisers, a “nail-biting” capture the flag competition decided in the last four minutes, and some delegate badge re-tweaking. What: Kiwicon When: 17 - 18 November Where: Wellington How much: About A$80 Who: A stable core 'Crüe' of Bogan, Pipes (retired), metlstorm, Sharrow, Ad, Vex, Madman, Squirrelboy, and Lisa, along with a retinue of volunteers who make the ship sail, and SiteHost who host the con's web presence gratis. Stories (2015): Kiwi hackers crack crap algo, showcase 40c-a-litre DIY fuel discounts Hundreds of thousands of engine immobilisers hackable over the net Overhaul Wassenaar or ruin next Heartbleed fix, top policy boffin says Brit-American hacker duo throws pwns on IoT BBQs, grills open admin Aussie hacker flips Coin into fraudster fob Brit hardware hacker turns Raspberry Pi Zeros into selfie slayers Kiwi hacker 'menace' pops home detention tracker cuffs Kiwicon celebrates its tenth year in November and is placed at the top of many Aussie and Kiwi hacker con wish lists.
It has ballooned in size from a small gathering at a university campus building to outgrow Wellington's iconic Opera House and the St. James Theatre. Local and overseas speakers come to offer technical strolls, highlight horrid holes in enterprise software and advice to improve delegates' exploitation prowess, and a litany of illustrations that paint the sorry state of information security.

This all takes place against a backdrop of metal music and pyrotechnics.

Attendees gain perspective on the event with the aid of local craft beer bearing Kiwicon insignia. "The genesis was simple; if the Aussies can do it, surely we can?" con organiser Metlstorm says. "How hard can it be to get 80 people in a room, talk about computer hacking, then go to the pub? … From there Kiwicon just burgeoned into a monster that fundamentally is built in our own image of not taking ourselves very seriously." Metlstorm among the pyrotechnics at Kiwicon 8.
Image: 4nitsirk What is now more of a "hacker themed variety show" Kiwicon has become a slick entertaining production that balances showmanship with technical content that guarantees the expanded 2200 seats this year will again fill fast.

The upcoming event will likely be the biggest antipodean security con, despite its banishment of the immortal trade event annoyances: "vendor shillin', big money illin', no booth babes, no booths, no paid talks, no swag bags full of crap you're gonna throw out immediately, no bullshit, and of course the sticker shock of the ticket price," the respected penetration tester says. Recent notable talks include William Turner's evisceration of then still-vulnerable Christchurch bus system, a feat which led to the then kid hacker winning 'most likely to be arrested' and, through subsequent bureaucratic hamfisting, led to admin credentials being disclosed in public freedom of information documents. Another year hacker Denis Andzakovic outfitted his Yamaha with a HUD and hardware to build a Wi-Fi war bike.

At last year's con two hackers displayed equal measures of daring and showmanship when revealing algorithm flaws that allowed Kiwis to print their own non-expiring discount petrol coupons scanned at the pump.

They even printed and successfully demonstrated the barcodes printed on teeshirts. Kiwicon is like all the community cons that followed it a manifestation of hacker imaginings. "We built the con we wanted to go to; cheap, real, friendly and interesting," Metlstorm says.

That probably excludes the national-security "F35-lovin'" conference crowd. "Tradeshow events showcase the root cause of the problems in the infosec industry," Metlstorm says. "We humbly aim to be the opposite". The con bears a different theme each year which of late tend to mock the corporate technology world and the military industrial complex: 'it's always 1989 in computer security' chimed one 8-bit motif, while "cyber-friends" was painted on Kiwicon 7 as an answer to the vacuous cries of cyber war. Still, Kiwicon is an inclusive event and Meltstorm welcomes the errant military industrial tradeshow traveller: "So, if the day comes when they're ready to accept empiricism into their cold dead hearts, after all their shit got owned via the security products they bought or sold, we'll be here still, actual practitioners doing the actual work that actually advances the state of the motherf**kin' art." What: Unrestcon When: 1 and 2 July Where: Melbourne How much: A$100 - A$130 Who: Wily, Nanomebia, Buffy, Filsy, Sully, Topy, McCormack, Liam, and a 'few other random miscreants'. Discount code: Enter code DARREN POORLY for a 10 percent discount on tickets. Unrest is a "brand spanking new" security con set to hold the first of what history says will be many events in Melbourne's north.

