Events Related

Resources

Techniques

  • Reprogramming the Defcon 24 badge – diyevil.com
    The Defcon 24 badge is built around a Intel Quark D2000 microcontroller processor, and contains 5 LEDs and 8 buttons. By default, it is programmed to occasionally blink in a few different patterns, and spit out some encoded phrases via serial.
  • How I gained access to TMobile’s national network for free – medium.com
    One Friday night, I was sitting around pretending to be fine having absolutely nothing to do. I had a TMobile prepaid SIM on a spare phone with no active service, so I came up with a fun challenge: could I somehow get access to the internet without a data plan?
  • Reverse Engineering Cisco ASA for EXTRABACON Offsets – zerosum0x0.blogspot.com
    One of the zero-day vulnerabilities released was a remote code execution in the Cisco Adaptive Security Appliance (ASA) device. The Equation Group’s exploit for this was named EXTRABACON. Cisco ASAs are commonly used as the primary firewall for many organizations, so the EXTRABACON exploit release raised many eyebrows.

Vulnerabilities

  • Hands-on: Blue Hydra can expose the all-too-unhidden world of Bluetooth – arstechnica.com
    Blue Hydra is intended to give security professionals a way of tracking the presence of traditional Bluetooth, BTLE devices, and BTLE “iBeacon” proximity sensors. But it can also be connected to other tools to provide alerts on the presence of particular devices.

Other News

  • NIST Unveils a Cybersecurity Self-Assessment Tool – www.bankinfosecurity.com
    Known as the Baldrige Cybersecurity Excellence Builder, the self-assessment tool is based on the Baldrige Performance Excellence Program and the risk management mechanisms of NIST’s cybersecurity framework. The Baldrige Performance Excellence Program, like the cybersecurity framework, is designed to help organizations worldwide guide their operations, improve performance and achieve sustainable results.