Roadsec@Home #2 - Julio Della Flora | Ferramentas para hardware hacking
https://youtu.be/DE-FNN5Ps6w
Palestra apresentada no Roadsec@Home #2Julio Della Flora - Atuou como professor de graduação e pós graduação em diversas faculdades como: Unopar, Unifil e FAG, ministrou cursos em parceria com o Senai-Londrina, Atuou como professor de Eletrônica Digital e Instrumentos de Medida na Fundação de Ensino Técnico de Londrina, Coordenador da Pós-graduação em Segurança da Informação e Ethical Hacking, Coordenador da Pós-graduação em Ethical Hacking e Cybersecurity EAD. Analista de segurança da informação e entusiasta em hardware hacking. Palestrou em diversas conferências de segurança como H2HC (Hacker to Hacker Conference), YSTS (You Shot The Sheriff), RoadSec, entre outras. Possui 8 anos de experiência com tecnologia e segurança da informação.https://youtu.be/DE-FNN5Ps6w
YouTube
Ferramentas para hardware hacking | Julio Della Flora
Palestra apresentada no Roadsec@Home #2 2020
Julio Della Flora - Atuou como professor de graduação e pós graduação em diversas faculdades como: Unopar, Unifil e FAG, ministrou cursos em parceria com o Senai-Londrina, Atuou como professor de Eletrônica Digital…
Julio Della Flora - Atuou como professor de graduação e pós graduação em diversas faculdades como: Unopar, Unifil e FAG, ministrou cursos em parceria com o Senai-Londrina, Atuou como professor de Eletrônica Digital…
É oficial: DEF CON é cancelada e pode virar evento online
https://thehack.com.br/e-oficial-def-con-e-cancelada-e-pode-virar-evento-online/
🧬 @Phantasm_Lab
A área de eventos é, sem dúvida, um dos setores da economia mais afetados pela crise causada pelo novo coronavírus (SARS-CoV2), visto que todos quase todos os governos (federais ou municipais, ao redor do mundo inteiro) estabeleceram medidas de isolamento social e proibiram aglomerações que não sejam criticamente necessárias. Com isso, diversas feiras e convenções tiveram que ser migradas para o formato online, adotando transmissão ao vivo de palestras e outros métodos virtuais para troca de conhecimento.https://thehack.com.br/e-oficial-def-con-e-cancelada-e-pode-virar-evento-online/
🧬 @Phantasm_Lab
The Hack
É oficial: DEF CON é cancelada e pode virar evento online
Considerada a maior conferência hacker do mundo, convenção ocorreria em agosto, mas organização decidiu mudar seus planos por conta da COVID-19.
@Phantasm_Lab via @vote
Qual assunto você está mais interessado em ver em um fórum?
public poll
Exploitation – 53
👍👍👍👍👍👍👍 44%
Programming Languages – 23
👍👍👍 19%
Bug Bounty – 15
👍👍 12%
Threat Inteligence X OSINT – 11
👍 9%
Red x Blue Security – 6
👍 5%
Certifications – 4
👍 3%
OS – 3
▫️ 2%
Security information Papers – 3
▫️ 2%
SysADM – 2
▫️ 2%
Open Source & Free Software – 1
▫️ 1%
👥 121 people voted so far.
public poll
Exploitation – 53
👍👍👍👍👍👍👍 44%
Programming Languages – 23
👍👍👍 19%
Bug Bounty – 15
👍👍 12%
Threat Inteligence X OSINT – 11
👍 9%
Red x Blue Security – 6
👍 5%
Certifications – 4
👍 3%
OS – 3
▫️ 2%
Security information Papers – 3
▫️ 2%
SysADM – 2
▫️ 2%
Open Source & Free Software – 1
▫️ 1%
👥 121 people voted so far.
Portas Thunderbolt podem ser usadas para roubar dados de computadores
https://thehack.com.br/portas-thunderbolt-podem-ser-usadas-para-roubar-dados-de-computadores/
Pesquisas da Universidade de Tecnologia de Eindhoven, na Holanda, criaram um caos na web ao anunciar recentemente a descoberta de uma nova forma de explorar as portas Thunderbolt — famosas em dispositivos da Apple, mas presente também em notebooks com Windows e Linux — para roubar dados sensíveis de qualquer computador. De acordo com Björn Ruytenberg, um dos especialistas envolvidos na pesquisa, o ataque (batizado de Thunderspy) exige que o atacante tenha acesso físico à máquina a ser invadido.https://thehack.com.br/portas-thunderbolt-podem-ser-usadas-para-roubar-dados-de-computadores/
The Hack
Portas Thunderbolt podem ser usadas para roubar dados de computadores
Pesquisadores holandeses descobriram nova forma de explorar vulnerabilidades já conhecidas no protocolo de comunicação.
Forwarded from AlcyJones
Inscrições abertas para a segunda edição do SecurityCast Live Conference: https://www.sympla.com.br/securitycast-live-conference-2__841282
BREAKING: the Gates Foundation, World Health Organization and Wuhan Institute of Virology have all been hacked and thousands of emails, passwords, and documents have been leaked online.’
https://magamedia.org/2020/04/21/breaking-it-is-being-reported-that-the-gates-foundation-world-health-organization-and-wuhan-institute-of-virology-have-all-been-hacked-and-thousands-of-emails-passwords-and-documents-have-been-l/
🧬 @Phantasm_Lab
People are still working to connect the dots but several verified accounts have confirmed the accounts have been hacked. Documents online under the search term “Gates Hack” already has a list of donors to the Gates Foundation.https://magamedia.org/2020/04/21/breaking-it-is-being-reported-that-the-gates-foundation-world-health-organization-and-wuhan-institute-of-virology-have-all-been-hacked-and-thousands-of-emails-passwords-and-documents-have-been-l/
🧬 @Phantasm_Lab
Forwarded from SHELL SHOCK
ICSI | CNSS Certified Network Security Specialist - Especialista Certificado en Seguridad de Redes
Use el Código de Cupón #StaySafeHome durante el pago para reclamar su Acceso Gratuito. La Oferta es válida hasta el 31/05/2020.
