Radio Brute Force Attacks and a little Binary Phase-shift Keying theory. All that and more, this time on Hak5. In this episode we’re going to: – check out a python script for RF Brute Force attacks with RfCat and a compatible dongle like the YARD Stick One – Do some maths regarding these types of […]

Read more

Support Threat Wire! Patreon.com/threatwire Linux ransomware is a thing, ProtonMail gets hit with a denial of service attack, the JPMorgan hackers have been arrested, and someone stopped the NSA from collecting phone call data. All that coming up now on ThreatWire. Links: https://thehackernews.com/2015/11/linux-ransomware.html http://arstechnica.com/security/2015/11/new-encryption-ransomware-targets-linux-systems/ https://news.drweb.com/show/?i=9686&lng=en&c=5 https://protonmaildotcom.wordpress.com/2015/11/05/protonmail-statement-about-the-ddos-attack/ https://threatpost.com/protonmail-back-online-following-six-day-ddos-attack/115303/ http://arstechnica.com/security/2015/11/crypto-e-mail-service-pays-6000-ransom-gets-taken-out-by-ddos-anyway/ http://arstechnica.com/security/2015/11/how-extorted-e-mail-provider-got-back-online-after-crippling-ddos-attack/ https://www.gofundme.com/protonmaildefense https://thehackernews.com/2015/11/jpmorgan-chase-hack.html http://www.wired.com/2015/11/four-indicted-in-massive-jp-morgan-chase-hack/ http://www.wired.com/2015/11/judge-blocks-nsa-spying-and-sets-an-important-precedent/

Read more

CISA passes in the Senate, the UK IP Bill heats up and strong crypto apps drop just in time. Are we doomed or empowered through technology? Support ThreatWire on Patreon: https://www.patreon.com/ThreatWire Links: CISA https://theintercept.com/2015/11/03/lesson-of-cisa-success-or-how-to-fight-a-zombie/ http://www.pastemagazine.com/articles/2015/11/the-cisa-act-passed-last-week-and-heres-why-you-sh.html https://www.congress.gov/bill/114th-congress/senate-bill/754 IP Bill http://www.engadget.com/2015/11/04/investigatory-powers-bill/ http://www.itproportal.com/2015/11/04/new-investigatory-powers-bill-industry-reaction-analysis/ Signal https://whispersystems.org/blog/just-signal/ http://www.wired.com/2015/11/signals-snowden-approved-phone-crypto-app-comes-to-android/ Tor Messenger https://blog.torproject.org/blog/tor-messenger-beta-chat-over-tor-easily http://www.wired.com/2015/10/tor-just-launched-the-easiest-app-yet-for-anonymous-encrypted-im Youtube Thumbnail credit: https://upload.wikimedia.org/wikipedia/commons/5/5d/Castle_Bravo_Blast.jpg

Read more

In this episode of Hak5 we’re taking on more hacking sub 1 GHz gadget hacking and viewer questions about GQRX, the RTL-SDR and the new YARD Stick One.

Read more

Support ThreatWire on Patreon! patreon.com/threatwire New DMCA Exemptions! https://twitter.com/doctorow/status/659082991738597376 http://boingboing.net/2015/10/27/librarian-of-congress-grants-l.html EU Dumps Net Neutrality http://arstechnica.co.uk/tech-policy/2015/10/eu-net-neutrality-goes-on-the-chopping-block-next-week-heres-how-to-fix-it/ http://www.wired.com/2015/10/cisa-cybersecurity-information-sharing-act-passes-senate-vote-with-privacy-flaws/ Whats App Is Spying?!? http://www.theregister.co.uk/2015/10/27/whatsapp_forensic_analysis/ Zero Days From Hell http://www.forbes.com/sites/thomasbrewster/2015/10/21/scada-zero-day-exploit-sales/?ss=Security Facebook! https://www.facebook.com/notes/facebook-security/notifications-for-targeted-attacks/10153092994615766

