Archive for September, 2018

Whatever happened to CipherSaber?

September 11, 2018

Some of you still know how a modem sounds. Back in the days of 14400 baud strong encryption was rare. Compression was king. Every bit counted. And you had to protect yourself. This is where CipherSaber comes into play. Given the exclusive use of strong cryptographic algorithms by government authorities, the CipherSaber algorithm was meant […]

Tags: , , ,
Posted in High Entropy Comments Off on Whatever happened to CipherSaber?

DeepSec 2018 Training: Attacking Internet of Things with Software Defined Radio – Johannes Pohl

September 10, 2018

In Johannes Pohls training participants will learn how to reverse engineer the wireless communication between Internet of Things (IoT) devices with Software Defined Radios (SDR) using the Universal Radio Hacker (URH). The workshop covers required HF (high frequency) basics such as digital modulations and encodings and shows how to reveal the protocol logic step by […]

Tags: , , , , , , ,
Posted in Conference, Security, Training Comments Off on DeepSec 2018 Training: Attacking Internet of Things with Software Defined Radio – Johannes Pohl

DeepSec Training: Bug Bounty Hunting – How Hackers Find SQL Injections in Minutes with Sqlmap

September 7, 2018

In a previous article we talked about the Bug Bounty Hunting training by Dawid Czagan at DeepSec 2018. In case you do now know what to expect, there is a little teaser consisting of a full blown tutorial for you. Dawid has published as video tutorial that shows you how to use Sqlmap in order […]

Tags: , , ,
Posted in Security, Training Comments Off on DeepSec Training: Bug Bounty Hunting – How Hackers Find SQL Injections in Minutes with Sqlmap

DeepSec 2018 Talk: Cracking HiTag2 Crypto – Weaponising Academic Attacks for Breaking and Entering – Kevin Sheldrake

September 6, 2018

HiTag2 is an Radio-Frequency Identification (RFID) technology operating at 125KHz.  It is distinguished from many others in the same field by its use of 2-way communications for authentication and its use of encryption to protect the data transmissions – the majority of RFID technologies at 125KHz feature no authentication or encryption at all.  As a result […]

Tags: , , , , , ,
Posted in Conference, Security Comments Off on DeepSec 2018 Talk: Cracking HiTag2 Crypto – Weaponising Academic Attacks for Breaking and Entering – Kevin Sheldrake

Translated Press Release: DeepSec Conference releases Schedule for 2018

September 6, 2018

Focusing on the Insecurity of Things and infrastructure Vienna (pts014 / 21.08.2018 / 09:25) – This year’s DeepSec In-Depth Security Conference will focus on the topic of Insecurity of Things (IoT) and components of everyday infrastructure. The ever-advancing networking opens up completely new ways for attackers – faster than developers and manufacturers can fix bugs. […]

Tags: , ,
Posted in Conference, Press Comments Off on Translated Press Release: DeepSec Conference releases Schedule for 2018

DeepSec 2018 Talk: Defense Informs Offense Improves Defense – How to Compromise an ICS Network and How to Defend It – Joe Slowik

September 5, 2018

Industrial control system (ICS) attacks have an aura of sophistication, high barriers to entry, and significant investment in time and resources. Yet when looking at the situation – especially recent attacks – from a defender’s perspective, nothing could be further from the truth. Initial attack, lateral movement, and entrenchment within an ICS network requires – […]

Tags: , , , , , ,
Posted in Conference, Security Comments Off on DeepSec 2018 Talk: Defense Informs Offense Improves Defense – How to Compromise an ICS Network and How to Defend It – Joe Slowik

DeepSec 2018 Talk: Can not See the Wood for the Trees – Too Many Security Standards for Automation Industry – Frank Ackermann

September 4, 2018

“Plant operators and manufacturers are currently faced with many challenges in the field of automation.”, says Frank Ackermann. “Issues such as digitization, Industry 4.0, legal requirements or complex business processes that connect IT and OT are paramount. Related security problems and risks need to be addressed promptly and lastingly. Existing and newly created industry security […]

Tags: , , , ,
Posted in Conference, Discussion, Security Comments Off on DeepSec 2018 Talk: Can not See the Wood for the Trees – Too Many Security Standards for Automation Industry – Frank Ackermann

DeepSec 2018 Talk: Who Watches the Watcher? Detecting Hypervisor Introspection from Unprivileged Guests – Tomasz Tuzel

September 3, 2018

Over the last decade we have seen a rapid rise in virtualization-based tools in which a hypervisor is used to gain insight into the runtime execution of a system. With these advances in introspection techniques, it is no longer a question of whether a hypervisor can be used to peek inside or even manipulate the […]

Tags: , , , , ,
Posted in Conference, Development, Security Comments Off on DeepSec 2018 Talk: Who Watches the Watcher? Detecting Hypervisor Introspection from Unprivileged Guests – Tomasz Tuzel