Tenable Network Security Podcast Episode 197 - "Telephony DoS, MediaWiki Vulnerabilities"

Announcements

• We're hiring! - Visit the Tenable website for more information about open positions.
• Want to ask questions about Nessus, PVS, SecurityCenter, and LCE, and get answers from the experts at Tenable? Join the Tenable Discussions Forum for custom scripts, announcements, and more!
• You can find links to subscribe to Tenable's Podcast feed, YouTube Channel, Twitter, and Facebook accounts at http://www.tenable.com/podcast!

Discussion & Highlighted Plugins

• Telephony DoS - I read an interesting article that detailed an attack that used a combination of social engineering and a DoS attack against your phone system. The attacker calls the victim and asks about unpaid debt. Whether you have debt or not, the attacker insists on payment. If you refuse, a DoS attack is launched against your phone systems using a combination of cheap labor and VoIP phones. Interesting how one defends against this attack.
• MediaWiki Vulnerability - There are actually two vulnerabilities in MediaWiki versions < 1.19.11 / 1.21.5 / 1.22.2. Yikes, this is widely deployed software, according to the reports from Checkpoint "Wikipedia.org is the sixth most-visited web site in the world, with over 94 million unique visitors per month and almost 2 million sites linking to it." This is a vulnerability to seek out and patch in your own environment. Who knows who may have installed this software and forgotten about it, giving attackers a foothold in your network? The two features that suffer from the vulnerability are not enabled by default, though I am unclear exactly which features these relate to. I've run MediaWiki for about 5 years, done several upgrades, and they are pretty painless.

Nessus

Passive Vulnerability Scanner

SecurityCenter Apps

Dashboards

Reports

Security News Stories

1. SC Magazine Reviews SecurityCenter Continuous View - 5 Stars Across the Board
2. A fine mess: Global data breach legislation
3. Vulnerability Top Ten Executive Report
4. Passive Vulnerability Scanner (PVS) 4.0.1 Now Available
5. Leveraging Logins and Login Failures to Track Insiders
6. How I Lost My $50,000 Twitter Username | Medium
7. A chain is only as strong as its weakest link - DNS Hijack Monitoring | Corelan Team
8. Reversing the WRT120N's Firmware Obfuscation | /dev/ttyS0
9. RFKiller/mass-deauth | GitHub
10. DanMcInerney/wifijammer | GitHub
11. SecUpwN/Android-IMSI-Catcher-Detector | GitHub
12. Target Hackers Broke in Via HVAC Company
13. Installing Nessus on Kali Linux and Doing a Credentialed Scan
14. JavaScript: the one true language
15. Exploring the Telephony Denial of Service (TDoS)
16. Mind Streams of Information Security Knowledge: A Peek Inside a Customer-ized API-enabled DIY Online Lab for Generating Multi-OS Mobile Malware | Dancho Danchev's Blog
17. Mobile Malware Captures Keystrokes and Screengrabs | Threatpost
18. Nest Team Will Become Google's Core Hardware Group
19. Only Your Heartbeat Can Unlock This Bitcoin Wallet
20. Wikipedia Remote Execution Vulnerability Patched | Threatpost
21. Details Emerge on Latest Adobe Flash Zero-Day Exploit
22. Rare Twitter username 'stolen' | In2EastAfrica
23. Target Hackers Used Stolen Vendor Credentials
24. Chewbacca Attack Hits Shops In 11 Nations
25. US Hotels Look Into Data Security Breach
26. The Government Wants Our Cars To Talk To Each Other
27. Windows XP Support Cut-Off Could Lead To Spam Boom
28. 800,000 Orange France Customers Face Cyberattack