Events Related The CIA Campaign to Steal Apple’s Secrets - theintercept.com The security researchers presented their latest tactics and achievements at a secret annual gathering, called the “Jamboree,” where attendees discussed strategies for exploiting security flaws in household and commercial electronics. Resources Reversing Mobile Traffic Lights - www.bastibl.net I wanted to have a look at [...]
Events Related Black Hat USA 2015 Course Review - Adaptive Red Team Tactics from Veris Group - www.redblue.team Black Hat has something for everyone (across the defensive and offensive spectrum) and after considerable delibaration I decided to register for Adaptive Red Team Tactics from Veris Group. This is an interesting team in that a lot of the [...]
Events Related 44CON - www.slideshare.net BSides Augusta 2015 Videos - www.irongeek.com Videos from the BSides Augusta conference. Resources Satellite Turla: APT Command and Control in the Sky - securelist.com When you are an APT group, you need to deal with many different problems. One of them, and perhaps the biggest, is the constant seizure and takedown of [...]
Events Related Chaos Communication Camp 2015 - media.ccc.de Resources microchips - zeptobars.ru Tools WPSploit - github.com This repository is designed for creating and/or porting of specific exploits for WordPress using metasploit as exploitation tool. armory-pass - github.com Password manager for USB Armory Sleepy Puppy - github.com Sleepy Puppy is a cross-site scripting (XSS) payload management [...]
Resources Black Hat 2015 Wrap Up – Part I - nettitude.co.uk This year, Black Hat (BH) 2015 came, as it usually does, with major security flaws and some “dojos” aside from the major android vulnerabilities we were exposed to and other types of security issues that are much less talked about, but still expose serious [...]
Events Related DEFCON This year marked the 23rd DefCon, the hacker conference that began as an informal gathering for hackers to meet in person and party in the desert. Imploding Barrels and Other Highlights From Hackfest DefCon - www.wired.com I spent the week with over 20,000 hackers in Las Vegas — here's what I saw [...]
Events Related Kaminsky Creates Clickjacking-Killer - www.darkreading.com Renowned security expert Dan Kaminsky here this week unveiled his latest project: a solution to eradicate so-called clickjacking attacks that plague the Web. 9th USENIX Workshop on Offensive Technologies - www.usenix.org Black Hat USA 2015 Highlights - www.tripwire.com The 18th annual Black Hat USA conference gathered thousands of professionals, [...]
Events Related Black Hat USA 2015 From The Black Hat Keynote Stage: Jennifer Granick - www.darkreading.com Recap of Black Hat 2015, Day 1 - www.webroot.com DEF CON 23 (2015) DEFCON Talk Slides - colinoflynn.com DEF CON 23 presentations/Speaker & Workshop Materials - media.defcon.org Resources Certifi-gate: Hundreds of Millions of Android Devices Could Be Pwned - [...]
Events Related Infiltrate 2015 - vimeo.com BSides Cincinnati 2015 Videos - www.irongeek.com BSides Las Vegas 2015 Videos - www.irongeek.com Resources Workshop2015 - github.com radare2 framework Tools Releasing jsfunfuzz and DOMFuzz - www.squarefree.com Today I'm releasing two fuzzers: jsfunfuzz, which tests JavaScript engines, and DOMFuzz, which tests layout and DOM APIs. The popular hacker Samy Kamkar has presented [...]
Resources Jailbreak or Root Detection: A False Sense of Security, Part 1 - bluebox.com Mobile management vendors have ingrained in the industry that jailbroken and rooted devices are bad: automatically deny all access. There is a widespread fear in the industry that these “compromised” devices jeopardize enterprise networks and are prone to leaking corporate secrets. [...]