News
28 January 2018
32C3: Gated Communities – report from hacker conference
The thirty-second annual Chaos Communication Congress carried the tagline “Gated Communities”. CCC is probably the oldest hacker conference and “Gated communities” worked very well as a theme for this year.
28 January 2018
Essentials for ICS/SCADA defence
In Summer 2016, as we cranked up our efforts to get deep into the Industry Security landscape, we had the pleasure to host Christine Kinch as our intern and researcher.
28 January 2018
How We Bypassed NOD32 and Hacked a Paranoid Customer
During penetration testing for a big customer, we hacked a number of Microsoft Windows servers. At one point, part of our attack was thwarted by ESET’s NOD32 system.
28 January 2018
Considerations before using keybase.io
Keybase.io is a service that according to their website “maps your identity to your public keys, and vice versa.”. It is also doing other optional things such as an encrypted filesystem and synchronized key management.
28 January 2018
From Firewalls to Honeypots: Citadelo’s Vision for Cybersecurity
Perimeter security is broken. Industrial systems are exposed. And attackers are always one step ahead. At Citadelo, we’ve crafted a masterplan to flip the odds — from honeypots to bug bounties to real-time traps.
28 January 2018
Unofficial Patch Tuesday – MSMQ Privilege Escalation Vulnerability Hotfix
Microsoft won’t patch this one — so we did. CVE-2014-4971 is a known privilege escalation vulnerability in the MSMQ service on Windows XP. Citadelo’s unofficial hotfix helps secure legacy systems against this active exploit.