Infosec Digest – April 2017

--

@author Randy Gingeleski

@since 05/02/2017

@see infosec digest

--

Mr. Robot’s dad – er – Seth Law had a good presentation at Blackhat Asia about using bots for security unit testing. The slides are here or you can jump right to the related project (SPUTR).

“With this algorithm you can use multiple tor threads to make multiple requests with multiple IP addresses.”

“Have some sympathy. Tech education is in shambles all over the world. Grandma is willing to read, but she’s confused and scared.” – Zulban via /r/netsec

This is also the month I found the Big List of Naughty Strings. Simple attacks on input fields bring me back to my teenage years, not sure about you.

https://github.com/kootenpv/whereami

Ohio inmates built computers, hid them in their ceilings, then stole identities.

Someone hacked all 156 tornado warning sirens in Dallas.

OBD-II Dongle Attack: Stopping a Moving Car via Bluetooth

insecure http header removal

https://github.com/veggiespam/ImageLocationScanner

https://github.com/awslabs/aws-waf-security-automations

Okay okay enough Github. Here’s a great guide to getting started with Android reversing.

Back to Github. A repo of most probable passwords.