A rare moment…

Read in a book, explanation of PEAP, the Protected Extensible Authentication Protocol:

This EAP method was developed in a rare moment of enlightened cooperation between Microsoft, Cisco and RSA Security

Chaos Computer Club Heilbronn is born

On Tuesday, September 15th, the Chaos Computer Club Heilbronn will have its first meeting. After years of meetings with my local Linux Unix User Group, I would like to meet with more hackers from various paths of technology.

So me an Fabian decided to start this project.

For now, the contents will be available in german only.

Visit ccchn.de if you want to stop by our meetings and/or participate in the wiki.

Hacking at Random 2009 program online

The program for the upcoming outdoor hacking event in the Netherlands is online with some very promising topics:

Stay tuned for my upcoming outdoor hacker event survival guide 😉

IBM releases 2008 Trend & Risk report

http://www-935.ibm.com/services/us/iss/xforce/trendreports/

In addition to standard vulnerability, malware, spam, phishing, and web threat statistics, the 2008 X-Force Threat and Risk Report features the following special topics:

  • Exploitation Economics. Why some “critical” vulnerabilities may not be so critical.
  • Web applications. The Achilles heel of corporate IT security.
  • Better Browsers. More secure (if you update) but still the main exploitation target.
  • Bad Web Links. More prolific for spam, phishing, and the delivery of malicious code.

Analyzing SOHO Router Security

http://www.sourcesec.com/2008/11/09/hacking-the-routers-soho-router-security/

With embedded devices permeating today’s home networks, they have begun to attract a higher level of scrutiny from the security community than in previous years. In particular, the members of GNUCitizen have been relentlessly testing routers and wireless access points. Their discovery of multiple vulnerabilities in the BT Home Hub router affected a wide range of home networks in the UK [1], and their Router Hacking Challenge prompted a flurry of vulnerability reports against a variety of popular home routers, including the venerable Linksys WRT54G [2]. Specific vulnerabilities in home routers range from traditional Web attacks, such as XSS and CSRF, to authentication bypass attacks and buffer overflows; it is assumed that the reader has at least a passing knowledge of the attacks described in this paper.

Black Hat Webcast No. 4 today

Trust Doesn’t Scale: Practical Hijacking On the World’s Largest Network
Thursday, October 16 1:00 pm PST/4:00 pm ET • FREE

Speakers:

– Jeff Moss, Founder and Director of Black Hat
– Anton Kapela,Co-Owner and Partner at 5Nines Data
– David Mortman, CSO-in-Residence, Echelon One
– Max Kelly, CSO of FaceBook
– Ariel Futorasnky, Co-Founder of Core Security

http://www.blackhat.com/html/webinars/practicalhijacking.html

An interesting topic covering the border gateway protocol