Blog

/Blog/

Week 43 In Review – 2016

Events Related Hack.lu I’m back to Luxembourg for a new edition of hack.lu. In fact, I arrived yesterday afternoon to attend the MISP summit. It was a good opportunity to meet MISP users and to get fresh news about the project. Hack.lu 2016 Wrap-Up Day #1 - blog.rootshell.be Hack.lu 2016 Wrap-Up Day #2 - blog.rootshell.be Hack.lu 2016 [...]

Week 42 In Review – 2016

Resources Published "SecDevOps Risk Workflow" Book (v0.57) - blog.diniscruz.com I just published version v0.57 of the (previously called) Jira Risk Workflow book. Vulnerabilities These 60 dumb passwords can hijack over 500,000 IoT devices into the Mirai botnet - www.grahamcluley.com Mirai has become infamous in recent weeks after blasting the website of security blogger Brian Krebs off the [...]

2017-03-12T17:39:11-07:00 October 16th, 2016|Security Vulnerabilities, Site News, Week in Review|1 Comment

Week 41 In Review – 2016

Events Related GrrCON 2016 Videos - irongeek.com These are the videos of the presentations from GrrCON 2016. Videos from the DHS Cyber Security Division (CSD) workshop earlier this year - voipsecurityblog.typepad.com Here are a couple of links to the Department of Homeland Security (DHS) Cyber Security Division (CSD) showcase earlier this year. They did a great [...]

Week 39 In Review – 2016

Resources RECON 2016 Recon Recordings - recon.cx Recon Slides - recon.cx Derbycon 2016 Videos - www.irongeek.com These are the videos of the presentations from Derbycon 2016. Louisville Infosec 2016 Videos - www.irongeek.com Videos from the Louisville Infosec 2016 conference. R00tz 2016 - r00tz.org Tools PowerShell-Suite - github.com Bypass-UAC is self-contained and does not have any dependencies, bar a [...]

2017-03-12T17:39:11-07:00 September 25th, 2016|Security Conferences, Security Tools, Week in Review|0 Comments

Week 38 In Review – 2016

Events Related BSides Augusta 2016 Videos - www.irongeek.com These are the videos from the BSides Augusta conference. Resources Long Secret Stingray Manuals Detail How Police Can Spy On Phones - theintercept.com The Intercept has obtained several Harris instruction manuals spanning roughly 200 pages and meticulously detailing how to create a cellular surveillance dragnet. Techniques Reprogramming the Defcon 24 badge [...]

Week 37 In Review – 2016

Resources House of Keys: 9 Months later... 40% Worse - blog.sec-consult.com In our initial study we analyzed SSH host key use as well. Unfortunately there is no recent scan data on SSH host keys available (however there is a ticket over at the awesome ZMap project). Tools FaceWhisperer - github.com FaceWhisperer is a hardware add-on for the ChipWhisperer side-channel [...]

Week 36 In Review – 2016

Tools WiFi-Pumpkin - github.com Framework for Rogue Wi-Fi Access Point Attack Python tools for penetration testers - github.com Python tools for penetration testers Nmap 7.25BETA2 Birthday Release - nmap.org Nmap 7.25BETA1 includes dozens of performance improvements, bug fixes, and new features. Vulnerabilities Meet USBee, the malware that uses USB drives to covertly jump airgaps - [...]