The 11th USENIX Workshop on Offensive Technologies (WOOT17) took place the last two days in Vancouver. Some colleagues and I had the chance to attend and enjoy the presentations of all accepted papers of this rather small, single-track co-located USENIX event. Unfortunately, the talks have not been recorded. However, all the papers should be available on the website. It’s worth taking a look at all of the papers, but these are some presentations that we’ve enjoyed: Continue reading “11th USENIX Workshop on Offensive Technologies (WOOT17)”
Continue readingBlack Hat 20 & DEFCON 25
Some of the ERNW Crew hit up Black Hat USA and DEFCON. Our own Omar Eissa even gave his first BH and DEFCON talks! See which talk we liked and what inspiration we took home.
Continue reading “Black Hat 20 & DEFCON 25”
Continue readingA Life Without Vendors Binary Blobs
This blogpost will be about my first steps with coreboot and libreboot and a life with as few proprietary firmware blobs as possible. My main motivation were the latest headlines about fancy firmware things like Intel ME, Computrace and UEFI backdoors. This post is not intended to be about a as much as possible hardened system or about coreboot/libreboot being more secure, but rather to be able to look into every part of software running on that system if you want to.
I first got curious about coreboot and libreboot at the 33C3 (Bootstraping a slightly more secure laptop). Then I searched for some old retired hardware at ERNW which I could flash coreboot to and found an old Thinkpad X61. Finding the X60 as officially supported hardware on the libreboot homepage, I have read through the libreboot and coreboot manuals to learn about the main coreboot part and it’s several payloads. Continue reading “A Life Without Vendors Binary Blobs”
Continue readingIPv6 RA Flags, RDNSS and DHCPv6 Conflicting Configurations Revisited
Good morning dear readers,
as you may know, we published a whitepaper discussing the behavior of different operating systems once they receive IPv6 configuration parameters from different sources two years ago. At that time, the results were quite a mess. We were curious whether the situation is still so “dire” like two years ago. We fired up the lab, updated the tested operating systems and performed the tests again. Continue reading “IPv6 RA Flags, RDNSS and DHCPv6 Conflicting Configurations Revisited”
Continue readingRelease of Glibc Heap Analysis Plugins for Rekall
I’m happy to announce the release of several Glibc heap analysis plugins (for Linux), resp. plugins to gather information from keepassx and zsh, which are now included in the Rekall Memory Forensic Framework. This blogpost will demonstrate these plugins and explain how they can be used. More detailed information, including real world scenarios, will be released after the talk at this years DFRWS USA.
Continue reading “Release of Glibc Heap Analysis Plugins for Rekall”
Continue readingLocal Packet Filtering with IPv6
Just recently we discussed IPv6 filter rules for NIC-level firewalls (in a virtualized data center) with a customer. I’d like to take this as an opportunity to lay out potential approaches for local packet filtering of IPv6, which in turn might somewhat depend on the address configuration strategy chosen for the respective systems (for the latter you may refer to this post or to this talk from the Troopers NGI event).
Continue reading “Local Packet Filtering with IPv6”
Continue readingTesting RFC 6980 Implementations of FreeBSD
Following Enno’s research on “Testing RFC 6980 Implementations with Chiron“, we decided to redo the experiment with FreeBSD targets.
Continue reading “Testing RFC 6980 Implementations of FreeBSD”
Continue readingGDPR and Pseudonymisation – Easing the Pain of Regulation
27 April 2016 marked a turning point for a lot of countries as well as a lot businesses worldwide: EU regulation 2016/679 (going by it’s more widely known name General Data Protection Regulation and abbreviated GDPR) was adopted by the European Parliament, the Council as well as the Commission [1]. Especially readers from countries outside of the EU might ask “Why should this be of interest for me?”. Continue reading “GDPR and Pseudonymisation – Easing the Pain of Regulation”
Continue reading17. Gulaschprogrammiernacht
Over one of the recent long weekends I attended the 17th “Gulaschprogrammiernacht”, or “GPN17” for short, in Karlsruhe, the largest CCC Event after the Chaos Communication Congress with roughly a thousand attendees. The name literally translates to “goulash programming night”, which makes about as much sense as the German version. Despite the name it lasted from Thursday to Sunday, had a much wider scope than just coding and offered various other (incl. vegan) dishes besides goulash. As an active member of the CCC community I planned on attending it anyway, but submitted my talk about Automated Binary Analysis in case there was interest. I didn’t anticipate that much interest given that it was a fairly theoretical IT-Security topic at an event that was not focused on IT-Security, but nonetheless the hall was filled with people from various backgrounds like math, formal verification and software optimization. The talk was an improved version of the one I gave at Bsides Ljubljana, incorporating feedback I received and new things I had learned since then. The English slides are available here, the recording of the talk in German can be found here.
Continue reading “17. Gulaschprogrammiernacht”
Continue readingDevOps, Continuous Deployment & Agile Security September 7, 2017
The following post is in German as it is covering an Event with German as the main language.
INSIGHT SUMMIT 2017 präsentiert DevOps, Continuous Deployment & Agile Security
Inspiriert durch die erfolgreichen Round Table Session der TROOPERS freuen wir uns Ihnen heute mit dem AgileSecurity Insight Summit 2017 eine weitere Veranstaltung in einer Reihe zu Trend-Themen im Bereich der IT-Sicherheit vorzustellen.
Die Veranstaltung beginnt am Morgen mit einer Keynote, gefolgt von Fallstudien und Vorträgen durch interne und externe Referenten aus der Industrie. Im Anschluss werden alle Teilnehmer in zwei Gruppen aufgeteilt, die nacheinander an beiden Round-Table Sessions teilnehmen. In den Round-Table Sessions werden unter Expertenmoderation typische Problemstellungen und Lösungsansätze diskutiert. Continue reading “DevOps, Continuous Deployment & Agile Security September 7, 2017”
Continue reading