After lunch it was Sergey Bratus and Travis Goodspeed's turn to speak about the security of USB ports
, telling how it is possible to compromise the whole system via a unattended USB port. This was a really interesting talk that one can explore by himself taking a look at some good documentation on Travis' blog
The talk “We Came In Peace – They Don’t: Hackers vs. CyberWar”
was next. He gave his opinion about the actual cyberwarfare and the difference between the point of view of Governments and cybersecurity experts about this subject. Some ideas from his talk: avoid the use of 0-days as weapons through Full-Disclosure, learn how to protect you playing CTFs and don't give up.
Submitted by jesparza on Sun, 2013/04/07 - 14:16
Until now I had not had enough time to write about my experience at my first Troopers
. Due to some good comments about it
I had had in mind going to Troopers since some time ago, but for one reason or another I hadn't been able to do it. Last year I had the opportunity to share table with Enno Rey, Troopers
organizer and CEO of ERNW
, at BlackHat Europe. That time I saw they were a good team and good people, and this year, living closer to Heidelberg, I had no excuses to go.
I arrived in Heidelberg at 3:30AM after 9 hours on the road due to the bad weather conditions. I was able to rest to be ready for the talks
in the next morning. I missed the keynote by Rodrigo Branco
, but I heard that it was really good. The first talk I attended was “Paparazzi over IP”
by Daniel Mende and Pascal Turbing about hacking a CANON camera, equipped with a wireless adapter and other features. The result was that it was possible to see all the photographs taken, control the device remotely and intercept the images while they were about to be sent to a cloud storage.
Submitted by jesparza on Sun, 2013/04/07 - 13:52
After reading the Eurograbber report and taking into account that there were a lot of similarities with Sopelka Botnet, which I had analyzed some months before
, I decided to write a blog post about it
. At the same moment, the Rooted CON CFP was closing, so I submitted this subject and then I forced myself to research further to demonstrate that Eurograbber was just a hype. Thanks to the investigations by S21sec
there was more than enough information.
Submitted by jesparza on Mon, 2013/04/01 - 21:25
More than one month ago I gave a presentation about the NFC credit cards privacy at No cON Name (NcN), a well known Spanish security conference. It's not a new subject and, also, some researchers presented talks about it in other conferences during this year, but, until that moment, there were no proofs of concept with Spanish credit cards (at least public ones). You can take a look at the presentation here (Spanish).
As I have mentioned in some posts about this subject, NFC payments are a normal part of life in some Asiatic countries, like Japan. However, this technology has arrived this year to Spain and other European countries, supported by banks, mostly. The result is that a person could have an NFC credit card in his wallet without even knowing it. It wouldn't be a problem if data were correctly protected, but we can't assume anything in the security world and this is another proof of that.
Submitted by jesparza on Fri, 2012/12/21 - 15:51
As I mentioned in the previous post
, just after Source Seattle
some days ago, the ToorCon
(also in Seattle) began. Some speakers took advantage of this to present the same or different presentations at both conferences. Friday the 13th was the opening day, with a small party, but the presentations didn’t begin until the following day. There were thirty talks
in total, each delivered in a 15 minute period of time, with a short break for lunch. It was an entire day of presentations, from 8:30 till 10:30, quite a day!
Submitted by jesparza on Thu, 2011/06/30 - 10:10
Submitted by jesparza on Mon, 2011/06/27 - 22:58