- OWASP AppSec California 2016 – www.youtube.com
- SyScan360 Singapore 2016 slides and exploit code – reverse.put.as
The exploit for the bug I presented last March at SyScan360 is today one year old so I decided to release it. I wasn’t sure if I should do it or not since it can be used in the wild but Google Project Zero also released a working version so it doesn’t really make a difference.
- Verizon’s 2016 Data Breach Investigations Report – www.verizonenterprise.com
For the ninth time, the 2016 Data Breach Investigations Report (DBIR) lifts the lid on what’s really happening in cybersecurity. The 2016 dataset is bigger than ever, examining over 100,000 incidents, including 2,260 confirmed data breaches across 82 countries.
- RouterSploit – github.com
The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices.
- Building a Home Lab to Become a Malware Hunter – A Beginner’s Guide – www.alienvault.com
As time goes by, criminals are developing more and more complex methods of obscuring how their malware operates, making it increasingly difficult to detect and analyze. The list of tactics used is seemingly endless and can include obfuscation, packers, executing from memory with no file drop, and P2P botnet architecture with frontline command and control servers (C2s) and gateways being compromised websites.
- Hacking Mattermost: From Unauthenticated to System Admin – haxx.ml
Mattermost is an “open source, self-hosted Slack-alternative”, which basically means that it’s a real-time messaging solution for teams and enterprises that you host yourself. It’s written in the Go programming language, which was a new experience for me as I had not looked at any Go apps before this.
- Jailbreaking the Microsoft fitness band – www.b0n0n.com
So first, we need to figure out some of the basic behaviours of the fitness band, like how it upgrades firmware, uploads user status etc. Luckily the client is just a windows binary, so we don’t need to set up environment to reverse the Android app or IOS app.
- The road to hell is paved with SAML Assertions – www.economyofmechanism.com
A vulnerability in Microsoft Office 365 SAML Service Provider implementation allowed for cross domain authentication bypass affecting all federated domains. An attacker exploiting this vulnerability could gain unrestricted access to a victim’s Office 365 account, including access to their email, files stored in OneDrive etc.
- Practical Reverse Engineering Part 2 – Scouting the Firmware – jcjc-dev.com
This first overview of the system is easy to access, doesn’t require expensive tools and will often yield very interesting results. If you want to do some hardware hacking but don’t have the time to get your hands too dirty, this is often the point where you stop digging into the hardware and start working on the higher level interfaces: network vulnerabilities, ISP configuration protocols, etc.
- Active drive-by exploits critical Android bugs, care of Hacking Team – arstechnica.com
The attack combines exploits for at least two critical vulnerabilities contained in Android versions 4.0 through 4.3, including an exploit known as Towelroot, which gives attackers unfettered “root” access to vulnerable phones.
- Spotify User Details Hacked
A list containing hundreds of Spotify account credentials – including emails, usernames, passwords, account type and other details – has popped up on the website Pastebin, in what appears to be a possible security breach. After reaching out to a random sampling of the victims via email, we’ve confirmed that these users’ Spotify accounts were compromised only days ago. However, Spotify says that it “has not been hacked” and its “user records are secure.”
- If you use Waze, hackers can stalk you – fusion.net
Researchers at the University of California-Santa Barbara recently discovered a Waze vulnerability that allowed them to create thousands of “ghost drivers” that can monitor the drivers around them—an exploit that could be used to track Waze users in real-time.
- Malory Isn’t the Only Imposter in Infosec – mumble.org.uk
So a tweet by Dr. Jessica Barker about imposter syndrom in infosec got me replying about how I’ve had imposter syndrome a bunch. Perhaps no more and no less than anyone else, we’ll see, but I said I’d write it up as the tweets was not ideal for it.