Mrz 17 15

android malwareResearchers from Check Point Mobile Researcher Team detected several infections in 36 Android devices from different manufacturer. Security breaches in Andorid devices are noting new today but the attack is intressting because the malware were already present on the devices even before the users received them. The malicious apps were not part of the official ROM supplied by the vendor, and were added somewhere along the supply chain….

Find out more in Preinstalled Malware Tareting Mobile Users

written by d45id \\ tags: , , , ,

Nov 16 17

poisontapSamy Kamkar released an amazing new tool suite for Raspberry Pi Zero which can siphons cookies, exposes the internal router and installs a persitend web-based backdoor on your locked computers.

Project site: https://samy.pl/poisontap/
Source code: https://github.com/samyk/poisontap

written by d45id \\ tags: , , , , , ,

Sep 16 10

Thomas Lendacky from the AMD introduces on the KVM Forum 2016 Secure Memory Encryption (SME) and Secure Encrypted Virtualization (SEV) features from the new Zen microarchitecture.

Find out more:

written by d45id \\ tags: , , , , , , , ,

Jul 16 06

Router der Marke FRITZ!Box verfügen über einen mehr oder weniger versteckten Modus in dem sich sehr einfach und schnell Paketmitschnitte auf den einzelnen Schnittstellen erstellen und im pcap (packet capture) Format speichern lassen.

Aufrufen lässt sich das Menü über die Webschnittstelle indem die Unterseite /html/capture.html aufgerufen wird. Eine valide Benutzerkennung ist von Nöten.

Beispiel: http://192.168.178.1/html/capture.html
capturemode

written by d45id \\ tags: , , , ,

Feb 16 11

Engineers from exodus intelligence demonstrated an awesome undocumented feature in Cisco Adaptive Security Appliance (ASA), remote code execution via UDP. This feature is implemented in the Cisco IKE feature set. The algorithm for re-assembling IKE payloads fragmented with the Cisco fragmentation protocol contains a bounds-checking flaw that allows a heap buffer to be overflowed with attacker-controlled data.

Find out more:

written by d45id \\ tags: , , , , , , ,

Aug 15 03

Kovah, who discovered with his partners a lot of firmware vulnerabilities in Macs  last year has now designed with Trammell Hudson, a security engineer a worm they dubbed Thunderstrike 2 that can spread between MacBooks undetected.

[The attack is] really hard to detect, it’s really hard to get rid of, and it’s really hard to protect against something that’s running inside the firmware

Find out more at BlackHat & DefCon or read an amazing article @wired

written by d45id \\ tags: , , , , , , , ,

Jul 15 21

…a very interesting article published in wired magazine about wireless carjacking.

written by d45id \\ tags: , , , ,

Mai 15 14

Combo Breaker is a motorized, battery powered, 3D printed, Arduino-based combination lock cracking device.

Source code / 3D models:https://github.com/samyk/combobreaker

 

written by d45id \\ tags: , , , , ,