Events Related


    GRASSMARLIN provides IP network situational awareness of industrial control systems (ICS) and Supervisory Control and Data Acquisition (SCADA) networks to support network security.


  • Secure Rom extraction on iPhone 6s –
    Secure ROM, also knows as bootrom, is the very first piece of software that a CPU will run in order to get initialized, and run find a way to boot on the next stage. This same ROM, in a trusted environment, could verify the signature of the next stages it loads, in order to check its integrity.
  • Research Diary: Bluetooth. Part 2 –
    Recently we posted first part of our Bluetooth research diary. Today, we want to continue on that topic and tell you about Bluetooth proxying and packet replay with a new tool.
  • Passwordreq No – A hacker prospective –
    I was having one of those moments in a recent conversation on the NoVA Hackers mailing list. The question came up as to what effect “Password Required: No” means in a net user UserName is.


  • Tesco Bank cyber attack involved guesswork, study claims –
    A team of academics claims an unsophisticated type of cyber attack that exploits “flaws” in the Visa card payment system was probably used to defraud Tesco Bank customers of £2.5m last month.
  • New Kit, Same Player: Top 10 Vulnerabilities Used by Exploit Kits in 2016 –
    According to updated Recorded Future analysis, Adobe (Flash Player) and Microsoft products (Internet Explorer, Silverlight, Windows) continue to provide the primary avenue of access for criminal exploit kits. While nation-state targeting of political efforts has dominated information security headlines in 2016, criminals continue to deliver ransomware and banking trojans using new exploit kits targeting new vulnerabilities.
  • Yahoo fixes flaw allowing an attacker to read any user’s emails –
    Yahoo has fixed a severe security vulnerability in its consumer email service that could have allowed an attacker to read a victim’s email inbox. The cross-site scripting (XSS) attack only required a victim to view an email in Yahoo Mail.
  • Multiple Netgear routers are vulnerable to arbitrary command injection –
    Netgear R7000, firmware version and possibly earlier, and R6400, firmware version and possibly earlier, contain an arbitrary command injection vulnerability. By convincing a user to visit a specially crafted web site, a remote unauthenticated attacker may execute arbitrary commands with root privileges on affected routers.

Other News

  • American And British Spy Agencies Targeted In-Flight Mobile Phone Use –
    In the trove of documents provided by former National Security Agency contractor Edward Snowden is a treasure. It begins with a riddle: “What do the President of Pakistan, a cigar smuggler, an arms dealer, a counterterrorism target, and a combatting proliferation target have in common? They all used their everyday GSM phone during a flight.”