Browsed by
Category: General

In Defence of Academic Qualifications in Cybersecurity

In Defence of Academic Qualifications in Cybersecurity

The consensus at the moment seems to be that academic qualifications for cybersecurity are expensive, out of date, and do not prepare students for life in the real world. I agree. However, that does not mean they are not useful, and indeed I would say that they are probably the first thing hiring managers should look at. Especially in the USA, but increasingly in the UK and the rest of the English-speaking world, the path into security is laid out…

Read More Read More

Wireless Alarm System Vulnerability Disclosure

Wireless Alarm System Vulnerability Disclosure

The details below discuss the vulnerabilities found in the following devices: All of the devices above demonstrate the same security weakness. An attacker can use a software-defined radio to capture commands sent to the alarm from the remote keyfob. As no rolling code is implemented, it is a simple matter to play back the code and gain full access to the alarm’s functions. As an example, see the following image, comparing subsequent keypresses of the AGSHome Alarm keyfob: As of…

Read More Read More

Starting off – how to begin IoT hacking

Starting off – how to begin IoT hacking

I thought I’d give some brief references for anyone interested in IoT hacking. My experience here is fairly comprehensive; I have a couple of CVEs already, with a few more in the pipeline. My Masters dissertation was on the topic, and I am writing papers on it as part of my PhD work. BOOKS: There are three that should be on any bookshelf. They are: “The IoT Hacker’s Handbook” by Aditya Gupta “Practical IoT Hacking” by Fotios Chantzis and Ioannis…

Read More Read More