- In a blink of an eye - there goes your AES Key
Advances in extracting keying material from Hardware (FPGA)
- Visualising Botnets
- Why allowing active ipv6 stacks on your network is a bad idea (but we don't route ipv6)
- A bad couple of years for the cryptographic token industry - must read
Ouch, the biggest names included. TLDR; Don't use PKCS#1v1.5 padding for RSA and use authenticated encryption.
- Ron was wrong, Whit is right – Weak keys in the internet
- List of Volatility Plugins
Leading the Open-source memory analysis field (Forensic, IR, exploit dev)
- IDA Toolbag
Excellent new set of tools for IDA PRO
Upto-date Firewire Toolchain to dumping memory over the firewire interface. This allows also to unlock locked workstations as Firewire, per design, allows full access to memory over DMA.
.NET library using Blowfish, BCrypt, SCrypt, and PBKDF2 for any HMAC - following my blog post on how to store password securely, if your into .NET give it a look.
- Bitdefender Analysis of Flame (3rd update)
Apart from the interesting information this post includes what appears to be a complete list of IOCs (Indicator of compromise) for this variant of FLAME.
- The link between Stuxnet and Flame (Bitdefender)
- Kasperkys take on the link between Stuxnet and Flame
- FLAME – The Story of Leaked Data Carried by Human Vector - must read
How FLAME used the human factor (inc. USB) to bridge the air-gap between networks.