Events Related

  • GrrCON 2016 Videos – irongeek.com
    These are the videos of the presentations from GrrCON 2016.

Tools

Techniques

  • Building an IoT Botnet: BSides Manchester 2016 – www.mdsec.co.uk
    In August, @MDSecLabs delivered a talk at the Manchester BSides titled “Breaking and Entering, Hacking Consumer Security Systems”. The talk outlined research that we had performed in to the security (or lack of), of many IoT devices, specifically consumer security systems such as IP Cameras, DVRs, CCTV and Smart Home Security kits.
  • DMA attacking over USB-C and Thunderbolt 3 – blog.frizk.net
    I just got an Intel NUC Skull Canyon that has an USB-C port capable of Thunderbolt 3. Thunderbolt is interesting since it’s able to carry PCI Express which is Direct Memory Access (DMA) capable. I have previously demonstrated how it is possible to DMA-attack macs over Thunderbolt 2 in my DEF CON talk “Direct Memory Attack the Kernel”.

Vulnerabilities

  • Johnson & Johnson discloses that its insulin pump is hackable – thestack.com
    Johnson & Johnson has revealed that its J&J Animas OneTouch Ping insulin pump is vulnerable to hackers, who could potentially force the device to overdose diabetic patients – however, it declares that the risk of this happening is very low.

Other News

  • Feds Charge Two In Lizard Squad Investigation – krebsonsecurity.com
    The U.S. Justice Department has charged two 19-year-old men alleged to be core members of the hacking groups Lizard Squad and PoodleCorp. The pair are charged with credit card theft and operating so-called “booter”or “stresser” services that allowed paying customers to launch powerful attacks designed to knock Web sites offline.