1. Examining the Cring Ransomware Techniques
https://www.trendmicro.com/en_us/research/21/i/examining-the-cring-ransomware-techniques.html
2. Strings Analysis:
VBA & Excel4 Maldoc
https://isc.sans.edu/diary/27872
#Malware_analysis
@Iotpenetrationtesting
https://www.trendmicro.com/en_us/research/21/i/examining-the-cring-ransomware-techniques.html
2. Strings Analysis:
VBA & Excel4 Maldoc
https://isc.sans.edu/diary/27872
#Malware_analysis
@Iotpenetrationtesting
Trend Micro
Examining the Cring Ransomware Techniques
In this entry, we look at the techniques typically employed by the Cring ransomware, as well as the most affected regions and industries.
https://www.darkreading.com/endpoint/iot-nutrition-labels-aim-to-put-security-on-display
#iot
#Security
@iotpenetrationtesting
#iot
#Security
@iotpenetrationtesting
Dark Reading
IoT 'Nutrition' Labels Aim to Put Security on Display
NIST has laid the groundwork for an easy-to-understand way to communicate to consumers the security of software and connected devices.
https://www.hackster.io/news/which-microcontroller-can-emulate-a-vintage-eprom-the-raspberry-pi-rp2040-748c76bae633
#EPROM
#Raspberrypi
#microcontroller
@iotpenetrationtesting
#EPROM
#Raspberrypi
#microcontroller
@iotpenetrationtesting
Hackster.io
Which Microcontroller Can Emulate a Vintage EPROM? The Raspberry Pi RP2040!
Experience three potential solutions firsthand in this short video journey.
Hacking LG WebOS Smart TVs Using A Phone
https://medium.com/geekculture/hacking-lg-webos-smart-tvs-using-a-phone-3fedba5d6f50
#LG
#hack
#smart
#tv
@iotpenetrationtesting
https://medium.com/geekculture/hacking-lg-webos-smart-tvs-using-a-phone-3fedba5d6f50
#LG
#hack
#smart
#tv
@iotpenetrationtesting
ICS_Protocol_Fuzz.pdf
705.4 KB
"ICS Protocol Fuzzing:
Coverage Guided Packet Crack and Generation", 2020.
#Research
#SCADA_Security
@iotpenetrationtesting
Coverage Guided Packet Crack and Generation", 2020.
#Research
#SCADA_Security
@iotpenetrationtesting
https://github.com/rust-embedded/rust-raspberrypi-OS-tutorials
#rust
#Raspberrypi
@iotpenetrationtesting
#rust
#Raspberrypi
@iotpenetrationtesting
GitHub
GitHub - rust-embedded/rust-raspberrypi-OS-tutorials: :books: Learn to write an embedded OS in Rust :crab:
:books: Learn to write an embedded OS in Rust :crab: - rust-embedded/rust-raspberrypi-OS-tutorials
https://labs.bishopfox.com/tech-blog/an-intro-to-fuzzing-aka-fuzz-testing
#fuzz
#aka
@iotpenetrationtesting
#fuzz
#aka
@iotpenetrationtesting
Bishop Fox
Fuzz Testing for blackbox security analysis
Learn about fuzzing testing, who should fuzz, what types of fuzzers exist, how to write a good harness to perform blackbox analysis on a given program.
Bluetooth → Wi-Fi Code Execution & Wi-Fi Debugging
https://naehrdine.blogspot.com/2021/04/bluetooth-wi-fi-code-execution-wi-fi.html
#wifi
#Bluetooth
@iotpenetrationtesting
https://naehrdine.blogspot.com/2021/04/bluetooth-wi-fi-code-execution-wi-fi.html
#wifi
#Bluetooth
@iotpenetrationtesting
Into the art of Binary Exploitation
https://7h3h4ckv157.medium.com/?p=b4658238ee62
#exploitation
@iotpenetrationtesting
https://7h3h4ckv157.medium.com/?p=b4658238ee62
#exploitation
@iotpenetrationtesting
GoSecure Titan Labs Technical Report: BluStealer Malware Threat
https://www.gosecure.net/blog/2021/09/22/gosecure-titan-labs-technical-report-blustealer-malware-threat
#Malware_analysis
@iotpenetrationtesting
https://www.gosecure.net/blog/2021/09/22/gosecure-titan-labs-technical-report-blustealer-malware-threat
#Malware_analysis
@iotpenetrationtesting
Hunting Ghosts in Bluetooth Firmware: BrakTooth Meets Frankenstein
https://naehrdine.blogspot.com/2021/09/hunting-ghosts-in-bluetooth-firmware.html
#Bluetooth
#firmware
@iotpenetrationtesting
https://naehrdine.blogspot.com/2021/09/hunting-ghosts-in-bluetooth-firmware.html
#Bluetooth
#firmware
@iotpenetrationtesting
ransomware_report_2021.pdf
1.2 MB
"Ransomware in a global context", 2021.
]-> https://blog.virustotal.com/2021/10/ransomware-in-global-context.html
#Analytics
#Malware_analysis
@iotpenetrationtesting
]-> https://blog.virustotal.com/2021/10/ransomware-in-global-context.html
#Analytics
#Malware_analysis
@iotpenetrationtesting
https://github.com/Matheus-Garbelini/esp32_bluetooth_classic_sniffer
#Bluetooth
@iotpenetrationtesting
#Bluetooth
@iotpenetrationtesting
GitHub
GitHub - Matheus-Garbelini/esp32_bluetooth_classic_sniffer: Active Bluetooth BR/EDR Sniffer/Injector as cheap as any ESP32 board…
Active Bluetooth BR/EDR Sniffer/Injector as cheap as any ESP32 board can get. Works with Scapy ;-) - Matheus-Garbelini/esp32_bluetooth_classic_sniffer
1. Cisco VOIP Adapter ATA19X Privilege Escalation
and RCE (PoC for CVE-2021-34710)
https://www.iot-inspector.com/blog/advisory-cisco-ata19x-privilege-escalation-rce
2. Dahua Console: access internal debug console
and/or other researched functions
https://github.com/mcw0/DahuaConsole
#IoT_Security
@iotpenetrationtesting
and RCE (PoC for CVE-2021-34710)
https://www.iot-inspector.com/blog/advisory-cisco-ata19x-privilege-escalation-rce
2. Dahua Console: access internal debug console
and/or other researched functions
https://github.com/mcw0/DahuaConsole
#IoT_Security
@iotpenetrationtesting
Onekey
Advisory: Cisco ATA19X Privilege Escalation and RCE | ONEKEY Research | Research | ONEKEY
We found lacking user privilege separation enforcement and post-authentication command injection remote code execution within Cisco ATA19X firmware.