The hacker con is billed as an "audiovisual experience" which will eschew the traditional conference space along with its "filter coffee, jerks in suits, and awful hors d'oeuvre" for an unconventional audio-visual experience. The con with its fictitious Ministry of Unrest and Illuminati-esque iconography is home to promising technical and social engineering talks, workshops, and a chill-out art and gaming area. It is the brainchild of penetration tester, lockpicker, and hopeful comedian Wily. "We wanted to do something different," he says. "A non-traditional venue, no corporate sponsorship, low cost, and high impact." Wily gives a nod to Ruxcon, the established but more pricer Melbourne hacker con that since 2003 has regularly sold out with technical talks and workshops. "Ruxcon has been around in Australia since 2003, and has always brought together the Australian community," Wily says. "Other community hacker conferences have sprung up around the country, and there is certainly room for more of these events." Ruxcon will be held 22 and 23 October. There is, Wily says, space for both the pricer cons such as the recently held AusCERT corporate conference in Queensland's Gold Coast, and the more expensive Syscan technical hacker con in Singapore, and the grassroots community events. But without the big ticket price tag, Wily is merely aiming to break even: "We are hoping to break even, and if we're lucky we might," he says. When asked by Vulture South if he and his fellow con organisers 'hate money', the hacker sums up their collective commitment to community: "we are a bunch of overpaid infosec jerks". This Sydney startup con is a hands-on hacker meet where the policy is show up with a laptop or not at all.

Co-organiser lin_s has, with a little help from his friends, developed a conference that emphasises practical hacker experimentation. “We started the con and our community (Just Hack Shit) on the basis that we wanted to see something different from the traditional security content of just speakers talking at the audience,” she says. “We wanted to build a group where people from all walks of life could come and do infosec nerd stuff on the proviso that they had to participate.” It is a popular and unique concept born of a night spent on the museum lawns in Sydney’s Circular Quay where lin_s and her friends got together to hack in a capture the flag competition.

Total cost was munchies and beer. "It turns out lots of people were interested in this kind of thing - we couldn't find anything similar already, so we built something ourselves." Now in its fourth year, WAHCKon remains Perth's first and only hacker con home to a repeat solid line-up of security talks ranging from the technical to the absurd.

For the former, speakers this year detailed the security chops of Docker, the perils of SSL, and PHP malware debriding.

The latter was catered by the opening talk given by WAHCKon organisers who took delegates on a journey into the skulking malware PC assistant known as Bonzi Buddy who was this year's mascot. "These (grassroots cons) are absolutely a thing now, and we're continually hearing about new cons starting all over Australia," Kronicd says. "When we began there really wasn't anything of the sort." The Perth confab was fired up to bridge the 4000 kilometre void between Perth and Australia's big east coast cities. "Western Australia is pretty isolated from the community, and we saw that it just wasn't possible for a lot of less established hackers to attend existing hacker cons due to the prohibitive cost of travel and lack of corporate sponsorship," he says. WAHCKon 3 this year.
Image: Darren Pauli He also misses the casual vibe of bygone Aussie hacker cons, and so sought with colleagues to build the conference they wanted to attend. "The scene in Australia had become extremely corporate, and we wanted a return to the hacker cons we remembered -- we wanted to bring together the WA hacker community and to ensure that everyone had a chance to attend." To this end, organisers are willing to hand out free tickets to those who can't afford the $60 face price. Kronicd like his kin beg each year for their complicated conferences to come to an end, but persistent popularity serves as a defibrillator: "Honestly, we've wanted this to stop for years. We're tired. People keep showing up and incredible speakers keep submitting talks.
It really isn't up to us anymore." What: CrikeyCon When: 25 February 2017 Where: Brisbane How much: A$80 - A$150 Who: Wade Alcorn, Scotty Brown, Robert Winkel, Glyn Geoghegan, Gary Gaskell, Ashley Deuble, Anne Luk. CrikeyCon is another community-led charitable not-for-profit con based in Australia's Sunshine State that offers a diverse range of security talks and capture the flag and lock picking events over a day and a half.

