Resources Infiltrate 2014 – shadow-file.blogspot.com Here are some additional resources of Zach Cutlip that may have mentioned in his Infiltrate 2014 presentation. BlueHat Security Briefings: Fall 2013 Sessions – channel9.msdn.com The 2013 BlueHat Security Briefings took place on the Microsoft campus in December 2013. Here are the list of talks and discussions. Tools mimikatz 2.0 alpha 20140519 – [...]
Resources Web security tricks – bugscollector.com Bugs Collector is a database of web security breaches and tricks collected from all over the world. Tricks are available here. ShowMeCon 2014 Videos – irongeek.com These are the videos of ShowMeCon 2014. You can watch and download all the videos from here. LayerOne 2013 – layerone.org Archives of the videos of [...]
Resources BSides Chicago 2014 Videos – www.irongeek.com These are the videos from the BSides Chicago conference. You can watch and download all the videos from here. Q1 2014 Mobile Threat Report – www.f-secure.com f-secure's Mobile Threat Report for Q1 2014 is out! Here's a couple of the things they cover in it. Techniques Egress Testing using PowerShell – [...]
Resources Verizon Data Breach Investigations Report – verizonenterprise.com The 2014 Data Breach Investigations Report (DBIR) casts new light on threats — taking 10 years of forensic data and finding that 92% of these can be categorized into nine basic attack patterns. This approach also helps identify primary threats to your industry, which you can analyze to [...]
Events Related Highlights from the SyScan 2014 Conference – symantec.com David Maciejak recently attended the Symposium on Security for Asia Network (SyScan), an annual conference held in Singapore, which brings together computer security researchers from around the world. This year, security myths were dispelled and several interesting topics were discussed at the conference. The following is [...]
Events Related Enter to win an INFILTRATE security conference ticket worth $2,2000 from Hacker Warehouse – hackerwarehouse.com INFILTRATE is a deep technical conference that focuses entirely on offensive security issues. Groundbreaking researchers focused on the latest technical issues will demonstrate techniques that you cannot find elsewhere. Conference is being held on May 15 and 16 in [...]
Resources iOS Application Security Part 32 - Automating Tasks With iOS Reverse Engineering Toolkit (iRET) – highaltitudehacks.com In this article, we will talk about a new tool named iOS Reverse Engineering Toolkit (iRET) that has just been released to assist penetration testers in automating most of the tasks involved in a iOS penetration test. The project [...]
Events Related Three Things to Take Away from CanSecWest, Pwn2Own – threatpost.com Browsers, brokers and BIOS: you could safely call that triumvirate the past, present and future of security, but you’d be wrong. If last week’s CanSecWest conference, and Pwn2Own and Pwnium contests are indeed a point-in-time snapshot of the technical side of information security, then [...]
Events Related RSA Conference 2014 RSA protests by DEF CON groups, Code Pink draw ire – news.cnet.com The RSA security conference (where the world's security companies come to do business with each other), opened its doors this week in San Francisco to a wide range of protests by security professionals who would otherwise be attending and [...]
Events Related Course Review: Offensive Security AWE (Advanced Windows Exploitation) – www.ethicalhacker.net In terms of training, Offensive Security is best known for their Pentesting with BackTrack/Kali (PWK) and Cracking the Perimeter (CTP) courses. The course was delivered by its creators, Matteo Memelli and Devon Kearns. Matteo handled all of the speaking responsibilities, and Devon apparently participated [...]