Marco
BlackHat presentation demo vids: SugarSync
[part 1 in a series of 5 video write-ups from our BlackHat 09 talk, summary here] We wanted to demonstrate how access to cloud resources can bring certain attack classes within reach of regular users. Instead of focusing on brute-forcing regular user credentials such as usernames and passwords, we decided to look at less noisy options since failed logins would typically be a closely watched metric. To this end, different…
BlackHat presentation demo vids: Summary
Our BH09/DC17 presentation relied heavily on videos for the demos, and they’ve been blogged separately. Links below (will be made active once the upload is complete): [slides] [SugarSync] [SalesForce Clickjack] [SalesForce Sifto] [Amazon Web Services] [MobileME]
Clobbering the cloud slides
[updated: videos will be made available on this page] 140 slides in 75 minutes. They said it couldn’t be done… and they were right! (mostly) Regardless, our Vegas trip was as much fun as previous years and our presentations at BlackHat and DEFCON went down well from the looks of things. While we plan on writing up the interesting parts, a number of people have requested access to the slidedeck…
Wishlist for graduates
We were invited to speak at the recent ISSA2009 conference in Joburg, a local mostly academic security conference and I decided to carry a message in addition to the regular demo-style talk with which we try to entertain. By co-incidence, Haroon also had his peer-reviewed talk on Apple Exploitation Defences accepted so there were two SensePosters talking to the tweed jackets. I figured the most important bit of the presentation…
these tubes are quick
Kaminsky’s thunder has all but evaporated into a fine mist, and Ptacek has gone all silent. In the meantime, the MetaSploit crowd put their heads down and produced: http://www.caughq.org/exploits/CAU-EX-2008-0003.txt DNS poisoning for the masses. (If anything ever deservered the tag ‘infosec-soapies’, this would be it!!!)
funky javascript
found this online last night. try in FF or IE7: javascript:document.body.contentEditable='true'; document.designMode='on'; void 0 then edit the page in-place, screenshot, and make your scam millions… at least, it beats editing HTML?
rethinking ye old truths
since forever, i’ve been told (and told others) that the greatest threat is from the inside. turns out, not so much. verizon business (usa) apparently conducted a four year study on incidents inside their organisation and found that the vast majority, 73%, originated from outside. however, the majority of breaches occurred as a result of errors in internal behaviour such as misconfigs, missing patches etc. (62% of cases). So attackers…
22:30 to 23:30: the quiet hour
while waiting around for the PSW guys last night, it seemed like a good time to test our mettle on the foosball table. we’ve witnessed rapid development of general foos skills in the office since the introduction of the table a few weeks ago, and the improvement in shot speed has been noticeable. of course, questions always remain as to the difference between actual and perceived velocity of shots, and…
reddit: exploit publisher?
saw this in my RSS reader, the null poison byte makes a comeback! Until it gets fixed, you can view here.
QoW 1 answered; Qow 2 released
A little while back we published our first public QoW for your abuse and enjoyment, and the time to close it is ………. now. The new QoW is available here. Thanks for the efforts; we received a fair number of answers and are still figuring out how to go about recording your submissions. For now, we’ll publish the first correct answer, and discuss the answer in brief. Over to Haroon:…
Prev
Page 3 of 3