Co-founder Wade Alcorn says the concept was found at the bottom of a beer glass in a Brisbane pub. "Crikey was born over a few beers between mates in Brisbane lamenting the lack of a local con," Alcorn says. "We wanted to give something back to the security community that's been great to all of us … and create a local event where people can share, learn and socialise with like-minded enthusiasts. The crew expected the first event to host numbers resembling a large night out, but instead 60 hackers turned up, with 150 attending cons soon after.

This year pulled 250. Those punters are a mix of hackers and business infosec types both of whom Alcorn credits with sufficient olfactory sense to sniff out the good cons from the bad. "True security nerds try to get to as many things as they can that they get value from - even if it is on their own time," he says. ® Sponsored: Rise of the machines
An update for spice is now available for Red Hat Enterprise Linux 7.Red Hat Product Security has rated this update as having a security impact ofImportant.

A Common Vulnerability Scoring System (CVSS) base score, which givesa detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. The Simple Protocol for Independent Computing Environments (SPICE) is a remotedisplay system built for virtual environments which allows the user to view acomputing 'desktop' environment not only on the machine where it is running, butfrom anywhere on the Internet and from a wide variety of machine architectures.Security Fix(es):* A memory allocation flaw, leading to a heap-based buffer overflow, was foundin spice's smartcard interaction, which runs under the QEMU-KVM context on thehost.

A user connecting to a guest VM using spice could potentially use thisflaw to crash the QEMU-KVM process or execute arbitrary code with the privilegesof the host's QEMU-KVM process. (CVE-2016-0749)* A memory access flaw was found in the way spice handled certain guests usingcrafted primary surface parameters.

