A security research group has completed an Internet census revealing interesting facts on usage. According to the abstract by the crew from Carna Botnet, While playing around with the Nmap Scripting Engine (NSE) we discovered an amazing number of open … Read more
The concept of dead drops, where USB thumbdrives are installed in public places for the distribution of files “off the grid” has been a popular topic. Now Steve Schuler writes in with his new take on this concept currently featured … Read more
At the recently concluded HackInTheBox 2013 (HITB) conference German security consultant Hugo Teso has once again drawn into question the security of aero comms. In a presentation at the Amsterdam conference, Hugo highlighted the security vulnerabilities of the Automatic Dependent … Read more
In this presentation from the recent Shmoocon 2013 conference in Washington, DC, Mike Ryan from iSec Partners discusses the new generation of wireless hacking tools to intercept and inject Bluetooth Low Energy (BTLE) communications. Also known as Bluetooth Smart, BTLE … Read more
AppSec USA has announced a call for papers and trainers for their upcoming conference in NYC in November, 2013. AppSec USA is a software security conference for technologists, auditors, risk managers, and entrepreneurs. They invite all practitioners of application security … Read more
Tsvetan and his crew at Olimex designed this simple project with A13-OLinuXino and OpenCV. “Now everytime somebody enter our lab A13-OLinuXino takes picture with timestamp and store on the SD-card, later we can view the captured images via the web … Read more
At the recent Shmoocon conference in Washington, DC, Teddy Reed and David Anthony presented their DIY guide to using Trusted Computing on embedded devices. This is NOT an introduction or overview of Trusted Computing. We introduce a low-cost schematic using … Read more
SCADA (Supervisory Control and Data Access) signals are commonly used to monitor and control utility and indusrial system. They use digital modulation and operate in the sub-1 GHz range of the RF spectrum. Atlas of D00M presesnted this talk at … Read more
Adam Laurie (a/k/a/ Major Malfunction) is a white hat hacker from London, UK, who has presented at a number of conferences worldwide. He’s also the Director at Aperature Labs, Ltd. Recently he explored the broken HDCP security mechanism used in … Read more
OpenSecurityTraining has released a series of over 100 videos covering Introductory Intel x86: Architecture, Assembly, Applications, & Alliteration. The full YouTube playlist of the series can be found here. Trainer Xeno Kovah describes the course’s focus: “Intel processors have been … Read more
UEFI secure booting has been on the minds of many hackers and open sources advocates. Some believe that it will lock out certain operating systems in favor of vendor’s proprietary systems. (There have even been recent reports of bricking Samsung … Read more
The Hoz directs our attention to this Lifehacker article explaining how to setup the R-Pi as your own personal VPN. The project hardware requires only standard R-Pi peripherals, including keyboard, mouse, monitor, SD card and Ethernet connection. You’ll also need … Read more
Hudson from NYC Resistor was inspired by Beth’s avrfid.S project to try to build a replacement for the multiple HID Prox card he carried for work. Hudson notes that “Beth’s design is simultaneously a technical tour-de-force and an example of … Read more
At last Summer’s DEFCON 20 conference Sandy Clark and Matt Blaze from the University of Pennsylvania discussed their research into the security of the P25 (APCO Project 25) digital radio protocol. Here they explain the basics of the P25 protocol … Read more
Last October the Open Web Application Security Project (OWASP) AppSecUSA 2012 conference was held in Austin, Texas. In this conference video Jon McCoy presents the practical information on reverse engineering .NET Framework Desktop Software. The presentation goes beyond basics to … Read more
Benjamin Lunt writes to inform us of a small hardware HID project which for which he’s developed a PCB. The device design was created by Joonas Pihlajamaa (Jokkebk) and posted on CodeAndLife where it’s very popular. Joonas’ device is a … Read more
S3c writes to inform us that the Bus Pirate got a mention in DEFCON 20 talk on reversing smart meters. From what we were able to ascertain from the video the Bus Pirate is used to read memory devices located … Read more
In this talk from the DEFCON 20 conference, Phil Polsta, Computer Security Professor at the University of Dubuque discusses the relative insecurity of using USB “keys” as a way of restricting access to tech resources. He explains in detail how … Read more
In this just released video from the Open Web App Security Project (OWASP) AppSecUSA 2011 conference held in Minneapolis, MN, Mike Park discusses the insecurity of Android “.apk” apps and covers the ease with which Android Apps can be reversed, … Read more
András Veres-Szentkirályi, IT security expert, OSCP, GWAPT, writes, “I’ve built a device that acts as a USB HID keyboard, enters a script as a series of keystrokes into a PC, which can extract itself into an executable. This in turn … Read more
In The Forum
Recent Comments