A practical guide to RFID badge copying

@tachyeonz : During red teaming assignments we are sporadically asked to attempt to gain access to certain physical “flags”. These flags could be the inside of a server room, or the workstation of a member of the management team.

Read More

Connect On:
Twitter :@tachyeonz

Some autonomous cars will avoid being hacked by simply staying off the Internet

@tachyeonz : Self-driving cars are essentially large computers on wheels. No surprise, then, that some of them will be kept offline in the name of security.

Read More

Connect On:
Twitter :@tachyeonz

SCADA Security: Securing DNP3 Communications with Defense in Depth

@tachyeonz : Two things that make ICS cybersecurity different from IT security are the use of industrial-specific protocols like DNP3 and the common usage of endpoints like PLCs, IEDs and RTUs that are 15+ years old.

More

Tags : control systems, cyber security, cybersecurity, cyberwarfare, cyberweapons, dnp3, exploit, hack, ics, ics tools, iec 61850, infosec, malawares, pentesting, plc, rtu, scada, smart grids, substations, virus, vulnerability, z

Published On:June 16, 2016 at 10:03PM

Connect On:
Facebook : /tachyeonz
Twitter :@tachyeonz

This low-cost device may be the world’s best hope against account takeovers

@tachyeonz : The past five years have witnessed a seemingly unending series of high-profile account take-overs. A growing consensus has emerged among security practitioners: even long, randomly generated passwords aren’t sufficient for locking down e-mail and other types of online assets.

More

Tags : cryptographic, cryptographic keys, cybersecurity, encryption, hacked, hacked accounts, hacking, m, security keys, two factor authentication, yubico

Published On:December 28, 2016 at 12:16AM

Connect On:
Facebook : /tachyeonz
Twitter :@tachyeonz

IoT and IIOT Cybersecurity Market Map

@tachyeonz : CB Insights has identified 78 private companies at the intersection of cybersecurity and connected hardware, which includes: critical infrastructure, mobile phones, connected devices, enterprise endpoints, and connected cars.

Click here to read more

Tags : #antivirus, #cybersecurity, #firewall, #hacking, #ics, #iiot, #industrialautomation, #industrialinternet, #iot, #landscape, #malawares, #scada, #vunerability, m

Published On:December 09, 2016 at 03:50AM

Connect On:
Facebook : /tachyeonz
Twitter :@tachyeonz

LuaBot: Malware targeting cable modems

@tachyeonz : In order to understand how the malware works, let’s mix some manual and dynamic analysis. Time to analyse the binary using IDA Pro and… First, we need to export the symbols from uClibC’s Puma5 toolchain.

Click here to read more

Tags : #botnets, #cybersecurity, #hacking, #lua, #malawares, #modems, #reverseengineering, #routers, m

Published On:December 08, 2016 at 11:05AM

Connect On:
Facebook : /tachyeonz
Twitter :@tachyeonz

Exclusive: U.S. Air Force Inks $19 Million Cybersecurity Deal

@tachyeonz : The United States Air Force has awarded an $18.8 million contract for digital defense software to Endgame, the cybersecurity firm told Fortune.

Click here to read more

Tags : #criticalinfrastructure, #cybersecurity, #cyberwarfare, #deeplearning, #endgame, #malawares, #usaf, m

Published On:December 08, 2016 at 01:28AM

Connect On:
Facebook : /tachyeonz
Twitter :@tachyeonz

The Daily DDoS: Ten Days of Massive Attacks

@tachyeonz : Back in March my colleague Marek wrote about a Winter of Whopping Weekend DDoS Attacks where we were seeing 400Gbps attacks occurring mostly at the weekends. We speculated that attackers were busy with something else during the week.

Click here to read more

Tags : #botnets, #cloudflare, #cybersecurity, #cyberwarfare, #ddos, #mirai, m

Published On:December 05, 2016 at 07:06AM

Connect On:
Facebook : /tachyeonz
Twitter :@tachyeonz

Providing verifiable trust in IoT data for the industrial internet

@tachyeonz : How can we provide provide verifiable trust in IoT data for the industrial internet? Read use cases on IoT and digital asset storage that illustrate the strengths of the new Ericsson Blockchain Data Integrity Assurance Service for the GE PREDIX platform.

Click here to read more

Tags : #blockchain, #certificate, #cybersecurity, #dataintegrity, #ericsson, #ge, #iot, #keylesssignature, #ksi, #news, #predix, #trust, m

Published On:December 04, 2016 at 10:26PM

Connect On:
Facebook : /tachyeonz
Twitter :@tachyeonz

More Than 1 Million Google Accounts Breached by Gooligan

@tachyeonz : As a result of a lot of hard work done by our security research teams, we revealed today a new and alarming malware campaign. The attack campaign, named Gooligan, breached the security of over one million Google accounts.

Click here to read more

Tags : #cybersecurity, #google, #gooligan, #hacked, #infosec, #leaked, m

Published On:December 01, 2016 at 11:26PM

Connect On:
Facebook : /tachyeonz
Twitter :@tachyeonz

Breaking BHAD: Abusing Belkin Home Automation Devices

@tachyeonz : by Scott Tenaglia & Joe TanenIn 2013 and 2014 several high profile vulnerabilities were found in Belkin’s WeMo line of home automation devices. Belkin not only patched most of those vulnerabilities, but also maintains a very regular update cycle, which makes them one of the more responsive players

Click here to read more

Tags : #belkin, #cybersecurity, #hacking, #homeautomation, #infosec, #iot, #tech, m

Published On:December 01, 2016 at 11:18PM

Connect On:
Facebook : /tachyeonz
Twitter :@tachyeonz

Malware uses Facebook and LinkedIn images to hijack your PC (updated)

@tachyeonz : Malware doesn’t always have to attack your computer through browser- or OS-based exploits. Sometimes, it’s the social networks themselves that can be the problem.

Click here to read more

Tags : #cybersecurity, #facebook, #hacking, #images, #linkedin, #malawares, #photo, m

Published On:November 29, 2016 at 01:58AM

Connect On:
Facebook : /tachyeonz
Twitter :@tachyeonz