Resources Everything You Always Wanted to Know About iTunes and iCloud Backups But Were Afraid to Ask – blog.crackpassword.com Do you think you know everything about creating and using backups of Apple iOS devices? Probably not. Here Vladimir Bezmaly (MVP Consumer security, Microsoft Security Trusted Advisor) shares some thoughts, tips and tricks on iTunes and iCloud [...]
Resources iOS Application Security Part 32 - Automating Tasks With iOS Reverse Engineering Toolkit (iRET) – highaltitudehacks.com In this article, we will talk about a new tool named iOS Reverse Engineering Toolkit (iRET) that has just been released to assist penetration testers in automating most of the tasks involved in a iOS penetration test. The project [...]
Events Related Three Things to Take Away from CanSecWest, Pwn2Own – threatpost.com Browsers, brokers and BIOS: you could safely call that triumvirate the past, present and future of security, but you’d be wrong. If last week’s CanSecWest conference, and Pwn2Own and Pwnium contests are indeed a point-in-time snapshot of the technical side of information security, then [...]
Events Related Pwn2Own 2014: A recap – hp.com Two record-setting days of payouts for zero-day vulnerabilities brought the 2014 Pwn2Own contest tantalizingly close to the first million-dollar competition, with $850,000 paid to eight entrants. $385,000 of potential prize money remained unclaimed. Researchers pocket record $400K at Pwn2Own hacking contest's first day – computerworld.com Researchers on Wednesday cracked [...]
Resources Forgot your Windows admin password? – ogostick.net This is a utility to reset the password of any user that has a valid local account on your Windows system. Finally! A very major release! TrustyCon Videos Available – makehacklearn.org You can find the playlist of all of the videos in Al Jigong Billings YouTube channel [...]
Events Related RSA Conference 2014 RSA protests by DEF CON groups, Code Pink draw ire – news.cnet.com The RSA security conference (where the world's security companies come to do business with each other), opened its doors this week in San Francisco to a wide range of protests by security professionals who would otherwise be attending and [...]
Events Related Course Review: Offensive Security AWE (Advanced Windows Exploitation) – www.ethicalhacker.net In terms of training, Offensive Security is best known for their Pentesting with BackTrack/Kali (PWK) and Cracking the Perimeter (CTP) courses. The course was delivered by its creators, Matteo Memelli and Devon Kearns. Matteo handled all of the speaking responsibilities, and Devon apparently participated [...]
Events Related BruCON 5by5 – WPScan Online Vulnerability Database – ethicalhack3r.co.uk For those of you who have been living under a rock, BruCON is a security conference held every year in Belgium (originally Brussels, now Ghent). Last year was the 5th time the conference had been held and so the year before (2012) they setup what [...]
Resources Why PLCpwn Is Important for ICS Cyber Weapons – www.digitalbond.com The interesting question is what happens when organizations and governments stumble across one of these deployed attack systems and covert channels? S4x14 Video: Stephen Hilt on PLCpwn -digitalbond.com Cheat Sheets – packetlife.net Here are Cheet sheets by packetlife. You can download all from here. OWASP Cheat Sheet [...]
Resources BLE Fun With Ubertooth: Sniffing Bluetooth Smart and Cracking Its Crypto – blog.lacklustre.net Ubertooth is an open source platform for Bluetooth research. It has a powerful ARM microcontroller connected to a reconfigurable radio chip, the TI CC2400. Although it was originally built to monitor classic Basic Rate (BR) Bluetooth, it serves as an excellent platform [...]