// archives

linkedin

This tag is associated with 16 posts

Three reasons why you should segment your SCADA networks

By September 10, 2009 Post a comment

The recent report on eWeek regarding how attackers managed to get a foot hold into an energy company through a phishing attack is not something new.  It is not magical because stuff like this happens elsewhere on a more frequent basis.  What makes this so noteworthy is the fact that the company was in control [...]

I’m speaking at Hack In The Box 2009!

By August 4, 2009 2 comments

I just got confirmation that my talk on BlackBerry related spyware and lawful interception is accepted for this years Hack In The Box conference in Malaysia! W00t!  I’m quite excited because for one, its the first time I’ll speak at Hack In The Box, and second, HITB has featured some of the best and brightest [...]

BlackBerry Lawful Interception

By August 1, 2009 Post a comment

Well, its inevitable, I guess, considering the recent issues with Etisalat’s spyware fiasco.  I’ve been working on a Legal Interception PoC for BlackBerry handhelds.  I figure, I’ll show them how to do it right rather than sitting on the sidelines and taking apart a feeble attempt at spying on BlackBerry users.  So at the moment [...]

Leaked spyware, threat to security

By July 19, 2009 2 comments

The fiasco with the Etisalat spyware is possibly still not over.  Effectively both Etisalat and SS8 may jeopardize the safety of not only its own subscribers but many other BlackBerry users globally.  The whitepaper analyzing the spyware that I released had me thinking further in the future.  If I have a copy of the spyware, [...]

Etisalat BlackBerry Spyware Revealer

By July 16, 2009 5 comments

I wrote a spyware busting tool for the Etisalat Spyware that was recently installed on BlackBerries across the UAE. I am waiting to get my Code Signing Keys sorted from RIM before I can release it publicly. Mail me for the source.

A look at Etisalat’s BlackBerry Interceptor

By July 16, 2009 One comment

A closer look at the UAE Telco Etisalat’s Interceptor package. Spyware that was developed by SS8 and pushed to its subscribers as an upgrade. Installed on an emulator and steps to remove it.

Next »