Infosec Weekly Round-up November 12-18, 2012

Dumping Domain Password Hashes Using Metasploit (ntds_hashextract.rb)

“The ntds_hashextract.rb script is a standalone tool that can be used to quickly and efficiently extract Active Directory user account password hashes from the exported datatable of an NTDS.dit database. As it turns out, exporting the datatable can sometimes be tricky so here is a detailed tutorial covering the methodology that I use and continue to have success with.”

http://www.pentestgeek.com/2012/11/16/dumping-domain-password-hashes-using-metasploit-ntds_hashextract-rb/

8 Most Common VoIP Internet Security Threats

VoIP (Voice over Internet Protocol) is a popular technology because it offers a variety of benefits traditional phones do not.  The benefits include cost savings, video calls, ability to simultaneously transfer files, and use text based communication when needed.  Unfortunately, there are a number of Internet security risks consumers must be aware of as well.

http://www.icciev.com/1/post/2012/11/8-most-common-voip-internet-security-threats.html

Proof-of-concept malware can share USB smart card readers with attackers over Internet

A team of researchers have created a proof-of-concept piece of malware that can give attackers control of USB smart card readers attached to an infected Windows computer over the Internet. The malware installs a special driver on the infected computer which allows for the USB devices connected to it to be shared over the Internet with the attacker’s computer.

http://m.itworld.com/security/315765/proof-concept-malware-can-share-usb-smart-card-readers-attackers-over-internet

New variant of Mac Trojan discovered, targeting Tibet

It’s true to say that there’s a lot lot less malware in existence for Macs than there is for Windows PCs. But that doesn’t mean that it doesn’t exist at all.

http://nakedsecurity.sophos.com/2012/11/13/new-mac-trojan/

Malware Targeting Windows 8 Uses Google Docs

Initially, I thought that Backdoor.Makadocs was a simple and typical back door Trojan horse. It receives and executes commands from a command-and-control (C&C) server and it gathers information from the compromised computer including the host name and the operating system type. Interestingly, the malware author has also considered the possibility that the compromised computer could be running Windows 8 or Windows Server 2012.

http://www.symantec.com/connect/blogs/malware-targeting-windows-8-uses-google-docs

That’s all for this week, if you have more information security news please to share them with our readers by sending emails or using the contact form.

Share