Techniques Kaspersky Antivirus Certificate handling path traversal - code.google.com When Kaspersky https inspection is enabled, temporary certificates are created in %PROGRAMDATA% for validation. I observed that the naming pattern is {CN}.cer. Breaking into and Reverse Engineering iOS Photo Vaults - blog.ioactive.com For whatever reason, a lot of people store risqué pictures on their devices. Why [...]
Events Related SecureWV2015 Videos - www.irongeek.com These are the videos of the presentations from Secure West Virginia 2015. HouSecCon v6 2015 Videos - www.irongeek.com New 4G LTE Hacks Punch Holes In Privacy - www.darkreading.com Black Hat Europe researchers to demonstrate newly found flaws in 4G mobile that expose privacy and disrupt phone service. Black Hat Europe [...]
Events Related Videos and Slide Decks from the re:Invent 2015 Security and Compliance Track - blogs.aws.amazon.com Whether you want to review a Security and Compliance track session you attended at re:Invent 2015, or you want to experience a session for the first time, videos and slide decks from the Security and Compliance track are now [...]
Events Related Black Hat USA 2015 Course Review - Adaptive Red Team Tactics from Veris Group - www.redblue.team Black Hat has something for everyone (across the defensive and offensive spectrum) and after considerable delibaration I decided to register for Adaptive Red Team Tactics from Veris Group. This is an interesting team in that a lot of the [...]
Events Related 44CON - www.slideshare.net BSides Augusta 2015 Videos - www.irongeek.com Videos from the BSides Augusta conference. Resources Satellite Turla: APT Command and Control in the Sky - securelist.com When you are an APT group, you need to deal with many different problems. One of them, and perhaps the biggest, is the constant seizure and takedown of [...]
Events Related Black Hat attendee report highlights the mess we're in - zdnet.com Black Hat has released its first-ever attendee research report, highlighting infosec's ongoing hiring crisis and a sector that feels poorly prepared to face current threats. How We Fared in the Cyber Grand Challenge - blog.trailofbits.com The Cyber Grand Challenge qualifying event was held [...]
Resources Introducing LiveDump.exe – crashdmp.wordpress.com Microsoft has added back the ability to dump physical memory to disk (in the form of a dump file) from user mode via NtSystemDebugControl. Sippy wrote a quick proof-of-concept tool and generated what appears to be a 250mb kernel bitmap dump. About the USB Descriptor Collection – usbdescriptors.com This site tries to [...]
Resources CySCA2014-in-a-Box – cyberchallenge.com.au CySCA2014-in-a-Box is a Virtual Machine that contains most of the challenges faced by players during CySCA2014. It allows players to complete challenges in their own time, to learn and develop their cyber security skills. From a Username to Full Account Takeover – blog.spiderlabs.com Usernames, email addresses and phone numbers are invaluable pieces of [...]
Resources BSides Chicago 2014 Videos – www.irongeek.com These are the videos from the BSides Chicago conference. You can watch and download all the videos from here. Q1 2014 Mobile Threat Report – www.f-secure.com f-secure's Mobile Threat Report for Q1 2014 is out! Here's a couple of the things they cover in it. Techniques Egress Testing using PowerShell – [...]
Resources Verizon Data Breach Investigations Report – verizonenterprise.com The 2014 Data Breach Investigations Report (DBIR) casts new light on threats — taking 10 years of forensic data and finding that 92% of these can be categorized into nine basic attack patterns. This approach also helps identify primary threats to your industry, which you can analyze to [...]