Events Related Cyphercon 2.0 Videos - www.irongeek.com These are the videos from the Cyphercon 2.0 conference. DakotaCon - www.youtube.com South Dakota’s premier security event. TROOPERScon - www.youtube.com AIDE 2017 - www.irongeek.com Resources BlackHat 2017 - blackhat.com Over The Air: Exploiting Broadcom’s Wi-Fi Stack (Part 1) - googleprojectzero.blogspot.com It’s a well understood fact that platform security is an [...]
Techniques Hacking Unicorns with Web Bluetooth - www.contextis.com Researchers discovered an unsecured MongoDB server that exposed sensitive CloudPets customer data. My research focused on the toy itself, in particular some issues we found with its Bluetooth LE connectivity and features. Still Passing the Hash 15 Years Later - passing-the-hash.blogspot.com So I first thought about it [...]
Events Related BSides Tampa 2017 Videos - www.irongeek.com These are the videos from the BSides Tampa conference. Resources New hccapx format explained - hashcat.net A few days ago a user came into the #hashcat IRC channel and reported to have problems cracking one of his WPA handshake captures. No worries, the user knew the password to the [...]
Resources Running guide for CTF's - gist.github.com Blackhat Hardware Training Roadmap - securinghardware.com This diagram is intended to give an overview of many of the hardware-related trainings available at Black Hat USA 2017. Generally, lower level hardware is at the bottom and more software to the top. Tools Wordpress Exploit Framework - github.com screen2root - [...]
Events Related BSides Columbus 2017 Videos - www.irongeek.com These are the videos from the BSides Columbus Ohio conference. Resources DevOoops: Client Provisioning (Vagrant) - carnal0wnage.attackresearch.com Notes from the 2015 Devoops Talk. Vagrant used to ship with a default keypair and was difficult to rotate. Intel debugger interface open to hacking via USB - blog.ptsecurity.com New Intel processors [...]
Resources VMware Security Advisories - vmware.com vSphere Data Protection (VDP) updates address SSH key-based authentication issue Techniques In Flight Hacking System - blog.ioactive.com What helped a lot to reduce that fear was to understand how things work in planes, and getting used to noises, bumps, and turbulence. This blog post is about understanding a bit more about how things work aboard an aircraft. More specifically, the In-Flight Entertainment Systems (IFE) developed by Panasonic Avionics. Other News Learning From A Year of Security Breaches - medium.com This year (2016) I accepted as much incident response work as I could. I spent about 300 hours responding to security incidents and data breaches this year as a consultant or volunteer.
Events Related DefCamp- def.campResources McAfee Virus Scan for Linux - state.actor A system running Intel's McAfee VirusScan Enterprise for Linux can be compromised by remote attackers due to a number of security vulnerabilities. Some of these vulnerabilities can be chained together to allow remote code execution as root. Techniques Practical Reverse Engineering Part 5 - Digging Through the Firmware - jcjc-dev.com In part 4 we extracted the entire firmware from the router and decompressed it. As I explained then, you can often get most of the firmware directly from the manufacturer’s website: Firmware upgrade binaries often contain partial or entire filesystems, or even entire firmwares. XNU kernel UaF due to lack of locking in set_dp_control_port - bugs.chromium.org set_dp_control_port is a MIG method on the host_priv_port so this bug is a root->kernel escalation. macOS FileVault2 Password Retrieval - blog.frizk.net macOS FileVault2 let attackers with physical access retrieve the password in clear text by plugging in a $300 Thunderbolt device into a locked or sleeping mac. The password may be used to unlock the mac to access everything on it. Vulnerabilities Bluetooth-enabled safe lock popped after attackers win PINs - theregister.co.uk Attackers can locate and pop safes protected with high security commercial locks thanks to poor Bluetooth implementations, say researchers at Somerset Recon say. 0day drive-by exploit against Fedora If you run a mainstream distribution of Linux on a desktop computer, there's a good chance security researcher Chris Evans can hijack it when you do nothing more than open or even browse a specially crafted music file. And in the event you're running Chrome on the just-released Fedora 25, his code-execution attack works as a classic drive-by. 0-days hitting Fedora and Ubuntu open desktops to a world of hurt - arstechnica.com Redux: compromising Linux using... SNES Ricoh 5A22 processor opcodes?!- scarybeastsecurity.blogspot.com Other News FBI Arrests Customer of Xtreme Stresser DDoS-for-Hire Service - bleepingcomputer.com The FBI arrested this past week Sean Krishanmakoto Sharma, 26, from La Canada, California, for launching DDoS attacks against Chatango, an online chat service.
Events Related PhreakNIC20-2016 - www.youtube.com Tools GRASSMARLIN - github.com GRASSMARLIN provides IP network situational awareness of industrial control systems (ICS) and Supervisory Control and Data Acquisition (SCADA) networks to support network security. Techniques Secure Rom extraction on iPhone 6s - ramtin-amin.fr Secure ROM, also knows as bootrom, is the very first piece of software that [...]
Events Related Kiwicon X - www.youtube.com Resources Curl Security Audit - daniel.haxx.se I asked for, and we were granted a security audit of curl from the Mozilla Secure Open Source program a while ago. This was done by Mozilla getting a 3rd party company involved to do the job and footing the bill for it. CVE-2016-7098 - legalhackers.com "GNU [...]
Resources Published "SecDevOps Risk Workflow" Book (v0.57) - blog.diniscruz.com I just published version v0.57 of the (previously called) Jira Risk Workflow book. Vulnerabilities These 60 dumb passwords can hijack over 500,000 IoT devices into the Mirai botnet - www.grahamcluley.com Mirai has become infamous in recent weeks after blasting the website of security blogger Brian Krebs off the [...]