Read more

Drones have to be registered, coming soon! The Diffie-Hellman protocol for crypto is probably NSA’s favorite thing ever. Secure all the things! With Facebook… and China is hacking US, are we surprised? All that coming up now on ThreatWire. http://www.wired.com/2015/10/a-second-snowden-leaks-a-mother-lode-of-drone-docs/ http://www.theverge.com/2015/10/19/9567625/drone-registration-will-be-required-in-us-dot-faa-announce http://www.engadget.com/2015/10/19/us-transportation-department-confirms-drone-registration-program/ https://www.transportation.gov/briefing-room/us-transportation-secretary-anthony-foxx-announces-unmanned-aircraft-registration https://theintercept.com/drone-papers/ Prime Diffie-Hellman Weakness May Be Key to Breaking Crypto http://arstechnica.com/security/2015/10/how-the-nsa-can-break-trillions-of-encrypted-web-and-vpn-connections/ Hak5 […]

Read more

Hacking wireless remotes using RF Replay Attacks using the YARD Stick One! In this episode we cover: How to gather intel on the device you want to hack How to sniff its wireless signals Determining modulation Decode OOK signals Transmitting a Replay Attack with RfCat and the YARD Stick One Step 1: Gathering Intel First […]

Read more

Chrome ditches mixes HTTPS warnings, Google Now and Siri get pwned from 16 feet away, NASA hacks from the 1970s and the EU declaring data transfer agreements with the US invalid. All that coming up on ThreatWire. Support us on Patreon: https://www.patreon.com/threatwire Links: http://www.zdnet.com/article/chrome-loosens-up-on-https-mixed-content-warning/ http://www.wired.com/2015/10/this-radio-trick-silently-hacks-siri-from-16-feet-away/ http://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=15 Hacking when it Counts: Much Space Station Hacking Saved […]

Read more

Sony’s Embarrassed, Malware on the iOS App Store… and the ultimate airborne attack… on your network!. All that coming up now on ThreatWire. Support us on Patreon: https://www.patreon.com/ThreatWire Links: http://www.wired.com/2015/10/drones-robot-vacuums-can-spy-office-printer/ http://www.cnet.com/news/sony-hacks-invasion-of-privacy-still-grates-on-ceo/ YiSpecter: First iOS Malware That Attacks Non-jailbroken Apple iOS Devices by Abusing Private APIs Youtube Thumbnail credit: CSIRO ScienceImage 10876 Camclone T21 Unmanned Autonomous […]

Read more

Getting Started with the YARD Stick One for Sub 1 GHz hacking! All that and more, this time on Hak5. Support Hak5, follow along and get a YARD Stick One from our very own HakShop at https://hakshop.myshopify.com/products/yard-stick-one The YARD in YARD Stick One stands for Yet Another Radio Dongle and it was created by Mike […]

Read more

This week on Hak5, we’re interviewing Troy Hunt of “Have I Been Pwned” https://haveibeenpwned.com/ https://twitter.com/troyhunt http://www.troyhunt.com/

Read more

As Hackers reaches its 20th anniversary, we’re celebrating the film that pays tribute to the hacker culture itself. You see, behind the cyberpunk neon pagers and rollerblades, insanely great 28.8 bps modems and the far out network visualizations is a treasure trove of hacker history and lore baked in by the real hackers and technical […]

Read more

Patreon’s Crowdfunding Platform is Hacked, Experian’s T-Mobile Server is Breached, Android Stagefright 2.0 is a thing, and a Linux Denial of Service Attack. All that coming up now on ThreatWire. https://www.patreon.com/posts/3457485 http://labs.detectify.com/post/130332638391/how-patreon-got-hacked-publicly-exposed-werkzeug http://arstechnica.com/security/2015/10/gigabytes-of-user-data-from-hack-of-patreon-donations-site-dumped-online/ http://www.wired.com/2015/10/hack-brief-hackers-steal-15m-t-mobile-customers-data-experian/ http://www.t-mobile.com/landing/experian-data-breach.html http://www.prnewswire.com/news-releases/experian-notifies-consumers-in-the-us-who-may-have-been-affected-by-unauthorized-acquisition-of-a-clients-data-300152926.html http://arstechnica.com/security/2015/09/botnet-preying-on-linux-computers-delivers-potent-ddos-attacks/ https://www.stateoftheinternet.com/downloads/pdfs/2015-threat-advisory-xor-ddos-attacks-linux-botnet-malware-removal-ddos-mitigation-yara-snort.pdf http://arstechnica.com/security/2015/10/a-billion-android-phones-are-vulnerable-to-new-stagefright-bugs/ https://threatpost.com/stagefright-2-0-vulnerabilities-affect-1-billion-android-devices/114863/ Thumbnail credit: https://upload.wikimedia.org/wikipedia/commons/2/2a/Landmark_House,_Experian,_Nottingham.jpg

