Vendor News

Week 20 In Review – 2014


Infiltrate 2014 –
Here are some additional resources of Zach Cutlip that may have mentioned in his Infiltrate 2014 presentation.
BlueHat Security Briefings: Fall 2013 Sessions –
The 2013 BlueHat Security Briefings took place on the Microsoft campus in December 2013. Here are the list of talks and discussions.


mimikatz 2.0 alpha 20140519 –
You can download this new […]

Week 18 In Review – 2014


BSides Chicago 2014 Videos –
These are the videos from the BSides Chicago conference. You can watch and download all the videos from here.
Q1 2014 Mobile Threat Report –
f-secure’s Mobile Threat Report for Q1 2014 is out! Here’s a couple of the things they cover in it.


Egress Testing using PowerShell –
Imagine that you pwned a […]

Week 17 In Review – 2014


Verizon Data Breach Investigations Report –
The 2014 Data Breach Investigations Report (DBIR) casts new light on threats — taking 10 years of forensic data and finding that 92% of these can be categorized into nine basic attack patterns. This approach also helps identify primary threats to your industry, which you can analyze to reinforce […]

Week 11 In Review – 2014

Events Related

Pwn2Own 2014: A recap –
Two record-setting days of payouts for zero-day vulnerabilities brought the 2014 Pwn2Own contest tantalizingly close to the first million-dollar competition, with $850,000 paid to eight entrants. $385,000 of potential prize money remained unclaimed.

Researchers pocket record $400K at Pwn2Own hacking contest’s first day –
Researchers on Wednesday cracked Microsoft’s Internet Explorer […]

Week 10 In Review – 2014


Forgot your Windows admin password? –
This is a utility to reset the password of any user that has a valid local account on your Windows system. Finally! A very major release!
TrustyCon Videos Available –
You can find the playlist of all of the videos in Al Jigong Billings YouTube channel but He also […]

Week 8 In Review – 2014

Events Related

Course Review: Offensive Security AWE (Advanced Windows Exploitation) –
In terms of training, Offensive Security is best known for their Pentesting with BackTrack/Kali (PWK) and Cracking the Perimeter (CTP) courses. The course was delivered by its creators, Matteo Memelli and Devon Kearns. Matteo handled all of the speaking responsibilities, and Devon apparently participated solely […]

Week 6 In Review – 2014


Why PLCpwn Is Important for ICS Cyber Weapons –
The interesting question is what happens when organizations and governments stumble across one of these deployed attack systems and covert channels?

S4x14 Video: Stephen Hilt on PLCpwn

Cheat Sheets –
Here are Cheet sheets by packetlife. You can download all from here.
OWASP Cheat Sheet Series –
The OWASP Cheat Sheet […]

Week 2 In Review – 2014

Events Related

Why we have to boycott RSA –
The reason isn’t that Robert Graham is upset at RSA, or think that they are evil. He thinks RSA was mostly tricked by the NSA instead of consciously making the choice to backdoor their products.


Stupid IDN Tricks: Unicode Combining Characters –
Safari will display Unicode combining diacritical marks […]

Week 51 In Review – 2013

Events Related

CCC, 100-gbps, and your own private Shodan –
One of the oldest/biggest “hacker” conventions is the CCC congress every December in Germany. This year, they are promising 100-gbps connectivity to the Internet.


Quick Joomla Refresher –
In this blog post David Kirkpatrick mention some of the tools he used to check the security of a particular […]

Week 50 In Review – 2013

Events Related

Baythreat 4 –
Baythreat Day Two. Here are the writeups of another series of excellent presentations from the breaker track for the remainder of the day.
The AppSec Program Maturity Curve 4 of 4 –
This is the final post in a series on the Application Program Maturity Curve. In this series, Veracode have advocated that […]