Events Related

  • The Security Summer Camp Talks I Want To See… – jerrygamblin.com
    I took some time tonight and read through the Security Summer Camp (BSidesLV, Blackhat and Defcon) schedules and picked the talks from this year that I think will be the best and that I do not want to miss.
  • BlackHat/Def Con/BSides Talk Picks for 2016 – room362.com
    Each year I make up a list the week before Blackhat and Def Con of talks that I “can’t miss” and some that I want to see (and use it for video watching afterwards for those I missed). This year I thought I would share that list here. I will be breaking them down by each day of the events by time slot.

Resources

  • NIST SP 800-183: Network of Things – firmwaresecurity.com
    System primitives allow formalisms, reasoning, simulations, and reliability and security risk-tradeoffs to be formulated and argued. In this work, five core primitives belonging to most distributed systems are presented. These primitives apply well to systems with large amounts of data, scalability concerns, heterogeneity concerns, temporal concerns, and elements of unknown pedigree with possible nefarious intent.

Techniques

  • Reverse Engineering the TP-Link HS110 – www.softscheck.com
    The TP-Link HS110 Wi-Fi is a cloud-enabled power plug that can be turned on and off remotely via app and offers energy monitoring and scheduling capabilities. As part of ongoing research into Internet of Things security, we performed a security analysis by reverse engineering the device firmware and Android app, sniffing app-to-device and device-to-app communications and fuzzing the proprietary protocols being used.

Vulnerabilities

Other News

  • NIST declares the age of SMS-based 2-factor authentication over – techcrunch.com
    2-factor authentication is a great thing to have, and more and more services are making it a standard feature. But one of the go-to methods for sending 2FA notifications, SMS, is being left in the dust by the National Institute of Standards and Technology.