https://www.icsi.co.uk/courses/icsi-cnss-certified-network-security-specialist-covid-19
Use el Código de Cupón #StaySafeHome durante el pago para reclamar su Acceso Gratuito. La Oferta es válida hasta el 31/05/2020.
https://www.icsi.co.uk/courses/icsi-cnss-certified-network-security-specialist-covid-19
Philippe Laulheret - Intro to Hardware Hacking - DEF CON 27 Conference
https://youtu.be/HuCbr2588-w
🧬 @Phantasm_Lab
This talk is an introduction to hardware hacking and as a case study I’ll use the [REDACTED] Deskphone, a device frequently deployed in corporate environments. I’ll use it to introduce the tools and methodology needed to answer these questions.https://youtu.be/HuCbr2588-w
🧬 @Phantasm_Lab
YouTube
Philippe Laulheret - Intro to Hardware Hacking - DEF CON 27 Conference
From small business to large enterprise, VOIP phones can be found on nearly every desk. But how secure are they? What if your phone was spying on every conversation you have?
This talk is an introduction to hardware hacking and as a case study I’ll use the…
This talk is an introduction to hardware hacking and as a case study I’ll use the…
Bill Swearingen - HAKC THE POLICE - DEF CON 27 Conference
https://youtu.be/vQtLms02PFM
🧬 @Phantasm_Lab
PULL OVER!No, it is a cardigan, but thanks for noticing! After getting a nasty speeding ticket, OG SecKC HA/KC/ER hevnsnt decided enough was enough, and set out to fully understand police speed measurement devices, and develop homebrew countermeasures that are legal in some states (and some that are not). Come learn how police RF (X, K, KA) and Laser speed detection systems work and how to implement your own homebrew jamming countermeasures on the cheap, essentially making your vehicle invisible to law enforcement. HOP IN and BUCKLE UP, this talk is going to FUEL your hardware hacking desires! You better be able to think fast to keep up with this talk and prepare to get home in record time.https://youtu.be/vQtLms02PFM
🧬 @Phantasm_Lab
YouTube
Bill Swearingen - HAKC THE POLICE - DEF CON 27 Conference
PULL OVER!
No, it is a cardigan, but thanks for noticing! After getting a nasty speeding ticket, OG SecKC HA/KC/ER hevnsnt decided enough was enough, and set out to fully understand police speed measurement devices, and develop homebrew countermeasures that…
No, it is a cardigan, but thanks for noticing! After getting a nasty speeding ticket, OG SecKC HA/KC/ER hevnsnt decided enough was enough, and set out to fully understand police speed measurement devices, and develop homebrew countermeasures that…
Forwarded from @Phantasm_Lab
HackTheBox - Apocalyst
01:26 - Enumeration Start
02:58 - WPScan Start
05:40 - Directory Scanning with GoBuster
10:54 - Examining WPScan Output
13:40 - Bruteforcing with WPScan
14:40 - Bruteforcing HTTP Post with Hydra
18:30 - Edit WP Theme to get Code Execution
22:09 - Return of Reverse Shell
26:25 - Privelege Escalation Word Writeable Passwd
https://www.youtube.com/watch?v=TJVghYBByIA
🕴🏽 @Phantasm_Lab
01:26 - Enumeration Start
02:58 - WPScan Start
05:40 - Directory Scanning with GoBuster
10:54 - Examining WPScan Output
13:40 - Bruteforcing with WPScan
14:40 - Bruteforcing HTTP Post with Hydra
18:30 - Edit WP Theme to get Code Execution
22:09 - Return of Reverse Shell
26:25 - Privelege Escalation Word Writeable Passwd
https://www.youtube.com/watch?v=TJVghYBByIA
🕴🏽 @Phantasm_Lab
YouTube
HackTheBox - Apocalyst
01:26 - Enumeration Start
02:58 - WPScan Start
05:40 - Directory Scanning with GoBuster
10:54 - Examining WPScan Output
13:40 - Bruteforcing with WPScan
14:40 - Bruteforcing HTTP Post with Hydra
18:30 - Edit WP Theme to get Code Execution
22:09 - Return of…
02:58 - WPScan Start
05:40 - Directory Scanning with GoBuster
10:54 - Examining WPScan Output
13:40 - Bruteforcing with WPScan
14:40 - Bruteforcing HTTP Post with Hydra
18:30 - Edit WP Theme to get Code Execution
22:09 - Return of…
Splunk Attack Range in a virtualized Ubuntu Guest VM — Guide
https://medium.com/@julian.wieg/splunk-attack-range-in-a-virtualized-ubuntu-guest-vm-guide-c6587f43c15
🧬 @Phantasm_Lab
The Splunk Attack Range is a wonderful project by Splunk that allows anyone interested to quickly (automatically) build and deploy a whole Infrastructure stack with various software/tooling to test Cyber Attacks against vulnerable hosts, capture and send event logs from hosts, forward said event data into Splunk and even implement SOAR playbooks; go see the GitHub project page above for more informationhttps://medium.com/@julian.wieg/splunk-attack-range-in-a-virtualized-ubuntu-guest-vm-guide-c6587f43c15
🧬 @Phantasm_Lab
Medium
Splunk Attack Range in a virtualized Ubuntu Guest VM — Guide
A quick helper to get this fantastic project running locally: https://github.com/splunk/attack_range
Forwarded from SHELL SHOCK