Blog

/Blog/

Week 14 in Review – 2013

Event Related CCDC WRCCDC - A Red Team Members Perspective - blog.strategiccyber.com Western Regional CCDC was pretty epic. Given the level of interest in red activity, I’d like to share what I can. So much happened, I couldn’t keep up with all of it. Web Application Defender's Cookbook: CCDC Blue Team Cheatsheet - blog.spiderlabs.com Trustwave [...]

Week 13 in Review – 2013

Event Related Blackhat Europe 2013 Arsenal Tools Event Wrap-up - toolswatch.org I finally found time to write a wrap-up about the activities of the Arsenal Tools Event during the last session of Blackhat Amsterdam Europe 2013. IPv6 Focus Month: IPv6 over IPv4 Preference - isc.sans.edu Initially, most IPv6 deployments will be "Dual Stack". In this [...]

Week 12 in Review – 2013

Event Related IPv6 Focus Month IPv6 Focus Month: What is changing with DHCP - isc.sans.edu Among the different methods to configure IPv6 addresses, most managed networks will likely stick with DHCP. DHCPv6 however is a bit different then DHCPv4. We will summarize here some of the basic differences between DHCPv4 and DHCPv6. IPv6 Focus Month: [...]

Week 11 in Review – 2013

Event Related ShmooCon 2013 ShmooCon Epilogue 2013 Videos Recut per speaker / talk - excivity.com I was one of the people helping out with streaming this year’s ShmooCon Epilogue talks. Google Hangouts was kind enough to record everything for us, but lumped it into one large file. ShmooCon 2013 Videos Posted - shmoocon.org Videos for [...]

Week 10 in Review – 2013

Event Related DEP-ASLR bypass without ROP-JIT.pdf - docs.google.com This is a pdf file from the event CanSecWest 2013 Pwn2Own: IE10, Firefox, Chrome, Reader, Java hacks land $500k - theregister.co.uk It's back to the drawing board for coders at Microsoft, Google, Adobe, Mozilla, and Oracle after entrants in the annual Pwn2Own contest waltzed off with over [...]

Week 9 in Review – 2013

Event Related Juniper Networks intros global cloud-based 'attacker database' - zdnet.com At the start of RSA 2013, Juniper Networks is rolling out a global database to track attacks on individual devices. MASTIFF Analysis of APT1 - novainfosec.com At Shmoocon this year we were please to find that there is a project focused on this specifically [...]

Week 8 in Review – 2013

Event Related ShmooCon Firetalks 2013 - irongeek.com These are the videos I have for the ShmooCon Firetalks 2013. Resources APT 1 APT 1: Exposing One of China's Cyber Espionage Units - intelreport.mandiant.com APT1: Exposing One of China's Cyber Espionage Units Threat Actors Using Mandiant APT1 Report as a Spear Phishing Lure: The Nitty Gritty - [...]

Week 7 in Review – 2013

Event Related S4x13 Video: Atlas on RF Comms Security and Insecurity - digitalbond.com RF Comms are often ignored in SCADA assessments. Big mistake as atlas 0f d00m shows RF hacking session at S4x13. #Shmoocon Presentation Links - mainframed767.tumblr.com So I talked fast and furious and ran out of time, but 20 minutes is not a [...]