Preface

What is this and why does it exist?

All links, the content behind and the opinions there are not mine.
If you follow an external link, it is your problem, not mine if you do not like, what you find there.
Please be aware, that this is just a list of topics I find interesting.

All mentioned security tools can be found here: https://github.com/MrMarco74/security-geraffel



Tools

Posh-SSH - PowerShell Module for automating tasks on remote systems using SSH
–> Posh-SSH - KITPLOIT <–

PORTAL of Pi - RaspberyPi based PORTAL device. Certified UNIX Network Technicians only!
–> PORTAL of Pi - github <–

Update for Mod0Umleitung available
–> Mod0Umleitung - github <–

New WinDbg available in preview!
–> WinDbg Preview Version - Microsoft Blog <–

Tool for advanced mining for content on Github
–> GitMiner - github <–




Talks & Knowledge

Wireshark: Follow Streams
–> Wireshark: Follow Streams - Didier Stevens <–

Examining a vintage RAM chip, I find a counterfeit with an entirely different die inside
–> Examining a vintage RAM chip - Ken Shirriff’s blog <–

Setting up Router Traffic Mirroring to Wireshark
–> Traffic MIrroring - TestDevLab Blog <–

PCILeech UEFI implants over DMA is coming soon! speed record too - over 200MB/s
–> PCILeech - @UlfFrisk Twitter <–

Why did CIA create a bogus software upgrade? To steal data from FBI, NSA
–> Spy vs Spy trojan - ZDNet <–

All #HITBGSEC presentation slides and materials are released immediately after each talk!
–> Presentation Slides vom #HITBGSEC - HITBGESC <–

Exploiting JSON Cross Site Request Forgery (CSRF) using Flash
–> Exploiting JSON CSRF using Flash - Geekboy | Security Researcher <–

Intel ME controller chip has secret kill switch
–> Intem ME secret kill switch - The Register <–
–> Disabling Intel ME 11 via undocumented mode - PTSecurity Blog <–

Revoke-Obfuscation: PowerShell Obfuscation Detection (And Evasion) Using Science
–> Revoke-Obfuscation for PowerShell - BlackHat USA 2017 <–

Google Error Causes Widespread Internet Outage in Japan
–> Google accidentally hijacked a BGP route - Bleeping Computer <–

Telling your secrets without page faults: Stealthy page table-based attacks on enclaved execution
–> Stealthy page table-based attacks on enclaved execution - github <–

From Onliner Spambot to millions of email’s lists and credentials
–> Spambot writeup - benkow_ Blog <–

The Hotel Room Hacker
–> The Hotel Room Hacker - WIRED <–




Threats

ROPEMAKER EXPLOIT ALLOWS FOR CHANGING OF EMAIL POST-DELIVERY
–> Ropemaker Exploit - threatpost <–

Beware; dangerous new malware ‘Joao’ hits gamers worldwide
–> Joao Malware - HackRead <–

Patching Against the Next WannaCry Vulnerability (CVE-2017-8620)
–> cve-2017-8620 - SecurityWeek <–

HPE Integrated Lights-Out 4 Remote Code Execution Vulnerability
–> CVE-2017-12542 - Cisco <–
–> CVE-2017-12542 - HP <–

DEPRECATED, INSECURE APPLE AUTHORIZATION API CAN BE ABUSED TO RUN CODE AT ROOT
–> Insecure Apple Auth API - threatpost <–

Mobile malware factories: Android apps for creating ransomware
–> Android apps for malware creation - Symantec Blog <–

Beware! Viral Sarahah App Secretly Steals Your Entire Contact List
–> Viral App called Sarahah - The Hacker News <–

Remote Desktop Protocol (RDP) Exposure
–> RDP Exposure - Rapid 7 Community <–

Banner Day for Botnets: 1,700 IoT Credentials Leaked
–> 1.700 IoT Credentials Leaked - info security <–

SEAMLESS CAMPAIGN RIG EK SENDS RAMNIT
–> #RigEK - Malware Traffic Analysis <–

“Wanna see the Game of Thrones in advance” email delivers malware
–> GoT malware scam - HackRead <–

Massive Android DDoS Botnet Derailed
–> WireX derailed - DARKReading <–