Security Vulnerabilities

/Security Vulnerabilities

Week 49 In Review – 2016

Events Related

BSidesLV –
Recordings of Security BSides Las Vegas sessions, selected sessions of sister conferences and other Information Security related educational materials.

BotConf 2016
This is already the fourth edition of the Botconf security conference, fully dedicated to fighting malware and botnets. Since the first edition, the event location changed every year and it allowed me to visit […]

Week 48 In Review – 2016

Events Related

Kiwicon X –


Curl Security Audit –
I asked for, and we were granted a security audit of curl from the Mozilla Secure Open Source program a while ago. This was done by Mozilla getting a 3rd party company involved to do the job and footing the bill for it.

CVE-2016-7098 –
“GNU Wget is a […]

Week 47 In Review – 2016

Events Related

BSides DC 2016 – Opening –
Alex Norman does what Alex Norman does best. Open the con. Inspirational, motivational and most importantly… short.

AppSecUSA 2016 –
Recordings from AppSecUSA 2016 in Washington, DC

Highlights from the O’Reilly Security Conference in Amsterdam 2016 –
Watch highlights covering security, defense, tools, and more. From the […]

Week 46 In Review – 2016


Security Conference –
Speaker slides & videos


Nintendo Classic Mini Family Talk of computer contents –
As the person who disassembled it released before it was released. Interest in contents has been increased, but in this article I would like to drill down to a bit more detail.

When CSI meets public wifi: Inferring […]

Week 45 In Review – 2016


Ruxcon –
Presentation Slides from Ruxcon Australia

BlackHat Europe 2016 –


Kerberoasting Without Mimikatz –
Thanks to an awesome PowerView pull request by @machosec, Kerberoasting is easier than ever using pure PowerShell. I wanted to briefly cover this technique and its background, how we’ve been using it recently, and a few awesome new developments.

Bypassing Two-Factor Authentication […]

Week 44 In Review – 2016

Events Related

Charlie Miller Keynote, Automotive Security: A Hacker’s Eye View –
The security of today’s vehicles involves many moving parts, but while manufactures take a majority of the blame, multiple parties contribute to the security debt in today’s vehicle ecosystem. This keynote takes a deep dive into automotive security, current attacks and vulnerabilities, and […]

Week 43 In Review – 2016

Events Related
I’m back to Luxembourg for a new edition of In fact, I arrived yesterday afternoon to attend the MISP summit. It was a good opportunity to meet MISP users and to get fresh news about the project. 2016 Wrap-Up Day #1 – 2016 Wrap-Up Day #2 – 2016 Wrap-Up […]

Week 42 In Review – 2016


Published “SecDevOps Risk Workflow” Book (v0.57) –
I just published version v0.57 of the (previously called) Jira Risk Workflow book.


These 60 dumb passwords can hijack over 500,000 IoT devices into the Mirai botnet –
Mirai has become infamous in recent weeks after blasting the website of security blogger Brian Krebs off the internet with a […]

Week 41 In Review – 2016

Events Related

GrrCON 2016 Videos –
These are the videos of the presentations from GrrCON 2016.

Videos from the DHS Cyber Security Division (CSD) workshop earlier this year –
Here are a couple of links to the Department of Homeland Security (DHS) Cyber Security Division (CSD) showcase earlier this year. They did a great job of […]

Week 38 In Review – 2016

Events Related

BSides Augusta 2016 Videos –
These are the videos from the BSides Augusta conference.


Long Secret Stingray Manuals Detail How Police Can Spy On Phones –
The Intercept has obtained several Harris instruction manuals spanning roughly 200 pages and meticulously detailing how to create a cellular surveillance dragnet.


Reprogramming the Defcon 24 badge –
The Defcon 24 […]