Week 29 In Review – 2016

Events Related

• Converge 2016 Videos – www.irongeek.com
  These are the videos from the Converge Information Security Conference.

• BSides Detroit 2016 Videos – www.irongeek.com
  These are the videos from the BSides Detroit 2016 Conference.

• AppSecEU 16 – Abhay Bhargav – SecDevOps: A View from the Trenches – www.youtube.com

Resources

• KeeThief – A Case Study in Attacking KeePass Part 2 – www.harmj0y.net
  The other week I published the “A Case Study in Attacking KeePass” post detailing a few notes on how to operationally “attack” KeePass installations. This generated an unexpected amount of responses, most good, but a few negative and dismissive.

Tools

• Tool To Generate Hashcat Toggle Rules – blog.didierstevens.com
  Hashcat comes with toggle rule files for candidate passwords up to 15 characters long. There’s a rules file that will toggle exactly one letter (toggles1.rule), another rule file for up to two letters (toggles2.rule), three, four, and finally a rule file for up to five letters (toggles5.rule). Hashcat does not provide rules with more than five toggles, as empirical data shows that passwords chosen by users only contain a couple of uppercase letters.

Techniques

• Gotta Catch ‘Em All! – WORLDWIDE! (or how to spoof GPS to cheat at Pokémon GO) – www.insinuator.net
  In the past I was often fiddling around with SDR (Software Defined Radio), started with DVB-T sticks some years ago. When I came to ERNW in 2014 I got in touch with Michael Ossman’s great HackRF One for the first time, and subsequently my thesis was based on SDR.

Vendor/Software Patches

• Adobe, Microsoft Patch Critical Security Bugs – krebsonsecurity.com
  Adobe has pushed out a critical update to plug at least 52 security holes in its widely-usedFlash Player browser plugin, and another update to patch holes in Adobe Reader. Separately, Microsoft released 11 security updates to fix vulnerabilities more than 40 flaws inWindows and related software.

Other News

• Alex Gibney on Stuxnet and why we need to talk about cyberwar – www.engadget.com
  It’s been six years since we discovered Stuxnet, the worm that infected Windows PCs worldwide and was eventually traced to the United States and Israel as a way to attack Iran’s nuclear program. It was the first time a cyberweapon was used to attack a physical location (it disabled uranium enriching centrifuges by causing them to spin out of control), and it sparked the use of cyberattacks from governments all over the world, including Russia, Iran and North Korea.