Events Related Hack.lu I’m back to Luxembourg for a new edition of hack.lu. In fact, I arrived yesterday afternoon to attend the MISP summit. It was a good opportunity to meet MISP users and to get fresh news about the project. Hack.lu 2016 Wrap-Up Day #1 - blog.rootshell.be Hack.lu 2016 Wrap-Up Day #2 - blog.rootshell.be Hack.lu 2016 [...]
Resources Published "SecDevOps Risk Workflow" Book (v0.57) - blog.diniscruz.com I just published version v0.57 of the (previously called) Jira Risk Workflow book. Vulnerabilities These 60 dumb passwords can hijack over 500,000 IoT devices into the Mirai botnet - www.grahamcluley.com Mirai has become infamous in recent weeks after blasting the website of security blogger Brian Krebs off the [...]
Events Related GrrCON 2016 Videos - irongeek.com These are the videos of the presentations from GrrCON 2016. Videos from the DHS Cyber Security Division (CSD) workshop earlier this year - voipsecurityblog.typepad.com Here are a couple of links to the Department of Homeland Security (DHS) Cyber Security Division (CSD) showcase earlier this year. They did a great [...]
Events Related HWTV v1.1 DEF CON 24 Special - HackRF and PortaPack - Premiere Episode! - www.youtube.com Our premiere episode features exclusive content from DEF CON 24. We talk DEF CON news, interview Bertine and James of netdb.io, and talk to Jared Boone about PortaPack, the portable SDR he designed as an add-on for the [...]
Here are information security events in North America this month: Virus Bulletin 2016 : October 5 to 7 in Denver, CO, USA WACCI 2016 : October 5 to 7 in Oshkosh, WI, USA SecureWorld Denver 2016 : October 5 to 6 in Denver, CO, USA Rochester Security Summit 2016 : October [...]
Resources RECON 2016 Recon Recordings - recon.cx Recon Slides - recon.cx Derbycon 2016 Videos - www.irongeek.com These are the videos of the presentations from Derbycon 2016. Louisville Infosec 2016 Videos - www.irongeek.com Videos from the Louisville Infosec 2016 conference. R00tz 2016 - r00tz.org Tools PowerShell-Suite - github.com Bypass-UAC is self-contained and does not have any dependencies, bar a [...]
Events Related BSides Augusta 2016 Videos - www.irongeek.com These are the videos from the BSides Augusta conference. Resources Long Secret Stingray Manuals Detail How Police Can Spy On Phones - theintercept.com The Intercept has obtained several Harris instruction manuals spanning roughly 200 pages and meticulously detailing how to create a cellular surveillance dragnet. Techniques Reprogramming the Defcon 24 badge [...]
Resources House of Keys: 9 Months later... 40% Worse - blog.sec-consult.com In our initial study we analyzed SSH host key use as well. Unfortunately there is no recent scan data on SSH host keys available (however there is a ticket over at the awesome ZMap project). Tools FaceWhisperer - github.com FaceWhisperer is a hardware add-on for the ChipWhisperer side-channel [...]
Tools WiFi-Pumpkin - github.com Framework for Rogue Wi-Fi Access Point Attack Python tools for penetration testers - github.com Python tools for penetration testers Nmap 7.25BETA2 Birthday Release - nmap.org Nmap 7.25BETA1 includes dozens of performance improvements, bug fixes, and new features. Vulnerabilities Meet USBee, the malware that uses USB drives to covertly jump airgaps - [...]
Here are information security events in North America this month: Information Security Conference (ISC 2016) : September 7 to 9 in Honolulu, HI, USA SecureWorld Cincinnati 2016 : September 8 in Cincinnati, OH, USA BSides Augusta 2016 : September 10 in Augusta, GA, USA (ISC)² Security Congress 2016 : September 12 [...]