Publications
- In a blink of an eye - there goes your AES Key
Advances in extracting keying material from Hardware (FPGA) - Visualising Botnets
- Why allowing active ipv6 stacks on your network is a bad idea (but we don't route ipv6)
- A bad couple of years for the cryptographic token industry - must read
Ouch, the biggest names included. TLDR; Don't use PKCS#1v1.5 padding for RSA and use authenticated encryption. - Ron was wrong, Whit is right – Weak keys in the internet
Tools
- List of Volatility Plugins
Leading the Open-source memory analysis field (Forensic, IR, exploit dev) - IDA Toolbag
Excellent new set of tools for IDA PRO - Inception
Upto-date Firewire Toolchain to dumping memory over the firewire interface. This allows also to unlock locked workstations as Firewire, per design, allows full access to memory over DMA. - Cryptshark
.NET library using Blowfish, BCrypt, SCrypt, and PBKDF2 for any HMAC - following my blog post on how to store password securely, if your into .NET give it a look.
Flame
- Bitdefender Analysis of Flame (3rd update)
Apart from the interesting information this post includes what appears to be a complete list of IOCs (Indicator of compromise) for this variant of FLAME. - The link between Stuxnet and Flame (Bitdefender)
- Kasperkys take on the link between Stuxnet and Flame
- FLAME – The Story of Leaked Data Carried by Human Vector - must read
How FLAME used the human factor (inc. USB) to bridge the air-gap between networks.