Read more

D-Link Accidentally Publishes Private Keys, How to anonymize your Anonymous Surveys, a Million Dollar Bug Bounty, and Radio Hacks on a Balloon? What could go wrong? All that coming up now on Threat Wire. Support ThreatWire! https://www.patreon.com/threatwire http://www.securityweek.com/d-link-accidentally-publishes-private-keys-online http://arstechnica.com/security/2015/09/in-blunder-threatening-windows-users-d-link-publishes-code-signing-key/ http://www.wired.com/2015/09/new-crypto-tool-makes-anonymous-surveys-truly-anonymous/ http://www.scribd.com/doc/281587245/ANONIZE-A-Large-Scale-Anonymous-Survey-System https://threatpost.com/zerodium-hosts-million-dollar-ios-9-bug-bounty/114736/ https://www.zerodium.com/ios9.html http://www.wired.com/2015/09/balloon-spy-probe-deep-sweep/ https://criticalengineering.org/projects/deep-sweep/ http://zeigma.com/deepsweep/

Read more

ATMs are pwned with bluetooth. iOS is pwned with bluetooth and AirDrop. And Android is pwned with copy pasta. Support ThreatWire: https://www.patreon.com/ThreatWire?ty=h Bluetooth Skimmer: http://krebsonsecurity.com/2015/09/tracking-a-bluetooth-skimmer-gang-in-mexico/ http://krebsonsecurity.com/2015/09/tracking-bluetooth-skimmers-in-mexico-part-ii/ Android Lock Screen Vulnerabilities: http://www.wired.com/2015/09/hack-brief-new-emergency-number-hack-easily-bypasses-android-lock-screens/ https://groups.google.com/forum/#!topic/android-security-updates/1M7qbSvACjo http://sites.utexas.edu/iso/2015/09/15/android-5-lockscreen-bypass/ iOS AirDrop Vulnerabilities: http://arstechnica.com/security/2015/09/apple-mitigates-but-doesnt-fully-fix-critical-ios-airdrop-vulnerability/ http://www.wired.com/2015/09/hack-brief-upgrade-ios-9-now-avoid-bluetooth-iphone-attack/ Youtube Thumbnail credit: https://commons.wikimedia.org/wiki/File:49024-SOS-ATM.JPG

Read more

GPG Encryption for Windows, what happens if Keybase disappears, Free SSL certificates and how you could end up in prison for withholding your decryption keys. All that and more, this time on Hak5. — Jay – “great vid is there a windows equivalent?” Yes, you’ll need GPG4Win and Node.js for Windows http://gpg4win.org/download.html https://nodejs.org/en/#download When installing […]

Read more

What could be easier than file encryption with GPG? File encryption with keybase.io! Darren Kitchen and Shannon Morse demo the basics of the Keybase command-line app on this episode of Hak5.

Read more

Encrypted File Sharing? We speak with the Demonsaw founder. Plus, building a cubed acrylic drone battle arena. All that and more, this time on Hak5! Demonsaw – https://www.demonsaw.com/ Autodesk 123D Design – http://www.123dapp.com/design MatterControl – http://www.mattercontrol.com/

Read more

Microsoft dropped a dozen security updates, including fixes for flaws being exploited ‘in the wild,’ the Office of Personnel Management just dropped $133M on credit monitoring, Turla APT used satellite Internet links to cover their tracks, Blue Coat’s top 10 Top Level Domains for malicious domains, moar! Support us on Patreon! https://www.patreon.com/ThreatWire Links: MS Drops […]

