Bold Statements
Last week we gave a talk at the very first 31c0n in Auckland, New Zealand. The talk focused mainly on the methodology that we use to assess security products.
More specifically, this methodology consists of 7 steps Continue reading “31c0n 2017 in Auckland, New Zealand”
Continue readingEmbedded devices often serve as an entry point for an attack on a private or corporate network. The infamous attack on HackingTeam, for example, followed exactly this path as was revealed here. Although the attack may have been for the greater good (refer also to this great keynote), such incidents demonstrate that it is important to properly secure your embedded devices. In a recent blog post, Niklaus presented how he analyzed the security posture of a MAX! Cube LAN Gateway. Moreover, Brian reported a few weeks ago on the security posture of IoT devices (and in particular on one of his cameras). With this post I would like to share my experiences with analyzing another embedded device: the IC-3116W IP camera by Edimax. Continue reading “Setting up a Research Environment for IP Cameras”
Continue readingLast month the annual USENIX Security Symposium with its co-located workshops (WOOT, CSET, FOCI, ASE, and HotSec) was held in Austin, Texas. The program of the conference together with the published papers can be found here and information on the workshops can be found here.
The research topics were quite diverse and included subjects such as low-level attacks, cryptographic attacks, and vehicle attacks. To give you an impression on the research that has been presented at the conference, let us discuss some of the talks in the following:
Continue reading “25th USENIX Security Symposium & WOOT Workshop”
Continue readingThis year I had the pleasure to join the guest day of BT’s SnoopCon. There were quite a number of interesting talks throughout the day such as Continue reading “SnoopCon Guest Day”
Continue readingRecently I had the pleasure to attend the 24th USENIX Security Symposium and its co-located Workshop on Offensive Technologies (WOOT) in Washington, D.C. The workshop has received quite some attention this year, 57 submissions of which 19 have been accepted, so that the organizers decided to double its length from one to two days. Continue reading “24th USENIX Security Symposium & WOOT Workshop”
Continue reading