malware

/Tag:malware

Week 16 In Review – 2017

Events Related BSides Nashville 2017 Videos - www.irongeek.com Tools CAN-Bus-Arduino-Tool - github.com A tool for performing replay and sniffing CAN bus traffic. OWTF 2.1a "Chicken Korma" released - owtf.github.io Yes folks, it is that time again, a new release of the Offensive Web Testing Framework, OWASP OWTF, one of several OWASP Flagship projects Vulnerabilities InterContinental Hotels [...]

Week 27 In Review – 2016

Resources Exploring and exploiting Lenovo firmware secrets - blog.cr4.sh Hi, everyone! In this article I will continue to publish my research of Lenovo ThinkPad’s firmware. Previously I shown how to discover and exploit SMM callout vulnerabilities on example of SystemSmmAhciAspiLegacyRt UEFI driver 1day vulnerability. Also, I introduced a small toolkit called fwexpl that provides API for comfortable development of firmware [...]

Week 36 In Review – 2015

Events Related Chaos Communication Camp 2015 - media.ccc.de Resources microchips - zeptobars.ru Tools WPSploit - github.com This repository is designed for creating and/or porting of specific exploits for WordPress using metasploit as exploitation tool. armory-pass - github.com Password manager for USB Armory Sleepy Puppy - github.com Sleepy Puppy is a cross-site scripting (XSS) payload management [...]

Week 29 In Review – 2015

Events Related Black Hat attendee report highlights the mess we're in - zdnet.com Black Hat has released its first-ever attendee research report, highlighting infosec's ongoing hiring crisis and a sector that feels poorly prepared to face current threats. How We Fared in the Cyber Grand Challenge - blog.trailofbits.com The Cyber Grand Challenge qualifying event was held [...]

Week 22 In Review – 2015

Events Related HITB Amsterdam Wrap-Up Day #1 – blog.rootshell.be The HITB crew is back in the beautiful city of Amsterdam for a new edition of their security conference. Here is Xavier's wrap-up for the first day! HITB Amsterdam Wrap-Up Day #2 -blog.rootshell.be This is Xavier's quick wrap-up for the second day of Hack in the Box! Resources [...]

Week 8 In Review – 2015

Resources Equation Group: The Crown Creator of Cyber-Espionage – kaspersky.com Kaspersky Lab’s experts can confirm they have discovered a threat actor that surpasses anything known in terms of complexity and sophistication of techniques, and that has been active for almost two decades – The Equation Group. Russian researchers expose breakthrough U.S. spying program – reuters.com The U.S. [...]