A user in a guest could use this flaw toread from and write to arbitrary memory locations on the host. (CVE-2016-2150)The CVE-2016-0749 issue was discovered by Jing Zhao (Red Hat) and theCVE-2016-2150 issue was discovered by Frediano Ziglio (Red Hat). For details on how to apply this update, which includes the changes described inthis advisory, refer to:https://access.redhat.com/articles/11258Applications acting as a SPICE server must be restarted for this update to takeeffect. Note that QEMU-KVM guests providing SPICE console access must berestarted for this update to take effect.Red Hat Enterprise Linux Desktop (v. 7) SRPMS: spice-0.12.4-15.el7_2.1.src.rpm     MD5: fa498221bcac8a0b6d7f5750b4d6106cSHA-256: 7f7d26048b3d202b50a0405b7de2cf51b4f0b25645723ff86b2484d381faf001   x86_64: spice-debuginfo-0.12.4-15.el7_2.1.x86_64.rpm     MD5: a846b173b0662df2d48f7ab38d9f1aa6SHA-256: cfdbf521f6edd70b9f0760eb8ff61c80b9eabcf875a99cb7ea203dd5546dc0f3 spice-server-0.12.4-15.el7_2.1.x86_64.rpm     MD5: 86d5ac6bcf54a6e43b87e41ad875fce0SHA-256: 2456ef2cddf86fc496327c16f5d3784393d19d44c2d1614b97013ee241fd93df spice-server-devel-0.12.4-15.el7_2.1.x86_64.rpm     MD5: 409a3c540f0f025c321ea6f1efff31ebSHA-256: afd2b0a278b7e62ef570c764e8d03cba6d925845e35bae78cd142fb7fffa1e8a   Red Hat Enterprise Linux HPC Node (v. 7) SRPMS: spice-0.12.4-15.el7_2.1.src.rpm     MD5: fa498221bcac8a0b6d7f5750b4d6106cSHA-256: 7f7d26048b3d202b50a0405b7de2cf51b4f0b25645723ff86b2484d381faf001   x86_64: spice-debuginfo-0.12.4-15.el7_2.1.x86_64.rpm     MD5: a846b173b0662df2d48f7ab38d9f1aa6SHA-256: cfdbf521f6edd70b9f0760eb8ff61c80b9eabcf875a99cb7ea203dd5546dc0f3 spice-server-0.12.4-15.el7_2.1.x86_64.rpm     MD5: 86d5ac6bcf54a6e43b87e41ad875fce0SHA-256: 2456ef2cddf86fc496327c16f5d3784393d19d44c2d1614b97013ee241fd93df spice-server-devel-0.12.4-15.el7_2.1.x86_64.rpm     MD5: 409a3c540f0f025c321ea6f1efff31ebSHA-256: afd2b0a278b7e62ef570c764e8d03cba6d925845e35bae78cd142fb7fffa1e8a   Red Hat Enterprise Linux HPC Node EUS (v. 7.2) SRPMS: spice-0.12.4-15.el7_2.1.src.rpm     MD5: fa498221bcac8a0b6d7f5750b4d6106cSHA-256: 7f7d26048b3d202b50a0405b7de2cf51b4f0b25645723ff86b2484d381faf001   x86_64: spice-debuginfo-0.12.4-15.el7_2.1.x86_64.rpm     MD5: a846b173b0662df2d48f7ab38d9f1aa6SHA-256: cfdbf521f6edd70b9f0760eb8ff61c80b9eabcf875a99cb7ea203dd5546dc0f3 spice-server-0.12.4-15.el7_2.1.x86_64.rpm     MD5: 86d5ac6bcf54a6e43b87e41ad875fce0SHA-256: 2456ef2cddf86fc496327c16f5d3784393d19d44c2d1614b97013ee241fd93df spice-server-devel-0.12.4-15.el7_2.1.x86_64.rpm     MD5: 409a3c540f0f025c321ea6f1efff31ebSHA-256: afd2b0a278b7e62ef570c764e8d03cba6d925845e35bae78cd142fb7fffa1e8a   Red Hat Enterprise Linux Server (v. 7) SRPMS: spice-0.12.4-15.el7_2.1.src.rpm     MD5: fa498221bcac8a0b6d7f5750b4d6106cSHA-256: 7f7d26048b3d202b50a0405b7de2cf51b4f0b25645723ff86b2484d381faf001   x86_64: