7 Best Black Hat 2015 White Papers

Do you want to get up-to-speed on latest hacker techniques? Snagged this list from reddit: https://www.reddit.com/r/netsec/comments/3fz6z6/blackhat_usa_2015_presentation_slideswhite_papers/cttslpu   Abusing Windows Management Instrumentation (WMI) to Build a Persistent Asynchronous and Fileless Backdoor Crash & Pay: How to Own and Clone Contactless Payment Devices Forging the USB Armory an Open Source Secure Flash-Drive-Sized Computer SMBv2: Sharing More than … Read more

BlackHat Presentation: WMI Architecture Used to Attack

Microsoft’s WMI (Windows Management Infrastructure) presentation by Matt Graeber at BlackHat 2015: https://www.blackhat.com/docs/us-15/materials/us-15-Graeber-Abusing-Windows-Management-Instrumentation-WMI-To-Build-A-Persistent%20Asynchronous-And-Fileless-Backdoor-wp.pdf You can easily see from the diagram that WMI is integral to Windows technologies.  Matt goes on to create PowerShell code which queries all WMI classes and namespaces. Some interesting class paths that i found interesting: CIMV2:Win32_BIOS CIMV2:Win32_AllocatedResource and more PowerShell  seems to … Read more

Prevent Malware Operation or Lose $100k

A 30-year old scrap processor was hoping not to be in a national Newspaper article about what not to do with your information security. http://www.wsj.com/articles/hackers-trick-email-systems-into-wiring-them-large-sums-1438209816   Some Nigerians set up malware on the unsuspecting Metals scrapper computers. So now the malware stole the email password and other email information.  Then the Nigerians did what all … Read more

How Much $ & Time Focus on Security?

2 Wired articles : http://www.wired.com/2015/07/senate-bill-seeks-standards-cars-defenses-hackers/ http://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/ The articles discuss  how one industry is using the new Internet connected services and devices to give more functionality to their customers. That’s great right? So what did 2 researchers do 2011? they connected a laptop and controlled the car through the diagnostic connector. The auto industry laughed at … Read more

Why Security News Scrutinized to Nth Degree

Why put such an emphasis on keeping up with the Security news?  When a new hack comes out it takes time to create the attacks and the defenses, that initial time from the vulnerability being introduced is the most important time you have.     Once the Vulnerability is introduced then there is a certain time … Read more