the original cloud security
Showing 101 - 125 of 3,298 RSS Feed

Whitepaper Files

33C3 Call For Participation
Posted Sep 2, 2016

Call for participation for the 33C3 Chaos Communication Congress. The Chaos Communication Congress is the annual symposium and hacker party of the Chaos Computer Club (CCC). During four days between Christmas and New Years Eve, thousands of hackers, technology freaks, artists, and utopians get together in Hamburg to communicate, learn from each other, and party together. They focus on topics such as information technology, digital security, making and breaking. They engage in creative, sceptical discourse on the interaction between technology and society.

tags | paper, conference
MD5 | fed87e714aa5fc0af407067ffa5c346b
Hacking Soft Tokens - Advanced Reverse Engineering On Android
Posted Aug 25, 2016
Authored by Bernhard Mueller

Traditional hardware 2FA tokens are increasingly being replaced by "soft" tokens – software OTP generators packaged into regular smartphone apps that run on iOS or Android. This is more convenient for users but also exposes the tokens to attacks by mobile malware and manual attacks. To compensate for these risks, many software token vendor apply a combination of obfuscation, anti-tampering, and cryptography. The question is, how effective are these measures in protecting the users' data? In this paper, the author shows different kinds of attacks that can be used to reverse engineer OTP algorithms and extract the stored secrets. Techniques range from classical static and dynamic analysis to custom kernel sandboxes and full-system emulation. The author demonstrates proof-of-concept exploits for current soft tokens of major vendors, and explain methods of assessing the effectiveness of a given set of obfuscation.

tags | paper
MD5 | a9db1a7fe90c1cb8eb650f278285bd57
nullcon 8-bit Call For Papers
Posted Aug 24, 2016

nullcon is an annual security conference held in Goa, India. The focus of the conference is to showcase the next generation of offensive and defensive security technology. It will take place March 3rd through the 4th, 2017.

tags | paper, conference
MD5 | 5344154df2234f50b4addd6532411b9a
WorldCIST 17 Call For Papers
Posted Aug 3, 2016

The Information Systems and Technologies research and industrial community is invited to submit proposals of Workshops for WorldCist'17. It will be held on Porto Santo Island, Madeira, Portugal. It will take place April 11th through the 13th, 2017.

tags | paper, conference
MD5 | e85711f9b70b09f5093f53704d8e5e4a
My VBA Bot
Posted Jul 11, 2016
Authored by Emeric Nasi

Whitepaper called My VBA Bot - Writing Office Macro FUD encoder and other stuff.

tags | paper
MD5 | 87032531ac567151790aca40969a34bb
CODE BLUE 2016 Call For Papers
Posted Jul 7, 2016

CODE BLUE has announced its Call For Papers. It is an international conference held at Shinjuku, Tokyo, Japan that will be held from October 20th through the 21st, 2016.

tags | paper, conference
MD5 | b7a9180ec841007775d4cadb7079084a
How To Exploit Magic Values In 32-Bit Processes On 64-Bit OSes
Posted Jun 22, 2016
Authored by SkyLined

This is a brief write-up on how magic values in 32-bit processes on 64-bit OSes work and how to exploit them.

tags | paper
advisories | CVE-2014-1592
MD5 | 37f2076a2763f2f4cb4bece0777fe356
t2'16 Call For Papers
Posted May 10, 2016

The t2'16 Call For Papers has been announced. It will take place October 27th through the 28th, 2016 in Helsinki, Finland.

tags | paper, conference
MD5 | 07a68c5f0f528d2f540e592ea028ecfb
CONFidence 2016 Call For Papers
Posted May 3, 2016

CONFidence 2016 Call For Papers - This conference will take place from May 19th through the 20th, 2016 in Krakow, Poland.

tags | paper, conference
MD5 | d0c8524e81294f8ae3552e05e5b117a2
GreHack 2016 Call For Papers
Posted Apr 27, 2016

The GreHack 2016 Call For Papers has been announced. GreHack is an international security conference which takes place in Grenoble (France). It aims to bring together academics, industry, governments, students and hackers to discuss new advances in computer and information security research. This year will be the fourth edition. As always, conferences will take place during the day, and you will be able to test your hacking skills with the Capture The Flag contest that will hold during the night. It will take place on November 18th, 2016.

tags | paper, conference
MD5 | 4f192bca116bd6a1875504050596426f
BugCON 2016 Call For Papers
Posted Apr 8, 2016
Authored by BugCON | Site

The BugCON 2016 call for papers has been announced. BugCON will take place from November 4th through the 5th, 2016 in Mexico City.

tags | paper, conference
MD5 | aef58d9732b505a856c6b635cde67044 2016 Call For Papers
Posted Apr 7, 2016
Authored by CFP

hardwear is seeking innovative research on hardware security. If you have done interesting research on attacks or mitigation on any Hardware and want to showcase it to the security community, just submit your research paper. It will take place September 20th through the 23rd, 2016 in The Hague, Netherlands.

tags | paper, conference
MD5 | 68217593e7e127db715d35e48c9fb465
The Future Of Buffer Overflows
Posted Mar 21, 2016
Authored by Nicholas Lemonias

This is an academic whitepaper that discusses trends in memory exploitation.

tags | paper
MD5 | 8a2dcb51ee1a7e9fcbb3e3fe90bf524f
Bypassing NoScript Security Suite Using XSS And MITM Attacks
Posted Mar 18, 2016
Authored by Mazin Ahmed

This paper discusses different techniques that an attacker can use to bypass NoScript Security Suite Protection. These techniques can be used by malicious vectors in bypassing the default installation of NoScript. The paper also provides solutions and recommendations for end-users that can enhances the current protection of NoScript Security Suite.

tags | paper
MD5 | e0cacc6a2c0d3253f7821933e2e8dfbd
OWASP AppSec USA 2016 Call For Papers
Posted Mar 18, 2016

OWASP is currently soliciting papers for the OWASP AppSec USA 2016 conference that will take place at the Renaissance in Washington, D.C. October 11th through the 14th, 2016.

tags | paper, conference
MD5 | d95f47993db151373ea5870b396ae983
Security BSides Las Vegas 2016 Call For Papers
Posted Mar 16, 2016
Authored by BSides LV

BSides Las Vegas 2016 has announced its Call For Papers. It will take place August 2nd and 3rd, 2016, in Las Vegas, Nevada.

tags | paper, conference
MD5 | 46e413345eedeed9c5cc838bd8c3edd3
ShakaCon VIII Call For Papers
Posted Mar 4, 2016

The Shakacon 2016 Call For Papers has been announced. It will take place July 11th through the 12th, 2016, in Honolulu, Hawaii.

tags | paper, conference
MD5 | ed0e8e5bec29d5ef8b7abc778e043033
EuskalHack Security Congress Call For Papers
Posted Mar 4, 2016

EuskalHack Security Congress is the first Ethical Hacking association in Euskadi, with the aim of promoting the community and culture in digital security to anyone who may be interested. It will be held June 18th, 2016 in Donostia - San Sebastian.

tags | paper, conference
MD5 | 6c02031fa5ba521061772d9a6cfdf52d
CISTI'2016 Call For Papers
Posted Feb 29, 2016

The Call For Papers for CISTI'2016 Workshops has been announced. It will be held in Gran Canaria, Canary Islands, Spain between the 15th and 18th of June 2016.

tags | paper, conference
MD5 | f6223346e89db78253a4fe42f909b143
RVAsec 5 Call For Papers
Posted Feb 15, 2016

RVAsec is a Richmond, VA based security convention that brings top industry speakers to the mid-Atlantic region. In its fourth year, RVAsec 2015 attracted nearly 400 security professionals from across the country. For 2016, the conference is a two day and dual-track format, with a mixed focus on technical and management/business presentations. It will be held June 2nd through the 3rd, 2016, in Richmond, VA, USA.

tags | paper, conference
MD5 | 956d0566134707accb42865a5578fb70
SIN 2016 Call For Papers
Posted Feb 8, 2016

The 9th International Conference on Security of Information and Networks (SIN 2016) has announced its call for papers. It will be held July 20th through the 22nd, 2016 at Rutgers University, New Jersey, USA.

tags | paper, conference
MD5 | ca0d80aa9df124b72154357eb5381a80
Norcon 2016 Call For Papers
Posted Feb 7, 2016

Norcon 2016 has announced its call for papers. It will be held in Chico, CA, USA from March 26th through the 27th, 2016.

tags | paper, conference
MD5 | d9069ae1b8d7d4de76dacc454cbea7c5
NDI5aster - Privilege Escalation Through NDIS 5.x Filter Intermediate Drivers
Posted Feb 6, 2016
Authored by Kyriakos Economou

The Network Driver Interface Specification (NDIS) provides a programming interface specification that facilitates from the network driver architecture perspective the communication between a protocol driver and the underlying network adapter. In Windows OS the so called "NDIS wrapper" (implemented in the Ndis.sys) provides a programming layer of communication between network protocols (TCP/IP) and all the underlying NDIS device drivers so that the implementation of high-level protocol components are independent of the network adapter itself. During vulnerability research from a local security perspective that was performed over several software firewall products designed for Windows XP and Windows Server 2003 (R2 included), an issue during the loading and initialization of one of the OS NDIS protocol drivers was identified; specifically the 'Remote Access and Routing Driver' called wanarp.sys. This issue can be exploited through various NDIS 5.x filter intermediate drivers that provide the firewall functionality of several security related products. The resulting impact is vertical privilege escalation which allows a local attacker to execute code with kernel privileges from any account type, thus completely compromising the affected host.

tags | paper, remote, kernel, local, tcp, protocol
systems | windows, xp
MD5 | 7a760729b05fa6f6f5af09e62c2775ca
FAQin Congress Call For Papers
Posted Feb 5, 2016

FAQin Congress is a free invitation-only underground hacking event in Madrid, Spain being held March 5th to the 6th, 2016. The call for papers has been announced.

tags | paper, conference
MD5 | 2950deec6d5f46f2f059d72bd2cf4030
A Tale of openssl_seal(), PHP, and Apache2handle
Posted Feb 2, 2016
Authored by Filip Palian, Marek Kroemeke, Mateusz Kocielski

openssl_seal() is prone to use uninitialized memory that can be turned into a code execution. This document describes technical details of the journey to hijack apache2 requests. It is a very well written and thoroughly documented piece of research.

tags | exploit, paper, code execution
MD5 | 9c14b46a2de734fa08faee15ff5d7157
Page 5 of 132

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    5 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2016 Packet Storm. All rights reserved.

Security Services
Hosting By