Event Related

  • ShmooCon 2012 Updates, Videos, Slides and Presentation
    • Five Ways We’re Killing Our Own Privacy – scribd.com/doc
      Slides from ShmooCon and Firetalks Presentation
    • Attacking Prox Card Systems – opensecurityresearch.com
      Slides and Code from Brad Antoniewicz’s awesome talk on Attacking Prox Card Systems
    • Shmoocon 2012 – tombom.co.uk
      In the absence of an “official” download link for these so far (although I’m sure they’ll be up on the Shmoocon page soon enough), my slides from Shmoocon this year. Seems it got a little press coverage and a whole bunch of attention on Twitter, so I figured I should get these out ASAP.
    • RFCAT released! – atlas.r4780y.com
      I should probably post *new* slides here within a week. Subscribe to the rss feed to be notified when I post them. I’m going to see if I can’t nail down a few more details that were bugging me on the demo’s, and actually talk to the insulin pump.
    • Changes to Apple MDM for iOS 5.x – intrepidusgroup.com
      I presented an updated talk on Apple’s iOS MDM system at ShmooCon 8. I had a great time, and really enjoyed all the questions and nice comments I received afterwards. I thought I’d mention a couple of the changes that iOS 5 provide.
    • ShmooCon 2012 FireTalks – Update 7 (Videos from Friday) – novainfosecportal.com
      This post is dedicated to the talks on Friday night. Thanks to Bulb Security and IronGeek for recording and processing the videos so fast!
    • Georgia Weidman’s videos – vimeo.com
    • Hacker’s Demo Shows How Easily Credit Cards Can Be Read Through Clothes And Wallets – forbes.com
      Pull out your credit card and flip it over. If the back is marked with the words “PayPass,” “Blink,” thattriangle of nested arcs that serves as the universal symbol for wireless data or a few other obscure icons, Kristin Paget says it’s vulnerable to an uber-stealthy form of pickpocketing.
  • Education and Information Sharing Top Priority at 2012 DoD Cyber Crime Conference – blog.mandiant.com
    This was my first time heading to the DoD Cyber Crime Conference in Atlanta. The DoD Cyber Crime Center (DC3) hosts the conference every year. DC3first started as a resource for DoD and Law Enforcement and has grown over the years to include many different organizations that work together to combat Cyber Crime.

Resources

  • DatabaseAndroidMalwares – code.google.com
  • {book review} The Tangled Web – blog.c22.cc
    The Tangled Web is split into 3 parts, starting off with a concise walk-through of the underlying technologies of the web. Unlike so many other books that take for granted that the reader is already up to par on the backstory, Zalewski takes the time to really dig deep into the tools, protocols and RFCs that run the modern web.
  • (IN)SECURE Magazine Issue #33 Released – net-security.org
    (IN)SECURE Magazine is a freely available digital security magazine discussing some of the hottest information security topics.

Tools

  • Keychain Dumper Updated for iOS 5 – labs.neohapsis.com
    I’ve received a few issue submissions on github regarding various issues people have had getting Keychain Dumper to work on iOS 5. I meant to look into it earlier, but I was not able to dedicate any time until this week. Besides a small update to the Makefile to make it compatible with the latest SDK, the core issue seemed to have something to do with code signing.
  • An Update on Android.Counterclank – symantec.com
    Last week, we posted a blog informing Android users of the discovery of new versions of Android.Tonclank, which we have named Android.Counterclank. The blog generated a bit of discussion over whether these new versions should be a concern to Android users.
  • UPDATE: inSSIDer v2.1.0.1379! – metageek.net
    inSSIDer is an award-winning free, open-source Wi-Fi network scanner for Windows Vista andWindows XP. Because NetStumbler doesn’t work well with Vista and 64-bit XP, the authors built an open-source Wi-Fi network scanner designed for the current generation of Windows operating systems.
  • Passware claims FileVault 2 can be cracked in under an hour, sells you the software to prove it – engadget.com
    Lunch hours may never feel safe again. That is, if you have a Mac running Lion / FileVault 2, like leaving your computer around, or have unscrupulous colleagues. Data recovery firm Passware claims its “Forensic” edition software can decrypt files protected by FileVault 2 in just 40 minutes — whether it’s “letmein” or “H4x0rl8t0rK1tt3h” you chose to stand in its way.

Techniques

  • Windows Loader and ASLR on Binaries – marcoramilli.blogspot.com
    Summing up for newer readers, Windows Loader looks for a specific FLAG into the PE Header. In the PE Header, specifically in the IMAGE_OPTIONAL_HEADER section there is a flag called DLL Characteristics that defines many features for the executable during its loading time, 1 of them being ASLR.
  • x64 Windows Shellcode – blog.didierstevens.com
    Last year I found great x64 shellcode for Windows on McDermott’s site. Not only is it dynamic (lookup API addresses), but it even handles forwarded functions.
  • Ubertooth: Bluetooth Address Breakdown – intrepidusgroup.com
    The IG crew is just heading back from ShmooCon, which reminds me of last year’s awesome talk on the Ubertooth One. Intrepidus backed the kickstarter project and, as promised, got 2 Ubertooths. We recently started playing with it, and have a couple of tips and a supplementary script.

Vendor/Software Patches

  • Android and Security – googlemobile.blogspot.com
    The last year has been a phenomenal one for the Android ecosystem. Device activations grew 250% year-on-year, and the total number of app downloads from Android Market topped 11 billion. As the platform continues to grow, we’re focused on bringing you the best new features and innovations – including in security.

Vulnerabilities

Other News

  • US officials say cyber crimes will overtake terrorism as top threat – slashgear.com
    Just as authentication service VeriSign admitted it has been hit by very strong hacking attacks a couple years ago, US officials have revealed that computer crimes will be more of a threat to the country than terrorism. VeriSign is an example of how cyber attacks can affect tens of millions of civilians, but government offices are also the target of malicious hackers.
  • Verisign hacked, data stolen – scmagazine.com.au
    Verisign has admitted it was hacked repeatedly in 2010 and could not pin down what data was stolen.
  • Half of Fortune 500 firms infected with DNS Changer – computerworld.com
    Half of all Fortune 500 companies and major U.S. government agencies own computers infected with the “DNS Changer” malware that redirects users to fake websites and puts organizations at risk of information theft, a security company said today.