Resources Typosquatting programming language package managers - incolumitas.com Typosquatting is the malicious registering of a domain that is lexically similar to another, often highly frequented, website. Typosquatters would for instance register a domain named Gooogle.com instead of the well known Google.com. Then they hope that people mistype the website name in the browser and accidentally arrive on the [...]
Resources Out-of-Box Exploitation: A Security Analysis of OEM Updaters - duo.com Original Equipment Manufacturers (OEM) refer to the first boot of a new PC as the out-of-box experience (OOBE). As you battle your way through modal dialogues for questionable software, and agree to some exciting 30 day antivirus trials, it’s pretty forgivable to want to throw [...]
Events Related NolaCon 2016 - www.irongeek.com Resources BlueCoat now has a CA signed by Symantec - twitter.com hitbsecconf2016ams - conference.hitb.org Tools Practical Malware Analysis Starter Kit - bluesoul.me This package contains most of the software referenced in Practical Malware Analysis. Some of the links have broken over time, some companies have folded or been bought. 1 [...]
Tools fwexpl - github.com PC firmware exploitation tool and library Techniques The best part about open source software is there's no hidden backdoors - twitter.com Kerberoasting SPNs are used by Kerberos authentication to associate a service instance with a service logon account. Kerberoasting - Part 1 - room362.com Kerberoasting - Part 2 - room362.com Kerberoasting [...]
Events Related Cybersecurity sleuths learn to think like hackers - www.cnet.com About 35 high-school students sit at neatly arranged rows of tables in the university's gym. Another 115 college-level contestants surround the high schoolers. The room is pretty quiet, with only the occasional rattle from the New York subway tunnels below cutting into the hushed [...]
Resources Phrack - phrack.org Tools Can’t Hack a Hacker: Reverse Engineering a Discovered ATM Skimmer - trustfoundry.net Brian Krebs has produced numerous articles on ATM skimmers. He has essentially become the “go to” journalist on ATM fraud. From reading his stuff, I have learned how the “bad guys” think when it comes to ATM fraud. [...]
Events Related OWASP AppSec California 2016 - www.youtube.com Resources SyScan360 Singapore 2016 slides and exploit code - reverse.put.as The exploit for the bug I presented last March at SyScan360 is today one year old so I decided to release it. I wasn’t sure if I should do it or not since it can be used [...]
Events Related CanSecWest - www.slideshare.net BSides Nashville 2016 Videos - www.irongeek.com Infiltrate 2016 - infiltratecon.com Resources Ransomware: Past, Present, and Future - blog.talosintel.com The rise of ransomware over the past year is an ever growing problem. Businesses often believe that paying the ransom is the most cost effective way of getting their data back - [...]
Events Related Tailoring the NIST Cybersecurity Framework for a Precise Fit - www.tenable.com One thing caught my attention right away: there were two digital clocks prominently displayed on either side of the auditorium. Both clocks were synchronized, and according to my phone, they were accurate to the second. It makes sense because NIST is the [...]
Events Related Central Ohio Infosec Summit 2016 Videos - www.irongeek.com These are the videos from the Central Ohio Infosec Summit conference. Cyphercon 2016 Videos - www.irongeek.com These are the videos from the Cyphercon 2016 conference. TROOPERScon - www.youtube.com Resources pysap - github.com This Python library provides modules for crafting and sending packets using SAP's NI, Message Server, Router, RFC, [...]