hardhack

How many bugs can a time server have?

Published 07/11/2014 | By TMB

Presentation on vulnerabilities in the Symmetricom (Micro Semi) S350i time server (as given at EMF Camp 2014). Continue reading →

Posted in Presentations | Tagged analysis, conference, CVE-2014-5061, CVE-2014-5062, CVE-2014-5063, CVE-2014-5064, CVE-2014-5065, CVE-2014-5066, CVE-2014-5067, CVE-2014-5068, CVE-2014-5069, CVE-2014-5070, CVE-2014-5071, emfcamp2014, exploit, hardhack, root

Vanilla good security practice vs. BadUSB

Published 09/10/2014 | By BRC

This post discusses the BadUSB research published by Karsten Nohl recently at Black Hat. You might want to check out the slides and/or video before reading on. Continue reading →

Posted in Blog | Tagged analysis, hardhack

Raspberry ph0wn

Published 11/03/2014 | By FC

Recently the technical team had a discussion about subversive attack vectors that could be utilised by social engineering attacks to provide a long term remote connection to a network whilst remaining undetected. Continue reading →

Posted in Blog | Tagged hardhack, social engineering

Evaluating SteamOS’s security posture (a first look)

Published 16/12/2013 | By TMB

Security researchers love the new shiny and whilst some like playing games too, I am not one of those. That being said, I have researched UNIX like OS for a number of years and I’m constantly thrilled by the new uses people find for it. This security evaluation was performed against the beta tree of SteamOS, a new, “open” games platform from the developers at Valve. Continue reading →

Posted in Blog | Tagged analysis, hardhack, SteamOS

WARNING: May void warranty

Published 03/09/2013 | By TMB

Having just arrived back from a client engagement, I was in the pub with some colleagues earlier this evening, and one amongst them, a junior asked a really interesting question “How does one assess an embedded device?”. Continue reading →

Posted in Blog | Tagged hardhack