My long-term laptop, which accompanied me for some years, died some time ago while proceeding a BIOS update. Why update the BIOS since it’s a process well-known for bricking computers? Well, because of Intel and their wonderful speculative execution vulnerabilities. So, after the update, the PC did not turn on again (with only the fans and the keyboard backlight turning on). As you can imagine doing the typical BIOS reset procedures did not work. So here’s the story of bringing it back from the dead.
Some 4-5 years ago an acquaintance of mine gave me one desktop computer tower asking if “it could be used to do normal computer stuff, like watching YouTube and such?”. After booting the machine (without even looking for any hardware details), I see myself facing a mere memory, a Windows NT 4.0 Server Edition booting sequence and login screen. I quickly answer that this machine is a piece worthy of a museum and he quickly said: “so it is trash, do whatever you want with it”. I tossed the machine away in my basement until today.
UBERHid is a USB MitM Wifi keylogger with keyboard and mouse injection capabilities desinged and implemented by @kripthor. The project is still in early phases of development however it already allows on to perform keylogging and inject keyboard/mouse payloads. I had the opportunity to meet @kripthor during the BSides Lisbon 2019 and to get one UBERHid DIY kit.
BSides Lisbon is the biggest security dedicated event in Portugal, with two days of talks, workshops, a CTF competition, and lots more. During BSides, some sidequests ranging from raffles to challenges appear that can give you prizes! This is a write-up of one of those challenges by Cisco/Talos.
“Based in Porto, the ØxOPOSɆC group was started by g33ks who are passionate about security. The meetup primary mission is to discuss and tackle upsurging security issues by leveraging the expertise and know-how of members of the group.” This is the write-up of the challenges of the 0x72 and 0x73 meetup editions, by @aap.
“Based in Porto, the ØxOPOSɆC group was started by g33ks who are passionate about security. The meetup primary mission is to discuss and tackle upsurging security issues by leveraging the expertise and know-how of members of the group.” This is the write-up of the challenges of the 0x72 and 0x73 meetup editions, by @ArmySick and @Simps0n.
“Based in Porto, the ØxOPOSɆC group was started by g33ks who are passionate about security. The meetup primary mission is to discuss and tackle upsurging security issues by leveraging the expertise and know-how of members of the group.” This is the write-up of the challenge at the 0x70 meetup edition, by DDuarte and André Morais.
The Web of Things aims to build the Internet of Things in a truly open, flexible, and scalable way, using the Web as its application layer. Empowering this idea, Mozilla has been making efforts towards a Web of Things standards, providing a gateway implementation along with libraries for the most common languages. In this blog post, we will go through the process of making a Web of Things device.