POPULARITY
Three Buddy Problem - Episode 15: Juanito checks in from Virus Bulletin with news on the return of Careto/Mask, a ‘milk-carton' APT linked to Spain. We also cover the latest controversy surrounding IDA Pro's subscription model, a major new YARA update, and ongoing issues with VirusTotal's value and pricing. The conversation shifts to North Korean cyber operations, particularly the infiltration of prominent crypto companies, Tom Rid's essay on Russian disinformation results, and the US government's ICE department using commercial spyware from an Israeli vendor. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs) (SentinelLabs), Costin Raiu (https://twitter.com/craiu) (Art of Noh) and Ryan Naraine (https://twitter.com/ryanaraine) (SecurityWeek).
Stephen Sims shares his years of experience with us and shows us how we can make money hacking. But be careful - some of the options are not recommended. // Stephen's Social // YouTube: https://www.youtube.com/@OffByOneSecu... Twitter: / steph3nsims // Stephen Recommends // Programming Tools: Online Compiler, Visual Debugger, and AI Tutor for Python, Java, C, C++, and JavaScript: https://pythontutor.com/ PyCharm – Python IDE with Great IDA Pro Support:https://www.jetbrains.com/pycharm/ VS Code:https://code.visualstudio.com/ Patch Diffing: Windows Binary Index for Patch Diffing:https://winbindex.m417z.com/ BinDiff Tool for IDA Pro, Ghidra, or Binary Ninjahttps://www.zynamics.com/bindiff.html Diaphora Diffing Tool for IDA Prohttp://diaphora.re/ PatchExtract for Extracting MS Patches from MSU Formathttps://gist.github.com/wumb0/306f97d... Vulnerable Things to Hack HackSys Extreme Vulnerable Driver:https://github.com/hacksysteam/HackSy... WebGoat – Deliberately Insecure Application:https://owasp.org/www-project-webgoat/ Damn Vulnerable Web App:https://github.com/digininja/DVWA Buggy Web App:http://itsecgames.com/ Gruyere Cheesy Web App:https://google-gruyere.appspot.com/ Metasploitable:https://sourceforge.net/projects/meta... Damn Vulnerable iOS App:https://resources.infosecinstitute.co... OWASP Multillidae:https://github.com/webpwnized/mutillidae Online CTF's and Games: SANS Holiday Hack 2023 and Prior:https://www.sans.org/mlp/holiday-hack... https://www.holidayhackchallenge.com/... CTF Time – A great list of upcoming and previous CTF's!:https://ctftime.org/ YouTube Channels: / @davidbombal / @nahamsec / @offbyonesecurity / @_johnhammond / @ippsec https://www.youtube.com/@LiveOverflow... Free Learning Resources: SANS Free Resources – Webcasts, Whitepapers, Posters & Cheat Sheets, Tools, Internet Storm Center:https://www.sans.org/security-resources/ Shellphish - Heap Exploitation:https://github.com/shellphish/how2heap Exploit Database - Downloadable Vulnerable Apps and Corresponding Exploits:https://www.exploit-db.com/ Google Hacking Database (GHDB):https://www.exploit-db.com/google-hac... Google Cybersecurity Certificate:https://grow.google/certificates/cybe... Phrack Magazine:http://www.phrack.org/ Kali Linux:https://www.kali.org/get-kali/#kali-p... Slingshot Linux:https://www.sans.org/tools/slingshot/ Books & Articles: Gray Hat Hacking Series: https://amzn.to/3B1FeIK Hacking: The Art of Exploitation: https://amzn.to/3Us9Uts A Guide to Kernel Exploitation: https://amzn.to/3vfY8vu Smashing the Stack for Fun and Profit – Old, but a classic:https://inst.eecs.berkeley.edu/~cs161... Understanding Windows Shellcode – Old, but still good:https://www.hick.org/code/skape/paper... Great list of exploitation paper links from Shellphish!:https://github.com/shellphish/how2hea... // Stephen's previous videos with David // Free Exploit development training (beginner and advanced) • How to make Millions $$$ hacking zero... Buffer Overflow Hacking Tutorial (Bypass Passwords): • Buffer Overflow Hacking Tutorial (Byp... // David's SOCIAL // Discord: / discord X / Twitter: / davidbombal Instagram: / davidbombal LinkedIn: / davidbombal Facebook: / davidbombal.co TikTok: / davidbombal // MY STUFF // https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos: sponsors@davidbombal.com apple ios android samsung exploit exploit development zero day 0day 1day dark web microsoft macos apple linux kali linux Disclaimer: This video is for educational purposes only. Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel! #android #ios #hacker
