Adventures with Daisy in Thunderbolt-DMA-land: Hacking Macs through the Thunderbolt interface

Posted by & filed under Hacking & Pentesting, Hacks, Security News, Tools & Methodology.

We security folks often feel like we are regurgitating the same type of security issues over and over again, just in new contexts. So depending on how you look at it, this is “old new” or “new old” news. Nevertheless, I thought it would be a good idea to take it down from speculation to… Read more »

Openness and disclosure may be the only remedy against operations like the “Shady RAT”

Posted by & filed under Hacks, Security News.

McAfee recently disclosed the result of five years of investigation of a threat actor that have compromised 72 targeted organizations. While the sheer number and time span of the attacks, not to mention the compromised parties’ identities (for instance, the United Nations was hacked) are enough to raise an eyebrow or two, two paragraphs in the article particularly caught my… Read more »

Download winlockpwn

Posted by & filed under Hacks.

Update: I’ve coded a replacement for winlockpwn (Inception) and released the tool here. In case someone is looking for the winlockpwn source code, it is available for download here, complete with signatures for Windows 7.

winlockpwn on Ubuntu

Posted by & filed under Hacking & Pentesting, Hacks, Tools & Methodology.

Update: I’ve released a tool at github called Inception, which uses libforensic1394 to unlock Windows XP, Vista and Windows 7 boxes. IMNSHO, it is much more stable than winlockpwn, easier to use and works against a wider spectrum of target operating systems. Quite regularly I’m being asked to demonstrate the FireWire attack made by MetlStorm aka… Read more »

The rise and fall of HBGary Federal

Posted by & filed under Hacks, Security News.

Wired‘s Threat Level blog has a very good article on how not to run a professional information security services firm. HBGary Federal, that was recently hacked by the loosely attached group of hacktivists called Anonymous (press release here), has, it seems, fallen ill to some unknown spy movie virus when trying to unmask the group… Read more »