Security Vulnerabilities

/Security Vulnerabilities

Week 43 In Review – 2016

Events Related
I’m back to Luxembourg for a new edition of In fact, I arrived yesterday afternoon to attend the MISP summit. It was a good opportunity to meet MISP users and to get fresh news about the project. 2016 Wrap-Up Day #1 – 2016 Wrap-Up Day #2 – 2016 Wrap-Up […]

Week 42 In Review – 2016


Published “SecDevOps Risk Workflow” Book (v0.57) –
I just published version v0.57 of the (previously called) Jira Risk Workflow book.


These 60 dumb passwords can hijack over 500,000 IoT devices into the Mirai botnet –
Mirai has become infamous in recent weeks after blasting the website of security blogger Brian Krebs off the internet with a […]

Week 41 In Review – 2016

Events Related

GrrCON 2016 Videos –
These are the videos of the presentations from GrrCON 2016.

Videos from the DHS Cyber Security Division (CSD) workshop earlier this year –
Here are a couple of links to the Department of Homeland Security (DHS) Cyber Security Division (CSD) showcase earlier this year. They did a great job of […]

Week 38 In Review – 2016

Events Related

BSides Augusta 2016 Videos –
These are the videos from the BSides Augusta conference.


Long Secret Stingray Manuals Detail How Police Can Spy On Phones –
The Intercept has obtained several Harris instruction manuals spanning roughly 200 pages and meticulously detailing how to create a cellular surveillance dragnet.


Reprogramming the Defcon 24 badge –
The Defcon 24 […]

Week 37 In Review – 2016


House of Keys: 9 Months later… 40% Worse –
In our initial study we analyzed SSH host key use as well. Unfortunately there is no recent scan data on SSH host keys available (however there is a ticket over at the awesome ZMap project).


FaceWhisperer –
FaceWhisperer is a hardware add-on for the ChipWhisperer side-channel analysis tool, for […]

Week 36 In Review – 2016


WiFi-Pumpkin –
Framework for Rogue Wi-Fi Access Point Attack

Python tools for penetration testers –
Python tools for penetration testers

Nmap 7.25BETA2 Birthday Release –
Nmap 7.25BETA1 includes dozens of performance improvements, bug fixes, and new features.


Meet USBee, the malware that uses USB drives to covertly jump airgaps –
The USBee—so named because […]

Week 35 In Review – 2016


DEF CON 24 Wireless Monitoring Services –
One of the frequent things you hear leading up to DEF CON is that it is the most dangerous network in the world. Ask anyone, and they’ll tell you that if you don’t lock down your devices you will get pwn’d. I wanted to know if […]

Week 34 In Review – 2016

Events Related

Impressions From DEF CON 24: The Machines Are Rising –
DEF CON 24, the world’s largest hacker conference, ended Aug. 7, and I must say I enjoyed every moment of it. There was so much to see in so little time; I definitely regret missing some great stuff that happened. Even so, I […]

Week 33 In Review – 2016

Events Related

DefCon Event
Council of 9 ventured forth to DEFCON 24 to compete in this year’s badge challenge, brought to us each year by 1o57. There was determination among the team to win at DC24 to ensure that last year’s win was not a fluke. After many sleepless nights in Vegas, we emerged victorious for a […]

Week 32 In Review – 2016

Events Related

DARPA’s Cyber Grand Challenge: Early Highlights from the Competition –
Early highlights from the world’s first all-machine hacking tournament, DARPA’s Cyber Grand Challenge (CGC). This computer security competition featured seven High Performance Computers as competitors. CGC took place on Thursday, August 4, 2016.

Building the Workforce through Cybersecurity Competitions –
The National Science […]