Security Vulnerabilities

/Security Vulnerabilities

Week 34 In Review – 2015

Events Related

DEFCON
This year marked the 23rd DefCon, the hacker conference that began as an informal gathering for hackers to meet in person and party in the desert.

Imploding Barrels and Other Highlights From Hackfest DefCon – www.wired.com
I spent the week with over 20,000 hackers in Las Vegas — here’s what I saw – www.techinsider.io
Here is how […]

Week 33 In Review – 2015

Events Related

Kaminsky Creates Clickjacking-Killer – www.darkreading.com
Renowned security expert Dan Kaminsky here this week unveiled his latest project: a solution to eradicate so-called clickjacking attacks that plague the Web.

9th USENIX Workshop on Offensive Technologies – www.usenix.org

Black Hat USA 2015 Highlights – www.tripwire.com
The 18th annual Black Hat USA conference gathered thousands of professionals, researchers and enthusiasts to discuss […]

Week 32 In Review – 2015

Events Related

Black Hat USA 2015

From The Black Hat Keynote Stage: Jennifer Granick – www.darkreading.com
Recap of Black Hat 2015, Day 1 – www.webroot.com

DEF CON 23 (2015)

DEFCON Talk Slides – colinoflynn.com
DEF CON 23 presentations/Speaker & Workshop Materials – media.defcon.org

Resources

Certifi-gate: Hundreds of Millions of Android Devices Could Be Pwned – blog.checkpoint.com
Check Point today released details about Certifi-gate, a […]

Week 31 In Review – 2015

Events Related

Infiltrate 2015 – vimeo.com

BSides Cincinnati 2015 Videos – www.irongeek.com

BSides Las Vegas 2015 Videos – www.irongeek.com

Resources

Workshop2015 – github.com
radare2 framework

Tools

Releasing jsfunfuzz and DOMFuzz – www.squarefree.com
Today I’m releasing two fuzzers: jsfunfuzz, which tests JavaScript engines, and DOMFuzz, which tests layout and DOM APIs.

The popular hacker Samy Kamkar has presented a new gadget that could be exploited to hacks GM […]

Week 30 In Review – 2015

Resources

Jailbreak or Root Detection: A False Sense of Security, Part 1 – bluebox.com
Mobile management vendors have ingrained in the industry that jailbroken and rooted devices are bad: automatically deny all access. There is a widespread fear in the industry that these “compromised” devices jeopardize enterprise networks and are prone to leaking corporate secrets.

Best Reverser Write-Up: […]

Week 29 In Review – 2015

Events Related

Black Hat attendee report highlights the mess we’re in – zdnet.com
Black Hat has released its first-ever attendee research report, highlighting infosec’s ongoing hiring crisis and a sector that feels poorly prepared to face current threats.

How We Fared in the Cyber Grand Challenge – blog.trailofbits.com
The Cyber Grand Challenge qualifying event was held on June 3rd, at […]

Week 28 In Review – 2015

Events Related

The MiTM Mobile Contest: GSM Network Down at PHDays V – blog.ptsecurity.com
The MiTM Mobile contest was held at PHDays for the first time, and it let the participants realize how easily an attacker can conduct the above-mentioned attacks having only a 10$ cell phone with some hacker freeware.

SHAKACON
SHAKACON was a well-run and friendly conference […]

Week 27 In Review – 2015

Events Related

REcon Recap: Here’s What Caught My Eye – researchcenter.paloaltonetworks.com
A few weeks ago I was fortunate enough to attend REcon in Montreal, Canada. This conference focuses on reverse engineering and exploitation techniques and has been going on for roughly a decade.

PHDays V Highlights: Signs of GSM Interception, High Time to Hack Wi-Fi, Future of Encryption – blog.ptsecurity.com
Technological […]

Week 26 In Review – 2015

Resources

The $300 ‘PITA’ steals encryption keys with radio waves – engadget.com
Your computer is leaking information. It’s not from the usual suspects: WiFi, Bluetooth or ethernet, but from radio waves originating from your processor. Researchers at Tel Aviv University and Israel’s Technion research institute have built a $300 device that captures those electromagnetic waves and uses […]

Week 25 In Review – 2015

Resources

Circle City Con 2015 Videos – irongeek.com
These are the Circle City Con videos. You can watch and download the videos from here.
LastPass Security Notice – blog.lastpass.com
LastPass want to assure their users that their cyberattack response worked as designed. They have received many questions so they want to take a moment and provide additional clarifications.
CVE-2015-1328: incorrect permission checks […]