Archive for November, 2013

DeepSec 2013 Talk: Trusted Friend Attack – Guardian Angels Strike

November 5, 2013

Have you ever forgotten a password? It’s a safe bet to assume a yes. Sometimes we forget things. When it comes to logins there is usually a procedure to restore access and change the forgotten password to a known new one. This Forgot Your Password functionality is built into many applications. The mechanism is to […]

Tags: , , , ,
Posted in Conference, Security, Stories 3 Comments »

DeepSec 2013 Talk: Auditing Virtual Appliances – An Untapped Source Of 0-days

November 4, 2013

System administrators and information security researcher often have to deal with appliances. Almost every organisation and company has a couple of magical black boxes sitting around. Usually they are connected to the network, and they do important stuff (such as filtering things, checking content, and the like). In the old days testing these appliances for […]

Tags: , , , ,
Posted in Conference, Security 3 Comments »

DeepSec 2013 Talk: Cracking And Analyzing Apple iCloud Protocols: iCloud Backups, Find My iPhone, Document Storage

November 3, 2013

The „Cloud“ technology is a wonderful construct to hide anything, because the „Cloud“ itself is no technology. Instead it is constructed out of a variety of different protocols, storage systems, applications, virtualisation and more. So „Clouds“ provide a good cover. Ask any fighter pilot. They will also confirm that the „Cloud“ is a great hunting […]

Tags: , , ,
Posted in Conference 3 Comments »

DeepSec 2013 Talk: Hack The Gibson – Exploiting Supercomputers

November 2, 2013

Compromising and controlling a large number of computers is a big advantage for attackers. The best example are the botnets consisting of hundreds, thousands or millions of systems infected by malicious software. These herds of compromised nodes receive commands from Command & Control (C&C) servers. In a sense this is massive parallel computing, but unfortunately […]

Tags: , , ,
Posted in Conference 4 Comments »

DeepSec 2013 Talk: Prism Break – The Value Of Online Identities

November 1, 2013

We all have identities. We use them on a daily basis in our off-line world. Colleagues greet us at work, because they know who we are. Of course our family members know who we are. When it comes to the digital life-style our identity becomes a lot more complex and diverse. Web shops know what […]

Tags: , , , ,
Posted in Conference, Internet 1 Comment »