Collaborate Disseminate
Often, the most critical threats come from within an organization itself. This is true for all sectors, but it is especially true for industrial control systems (ICS). Technicians in these environments already have access to plant controls and may have… Continue reading The Next Disruptive ICS Attacker: A Disgruntled Insider?
Faced with rows of empty gas pumps, many Americans on the East Coast may be wondering why this happened, whether it will happen again, or if there is anything we can do to avoid future catastrophe. The unpleasant truth of the matter is that this will c… Continue reading The Next Disruptive ICS Attack: 3 Likely Sources for Major Disruptions
In this blog series, I will be putting the spotlight on useful Ghidra features you may have missed. Each post will look at a different feature and show how it helps you save time and be more effective in your reverse engineering workflows. Ghidra is an… Continue reading Ghidra 101: Loading Windows Symbols (PDB files) in Ghidra 10.x
In my previous post, I disclosed that SonicWall had quietly released vulnerability fixes over the course of several days before vulnerability advisories were published for CVE-2020-5135. Rather than properly fixing CVE-2020-5135, SonicWall’s fix introd… Continue reading What are Product Security Incident Response Team (PSIRT) Best Practices?
Back in September 2020, I configured a SonicWall network security appliance to act as a VPN gateway between physical devices in my home lab and cloud resources on my Azure account. As I usually do with new devices on my network, I did some cursory secu… Continue reading Analyzing SonicWall’s Unsuccessful Fix for CVE-2020-5135
I am very excited to share that I will be offering my Ghidra training course at Black Hat USA 2021. As an online event, this is the perfect opportunity for Black Hat caliber training without hotel and airfare costs. Registration for “A Beginner’s Guide… Continue reading Learn Ghidra from Your Home at Black Hat USA 2021
In this blog series, I will be putting the spotlight on useful Ghidra features you may have missed. Each post will look at a different feature and show how it helps you save time and be more effective in your reverse engineering workflows. Ghidra is an… Continue reading Ghidra 101: Creating Structures in Ghidra
In this blog series, I will be putting the spotlight on useful Ghidra features you may have missed. Each post will look at a different feature and show how it helps you save time and be more effective in your reverse engineering workflows. Ghidra is an… Continue reading Ghidra 101: Loading Windows Symbols (PDB files)
If high-tech gadgets are on your holiday shopping list, it is worth taking a moment to think about the particular risks they may bring. Under the wrong circumstances, even an innocuous gift may introduce unexpected vulnerabilities. In this blog series,… Continue reading Hacking Christmas Gifts: Brushing with Bluetooth
In this blog series, I will be putting the spotlight on some useful Ghidra features you might have missed. Each post will look at a different feature and show how it helps you save time and be more effective in your reverse engineering workflows. Ghidr… Continue reading Ghidra 101: Decoding Stack Strings