Announcing Drata's Series C, Milton Security announces new name, Threathunter.ai, Germany Forces a Microsoft 365 Ban Due to Privacy Concerns – Best of Privacy, New Communication Protocol “Ibex” and Extended Protocol Suite, Gepetto uses OpenAI models to provide meaning to functions decompiled by IDA Pro, Stack Overflow bans ChatGPT, French man wins compensation as judge awards him the right to refuse to be fun at work. Let's be honest: people can frustrate us. They don't always do the things we'd like, and they often do some things we'd rather they didn't. New research from the National Cybersecurity Alliance reveals insights about the public's attitudes and beliefs about security. We'll explore the 2022 Oh Behave! Cybersecurity Attitudes and Behaviors Report and some of the findings may surprise you! We'll also give you practical, actionable advice on how you can better communicate to influence the behavior change you want to see. Segment Resources: https://staysafeonline.org https://staysafeonline.org/programs/cybersecurity-awareness-month/teach-others-how-to-stay-safe-online/ https://staysafeonline.org/programs/hbcu-see-yourself-in-cyber/ https://staysafeonline.org/programs/events/convene-clearwater-2023/ Estonia is a small country in the Baltics; however, it has been at the forefront of technology for many years. This session traces Estonia's journey from independence in 1991 to its current use of digital identities for the systems that allow citizens to vote, check online banking, e-residency, and tax returns. I'll share lessons learned and key takeaways from incidents that happened along the way, examine what the future holds, and discuss the impact of incorporating AI into a digital society. Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw299
Announcing Drata's Series C, Milton Security announces new name, Threathunter.ai, Germany Forces a Microsoft 365 Ban Due to Privacy Concerns – Best of Privacy, New Communication Protocol “Ibex” and Extended Protocol Suite, Gepetto uses OpenAI models to provide meaning to functions decompiled by IDA Pro, Stack Overflow bans ChatGPT, French man wins compensation as judge awards him the right to refuse to be fun at work. Let's be honest: people can frustrate us. They don't always do the things we'd like, and they often do some things we'd rather they didn't. New research from the National Cybersecurity Alliance reveals insights about the public's attitudes and beliefs about security. We'll explore the 2022 Oh Behave! Cybersecurity Attitudes and Behaviors Report and some of the findings may surprise you! We'll also give you practical, actionable advice on how you can better communicate to influence the behavior change you want to see. Segment Resources: https://staysafeonline.org https://staysafeonline.org/programs/cybersecurity-awareness-month/teach-others-how-to-stay-safe-online/ https://staysafeonline.org/programs/hbcu-see-yourself-in-cyber/ https://staysafeonline.org/programs/events/convene-clearwater-2023/ Estonia is a small country in the Baltics; however, it has been at the forefront of technology for many years. This session traces Estonia's journey from independence in 1991 to its current use of digital identities for the systems that allow citizens to vote, check online banking, e-residency, and tax returns. I'll share lessons learned and key takeaways from incidents that happened along the way, examine what the future holds, and discuss the impact of incorporating AI into a digital society. Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw299
Announcing Drata's Series C, Milton Security announces new name, Threathunter.ai, Germany Forces a Microsoft 365 Ban Due to Privacy Concerns – Best of Privacy, New Communication Protocol “Ibex” and Extended Protocol Suite, Gepetto uses OpenAI models to provide meaning to functions decompiled by IDA Pro, Stack Overflow bans ChatGPT, French man wins compensation as judge awards him the right to refuse to be fun at work Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw299
Announcing Drata's Series C, Milton Security announces new name, Threathunter.ai, Germany Forces a Microsoft 365 Ban Due to Privacy Concerns – Best of Privacy, New Communication Protocol “Ibex” and Extended Protocol Suite, Gepetto uses OpenAI models to provide meaning to functions decompiled by IDA Pro, Stack Overflow bans ChatGPT, French man wins compensation as judge awards him the right to refuse to be fun at work Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw299
Nossa Área, com Elia Júnior.Entrevista com técnico de futebol, Lisca.
Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/ddr4-rowhammer-azure-bugs-essential-0days-and-backdoored-ida.html North Korea is at it again targeting researchers, 0day hoarding, breaching secure hardware, and fuzzing on this weeks episode. [00:01:15] Spot the Vuln - Beyond the Grave [00:03:50] ESET Research discovered a trojanized IDA Pro installer, distributed by the #Lazarus APT group [00:12:39] Why Zero-Days Are Essential to Security - Randori [00:29:32] Blacksmith - Rowhammer Returns [00:43:04] Fuzzing Microsoft's RDP Client using Virtual Channels: Overview & Methodology [00:57:45] Microsoft Azure Sphere Security Monitor SMSyscallCommitImageStaging stage-without-manifest denial of service vulnerability [01:04:53] Microsoft Azure Sphere Kernel GPIO_SET_PIN_CONFIG_IOCTL information disclosure vulnerability The DAY[0] Podcast episodes are streamed live on Twitch (@dayzerosec) twice a week: Mondays at 3:00pm Eastern (Boston) we focus on web and more bug bounty style vulnerabilities Tuesdays at 7:00pm Eastern (Boston) we focus on lower-level vulnerabilities and exploits. The Video archive can be found on our Youtube channel: https://www.youtube.com/c/dayzerosec You can also join our discord: https://discord.gg/daTxTK9 Or follow us on Twitter (@dayzerosec) to know when new releases are coming.
In today's podcast we cover four crucial cyber and technology topics, including: 1. New evidence that Emotet may be back emerges 2. Intel addresses two flaws in firmware of computer processors 3. New Rowhammer attack makes DDR4 memory vulnerable 4. North Korean attackers push bundled IDA Pro security tool laced with malware I'd love feedback, feel free to send your comments and feedback to | cyberandtechwithmike@gmail.com
Número de bebês não vacinados contra o sarampo é o maior em 20 anos, diz OMS. E Ciro Gomes retoma pré-candidatura depois que PDT mudou orientação sobre apoio a PEC dos Precatórios. See omnystudio.com/listener for privacy information.
Joxean Koret has been working for the past 15 years in many different computing areas. He started as a database software developer and DBA for a number of different RDBMS. Eventually he turned towards reverse engineering and applied this DB insights to discover dozens of vulnerabilities in major database products, especially Oracle. He also worked in areas like malware analysis, anti-malware software development and developing IDA Pro at Hex-Rays. He is currently a senior security engineer. Joxean is the author and maintainer for Diaphora and Pigaios projects focused on diffing techniques. For more SecTools podcast episodes, visit https://infoseccampus.com
Welcome to the Cybertalk podcast! My co-host is Cristi Vlad and together where we will be covering all your questions related to Infosec and Cyber-security. If you want your question answered/featured in the next episode, you can post them in the Google form linked below. Google form (Post your questions here): https://forms.gle/hK5o7ucQy7iNuz8p7 YouTube Channel: […] The post Cybertalk – EP4 – IDA Pro, Malware Analysis & Python Libraries appeared first on HackerSploit Blog.
Welcome to the fourth episode of Cybertalk! My co-host is Cristi Vlad and together where we will be covering all your questions related to Infosec and Cyber-security. If you want your question answered/featured in the next episode, you can post them in the Google form linked below. In this episode, we discuss IDA Pro, assembly language for malware analysis and useful python libraries for penetration testing and cybersecurity. Books: The IDA Pro Book: https://www.amazon.com/IDA-Pro-Book-Unofficial-Disassembler/dp/1593272898 The Art of Assembly Language: https://www.amazon.com/Art-Assembly-Language-2nd/dp/1593272073 Malware Samples: https://crackmes.one/ https://dasmalwerk.eu/ Listen To CyberTalk: iTunes:https://podcasts.apple.com/ke/podcast/cybertalk/id1490558117 Spotify: https://open.spotify.com/show/6j0RhRiofxkt39AskIpwP7 Google form (Post your questions here): https://forms.gle/hK5o7ucQy7iNuz8p7
The BlackHat/DEFCON recovery episode. This one may be a touch rough, with some great gems. We discuss why music in 1994 was so terrible, including a BWT rendition of some classic Ace of Bass. The FIRST tool is discussed in some detail, how using our IDA Pro plug-in saves time a reduces duplication of effort. A vital topic in this EP is Matt’s post “On Conveying Doubt” how can intel professionals couch our findings in the appropriate amount of certainty. We discuss Warren’s amazing shorts ad nauseam (thanks Sammi for the submission!!) and also talk about ClamAV 0.99.3 release and what you’ll find inside. Main topic - what is the value in the mega-cons? Are they getting too big? Has the value increased, decreased, or just changed with growth?
