Week in Review

/Week in Review

Week 49 In Review – 2015

Events Related 2015 - Talks - bsidesvienna.at Botconf 2015 The first keynote slot was assigned to Margarita Louca from Europol: “Successful botnets takedowns: The good-cooperation part”. More precisely, it’s the EC3 (“European Cyber Crime Center“). This talk was flagged as “restricted” and not all information will be reported here. Botconf 2015 Wrap-Up Day #1 - blog.rootshell.be Botconf [...]

Week 48 In Review – 2015

Events Related My SecTor Story: Root Shell on the Belkin WeMo Switch - www.tripwire.com Researchers from Tripwire were on hand to help attendees explore the world of IoT hacking. They brought with them a table full of devices ranging from routers to smart televisions. They also had a video demonstration of the exploitation of vulnerabilities in [...]

Week 47 In Review – 2015

Techniques Kaspersky Antivirus Certificate handling path traversal - code.google.com When Kaspersky https inspection is enabled, temporary certificates are created in %PROGRAMDATA% for validation. I observed that the naming pattern is {CN}.cer. Breaking into and Reverse Engineering iOS Photo Vaults - blog.ioactive.com For whatever reason, a lot of people store risqué pictures on their devices. Why [...]

Week 46 In Review – 2015

Events Related SecureWV2015 Videos - www.irongeek.com These are the videos of the presentations from Secure West Virginia 2015. HouSecCon v6 2015 Videos - www.irongeek.com New 4G LTE Hacks Punch Holes In Privacy - www.darkreading.com Black Hat Europe researchers to demonstrate newly found flaws in 4G mobile that expose privacy and disrupt phone service. Black Hat Europe [...]

Week 45 In Review – 2015

Resources SecTor 2015 - sector.ca Presentations and videos for SecTor 2015 RuxCon - ruxcon.org.au Tools NMAP - github.com NMAP scripts for TN3270 interaction as well as NJE. Most notably TSO User Enumeration and Brute Force. CICS transaction ID enumeration and NJE node name brute forcing. Techniques Hidden In Plain Sight: Brute Forcing Slack Private Files - [...]

Week 44 In Review – 2015

Resources Welcome to the SaintCON 2015 files section! - files.saintcon.org SaintCON materials. RWSPS: WPA/2 Cracking Using HashCat [ch5pt2] - www.rootsh3ll.com If you remember in the previous part, we learned Speeding up WPA/2 Cracking Using Pre-generated PMKs. Which certainly uses CPU as the primary part for the calculations of the PMKs. It surely gives us speed for cracking [...]

Week 43 In Review – 2015

Events Related HouSecCon v6 2015 Videos - www.irongeek.com Hack.lu 2015 Today started the 11th edition of hack.lu in Luxembourg. Being one of my preferred event, I drove to Luxembourg this morning direction to the Alvisse Parc hotel! Hack.lu 2015 Wrap-Up Day #1 - blog.rootshell.be Hack.lu 2015 Wrap-Up Day #2 - blog.rootshell.be Hack.lu 2015 Wrap-Up Day #3 [...]

Week 42 In Review – 2015

Events Related Videos and Slide Decks from the re:Invent 2015 Security and Compliance Track - blogs.aws.amazon.com Whether you want to review a Security and Compliance track session you attended at re:Invent 2015, or you want to experience a session for the first time, videos and slide decks from the Security and Compliance track are now [...]

Week 41 In Review – 2015

Events Related hardwear.io Conference Jumping right in with the keynote of Day 1 by Jon Callas and my favorite quote “Make your devices fixable”. Enough said. Conference Day 1 - www.insinuator.net Conference Day 2 - www.insinuator.net Applied Physical Attacks on x86 Systems - www.insinuator.net GrrCON 2015 Videos - www.irongeek.com Videos of the presentations from GrrCON 2015 Resources [...]

Week 40 In Review – 2015

Events Related Derbycon 2015 Videos - www.irongeek.com Black Hat USA 2015 - www.youtube.com Louisville Infosec 2015 Videos - www.irongeek.com Thoughts on my very first DerbyCon (which won't be my last) - community.rapid7.com One you hang around in infosec for a little while, you learn that each of the major cons have their own reputation, their [...]