Vendor News

/Vendor News

Week 25 In Review – 2015

Resources

Circle City Con 2015 Videos – irongeek.com
These are the Circle City Con videos. You can watch and download the videos from here.
LastPass Security Notice – blog.lastpass.com
LastPass want to assure their users that their cyberattack response worked as designed. They have received many questions so they want to take a moment and provide additional clarifications.
CVE-2015-1328: incorrect permission checks […]

Week 24 In Review – 2015

Resources

HackerOne Connects Hackers With Companies, and Hopes for a Win-Win – nytimes.com
HackerOne is a San Francisco tech start-up that aims to become a mediator between companies with cybersecurity issues and hackers who are looking to solve problems rather than cause them. They hope their outfit can persuade other hackers to responsibly report security flaws, rather than […]

Week 22 In Review – 2015

Events Related

HITB Amsterdam Wrap-Up Day #1 – blog.rootshell.be
The HITB crew is back in the beautiful city of Amsterdam for a new edition of their security conference. Here is Xavier’s wrap-up for the first day!

HITB Amsterdam Wrap-Up Day #2 -blog.rootshell.be
This is Xavier’s quick wrap-up for the second day of Hack in the Box!

Resources

New Research: Some Tough Questions for […]

Week 21 In Review – 2015

Resources

Inside Yubikey Neo – hexview.com
Yubikey Neo is a $50 authentication token (with bells and whistles) from Yubico. Yubico advertizes it as “practically indestructible”. The product security section also claims that the device comes in a “tamper-proof casing” that is “practically impossible to tamper”.
Cipherli.st – cipherli.st
Strong Ciphers for Apache, nginx and Lighttpd. These examples are meant for sysadmins […]

Week 20 In Review – 2015

Resources

Week of PowerShell Shells – Announcement and Day 1 – labofapenetrationtester.com
To generate awareness and spread the goodness of PowerShell in the infosec community, Nikhil is glad to announce a Week of PowerShell shells. On each day of the past week, from 11th May to 15th May 2015, Nikhil published/discussed a blog post on it.

Week of PowerShell […]

Week 16 In Review – 2015

Events Related

Test your hacker skills with DEF CON at the 2015 TRIBECA film festival – tribecafilm.com
For the first time ever, the world’s biggest underground hacking conference will travel from Las Vegas to NYC for this year’s TFF.

Resources

PCI versions 3.0, 3.1 and your SecureSphere deployment – blog.imperva.com
This blog entry will focus solely on new requirements that either affect […]

Week 13 In Review – 2015

Events Related

Pwn2Own 2015: Day One results – h30499.www3.hp.com
The first day of Pwn2Own 2015 saw successful attempts by four entrants against four products, with payouts of $317,500 to researchers during today’s competition.

Pwn2Own 2015: Day Two results – h30499.www3.hp.com
The second and final day of Pwn2Own 2015 saw successful exploits by both entrants against four products, with each going after […]

Week 12 In Review – 2015

Events Related

Troopers15 Wrap-Up Day #1 – blog.rootshell.be
This is Xavier’s first Troopers conference. Here is the wrap-up for the first day of Troopers15. Before the review of the talks, a few words about the conference. The venue was really nice as well as the facilities.

Troopers15 Wrap-Up Day #2 – blog.rootshell.be
This is Xavier’s wrap-up for the second day of […]

Week 11 In Review – 2015

Resources

A Primer on IoT Security Research – community.rapid7.com
In this blog post Mstanislav’d like to give a high-level sense of what IoT security research often entails. TThis post is intended for the casual security researcher, or even IoT vendor, who wants to know what this research looks like, and where to get started.
ElasticSearch CVE-2015-1427 RCE Exploit – carnal0wnage.attackresearch.com
Since […]

Week 8 In Review – 2015

Resources

Equation Group: The Crown Creator of Cyber-Espionage – kaspersky.com
Kaspersky Lab’s experts can confirm they have discovered a threat actor that surpasses anything known in terms of complexity and sophistication of techniques, and that has been active for almost two decades – The Equation Group.

Russian researchers expose breakthrough U.S. spying program – reuters.com
The U.S. National Security Agency has […]