I will admit there is limited spacing, we rented the entire second floor of the Hyatt and tickets will go fast.
- new hacker con, hell of speaker list: DerbyCon – reddit.com
- Derbycon Teaser Video and website launch date announced – secmaniac.com
ShmooCon CTF Warmup 2011 – cylab.cmu.eduA couple of PPP members (awesie, tylerni7) participated in the ShmooCon CTF Warmup. It was lots of fun and awesie got the prize! We also figured we should post a write-up for #3.
- Ubertooth video and news – ossman.blogspot.com
This will be a longer presentation telling the complete story of the development of Project Ubertooth and demonstrating new capabilities of the platform (hopefully with working Ubertooth One prototypes).
- How To Deploy IPv6 Securely – readwriteweb.com
The number of available IPv4 addresses is expected to run out in less than a year, as we’ve reported before.
- MobileSubstrate wiki – iphonedevwiki.net
MobileSubstrate consists of 3 major components: MobileHooker, MobileLoader and safe mode.
- SSL Diagnos is used to get information about SSL usage – sourceforge.net/projects/ssldiagnos/
It can also be used for testing and rating ciphers on SSL clients. It has also specific support for pop3s, sip, smtp and explicit ftps.
- Nessus Viewer v1.0.0 released – vulnerabilitydatabase.com
Nessus Viewer enables IT Security auditors and penetration testers to quickly navigate inside Nessus reports by sorting and filtering each entry.
- R-U-Dead-Yet Version 2.1 – chaptersinwebsucirity.blogspot.com
The forms and their post action url’s are now parsed correctly. So here comes v2.1 with the bug fix.
- Windows UAC Bypass now in Metasploit! – secmaniac.com
The Windows UAC bypass was committed to the Metasploit Framework today.
- Flash Player Sandbox bypass
Unfortunately, these restrictions are not the same as, “cannot communicate with the network in any way” which is what is stated in the documentation.
- Metasploit SAP Management Console AUX Modules – blog.c22.cc
I see no ethical issue in releasing the information gathering modules that take advantage of this bug, as quite honestly, anybody with an SAP system and tcpdump could find this in a few minutes.
- Apple releases Mac OS X 10.6.6 update – h-online.com
Apple has now posted its detailed About the Mac OS X v10.6.6 Update knowledge base article.
- Dell Acquisition of Secureworks
Dell announced they are acquiring SecureWorks, the MSSP, for an undisclosed sum.
- Car Theft thru hacking
Car thieves of the future might be able to get into a car and drive away without forced entry and without needing a physical key.
- US revamps science, technology standard-setting efforts – networkworld.com
The NIST has been given new marching orders: expand work with the private sector to develop standards for a range of key technologies such as cloud computing, emergency communications and tracking, green manufacturing and high performance green building construction.
- Researchers Hack Internet Enabled TVs, Discover Multiple Security Vulnerabilities – securityweek.com
Security researchers have discovered several security flaws in one of the best-selling brands of Internet-connected HDTVs, and believe it’s likely that similar security flaws exist in other Internet TVs.
- Researcher Develops Password Hacking Software for Wi-Fi Networks Using Amazon Web Services – readwriteweb.com
A researcher has developed software for breaking password protections used for wireless networks.