HackDig : Dig high-quality web security articles for hacker

UNIX and Linux setUID advice and guidance

It is a topic that often comes up on client engagements, usually when running structured build reviews of Linux “gold builds”, but occasionally when trying to explain in detail how we used a Linux system to pivot internally. SetUID and setGID files are inevitably a risk, potentially allowing attackers to elevate privileges to root from a basic us
Publish At:2017-10-27 17:20 | Read:275 | Comments:0 | Tags:Blog AIX analysis auditing blueteam FreeBSD Linux root Solar

SSTIC 2017 wrap-up

This year, one member of the Portcullis team went to one of the biggest security events in France: SSTIC (Symposium sur la sécurité des technologies de l’information et des communications). This post will highlight the most interesting presentations. Many of the slides, articles and videos are available on the SSTIC website, but they are mostly in Fren
Publish At:2017-10-27 17:20 | Read:215 | Comments:0 | Tags:Blog analysis conference SSTIC

Biometrics: Forever the “next big thing”

It’s not every day we get to assess biometric systems from a security perspective, they are still somewhat esoteric and testing them doesn’t quite fit with the usual slew of things that come along with being a security consultant. Recent engagements reminded us of just how interesting this facet of the industry can be and so we decided to write u
Publish At:2017-10-27 17:20 | Read:184 | Comments:0 | Tags:Blog analysis biometrics

Introduction to Bash Bunny

The Bash Bunny is the most recent attack tool released by Hak5 for use by penetration testers. Although the primary focus of the tool is red/black/purple team engagements, it is a dynamic device allowing reconfiguration to suit the scope of work. The Bash Bunny is a Human Interface Device (HID), ethernet & mass storage attack tool all packaged up into on
Publish At:2017-10-27 17:20 | Read:275 | Comments:0 | Tags:Blog hardhack redteam

A study in scarlet

In the modern age, where computers are used for nearly everything we do, the damage that can be caused to a company by cyber-attacks is substantial, with companies losing millions in regulatory fines, compensation and declining share prices. While some of these breaches have been caused by vulnerabilities within the target company’s infrastructure/soft
Publish At:2017-10-27 17:20 | Read:231 | Comments:0 | Tags:Blog analysis blueteam phishing redteam

Exploring Windows Subsystem for Linux

Whilst there has been quite a lot of analysis of Microsoft’s new Windows Subsystem for Linux (aka WSL or Bash on Ubuntu on Windows) and how it functions (particularly from Alex Ionescu), most of this has focused on how it affects the Windows security model. Being a keen UNIX focused researcher, I decided to take it for a spin. The first thing I did onc
Publish At:2017-10-27 17:20 | Read:251 | Comments:0 | Tags:Blog analysis Linux root Windows

Is your sign signed?

Modern autonomous vehicles use a number of sensors to analyse their surroundings and act upon changes in their environment. A brilliant idea in theory, but how much of this sensory information can we actually trust? Cisco’s Security Advisory R&D team, a.k.a. Portcullis Labs, decided to investigate further. Various researchers have documented attack
Publish At:2017-10-27 17:20 | Read:173 | Comments:0 | Tags:Blog analysis biometrics connectedcar hardhack

Hindering Lateral Movement

Lateral Movement is a method used by attackers (or malware) against a network Domain. After an initial device is compromised (typically, a user’s workstation), the attacker extracts passwords from memory, or obtains encrypted password hashes from the system for cracking or direct use (i.e. Pass the Hash). The attacker then attempts to login to other sy
Publish At:2017-10-27 17:20 | Read:228 | Comments:0 | Tags:Blog auditing blueteam redteam training Windows

Social-Engineer Toolkit (SET) v7.7 “Blackout” Released

TrustedSec is proud to announce a major release of the Social-Engineer Toolkit (SET) v7.7. This version incorporates support for hostnames in the HTA attack vector, and a redesigned Java Applet attack vector. Java is still widely used in corporations and with a valid code signing certificate can be one of the easiest ways to get a shell in an organization. I
Publish At:2017-07-11 05:30 | Read:405 | Comments:0 | Tags:blog

Episode 2.8 (July 3rd, 2017) – NSA and Exploit Tools, Petya, Russia, and Ransomware, systemd, Deathstar, and Offic

Welcome to the Trusted Security Podcast – a podcast dedicated to bringing the latest news on information security and the industry. This episode features the following members: Dave Kennedy, Ben Tenjamin, Geoff Walton, Chris Prewitt, Justin Bollinger Show links: http://www.nbcnews.com/news/us-news/can-cia-nsa-be-trusted-cyber-hacking-tools-n778731 http
Publish At:2017-07-04 07:50 | Read:485 | Comments:0 | Tags:blog exploit

50 hashes per hour

How often do you turn off your computer when you go home from work? We bet you leave it on so you don’t have to wait until it boots up in the morning. It’s possible that your IT staff have trained you to lock your system for security reasons whenever you leave your workplace. But locking your system won’t save your computer from a new type
Publish At:2017-06-06 08:30 | Read:745 | Comments:0 | Tags:Blog Research Data leaks Data Protection Linux Security Poli

WannaCry mistakes that can help you restore files after infection

Sometimes ransomware developers make mistakes in their code. These mistakes could help victims regain access to their original files after a ransomware infection. This article is a short description of several errors, which were made by the WannaCry ransomware developers. Errors in file removal logic When Wannacry encrypts its victim’s files, it reads
Publish At:2017-06-01 10:55 | Read:793 | Comments:0 | Tags:Blog Featured Research Ransomware WannaCry

WannaCry and Lazarus Group – the missing link?

A few hours ago, Neel Mehta, a researcher at Google posted a mysterious message on Twitter with the #WannaCryptAttribution hashtag: The cryptic message in fact refers to a similarity between two samples that have shared code. The two samples Neel refers to in the post are: A WannaCry cryptor sample from February 2017 which looks like a very early variant A
Publish At:2017-05-15 18:30 | Read:711 | Comments:0 | Tags:Blog Featured Research Lazarus Ransomware WannaCry

WannaCry FAQ: What you need to know today

Friday May 12th marked the start of the dizzying madness that has been ‘WannaCry’, the largest ransomware infection in history. Defenders have been running around with their heads on fire trying to get ahead of the infection and to understand the malware’s capabilities. In the process, a lot of wires have gotten crossed and we figured it
Publish At:2017-05-15 13:40 | Read:1039 | Comments:0 | Tags:Blog Featured Research Encryption Malware Descriptions Ranso

BSides Denver 2017

Everyone loves a decent security conference, and BSides Denver provides one with space to breathe. Folks in sunny Colorado looking for a fine local gathering found talks on advanced social engineering, APT herding, securing smart cities and more. Even though BSides got its start as an “open source” event taking its contributors from rejected Bla
Publish At:2017-05-14 00:50 | Read:368 | Comments:0 | Tags:Blog

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud