Here are information security events in North America this month: DakotaCon 2016 : April 1 to 3 in Madison, WI, USA WiCyS 2016 : April 1 to 2 in Dallas, TX, USA InfoSec World Conference & Expo 2016 : April 4 to 6 in Lake Buena Vista, FL, USA InfoWarCon 2016 [...]
Events Related Pwn2Own 2016: Hackers Earn $460,000 for 21 New Flaws - securityweek.com On the first day, contestants earned $282,500 for vulnerabilities in Safari, Flash Player, Chrome, Windows and OS X. On the second day, Tencent Security Team Sniper took the lead after demonstrating a successful root-level code execution exploit in Safari via a use-after-free flaw in Safari [...]
Events Related Another year, another RSAC - www.cerias.purdue.edu I have attended 10 of the last 15 RSA conferences. I do this to see what’s new in the market, meet up with friends and colleagues I don’t get to see too often, listen to some technical talks, and enjoy a few interesting restaurants and taverns in SF. [...]
Events Related BSides San Francisco 2016 Videos - www.irongeek.com These are the videos from the BSides San Francisco conference. BSides Indy 2016 Videos - www.irongeek.com These are the videos from the BSides Indy conference. Tools HTCAP - www.htcap.org htcap is a web application scanner able to crawl single page application (SPA) in a recursive manner by intercepting ajax calls [...]
Here are information security events in North America this month: CarolinaCon 12 : March 4 to 6 in Raleigh, NC, USA 6th ACM Conference on Data and Application Security and Privacy (CODASPY 2016) : March 9 to 11 in New Orleans, LA, USA BSides SLC 2016 : March 10 to 11 in [...]
Events Related BSidesCapeTown 2015 - www.youtube.com Resources Ray Sharp CCTV DVR Password Retrieval & Remote Root - community.rapid7.com On January 22, 2013, a researcher going by the name someLuser detailed a number of security flaws in the Ray Sharp DVR platform. These DVRs are often used for closed-circuit TV (CCTV) systems and security cameras. Comodo: Comodo [...]
Events Related BSidesNYC2016 - github.com Resources mediatek mt6261 rom dumping via the vibration motor - www.sodnpoo.com McAfee SiteList.xml password decryption - funoverip.net Recently, a very good friend of mine pointed me out the story of a pentester who recovered the encrypted passwords from a McAfee SiteList.xml file, using Responder. Brute-forcing Microsoft Lync via NTLM - www.hackwhackandsmack.com [...]
Events Related Shmoocon 2016 - archive.org ShmooCon is an annual east coast hacker convention hell-bent on offering three days of an interesting atmosphere for demonstrating technology exploitation, inventive software and hardware solutions, and open discussions of critical infosec issues. BSides Huntsville 2016 Videos - www.irongeek.com These are the videos from the BSides Huntsville conference. Recon 2015 - [...]
Here are information security events in North America this month: SANS Cyber Threat Intelligence Summit 2016 : February 3 to 4 in Alexandria, VA, USA BSides Tampa 2016 : February 5 to 7 in Tampa Bay, Florida, USA BSides Huntsville 2016 : February 6 in Huntsville, AL, USA SecureWorld Charlotte 2016 [...]
Events Related ShmooCon: LastPass design elements create perfect Phishing opportunity - www.csoonline.com Cassidy’s presentation at ShmooCon on Saturday morning outlined a clever Phishing attack against LastPass users, which is made possible due to design elements within the password manager’s core functions. BSides Conference BSides Columbus 2016 Videos - www.irongeek.com BSidesNYC2016 – github.com Tools dnstwist - [...]