Video: Wireless Intrusion Detection System with Raspberry Pi

Chris Jenks presented at this weekend’s Circle City Con in Indianapolis, IN. Chris is a graduate from Eastern Michigan University with a Bachelor of Science in Information Assurance. He works full time doing security audits, firewall design, network consulting, and troubleshooting. His Raspberry Pi WIDs was published in the Linux Journal in December 2014, and […]

Video: Electronic safe vulnerabilities

Think electronic safes are fail safe? Here’s a video by Jeff Popio, Sr. Security Architect for Stealth Entry LLC, demonstrating an electronic safe fail and highlighting the vulnerabilities of these units. This talk was presented at the Central Ohio Infosec Summit held last February. Video courtesy of Irongeek.

Homebrew wireless security system

In a previous post we covered the security node that Ken from OverEngineered was building to replace the proprietary home security system in his house. Ken has updated us on the project’s status. “I finally got the final version of that node installed and running my home’s security system. It’s all working pretty well now, […]

Open source Android IMSI-Catcher Detector

The crew from SecUpwN wrote in to tell us about their free and open source project to detect IMSI-Catchers and Silent SMS attacks with your Android smartphone: The Android IMSI-Catcher Detector Starting out on XDA Developers, our small team and me has been working on an open-source security-related Android App since the end of 2013 called the […]

Reverse engineering a Verisure wireless alarm

Here’s an informative two-part series of posts over at FunOverIP detailing how to reverse engineer a Verisure wireless alarm. Part 1 details the beginning steps such as finding the modules radio frequency and modulation type, analyzing the chipset datasheet and using GNU Radio.

Demystifying hardware security with the Bus Pirate

Alain Iamburg over at FishNet Security writes: Welcome to Part III of this series on hardware security. In Part II we explored passive data captures of EEPROM read operations over the SPI bus. In this installment, we will be looking at techniques for actively probing and communicating with such chips. Memory chips can contain interesting data. […]

Mooltipass, an open source offline password keeper

Password keeper for all platforms and devices on Indiegogo, the Mooltipass: The Mooltipass is an open source offline password keeper, a project that started a little less than a year ago. Dozens of contributors from all over the globe got together to work on this device that offers significant advantages over closed or software based password […]

Derbycon video: Making BadUSB Work For You

Adam Caudill and Brandon Wilson gave this presentation at the recent Derbycon 2014 conference in Louisville, KY, covering their hack of the Phison 2251-03 USB controller firmware to add new “features” and functionality. They focus on the Patriot Supersonic Xpress 8GB USB drive allowing it to be repurposed for non-standard uses. Adam has posted his […]

Monitoring Android traffic with Wireshark

Ever wonder what data is being sent out by your Android device? Here’s a post from LinuxJournal outlining how to monitor your device’s WiFi traffic. The technique involves setting up a man-in-the-middle Wireless Access Point (WAP) on your Ubuntu Linux box, then connecting your Android device via WiFi to this point. Wireshark is then run […]

DEFCON 22: WarKitteh – cat on the warprowl

Why do the wardriving yourself when your cat can do it for you? Gene Bransfield gave this presentation at the recent DEFCON 22 conference, describing his efforts to use domestic pets wearing WiFi sniffer/GPS logging gear to essentially warprowl for WiFi hotspots. There’s also DoSdog, a standard pooch wearing a backpack concealing a Hak5 Pineapple, […]

At HOPE, EFF releases code for Open Wireless router

At last weekend’s HOPE Conference in New York City, the EFF released the code for their experimental hacker alpha wireless router software specifically designed to support secure, shareable Open Wireless networks. We are offering this hacker alpha release to engage enthusiastic technical users who would like to help us test, develop, improve, and harden the […]

Linux security tip: moving your /boot partition to removable media

Today threats to your data can come from many quadrants. It’s not enough to protect against malicious online attacks; there’s the very real threat of government confiscating and examining the electronic devices carried by international travelers, and even planting spyware. In this post from “The Doctor”, we’re shown one way to mitigate this threat, which […]

Hacking the Java Debug Wire Protocol (JDWP)

Christophe Alladoum has posted a tutorial on the IO Active Labs Research blog on the Java debug wire protocol and its insecurities. He explains, “In this post, I will explain the Java Debug Wire Protocol (JDWP) and why it is interesting from a pentester’s point of view. I will cover some JDWP internals and how […]

DARPA looks to Oculus as a cyberwar weapon

The Oculus Rift is a high end virtual reality headset being developed for gamers. A team from DARPA has announced that they are working toward integrating the Oculus’s virtual cybervision capabilities into the cyberwar arena. The US armed forces’ far-out research branch known as the Defense Advanced Research Projects Agency (DARPA) showed off its latest […]

Defcon 21: secret life of SIM cards

PHd student Karl Koscher and software engineer Eric Butler have teamed up to research phone SIM cards and how they are used to run small apps. At the DEFCON 21 conference they presented their methodology and results. “This talk, based on our experience building SIM apps for the Toorcamp GSM network, explains what (U)SIM Toolkit […]

Shmoocon 2014: vehicle infotainment data forensics

Courtney Lancaster gave this talk at Shmoocon 2014 outlining the types of information available from vehicle infotainment systems “This talk will take an in-depth look at infotainment technologies and how to forensically acquire the data associated with the functionalities that exist across various manufacturers. Furthermore, we will cover the challenges of conducting digital forensics on […]