Security Vulnerabilities

/Security Vulnerabilities

Week 8 In Review – 2017


Universal Radio Hacker –
The Universal Radio Hacker is a software for investigating unknown wireless protocols.

HackRF –


How to build a 8 GPU password cracker –
This build doesn’t require any “black magic” or hours of frustration like desktop components do. If you follow this blog and its parts list, you’ll have […]

Week 5 In Review – 2017


Running guide for CTF’s –

Blackhat Hardware Training Roadmap –
This diagram is intended to give an overview of many of the hardware-related trainings available at Black Hat USA 2017. Generally, lower level hardware is at the bottom and more software to the top.


Wordpress Exploit Framework –

screen2root –
On systems […]

Week 4 In Review – 2017

Events Related

BSides Columbus 2017 Videos –
These are the videos from the BSides Columbus Ohio conference.


DevOoops: Client Provisioning (Vagrant) –
Notes from the 2015 Devoops Talk. Vagrant used to ship with a default keypair and was difficult to rotate.

Intel debugger interface open to hacking via USB –
New Intel processors contain a debugging interface […]

Week 3 In Review – 2017


Acunetix Free Manual Pen Testing Tools –
Acunetix Manual Tools allow penetration testers to further automated testing.

waveconverter –
Factoria Labs 2016 WaveConverter is a Python application, built on GTK+ 3. The GUI has been implemented via Glade. A sqlite database has been implemented via sqlalchemy.


Cracking The 12+ Character Password Barrier, Literally – […]

Week 1 In Review – 2017


33C3: Chris Gerlinsky Cracks Pay TV –
People who have incredible competence in a wide range of fields are rare, and it can appear deceptively simple when they present their work. ’s talk on breaking the encryption used on satellite and cable pay TV set-top boxes was like that.


mitmproxy: release v1.0.0 – The Christmas […]

Week 52 In Review – 2016


VMware Security Advisories –
vSphere Data Protection (VDP) updates address SSH key-based authentication issue


In Flight Hacking System –
What helped a lot to reduce that fear was to understand how things work in planes, and getting
used to noises, bumps, and turbulence. This blog post is  about understanding a bit more about
how things work aboard an aircraft. More specifically, the In-Flight Entertainment Systems (IFE)
developed by Panasonic Avionics.


Other News

Learning From A Year of Security Breaches –
This year (2016) I accepted as much incident response work as I could. I spent about 300 hours
responding to security incidents and data breaches this year as a consultant or volunteer.



December 25th, 2016|Security Vulnerabilities, Site News, Week in Review|0 Comments

Week 51 In Review – 2016

Events Related

DefCamp- def.campResources

McAfee Virus Scan for Linux –
A system running Intel’s McAfee VirusScan Enterprise for Linux can be compromised by remote
attackers due to a number of security vulnerabilities. Some of these vulnerabilities can be chained
together to allow remote code execution as root.


Practical Reverse Engineering Part 5 – Digging Through the Firmware –
In part 4 we extracted the entire firmware from the router and decompressed it. As I explained then,
you can often get most of the firmware directly from the manufacturer’s website: Firmware upgrade
binaries often contain partial or entire filesystems, or even entire firmwares.

XNU kernel UaF due to lack of locking in set_dp_control_port –
set_dp_control_port is a MIG method on the host_priv_port so this bug is a root->kernel escalation.

macOS FileVault2 Password Retrieval –
macOS FileVault2 let attackers with physical access retrieve the password in clear text by plugging in
a $300 Thunderbolt device into a locked or sleeping mac. The password may be used to unlock the
mac to access everything on it.


Bluetooth-enabled safe lock popped after attackers win PINs –
Attackers can locate and pop safes protected with high security commercial locks thanks to poor
Bluetooth implementations, say researchers at Somerset Recon say.

0day drive-by exploit against Fedora
If you run a mainstream distribution of Linux on a desktop computer, there’s a good chance security
researcher Chris Evans can hijack it when you do nothing more than open or even browse a specially
crafted music file. And in the event you’re running Chrome on the just-released Fedora 25, his code-execution attack works as a classic drive-by.

0-days hitting Fedora and Ubuntu open desktops to a world of hurt –
Redux: compromising Linux using… SNES Ricoh 5A22 processor opcodes?!-

Other News

 FBI Arrests Customer of Xtreme Stresser DDoS-for-Hire Service –

The FBI arrested this past week Sean Krishanmakoto Sharma, 26, from La Canada, California, for
launching DDoS attacks against Chatango, an online chat service.


Week 50 In Review – 2016

Events Related

PhreakNIC20-2016 –


GRASSMARLIN provides IP network situational awareness of industrial control systems (ICS) and Supervisory Control and Data Acquisition (SCADA) networks to support network security.


Secure Rom extraction on iPhone 6s –
Secure ROM, also knows as bootrom, is the very first piece of software that a CPU will run […]

Week 49 In Review – 2016

Events Related

BSidesLV –
Recordings of Security BSides Las Vegas sessions, selected sessions of sister conferences and other Information Security related educational materials.

BotConf 2016
This is already the fourth edition of the Botconf security conference, fully dedicated to fighting malware and botnets. Since the first edition, the event location changed every year and it allowed me to visit […]

Week 48 In Review – 2016

Events Related

Kiwicon X –


Curl Security Audit –
I asked for, and we were granted a security audit of curl from the Mozilla Secure Open Source program a while ago. This was done by Mozilla getting a 3rd party company involved to do the job and footing the bill for it.

CVE-2016-7098 –
“GNU Wget is a […]