Here are information security events in North America this month: 4th ACM Conference on Data and Application Security and Privacy (CODASPY) : March 3 to 5 in San Antonio, TX, USA GRC Summit 2014 : March 4 to 6 in Boston, MA, USA DakotaCon 2014 : March 7 to 9 in Madison, [...]
Events Related Course Review: Offensive Security AWE (Advanced Windows Exploitation) – www.ethicalhacker.net In terms of training, Offensive Security is best known for their Pentesting with BackTrack/Kali (PWK) and Cracking the Perimeter (CTP) courses. The course was delivered by its creators, Matteo Memelli and Devon Kearns. Matteo handled all of the speaking responsibilities, and Devon apparently participated [...]
Events Related BruCON 5by5 – WPScan Online Vulnerability Database – ethicalhack3r.co.uk For those of you who have been living under a rock, BruCON is a security conference held every year in Belgium (originally Brussels, now Ghent). Last year was the 5th time the conference had been held and so the year before (2012) they setup what [...]
Resources Why PLCpwn Is Important for ICS Cyber Weapons – www.digitalbond.com The interesting question is what happens when organizations and governments stumble across one of these deployed attack systems and covert channels? S4x14 Video: Stephen Hilt on PLCpwn -digitalbond.com Cheat Sheets – packetlife.net Here are Cheet sheets by packetlife. You can download all from here. OWASP Cheat Sheet [...]
Resources BLE Fun With Ubertooth: Sniffing Bluetooth Smart and Cracking Its Crypto – blog.lacklustre.net Ubertooth is an open source platform for Bluetooth research. It has a powerful ARM microcontroller connected to a reconfigurable radio chip, the TI CC2400. Although it was originally built to monitor classic Basic Rate (BR) Bluetooth, it serves as an excellent platform [...]
Here are information security events in North America this month: SANS AppSec 2014 : February 3 to 5 in Austin, TX, USA SANS Cyber Threat Intelligence Summit 2014 : February 10 to 11 in Arlington, VA, USA BSides Tampa Bay 2014 : February 15 in Tampa, FL, USA NDSS Symposium : [...]
Events Related Counter-confab TrustyCon to host speakers boycotting RSA Conference – news.cnet.com A new conference focusing on issues of "trust" at the intersection of privacy and security will take place during RSA's annual show. Resources ShmooCon Firetalks 2014 – www.irongeek.com These are the videos for the ShmooCon Firetalks 2014. Free Tools: The Best Free Tools of 2013? – [...]
Resources Smart LSA Secrets Module – hackwhackandsmack.com Doug decided to take two modules and crash them together to add some automation to some tasks that he seem to pick up often. He took the LSA Secrets module and the Domain Group Enum module and combined them to be one module. Symantec Intelligence Report: December 2013 – symantec.com [...]
Events Related Why we have to boycott RSA – blog.erratasec.com The reason isn't that Robert Graham is upset at RSA, or think that they are evil. He thinks RSA was mostly tricked by the NSA instead of consciously making the choice to backdoor their products. Resources Stupid IDN Tricks: Unicode Combining Characters – blog.dinaburg.org Safari will display [...]
Resources Phishing Frenzy: Installing the Monster – pentestgeek.com If you’re not a rails guru or haven’t ever dabbled with ruby on rails, the installation process might seem overwhelming. Zeknox created this helpful video which follows the newly created wiki on how to get up and running with PF on Kali linux. 30c3: To Protect And Infect, [...]