Events Related Converge 2017 Videos - www.irongeek.com These are the videos from the Converge Information Security Conference. BSides Detroit 2017 Videos - www.irongeek.com These are the videos from the BSides Detroit 2017 Conference. Resources Intel Active Management Technology On May 1, Intel published a security advisory regarding a firmware vulnerability in certain systems that utilize Intel® Active Management [...]
Events Related BSidesCharm 2017 Videos - www.irongeek.com These are the videos BSidesCharm (Baltimore) 2017. Resources Car Hacking - illmatics.com Instead of buying books or paying exorbitant amount of money to learn about car hacking, we (Charlie Miller and Chris Valasek) decided to publish all our tools, data, research notes, and papers to everyone for FREE! Password [...]
Resources 33C3: Chris Gerlinsky Cracks Pay TV - hackaday.com People who have incredible competence in a wide range of fields are rare, and it can appear deceptively simple when they present their work. [Chris Gerlinksy]’s talk on breaking the encryption used on satellite and cable pay TV set-top boxes was like that. Tools mitmproxy: release v1.0.0 - [...]
Events Related DefCamp- def.campResources McAfee Virus Scan for Linux - state.actor A system running Intel's McAfee VirusScan Enterprise for Linux can be compromised by remote attackers due to a number of security vulnerabilities. Some of these vulnerabilities can be chained together to allow remote code execution as root. Techniques Practical Reverse Engineering Part 5 - Digging Through the Firmware - jcjc-dev.com In part 4 we extracted the entire firmware from the router and decompressed it. As I explained then, you can often get most of the firmware directly from the manufacturer’s website: Firmware upgrade binaries often contain partial or entire filesystems, or even entire firmwares. XNU kernel UaF due to lack of locking in set_dp_control_port - bugs.chromium.org set_dp_control_port is a MIG method on the host_priv_port so this bug is a root->kernel escalation. macOS FileVault2 Password Retrieval - blog.frizk.net macOS FileVault2 let attackers with physical access retrieve the password in clear text by plugging in a $300 Thunderbolt device into a locked or sleeping mac. The password may be used to unlock the mac to access everything on it. Vulnerabilities Bluetooth-enabled safe lock popped after attackers win PINs - theregister.co.uk Attackers can locate and pop safes protected with high security commercial locks thanks to poor Bluetooth implementations, say researchers at Somerset Recon say. 0day drive-by exploit against Fedora If you run a mainstream distribution of Linux on a desktop computer, there's a good chance security researcher Chris Evans can hijack it when you do nothing more than open or even browse a specially crafted music file. And in the event you're running Chrome on the just-released Fedora 25, his code-execution attack works as a classic drive-by. 0-days hitting Fedora and Ubuntu open desktops to a world of hurt - arstechnica.com Redux: compromising Linux using... SNES Ricoh 5A22 processor opcodes?!- scarybeastsecurity.blogspot.com Other News FBI Arrests Customer of Xtreme Stresser DDoS-for-Hire Service - bleepingcomputer.com The FBI arrested this past week Sean Krishanmakoto Sharma, 26, from La Canada, California, for launching DDoS attacks against Chatango, an online chat service.
Events Related Hack.lu I’m back to Luxembourg for a new edition of hack.lu. In fact, I arrived yesterday afternoon to attend the MISP summit. It was a good opportunity to meet MISP users and to get fresh news about the project. Hack.lu 2016 Wrap-Up Day #1 - blog.rootshell.be Hack.lu 2016 Wrap-Up Day #2 - blog.rootshell.be Hack.lu 2016 [...]
Events Related BSides Augusta 2016 Videos - www.irongeek.com These are the videos from the BSides Augusta conference. Resources Long Secret Stingray Manuals Detail How Police Can Spy On Phones - theintercept.com The Intercept has obtained several Harris instruction manuals spanning roughly 200 pages and meticulously detailing how to create a cellular surveillance dragnet. Techniques Reprogramming the Defcon 24 badge [...]
Events Related The Security Summer Camp Talks I Want To See… - jerrygamblin.com I took some time tonight and read through the Security Summer Camp (BSidesLV, Blackhat and Defcon) schedules and picked the talks from this year that I think will be the best and that I do not want to miss. BlackHat/Def Con/BSides Talk Picks for 2016 [...]
Events Related USENIX Annual Technical Conference (ATC) 2016: The Best and Brightest Security Talks - duo.com I recently attended the USENIX Annual Technical Conference (ATC) 2016 in Denver, Colorado. I was invited to give an industry talk, discussing my Bring Your Own Dilemma paper from last March (touching briefly on the Out Of Box Exploitation paper from May). Instead of just flying [...]
Resources Typosquatting programming language package managers - incolumitas.com Typosquatting is the malicious registering of a domain that is lexically similar to another, often highly frequented, website. Typosquatters would for instance register a domain named Gooogle.com instead of the well known Google.com. Then they hope that people mistype the website name in the browser and accidentally arrive on the [...]
Events Related NolaCon 2016 - www.irongeek.com Resources BlueCoat now has a CA signed by Symantec - twitter.com hitbsecconf2016ams - conference.hitb.org Tools Practical Malware Analysis Starter Kit - bluesoul.me This package contains most of the software referenced in Practical Malware Analysis. Some of the links have broken over time, some companies have folded or been bought. 1 [...]