toorcon

ZDNet Resources

• sort by:
• Relevance
• Date
• Popularity

ToorCon 2008

Nathan McFeters: Pics of ToorCon Seattle 2008 by Nate McFeters

Tags: ToorCon, Seattle, tech action

Image galleries 2008-04-21

MacBook WiFi hacker cancels talk

Instead of a planned presentation WiFi hacker Johnny Ellch delivered only a prepared statement at ToorCon, San Diegos annual security conference on Saturday.I reported last week that Maynor and Ellch were scheduled to speak at ToorCon, where the inflammatory duos "complete story" of their infamous MacBook WiFi hack was to...

Tags: SecureWorks Inc., MacBook WiFi

Blog posts 2006-10-02

Clampdown at Toorcon imminent for Apple Wi-Fi flaw

Clampdown at Toorcon imminent for Apple Wi-Fi flawYes, we're all shockedThe great reveal, promised to us for months now has, once again, been postponed. I'm so surprised.George, why are you so adamant about blaming all of this on Apple? Apple has publicly answered all of your questions. ...

Tags: Wireless LANs, SECURITY, Apple Inc., David Maynor, ToorCon, SecureWorks Inc., Wi-Fi

Discussion threads 2006-09-29

Additional Resources

Don't doubt Deputy Dan

Well, it would seem that Tom Ptacek may have figured out something to do with Dan Kaminsky's earlier DNS flaw, and this may actually be the vulnerability to fear that we had originally heard.  Let's just say this, I've read Tom's postings on the Matasano blog for quite some time...

Tags: DNS, Domain Names, Networking, Internet, Nathan McFeters

Blog posts 2008-07-08

Kaminsky and Ptacek comment on DNS flaw

Well, well, well, what a day for security news! I got a chance to get the scoop word of mouth from Dan Kaminsky of IOActive (pictured above [image courtesy of quinnums]) and Thomas Ptacek of Matasano pictured below on the DNS flaw that's been all over the...

Tags: DNS, Flaw, Nate, Domain Names, Networking, Security, Internet, Nathan McFeters

Blog posts 2008-07-08

About that cellular interference...

So... maybe it is a real problem.  Pedram Amini top picture on the right, noted researcher and reverse engineer, posted an article to the Tipping Point DVLabs blog on some interesting observations he made on cellular interference.  From the article, Pedram comments on the discovery: "I had...

Tags: Apple iPhone, Researcher, Laptop Computer, Pedram Amini, Keyboards, Notebooks, Hardware, Peripherals, Notebooks & Tablets, Nathan McFeters

Blog posts 2008-07-01

Welcome (back) Ryan Naraine; Zero Day's line-up revamped

You may have noticed a familiar byline over at our Zero Day security blog--Ryan Naraine. His addition completes a revamped line-up for our security blog. Ryan is now an evangelist for Kaspersky Lab, a security vendor. He joins Nate McFeters and Dancho Danchev, two real-world security researchers...

Tags: Security Blog, Ryan, Nate McFeters, Dancho Danchev, Dancho, Nathan, Security, Larry Dignan

Blog posts 2008-05-19

Morse Code Rickroll 0-day... no, seriously, I mean it

In the security research world, getting Rickrolled has become a global epidemic.  If you've been to any of the recent conferences, you're sure to have been Rickrolled at least once... if you were fortunate enough to be at ToorCon Seattle, then you got Rickrolled about 300 times by Dan Kaminsky....

Tags: Morse Plc., I/O, XSS, Encryption, Security, Nathan McFeters

Blog posts 2008-05-04

More URI handler issues to come

Rob Carter, Billy Rios, and I have been blogging about and speaking at conferences like Black Hat and ToorCon all year on the subject of URI handler abuse.  One might think these types of flaws are soon to go away, but one look at SecurityFocus and FullDisclosure today and you can see...

Tags: Flaw, Security, Nathan McFeters

Blog posts 2008-04-25

News to know: Yahoo; ToorCon; Microsoft Surface, XP; Apple; Psystar

Notable headlines: Larry Dignan: Microhoo: A frenetic week ahead; Yahoo could turn the tables on Microsoft Nathan McFeters: ToorCon Seattle 2008: Nuke plants, non-existent sub domain attacks, muffin diving, and Guitar Hero ToorCon gallery. Mary Jo Foley:...

Tags: Google Inc., Hard Drive, Larry Dignan, Microsoft Windows XP, Yahoo! Inc., Apple Inc., Microsoft Corp., Veterans Administration, Help Desk, Open Source, It Operations

Blog posts 2008-04-21

ToorCon Seattle 2008: Nuke plants, non-existent sub domain attacks, muffin diving, and Guitar Hero

*** Updated: ToorCon images uploaded.  Click here!  Alright, that title probably sounds pretty random... well, welcome to ToorCon!  ToorCon has long been one of my favorite conferences for the easy atmosphere, laid-back presentations, and parties.  This year's Seattle-based ToorCon was the best I've been to. ...

Tags: Researcher, XSS, Domain, Microsoft Corp., Conference, Attack, ToorCon Seattle 2008, John, Security, Nathan McFeters

Blog posts 2008-04-21

Taking ownership (pwnership) of content: Cross-site Scripting Google

My good friend Billy Rios pictured to the right published another interesting exploit recently.  It's a cross-site scripting exposure in spreadsheets.google.com, which is interesting because it's exploited by using the content-type returned by spreadsheets.google.com and a caching flaw on the part of Google.  Here's some details from Billy's blog: I was...

Tags: Security, Google Inc., HTML, XSS, Domain, Billy Rios, Rios, Nathan McFeters

Blog posts 2008-04-16

Black Hat Europe, Day 4 (Finally): Early wake-up calls always lead to long days

For those of you who had been reading my Day 1, Day 2/Day 3, and Day 2 revisited stories about Black Hat Europe here on ZDNet, I'm sure you were wondering what happened to Day 4, the second day of conferences.  Well, after a long delay, here it is!  Basically, I got caught up...

Tags: Black Hat, Phishing, Cyberthreats, Spam, Viruses And Worms, Security, Spam And Phishing, Nathan McFeters

Blog posts 2008-04-07

Black Hat, Day 1: Cracking GSM and skimming ATMs

Day 1 at Black Hat brought some outstanding talks. The day started off with David Hulton (aka h1kari, also the producer of ToorCon) and Steve from THC, who presented on "Cracking GSM". It was quite interesting due to the tie-in that David has with Pico...

Tags: Black Hat, FPGA, GSM, Phishing, ATM, Cyberthreats, Network Technology, Spam, Networking, Security, Spam And Phishing, Nate McFeters

Blog posts 2008-02-20

"We've toasted so many of these (VoIP) networks...

"We've toasted so many of these VoIP networks...VoIP HopperThanks for mentioning my tool, VoIP Hopper. It can be downloaded from http://www.vigilar.com/services/voip_hopper.htmlorhttp://voiphopper.sourceforge.netWhen I mentioned "advanced hacker technique" in my presentation at ToorCon, it was in the context of a facetious response to unplugging the phone from the wall and replacing...

Tags: Telephony, TELECOMMUNICATIONS, network, VoIP, VoIP Hopper

Discussion threads 2007-10-22

Do you know what's leaking out of your browser?

Information seeping out of your Web browser could provide a gold mine for hackers doing reconnaissance for targeted attacks.At the ToorCon Seattle beta conference, Web application security specialist Robert Hansen RSnake demoed Mr-T (Master Recon-Tool), a new utility that combines information disclosure flaws in Internet Explorer and Firefox to collect...

Tags: Firefox, Exploit code, Data theft, Browsers, Botnets, Black Hat, Google, Hackers, Metasploit, Microsoft, Open source, Passwords, Patch Watch, Pen testing, Privacy, Responsible disclosure, Spam and Phishing, Spyware and Adware, Vulnerability research, Wi-Fi security, Zero-day attacks

Blog posts 2007-05-14

News to know: Isolating zero-day exploits; CelebriMiis; Microsoft's virtualization backtrack

Notable headlines:Ryan Naraine: New MS tool isolates Office 2003 zero-day exploits. Hackers in Seattle for Microsofts Blue Hat, ToorCon.Apple plugs critical holes in Darwin Streaming Server. Cybercrooks add QuickTime, WinZip flaws to arsenal.Red Hat launches open-source Exchange.Larry Dignan: Are Zimbra and Alfresco on Red Hats shopping list?Apples Jobs brushes...

Tags: Storage management, Utility computing, Microsoft Windows Vista (Longhorn), virtualization, CelebriMiis, Intels, zero-day bug, Google Inc., Microsoft Corp.

Blog posts 2007-05-11

Hackers in Seattle for Microsoft's Blue Hat, ToorCon

Hackers in Seattle for Microsoft's Blue Hat, ToorConBig difference between MS and ApplePeople who use Windows aren't going to deny, deny, deny any security related findings. We won't attack the character of the people who attend these things and call them "Windows haters" or "Apple shills". Contrast that with how...

Tags: Operating systems, Viruses and worms, Cyberthreats, security, Microsoft Corp., Microsoft Windows

Discussion threads 2007-05-10

Hackers in Seattle for Microsoft's Blue Hat, ToorCon

White hat hackers have descended on Seattle for two semi-private security conferences where new attack and exploitation techniques are being discussed.The first is the Spring 2007 edition of Microsofts Blue Hat Security Briefings where researchers are invited to Redmond "to share knowledge and to educate and help protect customers against...

Tags: Botnets, Browsers, Data theft, Digital rights management, Exploit code, Hackers, McAfee, Metasploit, Microsoft, Passwords, Patch Watch, Pen testing, Punditocracy, Responsible disclosure, Viruses and Worms, Vulnerability research, Wi-Fi security, Windows Vista, Zero-day attacks

Blog posts 2007-05-10

How Apple orchestrated web attack on researchers

Last summer, when I wrote "Vicious orchestrated assault on MacBook wireless researchers," it set off a long chain of heated debates and blogs. I had hoped to release the information on who orchestrated the vicious assault, but threats of lawsuits and a spineless company that refused to defend itself meant...

Tags: Blogging, Wi-Fi, Web, SecureWorks Inc., David Maynor, David Chartier, Jim Dalrymple, Apple Computer Inc., video

Blog posts 2007-03-20