- Black Hat USA 2015 Course Review – Adaptive Red Team Tactics from Veris Group – www.redblue.team
Black Hat has something for everyone (across the defensive and offensive spectrum) and after considerable delibaration I decided to register for Adaptive Red Team Tactics from Veris Group. This is an interesting team in that a lot of the core members burst onto the scene a few years ago with very high skill sets and seemingly no prior social media presence or history.
- SECT-2015 Talk Slides – colinoflynn.com
A talk about open-source power analysis and glitching projected called ChipWhisperer at SEC-T.
- iOSAppReverseEngineering – github.com
iOS App Reverse Engineering is the world’s 1st book of very detailed iOS App reverse engineering skills. The book consists of 4 parts, i.e. concepts, tools, theories and practices.
- Internet-Wide Scan Data Repository – scans.io
The Internet-Wide Scan Data Repository is a public archive of research data collected through active scans of the public Internet. The repository is hosted by the ZMap Team at the University of Michigan.
- 44CON slides and details about further Windows kernel font vulnerabilities are out – j00ru.vexillium.org
Since my last blog post and the REcon conference in June, I have continued working on font security, especially in the area of Windows kernel and font engines derived from the Adobe Type Manager Font Driver.
- Microsoft Attack Surface Analyzer (ASA): It’s for defenders too! – community.rapid7.com
Attack Surface Analyzer, a tool made by Microsoft and recommended in their Security Development Lifecycle Design Phase, is meant primarily for software developers to understand the additional attack surface their products add to Windows systems.
- FruityWifi – www.fruitywifi.com
FruityWifi is an open source tool to audit wireless networks. It allows the user to deploy advanced attacks by directly using the web interface or by sending messages to it.
- certitude – github.com
The Seeker of IOC
- The iOS Get out of Jail Free Card – blog.ioactive.com
If you have ever been part of a Red Team engagement, you will be familiar with the “Get out of Jail Free Card”. In a nutshell, it’s a signed document giving you permission to perform the activity you were caught doing.
- Denial of Service and Code-Level Application Flaws – www.astechconsulting.com
What is a Denial of Service Attack? Generally speaking, it is a type of attack on a network or application intended to cripple or render it unresponsive by flooding it with traffic. The exact nature of a Denial of Service Attack (DoS) can vary widely depending on the target system.
- Cisco Routers Implant
Researchers have uncovered active and highly clandestine attacks that have infected more than a dozen Cisco routers with a backdoor that can be used to gain a permanent foothold inside a targeted network.
- In Search of SYNful Routers – zmap.io
- Cisco routers in at least 4 countries infected by highly stealthy backdoor – arstechnica.com
- SYNful Knock – A Cisco router implant – Part I – www.fireeye.com
- SYNful Knock – A Cisco router implant – Part II – www.fireeye.com
- D-Link blunder by releasing private keys of certificates – translate.google.com
D-Link had accidentally private keys for certificates signed by which software is released. The keys were to distill out of open-source firmware packages of the manufacturer. Criminals had certificates thereby exploit.
- Issuance of Certificates
On September 14, around 19:20 GMT, Symantec’s Thawte-branded CA issued an Extended Validation (EV) pre-certificate for the domains google.com and www.google.com. This pre-certificate was neither requested nor authorized by Google.
- Active WordPress malware campaign compromises thousands of websites – www.zdnet.com
The campaign may only be 15 days old, but thousands of sites are already infected and there are no signs of slowing down.
- Pentagon food court computers hacked, exposing employees’ bank information – www.washingtonexaminer.com
Hackers infiltrated the Pentagon food court’s computer system, compromising the bank data of an unknown number of employees.
- A CISO Perspective On The Fireeye Controversy – www.peerlyst.com
As a CISO, I’d want to know I was using security solutions that are not lemons. I’d also want to know that they make my attack surface smaller, not larger. If I was defending an organization that has APT actors including nation states as a realistic threat in my threat modelling, I’d also want to know that my security tools cannot be used as pivot points for APT’s.
- Microsoft partners with NATO to shore up European cybersecurity – blogs.microsoft.com
Microsoft is a long-term partner for many governments around the world seeking to build a safe and trusted digital environment. As such, we are excited to announce today that we have signed our newest Government Security Program (GSP) agreement with the NATO Communications and Information Agency (NCI Agency).