Week 10 In Review – 2017

Techniques Hacking Unicorns with Web Bluetooth - Researchers discovered an unsecured MongoDB server that exposed sensitive CloudPets customer data. My research focused on the toy itself, in particular some issues we found with its Bluetooth LE connectivity and features. Still Passing the Hash 15 Years Later - So I first thought about it [...]

Week 50 In Review – 2016

Events Related PhreakNIC20-2016 - Tools GRASSMARLIN - GRASSMARLIN provides IP network situational awareness of industrial control systems (ICS) and Supervisory Control and Data Acquisition (SCADA) networks to support network security. Techniques Secure Rom extraction on iPhone 6s - Secure ROM, also knows as bootrom, is the very first piece of software that [...]

Week 41 In Review – 2014

Resources nullcon Goa 2014: Pentesting Proprietary RF Communications by Justin Searle – This talk will demonstrate practical techniques to identify, assess, and exploit a subclass of control systems found in your companies that use proprietary RF communications, such as fire alarms, proximity cards, automotive security gates, car alarms, conference rooms, and building automation systems. The [...]

2017-03-12T17:39:29-07:00 October 13th, 2014|Security Vulnerabilities, Site News, Week in Review|0 Comments

Week 28 in Review – 2012

Event Related S16 Networks: Presentations - The complete list of our presentations is available here. Resources Low Hanging Fruit - I decided to write a Python script to automate this task for me. takes a single Nessus v2 XML file and prints a summary HTML file with all of the low hanging [...]