computersecuritynews

  The talk on pdf form at Defcon media servers: Inter-VM data exfiltration – The art of cache timing covert channel on x86 multi-core   By Etienne Martineau a kernel developer.     So how can you steal data from one instance while being on another in the same hypervisor machine – you see the … Read more

Patch Tuesday  August ( 8/11/2015) Here is Microsoft patch Tuesday August 2015 edition https://technet.microsoft.com/en-us/library/security/ms15-aug.aspx   How can I say that unpatched computers will get hacked? Any Metasploit pentester will tell you this. Metasploit is a nifty program (runs on Linux) that will attack computers with various attacks and payloads. It takes advantage of people who … Read more

Do you want to get up-to-speed on latest hacker techniques? Snagged this list from reddit: https://www.reddit.com/r/netsec/comments/3fz6z6/blackhat_usa_2015_presentation_slideswhite_papers/cttslpu   Abusing Windows Management Instrumentation (WMI) to Build a Persistent Asynchronous and Fileless Backdoor Crash & Pay: How to Own and Clone Contactless Payment Devices Forging the USB Armory an Open Source Secure Flash-Drive-Sized Computer SMBv2: Sharing More than … Read more

Microsoft’s WMI (Windows Management Infrastructure) presentation by Matt Graeber at BlackHat 2015: https://www.blackhat.com/docs/us-15/materials/us-15-Graeber-Abusing-Windows-Management-Instrumentation-WMI-To-Build-A-Persistent%20Asynchronous-And-Fileless-Backdoor-wp.pdf You can easily see from the diagram that WMI is integral to Windows technologies.  Matt goes on to create PowerShell code which queries all WMI classes and namespaces. Some interesting class paths that i found interesting: CIMV2:Win32_BIOS CIMV2:Win32_AllocatedResource and more PowerShell  seems to … Read more