Join the interview in progress! This week’s podcast features Jason Jones, Senior Security Researcher for Arbor Networks’ ASERT team. Jason talks a little bit about his current research at Arbor that focuses on issues in South Korea as well as his upcoming presentation at FIRST 2016, “Tasty Malware Analysis with T.A.C.O.: Bringing Cuckoo Metadata into IDA Pro.” Jason presents on Monday, June 13th at 17:00.
Materials Available here: https://media.defcon.org/DEF%20CON%2023/DEF%20CON%2023%20presentations/DEFCON-23-Yan-Shoshitaishvili-Fish-Wang-Angry-Hacking.pdf Angry Hacking - the next generation of binary analysis Yan Shoshitaishvili PhD Student, UC Santa Barbara Fish Wang PhD Student, UC Santa Barbara Security has gone from a curiosity to a phenomenon in the last decade. Fortunately for us, despite the rise of memory-safe, interpreted, lame languages, the security of binaries is as relevant as ever. On top of that, (computer security) Capture the Flag competitions have skyrocketed in popularity, with new and exciting binaries on offer for hacking every weekend. This all sounds great, and it is. Unfortunately, the more time goes by, the older we get, and the more our skills fade. Whereas we were happy to stare at objdump a decade ago, today, we find the menial parts of reversing and pwning more and more tiring and more and more difficult. Worse, while security analysis tools have been evolving to make life easier for us hackers, the core tools that we use (like IDA Pro) have remained mostly stagnant. And on top of that, the term "binaries" have expanded to regularly include ARM, MIPS, PPC, MSP430, and every other crazy architecture you can think of, rather than the nice, comfortable x86 of yesteryear. New tools are required, and we're here to deliver. Over the last two years, we have been working on a next-generation binary analysis framework in an attempt to turn back the tide and reduce our mounting noobness. The result is called angr. angr assists in binary analysis by providing extremely powerful, state-of-the-art analyses, and making them as straightforward to use as possible. Ever wanted to know *what freaking value* some variable could take on in a function (say, can the target of a computed write point to the return address)? angr can tell you! Want to know what input you need to trigger a certain code path and export a flag? Ask angr! In the talk, we'll cover three of the analyses that angr provides: a powerful static analysis engine (able to, among other things, automatically identify potential memory corruption in binaries through the use of Value-Set Analysis), its symbolic execution engine, and dynamic emulation of various architectures (*super* useful for debugging shellcode). On top of that, angr is designed to make the life of a hacker as easy as possible -- for example, the whole system is 98% Python, and is designed to be a breeze to interact with through iPython. Plus, it comes with a nifty GUI with nice visualizations for symbolically exploring a program, tracking differences between different program paths, and understanding value ranges of variables and registers. Finally, angr is designed to be easily extensible and embeddable in other applications. We'll show off a semantic-aware ROP gadget finder ("are there any gadgets that write to a positive offset of rax but don't clobber rbx" or "given this program state, what are the gadgets that won't cause a segfault") and a binary diffing engine, both built on angr. We've used angr to solve CTF binaries, analyze embedded devices, debug shellcode, and even dabble in the DARPA Cyber Grand Challenge. We'll talk about our experiences with all of that and will release angr to the world, hopefully revolutionizing binary analysis and making everyone ANGRY! Yan and Fish are two members of Shellphish, a pretty badass hacking team famous for low SLA and getting the freaking exploit JUST A FREAKING MINUTE LATE. Their secret identities are those of PhD students in the security lab of UC Santa Barbara. When they're not CTFing or surfing, they're doing next-generation (what does that even mean?) security research. Their works have been published in numerous academic venues. For example, in 2013, they created an automatic tool, called MovieStealer, a tool to automatically break the DRM of streaming media services [1]. After taking 2014 to work on angr, in 2015, they followed this up with an analysis of backdoors in embedded devices [2]. Now, they've set their sights on helping the world analyze binaries faster, better, stronger, by revolutionizing the analysis tool landscape! [1] https://www.usenix.org/conference/usenixsecurity13/technical-sessions/paper/wang_ruoyu [2] http://www.internetsociety.org/doc/firmalice-automatic-detection-authentication-bypass-vulnerabilities-binary-firmware Twitter: @zardus
En esta ocasión tenemos el honor de entrevistar Laurent Sansonetti – @lrz quien nos hablo de RubyMotion – @RubyMotion. Laurent Sansonetti, es fundador de HipByte y desarrollador principal de RubyMotion. Trabajó en Apple durante 7 años como ingeniero senior de software, tanto en iLife y OS X. A trabajado con Ruby mucho tiempo, creó y mantiene el proyecto MacRuby. Tiempo atrás, trabajó en IDA Pro y fue un activo colaborador RubyCocoa y GNOME.