spice-debuginfo-0.12.4-15.el7_2.1.x86_64.rpm     MD5: a846b173b0662df2d48f7ab38d9f1aa6SHA-256: cfdbf521f6edd70b9f0760eb8ff61c80b9eabcf875a99cb7ea203dd5546dc0f3 spice-server-0.12.4-15.el7_2.1.x86_64.rpm     MD5: 86d5ac6bcf54a6e43b87e41ad875fce0SHA-256: 2456ef2cddf86fc496327c16f5d3784393d19d44c2d1614b97013ee241fd93df spice-server-devel-0.12.4-15.el7_2.1.x86_64.rpm     MD5: 409a3c540f0f025c321ea6f1efff31ebSHA-256: afd2b0a278b7e62ef570c764e8d03cba6d925845e35bae78cd142fb7fffa1e8a   Red Hat Enterprise Linux Server AUS (v. 7.2) SRPMS: spice-0.12.4-15.el7_2.1.src.rpm     MD5: fa498221bcac8a0b6d7f5750b4d6106cSHA-256: 7f7d26048b3d202b50a0405b7de2cf51b4f0b25645723ff86b2484d381faf001   x86_64: spice-debuginfo-0.12.4-15.el7_2.1.x86_64.rpm     MD5: a846b173b0662df2d48f7ab38d9f1aa6SHA-256: cfdbf521f6edd70b9f0760eb8ff61c80b9eabcf875a99cb7ea203dd5546dc0f3 spice-server-0.12.4-15.el7_2.1.x86_64.rpm     MD5: 86d5ac6bcf54a6e43b87e41ad875fce0SHA-256: 2456ef2cddf86fc496327c16f5d3784393d19d44c2d1614b97013ee241fd93df spice-server-devel-0.12.4-15.el7_2.1.x86_64.rpm     MD5: 409a3c540f0f025c321ea6f1efff31ebSHA-256: afd2b0a278b7e62ef570c764e8d03cba6d925845e35bae78cd142fb7fffa1e8a   Red Hat Enterprise Linux Server EUS (v. 7.2) SRPMS: spice-0.12.4-15.el7_2.1.src.rpm     MD5: fa498221bcac8a0b6d7f5750b4d6106cSHA-256: 7f7d26048b3d202b50a0405b7de2cf51b4f0b25645723ff86b2484d381faf001   x86_64: spice-debuginfo-0.12.4-15.el7_2.1.x86_64.rpm     MD5: a846b173b0662df2d48f7ab38d9f1aa6SHA-256: cfdbf521f6edd70b9f0760eb8ff61c80b9eabcf875a99cb7ea203dd5546dc0f3 spice-server-0.12.4-15.el7_2.1.x86_64.rpm     MD5: 86d5ac6bcf54a6e43b87e41ad875fce0SHA-256: 2456ef2cddf86fc496327c16f5d3784393d19d44c2d1614b97013ee241fd93df spice-server-devel-0.12.4-15.el7_2.1.x86_64.rpm     MD5: 409a3c540f0f025c321ea6f1efff31ebSHA-256: afd2b0a278b7e62ef570c764e8d03cba6d925845e35bae78cd142fb7fffa1e8a   Red Hat Enterprise Linux Workstation (v. 7) SRPMS: spice-0.12.4-15.el7_2.1.src.rpm     MD5: fa498221bcac8a0b6d7f5750b4d6106cSHA-256: 7f7d26048b3d202b50a0405b7de2cf51b4f0b25645723ff86b2484d381faf001   x86_64: spice-debuginfo-0.12.4-15.el7_2.1.x86_64.rpm     MD5: a846b173b0662df2d48f7ab38d9f1aa6SHA-256: cfdbf521f6edd70b9f0760eb8ff61c80b9eabcf875a99cb7ea203dd5546dc0f3 spice-server-0.12.4-15.el7_2.1.x86_64.rpm     MD5: 86d5ac6bcf54a6e43b87e41ad875fce0SHA-256: 2456ef2cddf86fc496327c16f5d3784393d19d44c2d1614b97013ee241fd93df spice-server-devel-0.12.4-15.el7_2.1.x86_64.rpm     MD5: 409a3c540f0f025c321ea6f1efff31ebSHA-256: afd2b0a278b7e62ef570c764e8d03cba6d925845e35bae78cd142fb7fffa1e8a   (The unlinked packages above are only available from the Red Hat Network) These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
An update for spice-server is now available for Red Hat Enterprise Linux 6.Red Hat Product Security has rated this update as having a security impact ofImportant.

