Event Related DEP-ASLR bypass without ROP-JIT.pdf - docs.google.com This is a pdf file from the event CanSecWest 2013 Pwn2Own: IE10, Firefox, Chrome, Reader, Java hacks land $500k - theregister.co.uk It's back to the drawing board for coders at Microsoft, Google, Adobe, Mozilla, and Oracle after entrants in the annual Pwn2Own contest waltzed off with over [...]
Event Related Juniper Networks intros global cloud-based 'attacker database' - zdnet.com At the start of RSA 2013, Juniper Networks is rolling out a global database to track attacks on individual devices. MASTIFF Analysis of APT1 - novainfosec.com At Shmoocon this year we were please to find that there is a project focused on this specifically [...]
Event Related ShmooCon Firetalks 2013 - irongeek.com These are the videos I have for the ShmooCon Firetalks 2013. Resources APT 1 APT 1: Exposing One of China's Cyber Espionage Units - intelreport.mandiant.com APT1: Exposing One of China's Cyber Espionage Units Threat Actors Using Mandiant APT1 Report as a Spear Phishing Lure: The Nitty Gritty - [...]
Event Related S4x13 Video: Atlas on RF Comms Security and Insecurity - digitalbond.com RF Comms are often ignored in SCADA assessments. Big mistake as atlas 0f d00m shows RF hacking session at S4x13. #Shmoocon Presentation Links - mainframed767.tumblr.com So I talked fast and furious and ran out of time, but 20 minutes is not a [...]
Resources "Security Engineering" now available free online - lightbluetouchpaper.org I’m delighted to announce that my book Security Engineering – A Guide to Building Dependable Distributed Systems is now available free online in its entirety. You may download any or all of the chapters from the book’s web page. The Anatomy of Unsecure Configuration: Reality Bites [...]
Event Related Pentest & Reverse: iOS Application Hacking - esec-pentest.sogeti.com Last month, we gave some lectures about iOS application Hacking first at GreHack (Grenoble, France) and then at Hack.Lu (Luxembourg, Luxembourg). Here you will find the slides and the paper. Don't hesitate to send us your questions. Resources The Red team Mindset Course Part 1 [...]
Event Related University Courses on Reverse Engineering and Malware Analysis - f-secure.com Today marks the commencement of the first lecture for our spring 2013 semester Reverse Engineering Malware course for the Aalto University (Espoo campus) in Finland. Resources Security Assessment of Blackberry Applications - resources.infosecinstitute.com Development of mobile applications have picked up really fast in [...]
Event Related Offensive Defense - blog.ioactive.com I presented before the holiday break at Seattle B-Sides on a topic I called "Offensive Defense." This blog will summarize the talk. I feel it's relevant to share due to the recent discussions on desktop antivirus software (AV) [1], [2],[4], [3] Resources Red October The "Red October" Campaign - [...]
Event Related Index of Congress 29c3 - ftp.ccc.de High quality mp4 of 29c3. The 'Hack Back' Offense - bankinfosecurity.com To repel the onslaught of cyberattacks against organizations, security leaders are debating the merits of the "hack back" defense. THREADS - trailofbits.com THREADS is an annual conference that focuses on pragmatic security research and new discoveries [...]
Event Related 29C3 29C3: When USB memory sticks lie - h-online.com USB memory sticks are thought to be among the less exciting hardware components – simple storage media that have many uses and function the same way in almost any hardware environment. 29C3: Budget mobile turns into GSM base station - h-online.com Belgian hacker Sylvain [...]