Black Hat Briefings, Japan 2004 [Audio] Presentations from the security conference
"Virtually every virus and worm that circulates the Internet today is ""protected"" by some form of obfuscation that hides the code's true intent. In the Window's world where worms prevail, the use of tools such as UPX, ASPack, and teLock has become standard. Protection of malicious code is not the only goal of binary obfuscators however which can be used to protect intellectual property. In the Linux world, tools such as Burneye and Shiva exist which can be used in ways similar to any Window's obfuscation tool. To fight such methods, analysts have created specific tools or techniques for unraveling these code obfuscators in order to reveal the software within. To date, in the fight against malware, anti-virus vendors have had the luxury of focusing on signature development since obfuscation of malware has presented little challenge. To combat this, malware authors are rapidly morphing their code in order to evade quickly developed and deployed signature-matching routines. What will happen when malware authors begin to morph their obfuscation techniques as rapidly as they morph their worms? While not designed specifically as a malware protection tool, one program, Shiva, aims to do exactly that. Shiva forces analysis of malicious code to be delayed while analysts fight through each novel mutation of Shiva's obfuscation mechanism. This, in effect, provides the malware a longer period of time to wreak havoc before countermeasures can be developed. This talk will focus on the use of emulated execution within IDA Pro to provide a generic means for rapidly deobfuscating protected code. Capabilities of the emulation engine will be discussed and the removal of several types of obfuscation will be demonstrated. Finally, the development of standalone deobfuscation tools based on the emulation engine will be discussed. Chris Eagle is the Associate Chairman of the Computer Science Department at the Naval Postgraduate School (NPS) in Monterey, CA. A computer engineer/scientist for 18 years, his research interests include computer network operations, computer forensics and reverse/anti-reverse engineering."
Black Hat Briefings, Japan 2004 [Audio] Presentations from the security conference
"Virtually every virus and worm that circulates the Internet today is ""protected"" by some form of obfuscation that hides the code's true intent. In the Window's world where worms prevail, the use of tools such as UPX, ASPack, and teLock has become standard. Protection of malicious code is not the only goal of binary obfuscators however which can be used to protect intellectual property. In the Linux world, tools such as Burneye and Shiva exist which can be used in ways similar to any Window's obfuscation tool. To fight such methods, analysts have created specific tools or techniques for unraveling these code obfuscators in order to reveal the software within. To date, in the fight against malware, anti-virus vendors have had the luxury of focusing on signature development since obfuscation of malware has presented little challenge. To combat this, malware authors are rapidly morphing their code in order to evade quickly developed and deployed signature-matching routines. What will happen when malware authors begin to morph their obfuscation techniques as rapidly as they morph their worms? While not designed specifically as a malware protection tool, one program, Shiva, aims to do exactly that. Shiva forces analysis of malicious code to be delayed while analysts fight through each novel mutation of Shiva's obfuscation mechanism. This, in effect, provides the malware a longer period of time to wreak havoc before countermeasures can be developed. This talk will focus on the use of emulated execution within IDA Pro to provide a generic means for rapidly deobfuscating protected code. Capabilities of the emulation engine will be discussed and the removal of several types of obfuscation will be demonstrated. Finally, the development of standalone deobfuscation tools based on the emulation engine will be discussed. Chris Eagle is the Associate Chairman of the Computer Science Department at the Naval Postgraduate School (NPS) in Monterey, CA. A computer engineer/scientist for 18 years, his research interests include computer network operations, computer forensics and reverse/anti-reverse engineering."