Event Related DefCon 20 Defcon Wi-Fi hack called no threat to enterprise WLANs - networkworld.com Enterprise Wi-Fi networks can keep using WPA2 security safely, despite a recent Defcon exploit that has been widely, but wrongly, interpreted as rendering it useless. Is WPA2 Security Broken Due to Defcon MS-CHAPv2 Cracking? - revolutionwifi.blogspot.ca A lot of press [...]
Event Related Bsides Cleveland 2012 Videos - irongeek.com These are the videos from the Bsides Cleveland conference. Resources Hashcat Per Position Markov Chains - blog.spiderlabs.com The Markov model is a mathematical system that has had numerous uses and variations since it’s inception over a hundred years ago. Most notable, in terms of computer science, is [...]
Event Related S16 Networks: Presentations - si6networks.com The complete list of our presentations is available here. Resources Low Hanging Fruit - averagesecurityguy.info I decided to write a Python script to automate this task for me. Lhf.py takes a single Nessus v2 XML file and prints a summary HTML file with all of the low hanging [...]
Event Related Our CanSecWest 2012 slides on passive DNS and Picviz - picviz.blogspot.fr Alexandre Dulaunoy from CIRCL.LU and Sebastien Tricaud from Picviz Labs have been talking at CanSecWest 2012 in Vancouver, Canada, on how to scrutinize a country using passive DNS and Picviz. SyScan 2012 Singapore slides - www.xchg.info Conference and slides of SyScan 2012 [...]
Event Related A cyber weapon - alexmgeorge.wordpress.com At RSA 2012 Dave Aitel made a presentation wherein he defined cyber weapons a bit outside of how people normally think. The tried and true metaphor (which I admit to using) is that exploits or frameworks are like guns, and if they’re like guns then it’s easy to [...]
Event Related Pwn2Own Lesson From Pwn2Own: Focus On Exploitability - darkreading.com The Pwn2Own contest earlier this month at the CanSecWest Conference showed off the speed with which knowledgeable security professionals can code exploits for known vulnerabilities. On the failings of Pwn2Own 2012 - scarybeastsecurity.blogspot.com This year's Pwn2Own and Pwnium contests were interesting for many reasons. [...]
Event Related Black Hat Europe 2012 Summaries, Updates and Tools BlackHat Europe 2012 Day #1 Wrap-Up - blog.rootshell.be BlackHat is back in Europe and, this year, they moved back to Amsterdam! This edition also introduced a new format: A three-days conference with three simultaneous tracks. BlackHat Europe 2012 Day #2 Wrap-Up - rootshell.be And I’m [...]
Events Related OWASP ATL Presentation - intrepidusgroup.com I recently gave a presentation at OWASP ATL on the OWASP Mobile Top 10 and how to assess mobile applications. This was a light weight discussion of the OWASP Mobile Top 10 and some topical and technical concerns related to securing mobile applications. OWASP Benelux Days 2011 - [...]
Resources Strategies To Mitigate Targeted Cyber Intrusions - dsd.gov.au Australian computer networks are being targeted by adversaries seeking access to sensitive information. A commonly used technique is social engineering, where malicious “spear phishing” emails are tailored to entice the reader to open them. Users may be tempted to open malicious email attachments or follow embedded [...]
Events Related ENISA First 2011 The European Network & Information Security Agency (ENISA) formed in 2004. The agency supports the commission and the EU member states in the area of information security. Facilitate the exchange of information between EU institutions, the public sector and the private sector. Security Challenges for Future Systems - blog.c22.cc #First2011-Remediating [...]