Skip to main content

HITB2014KUL

#HITB2014KUL White Paper: Using Intel TXT to Attack BIOSes

posted onJanuary 30, 2015
by l33tdawg

Authors: Xeno Kovah, Corey Kallenberg, John Butterworth amd Sam Cornwell - The MITRE Corporation

Presentation Overview: http://conference.hitb.org/hitbsecconf2014kul/sessions/senter-sandman-using-intel-txt-to-attack-bioses/

Abstract

A comparatively large number of security problems at the PC BIOS level have been found in the last 2 years relative to the preceding years [7].

Apple Pay Is Here But How Secure Is It? Security Researcher Reveals Touch ID Still Poses A Problem

posted onOctober 24, 2014
by l33tdawg

Is Apple Pay safe? Are there any known security issues? With this week's release of iOS 8.1, came also the launch of the Apple Pay system – a new NFC payment system that allows users to make purchases in stores, online and through apps with just the press of a finger on the Touch ID. While many users are excited about the ease of payment now available on iPhone 6 and above running iOS 8.1, it does come with some reservations by those within the security community.

Build A Better Bitcoin Wallet: Security Researcher Calls For Developers To Use Safer ECDSA Operations

posted onOctober 20, 2014
by l33tdawg

One of the biggest fears of Bitcoin users is that one day they will wake up and find their virtual currency wallet emptied, signaling that someone, somehow, has managed to uncover the user’s private key. A Bitcoin private key is a secret number that acts as a kind of identifying “ticket,” allowing coins from the corresponding wallet to be spent.

DarkMatter Secure Android May Run on Your Phone

posted onOctober 20, 2014
by l33tdawg

Do you want to use a secure smartphone, but not look like you're using a secure smartphone? A team of researchers are developing a version of Android called DarkMatter that could turn mainstream Android phones, such as the Galaxy S4 and the Nexus 5, into high-end security devices.

Roll your own Bitcoin client? Prepare to be raided

posted onOctober 20, 2014
by l33tdawg

The engineer behind the Heartbleed checker has created a tool to hunt down wallets from poorly secured transactions that leak private keys.

Filippo Valsorda released the Blockchainer tool to Github following a presentation at the Hack in the Box conference in Malaysia today.

#HITB2014KUL: Get advice of locksmiths for maximum protection

posted onOctober 20, 2014
by l33tdawg

Protecting any property is not just about getting quality locks but getting sound advice from a professional locksmith, advised non-profit organisation The Open Organisation for Lockpickers (TOOOL).

Babak Javadi, a founding member of TOOOL, said the market in the region was driven by demand for cheap locks, which resulted in products of low quality. He warned that one of the most popular lock brands in Malaysia could easily be opened by force with an Allen key.