Event Related SyScan 2013 SyScan13: Revisiting Mac OS X Rootkits presentation – reverse.put.as SyScan 2013, 10th anniversary edition is over! It is a great conference and I hope it does not end here. I had lots of fun and met new interesting people. Thomas is an awesome host! It helps that I really like Singapore [...]

Event Related Syscan 2013 SyScan 2013, Bochspwn paper and slides – gynvael.coldwind.pl In our SyScan presentation, we explained the concept of kernel race conditions in interacting with user-mode memory, gave a brief rundown on how they can be identified by using CPU-level instrumentation of an operating system session, and later focused on how they can [...]

Event Related Notacon 10 (2013) Videos – irongeek.com These are the videos from the 10th Notacon conference held April 18th-21st, 2013. Not all of them are security related, but I hope my viewers will enjoy them anyway. Thanks to Froggy and Tyger for having me up, and to the video team: SatNights, Widget, Securi-D, Purge, [...]

Event Related Great Scott Gadgets Infiltrate 2013 – greatscottgadgets.com Michael Ossmann and Kyle Osborn presented Two-Timing Data Connectors at Infiltrate 2013. Resources Nessus Using Posh-SecMod PowerShell Module to Automate Nessus(Part1) – darkoperator.com One showed me some of the scripts they use and then it came to me why not automate Nessus from with in PowerShell. [...]

Event Related CCDC WRCCDC – A Red Team Members Perspective – blog.strategiccyber.com Western Regional CCDC was pretty epic. Given the level of interest in red activity, I’d like to share what I can. So much happened, I couldn’t keep up with all of it. Web Application Defender’s Cookbook: CCDC Blue Team Cheatsheet – blog.spiderlabs.com Trustwave [...]

Event Related Blackhat Europe 2013 Arsenal Tools Event Wrap-up – toolswatch.org I finally found time to write a wrap-up about the activities of the Arsenal Tools Event during the last session of Blackhat Amsterdam Europe 2013. IPv6 Focus Month: IPv6 over IPv4 Preference – isc.sans.edu Initially, most IPv6 deployments will be “Dual Stack”. In this [...]

Event Related IPv6 Focus Month IPv6 Focus Month: What is changing with DHCP – isc.sans.edu Among the different methods to configure IPv6 addresses, most managed networks will likely stick with DHCP. DHCPv6 however is a bit different then DHCPv4. We will summarize here some of the basic differences between DHCPv4 and DHCPv6. IPv6 Focus Month: [...]

Event Related ShmooCon 2013 ShmooCon Epilogue 2013 Videos Recut per speaker / talk – excivity.com I was one of the people helping out with streaming this year’s ShmooCon Epilogue talks. Google Hangouts was kind enough to record everything for us, but lumped it into one large file. ShmooCon 2013 Videos Posted – shmoocon.org Videos for [...]

Event Related DEP-ASLR bypass without ROP-JIT.pdf – docs.google.com This is a pdf file from the event CanSecWest 2013 Pwn2Own: IE10, Firefox, Chrome, Reader, Java hacks land $500k – theregister.co.uk It’s back to the drawing board for coders at Microsoft, Google, Adobe, Mozilla, and Oracle after entrants in the annual Pwn2Own contest waltzed off with over [...]

Event Related Juniper Networks intros global cloud-based ‘attacker database’ – zdnet.com At the start of RSA 2013, Juniper Networks is rolling out a global database to track attacks on individual devices. MASTIFF Analysis of APT1 – novainfosec.com At Shmoocon this year we were please to find that there is a project focused on this specifically [...]