Daily Dave

Syndicate content
This technical discussion list covers vulnerability research, exploit development, and security events/gossip. It was started by ImmunitySec founder Dave Aitel and many security luminaries participate. Many posts simply advertise Immunity products, but you can't really fault Dave for being self-promotional on a list named DailyDave.
Updated: 11 min 3 sec ago

SAINTCON 2018 CFP - Sep 25-28, Provo Utah

12 June, 2018 - 09:53

Posted by Troy Jessup on Jun 12

SAINTCON 2018 - Call for Papers

INTRODUCTION
SAINTCON is Utah's best annual Security Conference and Training Event. The Conference spans 4 days and includes a
large variety of content and events making it very diverse and covers a large variety of security related areas of
interest. SAINTCON is a community conference administered by the Utah Chapter of the Security Advisory and Incident
Network Team (UtahSAINT).

Site:...

INFILTRATE Video Release! Ben Watson.

29 May, 2018 - 09:36

Posted by David Aitel on May 29

https://vimeo.com/269252626

Back to the future: Going back in time to abuse Android’s JIT, Benjamin
Watson, INFILTRATE 2018

There's a lot of different uses of "exploit-like" thinking, which is a
kind of rapid-fire scrappy engineering, like building a campsite before
darkness in the zombie-infested wilderness with only the tools you
brought with you, which consist of a pocket knife, some para-cord, and a
pile of soggy...

The 6th Annual Volatility Plugin Contest and the Inaugural Volatility Analysis Contest!

23 May, 2018 - 12:55

Posted by Andrew Case on May 23

We are excited to announce that the 2018 Volatility Plugin Contest and the inaugural Volatility Analysis Contest are
now accepting submissions until October 1, 2018. Winners of each contest will receive over $2,500 in cash prizes and
the highly coveted Volatility swag (t-shirts, stickers, etc.)!

Full details can be found on our blog post:

https://volatility-labs.blogspot.com/2018/05/the-6th-annual-volatility-plugin.html

Please let us know...

Re%3A Alternatives to viruscheckmate&In-Reply-To=<CAOjDnn%3D4%3DRkj%2Br1KPksJURXND4hQOmNirwLRcgtnbyeZHWMbXA%40mail.gmail.com>

23 May, 2018 - 12:53

Posted by Alex Boldwin on May 23

Hi Konrads,
I know:
hxxps://antiscan.me (https://link.getmailspring.com/link/1526990922.local-1f8df3dd-cfd9-v1.2.1-7e7447b6 ()
getmailspring com/0?redirect=https%3A%2F%2Fantiscan.me&recipient=ZGFpbHlkYXZlQGxpc3RzLmltbXVuaXR5aW5jLmNvbQ%3D%3D)
hxxps://scanmybin.net (https://link.getmailspring.com/link/1526990922.local-1f8df3dd-cfd9-v1.2.1-7e7447b6 ()
getmailspring...

t2'18: Call For Papers 2018 (Helsinki, Finland)

17 May, 2018 - 12:57

Posted by Tomi Tuominen on May 17

#
# t2'18 - Call For Papers (Helsinki, Finland) - October 25 - 26, 2018
#

Join us for the 15th anniversary celebrations on Oct 25-26! CFP and ticket
sales are now open.

To truly appreciate the full spectrum of cyber, one simply needs to visit
Helsinki. Sooner or later you need a break from the sunshine and warmth, and it
is exactly that contrast we can provide. Located halfway between Miami and
Singapore (the long way round), just 3200 km...

Alternatives to viruscheckmate

17 May, 2018 - 12:55

Posted by Konrads Smelkovs on May 17

Purely practical question - It would seem that virusheckmate is well dead.

Apart from maintaining 50 VMs to replicate it, are there decent
alternatives to do payload scan w/o releasing it to the clouds and vendor
sigs?

What is important?

17 May, 2018 - 12:53

Posted by David Aitel on May 17

https://vimeo.com/270394910

Attacking a co-hosted VM, Paul Fariello, Mehdi Talbi, INFILTRATE 2018

I find that I often have a distorted view of what the "most important"
INFILTRATE talk is every year. But since Immunity is merging with a data
center company, it does make sense to give extra points to a talk that
combines the "new hotness" of CPU-level attacks to show step by step how
to go from one guest VM to another guest...

INFILTRATE 2018: Ghost in the Locks

2 May, 2018 - 14:40

Posted by David Aitel on May 02

https://vimeo.com/267613809

Ghost in the locks, Tomi Tuominen, Timo Hirvonen, INFILTRATE 2018

This was one of our mystery talks this year, and I have to say, you'll
never trust your hotel room door again. :)

-dave

Strategic Keynote: Matt Tait

2 May, 2018 - 09:29

Posted by David Aitel on May 02

Matt Tait's INFILTRATE 2018 keynote: here <https://vimeo.com/267445424>,
is really about the intersection of two different strategic risk
bubbles. It is about a misunderstood or mis-articulated security
dilemma. On one hand, vulnerabilities which get auto-silently-patched do
not get used by attackers as N-day. On the other hand,
auto-silent-update systems are themselves a strategic risk of massive
impact, and one we've seen used...

Code vs bandwidth

2 May, 2018 - 09:28

Posted by Konrads Smelkovs on May 02

Some time ago Dave defended his very fat Trojan on the account that no one
cares if it’s 4 or 40 megs and then there was that discussion about
bandwidth and i’d like to tie it together:

“The more code and computing capacity you have closer to the object of
interest the less bandwidth you need and vice versa”.

I’ll illustrate this with a few basic examples:

Let’s say you want to portscan a subnet from a compromised PC. You can...

Trends and INFILTRATE

30 April, 2018 - 14:55

Posted by David Aitel on Apr 30

We got generally good feedback
<https://twitter.com/surkatty/status/990619671417286657> for INFILTRATE
but in my view conferences are less "Are they enjoyable?" and more "What
did people legitimately get out of it?"

One thing I really like about INFILTRATE is we are small enough that the
crowd is quite restricted to "People who find a heap overflow talk worth
watching, even if it's just to see what the speaker...