Read more

Windows 7 & 8 are phoning home just like Windows 10 does, weaponized drones are now legal in the USA, and Agora, the site for selling narcotics, takes a vacation.   Links: http://arstechnica.com/information-technology/2015/08/microsoft-accused-of-adding-spy-features-to-windows-7-8/ https://thehackernews.com/2015/08/windows-spying-on-you.html https://support.microsoft.com/en-us/kb/3022345   http://readwrite.com/2015/08/26/drone-law-north-dakota-weaponizing http://www.thedailybeast.com/articles/2015/08/26/first-state-legalizes-armed-drones-for-cops-thanks-to-a-lobbyist.html   http://www.wired.com/2015/08/agora-dark-webs-biggest-drug-market-going-offline/   Thumbnail credit: https://upload.wikimedia.org/wikipedia/commons/d/d0/Luftwaffe_99-01_RQ-4B_EuroHawk_ILA_2012_1.jpg

Read more

The White House is backing the new cybersecurity bill, the FTC can now sue companies for getting hacked, and robocalls are being blocked by a robokiller! All that coming up now on Threat Wire.   Links:   https://threatpost.com/white-house-support-for-cisa-worries-privacy-advocates/114383 http://thehill.com/policy/cybersecurity/250241-white-house-endorses-senate-cyber-bill   http://www.wired.com/2015/08/court-says-ftc-can-slap-companies-getting-hacked/ http://www2.ca3.uscourts.gov/opinarch/143514p.pdf   http://arstechnica.com/information-technology/2015/08/robokiller-wins-ftc-prize-by-annihilating-robo-calls/ https://www.kickstarter.com/projects/485600868/robokiller-app-stop-telemarketing-robocalls-foreve/description   Thumbnail credit: https://upload.wikimedia.org/wikipedia/commons/e/e1/White_House_Washington.JPG

Read more

Suicides, extortion, and a $500,000 bounty for Impact Team… it’s gotten ugly at Ashley Madison.com. Amazon’s dropping Flash ads in September. China’s arrested 15,000 that “jeopardized Internet security” tho that does not mean what you think it means. Patch WordPress, there’s some nasty exploits. Some Android browsers have Zero Day flaws, and will Microsoft ever […]

Read more

Checking out Kali Linux 2.0 and cracking the Hack Across America challenge coin, this time on Hak5!   Download HD  |   Download MP4   — Kali Linux 2.0 —   BackTrack’s successor was Kali Linux (which we reviewed on episode 1408), an excellent tool for pentesters since forever. It’s been updated as of a few […]

Read more

BitTorrents are all the rage for DOS attacks, the IRS announces new breach numbers, and Microsoft is on a disabling rampage. All that coming up now on ThreatWire. Links: http://arstechnica.com/security/2015/08/how-bittorrent-could-let-lone-ddos-attackers-bring-down-big-sites/ https://www.usenix.org/system/files/conference/woot15/woot15-paper-adamsky.pdf   http://www.cnet.com/news/hackers-might-have-stolen-irs-data-on-more-than-300000-households/ http://arstechnica.com/security/2015/08/irs-estimate-of-tax-records-stolen-by-fraudsters-soars-to-over-300000/   http://www.alphr.com/microsoft/microsoft-windows-10/1001360/microsoft-can-disable-your-pirated-games-and-illegal-hardware https://www.microsoft.com/en-us/servicesagreement/   http://www.wired.com/2015/08/happened-hackers-posted-stolen-ashley-madison-data/   http://arstechnica.com/tech-policy/2015/08/company-pays-fcc-750000-for-blocking-wi-fi-hotspots-at-conventions/   http://www.wsj.com/article_email/target-reaches-settlement-with-visa-over-2013-data-breach-1439912013-lMyQjAxMTI1MDE1ODkxMjgzWj   Youtube Thumbnail credit: https://www.flickr.com/photos/68751915@N05/6757821397

Read more

This week Darren has a conversation with Chad Rikansrud about Mainframe vulnerabilities and Shannon gets to details on an amazing talk about using the USB Rubber Ducky while bypassing Enterprise Security. Download HD  |   Download MP4 Links: Mainframe Security – bigendiansmalls.com

Read more