A Common Vulnerability Scoring System (CVSS) base score, which givesa detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. The Simple Protocol for Independent Computing Environments (SPICE) is a remotedisplay protocol for virtual environments.
SPICE users can access a virtualizeddesktop or server from the local system or any system with network access to theserver.
SPICE is used in Red Hat Enterprise Linux for viewing virtualized guestsrunning on the Kernel-based Virtual Machine (KVM) hypervisor or on Red HatEnterprise Virtualization Hypervisors.Security Fix(es):* A memory allocation flaw, leading to a heap-based buffer overflow, was foundin spice's smartcard interaction, which runs under the QEMU-KVM context on thehost.

A user connecting to a guest VM using spice could potentially use thisflaw to crash the QEMU-KVM process or execute arbitrary code with the privilegesof the host's QEMU-KVM process. (CVE-2016-0749)* A memory access flaw was found in the way spice handled certain guests usingcrafted primary surface parameters.

A user in a guest could use this flaw toread from and write to arbitrary memory locations on the host. (CVE-2016-2150)The CVE-2016-0749 issue was discovered by Jing Zhao (Red Hat) and theCVE-2016-2150 issue was discovered by Frediano Ziglio (Red Hat). For details on how to apply this update, which includes the changes described inthis advisory, refer to:https://access.redhat.com/articles/11258Applications acting as a SPICE server must be restarted for this update to takeeffect. Note that QEMU-KVM guests providing SPICE console access must berestarted for this update to take effect.Red Hat Enterprise Linux Desktop (v. 6) SRPMS: spice-server-0.12.4-13.el6.1.src.rpm     MD5: b3f8e98369ffe2a12871cd096454d076SHA-256: d8bb9d53f30bfacd83374c41373aecf1f22b7a044e118905fc1fb820f95bf2c6   x86_64: spice-server-0.12.4-13.el6.1.x86_64.rpm     MD5: 14c5132e7ecc548d4127a1b9da1f0538SHA-256: 9dc528a7ff0e61ffe9504c2e633ece38c2c0f7656fbf6b5907195c07527ec737 spice-server-debuginfo-0.12.4-13.el6.1.x86_64.rpm     MD5: 9947e8c8707408bafe91ed327503ac5dSHA-256: 030067f06dc95f77a27d33428296c3e6febad54c3cf6cb5d3909d0da502ed9f5 spice-server-devel-0.12.4-13.el6.1.x86_64.rpm     MD5: 79d4a4d9c28a657b5df42c6424664255SHA-256: 5ca731677bebd967f6d9d356e37aeb822ee5202243c37eaa23249bd42d26c042   Red Hat Enterprise Linux HPC Node (v. 6) SRPMS: spice-server-0.12.4-13.el6.1.src.rpm     MD5: b3f8e98369ffe2a12871cd096454d076SHA-256: d8bb9d53f30bfacd83374c41373aecf1f22b7a044e118905fc1fb820f95bf2c6   x86_64: spice-server-0.12.4-13.el6.1.x86_64.rpm     MD5: 14c5132e7ecc548d4127a1b9da1f0538SHA-256: 9dc528a7ff0e61ffe9504c2e633ece38c2c0f7656fbf6b5907195c07527ec737 spice-server-debuginfo-0.12.4-13.el6.1.x86_64.rpm     MD5: 9947e8c8707408bafe91ed327503ac5dSHA-256: 030067f06dc95f77a27d33428296c3e6febad54c3cf6cb5d3909d0da502ed9f5 spice-server-devel-0.12.4-13.el6.1.x86_64.rpm     MD5: 79d4a4d9c28a657b5df42c6424664255SHA-256: 5ca731677bebd967f6d9d356e37aeb822ee5202243c37eaa23249bd42d26c042   Red Hat Enterprise Linux Server (v. 6) SRPMS: spice-server-0.12.4-13.el6.1.src.rpm     MD5: b3f8e98369ffe2a12871cd096454d076SHA-256: d8bb9d53f30bfacd83374c41373aecf1f22b7a044e118905fc1fb820f95bf2c6   x86_64: spice-server-0.12.4-13.el6.1.x86_64.rpm     MD5: 14c5132e7ecc548d4127a1b9da1f0538SHA-256: 9dc528a7ff0e61ffe9504c2e633ece38c2c0f7656fbf6b5907195c07527ec737 spice-server-debuginfo-0.12.4-13.el6.1.x86_64.rpm     MD5: 9947e8c8707408bafe91ed327503ac5dSHA-256: 030067f06dc95f77a27d33428296c3e6febad54c3cf6cb5d3909d0da502ed9f5 spice-server-devel-0.12.4-13.el6.1.x86_64.rpm     MD5: 79d4a4d9c28a657b5df42c6424664255SHA-256: 5ca731677bebd967f6d9d356e37aeb822ee5202243c37eaa23249bd42d26c042   Red Hat Enterprise Linux Workstation (v. 6) SRPMS: spice-server-0.12.4-13.el6.1.src.rpm     MD5: b3f8e98369ffe2a12871cd096454d076SHA-256: d8bb9d53f30bfacd83374c41373aecf1f22b7a044e118905fc1fb820f95bf2c6   x86_64: spice-server-0.12.4-13.el6.1.x86_64.rpm     MD5: 14c5132e7ecc548d4127a1b9da1f0538SHA-256: 9dc528a7ff0e61ffe9504c2e633ece38c2c0f7656fbf6b5907195c07527ec737 spice-server-debuginfo-0.12.4-13.el6.1.x86_64.rpm     MD5: 9947e8c8707408bafe91ed327503ac5dSHA-256: 030067f06dc95f77a27d33428296c3e6febad54c3cf6cb5d3909d0da502ed9f5 spice-server-devel-0.12.4-13.el6.1.x86_64.rpm     MD5: 79d4a4d9c28a657b5df42c6424664255SHA-256: 5ca731677bebd967f6d9d356e37aeb822ee5202243c37eaa23249bd42d26c042   (The unlinked packages above are only available from the Red Hat Network) These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from: