Please turn on your JavaScript for this page to function normally.
Video: RSA Conference 2014 showcase

The world’s top information security professionals and business leaders gathered in San Francisco for RSA Conference 2014. Here’s a closer look at the show, watch …

How a fake antivirus attack works

Earlier this month, Invincea researchers have warned about visitors of video-sharing website Dailymotion being targeted with malicious ads leading to bogus infection warnings …

An introduction to firmware analysis

This talk by Stefan Widmann gives an introduction to firmware analysis: It starts with how to retrieve the binary, e.g. get a plain file from manufacturer, extract it from an …

The basics of digital wireless communication

The aim of this talk by Clemens Hopfer from the 30th Chaos Communication Congress is to give an understandable insight into wireless communication, using existing systems as …

Triggering deep vulnerabilities using symbolic execution

Symbolic Execution (SE) is a powerful way to analyze programs. Instead of using concrete data values SE uses symbolic values to evaluate a large set of parallel program paths …

Useful password hashing: How to waste computing cycles with style

Password-based authentication is widely used today, despite problems with security and usability. To control the negative effects of some of these problems, best practice …

Authentication using visual codes: what can go wrong

Several password replacement schemes have been suggested that use a visual code to log in. However the visual code can often be relayed, which opens up a major vulnerability. …

Building an OATH-compliant authentication server for less than $100

Using a Raspberry Pi nanocomputer and the multiOTP open source library, André Liechti showcases how to how to create an OATH-compliant authentication server at PasswordsCon …

Energy-efficient bcrypt cracking

Bcrypt is a password hashing scheme based on the Blowfish block cipher. It was designed to be resistant to brute force attacks and to remain secure despite of hardware …

Tales of passwords, cyber-criminals and daily used devices

Specific embedded devices are targeted by criminals in order to gain access or utilize for further attacks. Modems are attacked to change DNS-servers for advertising or …

The iCloud keychain and iOS 7 data protection

When Apple announced iOS 7, iCloud Keychain was one of its key features. It is no doubt great for usability, but what about security? What kind of access does Apple have to …

Verify your software for security bugs

Verification is an important phase of developing secure software that is not always addressed in depth that includes dynamic analysis and fuzzing testing. This step allows …

Don't miss

Cybersecurity news